diff --git a/ansible/roles/podman/defaults/main.yml b/ansible/roles/podman/defaults/main.yml index 04513f6..590f835 100644 --- a/ansible/roles/podman/defaults/main.yml +++ b/ansible/roles/podman/defaults/main.yml @@ -47,12 +47,13 @@ zomboid_mods: # B42 Revamp mod configuration (168 mods from Steam Workshop collection) # Source: https://steamcommunity.com/sharedfiles/filedetails/?id=3636931465 # Removed: UpgradeableStorage (SP-only, B42 MP has hard-coded capacity limits) +# Added: LogCabin (3653045510) - player connect/disconnect logging zomboid_mods_b42revamp: workshop_items: >- - 3402491515;2529746725;3378285185;3171167894;3635394848;3411888105;3616536783;3635591071;3636241120;3629835761;3618427553;3543229299;3622163276;3634921455;3626823538;2335368829;3580577925;3401134276;3418366499;3586216562;3452711271;2757712197;3330403100;2686624983;3409143790;3439305933;3378304610;2503622437;2896041179;2625625421;3590632059;3097650043;2366717227;3077900375;3596827035;3508537032;3630693325;3631572046;2463184726;2447729538;2142622992;3566868353;3539691958;3504401781;3570973322;3614034284;2900580391;3478633453;3001592312;3041122351;3315443103;2799152995;3248388837;2897390033;3379334330;2409333430;3110913021;3287727378;2846036306;3435796523;3447272250;2932547723;3110911330;2971246021;3005903549;3320947974;2942793445;3008795514;2870394916;2952802178;2805630347;3490370700;2772575623;3428008364;2566953935;3413704851;3152529790;2811383142;3592777775;3418252689;3404737883;3631989559;2969343830;3366300557;2962175696;3596903773;3226885926;2937786633;3601417745;2886832936;2932549988;3088951320;3611100835;3409472393;3623784989;3625020432;3138387399;3119788162;2286124931;2866258937;3623919908;2714198296;3628835042;3429790870;3431734923;3577903007;3398874593;2950902979;3420581050;3538760023;3423984426;3396446795;3618557184;2840805724;3437629766;3632610172;3633882960;3307376332;3453676250;3431256608;3475347500;3404956403;3451167732;3281755175;3252451158;3162566044;2684285534;3424309174;3199474685;3483407987;3387222454;3614959302;3351207258;2699828474;3461263912;3322066592;2972289937;2948824747;3624268336;2857762294;2920899878;3572556874;3470426196;3470422050;3432928943;3430172149;3637373250;3044705007;2705406713;3554424111;3412105017;3554048011;3635228703;2940354599;3414634809;3627047348;3442862183;2990322197;3394044313;3617854007;3388867450;3532685233;3411695932;3643808082;3413150945;3531611692 - # Load order from Steam collection (UpgradeableStorage removed for MP compatibility) + 3402491515;2529746725;3378285185;3171167894;3635394848;3411888105;3616536783;3635591071;3636241120;3629835761;3618427553;3543229299;3622163276;3634921455;3626823538;2335368829;3580577925;3401134276;3418366499;3586216562;3452711271;2757712197;3330403100;2686624983;3409143790;3439305933;3378304610;2503622437;2896041179;2625625421;3590632059;3097650043;2366717227;3077900375;3596827035;3508537032;3630693325;3631572046;2463184726;2447729538;2142622992;3566868353;3539691958;3504401781;3570973322;3614034284;2900580391;3478633453;3001592312;3041122351;3315443103;2799152995;3248388837;2897390033;3379334330;2409333430;3110913021;3287727378;2846036306;3435796523;3447272250;2932547723;3110911330;2971246021;3005903549;3320947974;2942793445;3008795514;2870394916;2952802178;2805630347;3490370700;2772575623;3428008364;2566953935;3413704851;3152529790;2811383142;3592777775;3418252689;3404737883;3631989559;2969343830;3366300557;2962175696;3596903773;3226885926;2937786633;3601417745;2886832936;2932549988;3088951320;3611100835;3409472393;3623784989;3625020432;3138387399;3119788162;2286124931;2866258937;3623919908;2714198296;3628835042;3429790870;3431734923;3577903007;3398874593;2950902979;3420581050;3538760023;3423984426;3396446795;3618557184;2840805724;3437629766;3632610172;3633882960;3307376332;3453676250;3431256608;3475347500;3404956403;3451167732;3281755175;3252451158;3162566044;2684285534;3424309174;3199474685;3483407987;3387222454;3614959302;3351207258;2699828474;3461263912;3322066592;2972289937;2948824747;3624268336;2857762294;2920899878;3572556874;3470426196;3470422050;3432928943;3430172149;3637373250;3044705007;2705406713;3554424111;3412105017;3554048011;3635228703;2940354599;3414634809;3627047348;3442862183;2990322197;3394044313;3617854007;3388867450;3532685233;3411695932;3643808082;3413150945;3531611692;3653045510 + # Load order from Steam collection (UpgradeableStorage removed for MP compatibility, LogCabin added) mod_ids: >- - \MoodleFramework;\NeatUI_Framework;\Optimal;\SPNCC;\SPNCCDetails;\SPNCCDetailsHD;\TombBodyTexNUDE;\Authentic Z - Current;\PROJECTRVInterior42;\RVInteriorExpansion;\RVInteriorExpansionPart2;\RVmilitaryaddon;\damnlib;\04vwTouran;\49powerWagon;\59meteor;\63beetle;\63Type2Van;\65banshee;\66pontiacLeMans;\69charger;\69mini;\69mini_ItalianJob;\69mini_MrBean;\69mini_PitbullSpecial;\73fordFalcon;\73fordFalconPS;\78amgeneralM35A2;\78amgeneralM35A2extra;\78amgeneralM49A2C;\78amgeneralM50A3;\78amgeneralM62;\80manKat1;\82firebird;\82firebirdKITT;\82porsche911;\83amgeneralM923;\83amgeneralM923extra;\84buickElectra;\84cadillacDeVille;\84merc;\84oldsmobile98;\85buickLeSabre;\85chevyCaprice;\85chevyStepVan;\85chevyStepVanexpanded;\86chevyCUCV;\86fordE150;\86fordE150dnd;\86fordE150expanded;\86fordE150mm;\86fordE150pd;\86oshkoshP19A;\87buickRegal;\87fordB700;\88chevyS10;\88toyotaHilux;\89defender;\89trooper;\90bmwE30;\90fordF350ambulance;\90pierceArrow;\91fordLTD;\91fordRanger;\91geoMetro;\91nissan240sx;\91range;\92fordCVPI;\92jeepYJ;\92jeepYJJP18;\92nissanGTR;\93chevySuburban;\93chevySuburbanExpanded;\93fordElgin;\93fordTaurus;\93mustangSSP;\93townCar;\97bushmaster;\98stagea;\99fordCVPI;\KI5trailers;\CargoTrailer_BubbysVariants;\ECTO1;\isoContainers;\tsarslib;\LIAZ 300;\Military_Tool_Kit;\RotatorsLib;\rSemiTruck;\U.S. M998 Humvee by Papa_Chad;\2920899878/ReloadAllMagazines;\BB_WhereAmI;\Buttstroke;\CleanHotBar;\CleanUI;\ClientModsToServer;\CombatText;\ContextMenuIconsCore;\DG_MIVehicles;\EffortlessTowing;\EQUIPMENT_UI;\EURY_BUGS;\FixBlowTorchPropaneTank;\flipvehicleplustrailer;\ForceSync42;\FWOBenchPress&Treadmill;\FWOFitnessWorkoutOverhaul;\GenRange;\HereGoesTheSun;\hf_point_blank;\HideDebugMenu;\HNDLBR_Preppers;\LongStandingMetalConstructions;\MBFTiming;\MiniHealthPanel;\ModernStatus;\ModLoadOrderSorter_b42;\ChuckleberryFinnAlertSystem;\ModManager;\MoreDescriptionForTraits4213;\NoLighterNeeded;\OCsPacking;\phunlib;\phunzones;\ProgressiveMultihit;\ProgressiveMultihit42.13patch;\RealisticDash;\REORDER_CONTAINERS;\StarlitLibrary;\RepairableWindows;\SleepWithFriends;\SmokingSoundsOverhaul;\errorMagnifier;\SwapIt;\TMRRemoveMumble42;\trunk_organizer;\TVRadio_ReInvented;\UdderlyUpToDate_B42.13;\UnseasonalWeather;\VehicleRepairOverhaul;\VehicleSalvageOverhaulB42;\ArcheryNexus;\EFTBP;\FH;\GanydeBielovzki's Frockin Shirts n Ties;\GanydeBielovzki's Frockin Splendor! Vol.2;\GanydeBielovzki's Frockin Splendor! Vol.3;\GanydeBielovzki's Frockin Splendor! Vol.4;\GanydeBielovzki's Frockin Splendor! Vol.5;\GanydeBielovzki's Frockin Wiseguys;\H_E_C_U;\KATTAJ1_ClothesCore;\SapphCooking_B42;\SpnCloth;\TombBody;\TombWardrobeALT;\VanillaGearExpanded;\zReApoModernArmorB42;\B42RainsFirearmsAndGunPartsExpanded4213;\AatheomEMVFSM;\amclub;\FunctionalGutters;\GanydeBielovzki's Frockin Splendor!;\grasslands;\HGOEXP;\KATTAJ1_Military;\Ladders42131;\LKB42;\LNB42;\LongHammer;\MoreDamagedObjects;\N&CsNarcotics;\phunsprinters;\phunsprintersui;\Project_Seasons_B41;\RebalancedPropMoving;\RepairAnyClothes;\RET_LethalStealth;\RiskyInspectWeapon;\ShelterHold_Beehive;\SimpleOverhaulTraitsAndOccupations;\SkillRecoveryJournal;\SPNCCFaces;\SpnHair;\TrueMoozic;\TMMMB42.13+;\TombBodyCompat;\TombBodyCustom;\TrueMusicJukebox;\TrueMusicRadio42;\TrueSmoking;\VanillaFoodsExpanded;\VanillaVehiclesAnimated;\WorkshopUpdateCheck;\zReBetterLockpickingb42mp;\CACustomWoodWeight + \MoodleFramework;\NeatUI_Framework;\Optimal;\SPNCC;\SPNCCDetails;\SPNCCDetailsHD;\TombBodyTexNUDE;\Authentic Z - Current;\PROJECTRVInterior42;\RVInteriorExpansion;\RVInteriorExpansionPart2;\RVmilitaryaddon;\damnlib;\04vwTouran;\49powerWagon;\59meteor;\63beetle;\63Type2Van;\65banshee;\66pontiacLeMans;\69charger;\69mini;\69mini_ItalianJob;\69mini_MrBean;\69mini_PitbullSpecial;\73fordFalcon;\73fordFalconPS;\78amgeneralM35A2;\78amgeneralM35A2extra;\78amgeneralM49A2C;\78amgeneralM50A3;\78amgeneralM62;\80manKat1;\82firebird;\82firebirdKITT;\82porsche911;\83amgeneralM923;\83amgeneralM923extra;\84buickElectra;\84cadillacDeVille;\84merc;\84oldsmobile98;\85buickLeSabre;\85chevyCaprice;\85chevyStepVan;\85chevyStepVanexpanded;\86chevyCUCV;\86fordE150;\86fordE150dnd;\86fordE150expanded;\86fordE150mm;\86fordE150pd;\86oshkoshP19A;\87buickRegal;\87fordB700;\88chevyS10;\88toyotaHilux;\89defender;\89trooper;\90bmwE30;\90fordF350ambulance;\90pierceArrow;\91fordLTD;\91fordRanger;\91geoMetro;\91nissan240sx;\91range;\92fordCVPI;\92jeepYJ;\92jeepYJJP18;\92nissanGTR;\93chevySuburban;\93chevySuburbanExpanded;\93fordElgin;\93fordTaurus;\93mustangSSP;\93townCar;\97bushmaster;\98stagea;\99fordCVPI;\KI5trailers;\CargoTrailer_BubbysVariants;\ECTO1;\isoContainers;\tsarslib;\LIAZ 300;\Military_Tool_Kit;\RotatorsLib;\rSemiTruck;\U.S. M998 Humvee by Papa_Chad;\2920899878/ReloadAllMagazines;\BB_WhereAmI;\Buttstroke;\CleanHotBar;\CleanUI;\ClientModsToServer;\CombatText;\ContextMenuIconsCore;\DG_MIVehicles;\EffortlessTowing;\EQUIPMENT_UI;\EURY_BUGS;\FixBlowTorchPropaneTank;\flipvehicleplustrailer;\ForceSync42;\FWOBenchPress&Treadmill;\FWOFitnessWorkoutOverhaul;\GenRange;\HereGoesTheSun;\hf_point_blank;\HideDebugMenu;\HNDLBR_Preppers;\LongStandingMetalConstructions;\MBFTiming;\MiniHealthPanel;\ModernStatus;\ModLoadOrderSorter_b42;\ChuckleberryFinnAlertSystem;\ModManager;\MoreDescriptionForTraits4213;\NoLighterNeeded;\OCsPacking;\phunlib;\phunzones;\ProgressiveMultihit;\ProgressiveMultihit42.13patch;\RealisticDash;\REORDER_CONTAINERS;\StarlitLibrary;\RepairableWindows;\SleepWithFriends;\SmokingSoundsOverhaul;\errorMagnifier;\SwapIt;\TMRRemoveMumble42;\trunk_organizer;\TVRadio_ReInvented;\UdderlyUpToDate_B42.13;\UnseasonalWeather;\VehicleRepairOverhaul;\VehicleSalvageOverhaulB42;\ArcheryNexus;\EFTBP;\FH;\GanydeBielovzki's Frockin Shirts n Ties;\GanydeBielovzki's Frockin Splendor! Vol.2;\GanydeBielovzki's Frockin Splendor! Vol.3;\GanydeBielovzki's Frockin Splendor! Vol.4;\GanydeBielovzki's Frockin Splendor! Vol.5;\GanydeBielovzki's Frockin Wiseguys;\H_E_C_U;\KATTAJ1_ClothesCore;\SapphCooking_B42;\SpnCloth;\TombBody;\TombWardrobeALT;\VanillaGearExpanded;\zReApoModernArmorB42;\B42RainsFirearmsAndGunPartsExpanded4213;\AatheomEMVFSM;\amclub;\FunctionalGutters;\GanydeBielovzki's Frockin Splendor!;\grasslands;\HGOEXP;\KATTAJ1_Military;\Ladders42131;\LKB42;\LNB42;\LongHammer;\MoreDamagedObjects;\N&CsNarcotics;\phunsprinters;\phunsprintersui;\Project_Seasons_B41;\RebalancedPropMoving;\RepairAnyClothes;\RET_LethalStealth;\RiskyInspectWeapon;\ShelterHold_Beehive;\SimpleOverhaulTraitsAndOccupations;\SkillRecoveryJournal;\SPNCCFaces;\SpnHair;\TrueMoozic;\TMMMB42.13+;\TombBodyCompat;\TombBodyCustom;\TrueMusicJukebox;\TrueMusicRadio42;\TrueSmoking;\VanillaFoodsExpanded;\VanillaVehiclesAnimated;\WorkshopUpdateCheck;\zReBetterLockpickingb42mp;\CACustomWoodWeight;\LogCabin # Map configuration per server mode zomboid_maps: diff --git a/ansible/roles/podman/files/hass/automations.yaml b/ansible/roles/podman/files/hass/automations.yaml index f369a55..fabd5c6 100644 --- a/ansible/roles/podman/files/hass/automations.yaml +++ b/ansible/roles/podman/files/hass/automations.yaml @@ -633,3 +633,38 @@ entity_id: 81c486d682afcc94e98e377475cc92fc domain: light mode: single +- id: '1768862300896' + alias: Bedroom On + description: '' + triggers: + - type: turned_on + device_id: afb9734fe9b187ab6881a64d24e1c2f5 + entity_id: 27efa149b9ebb388e7c21ba89e671b42 + domain: switch + trigger: device + conditions: [] + actions: + - action: light.turn_on + metadata: {} + data: + brightness_pct: 100 + target: + area_id: bedroom + mode: single +- id: '1768862339192' + alias: Bedroom Off + description: '' + triggers: + - type: turned_off + device_id: afb9734fe9b187ab6881a64d24e1c2f5 + entity_id: 27efa149b9ebb388e7c21ba89e671b42 + domain: switch + trigger: device + conditions: [] + actions: + - action: light.turn_off + metadata: {} + data: {} + target: + area_id: bedroom + mode: single diff --git a/ansible/roles/podman/tasks/containers/home/gregtime.yml b/ansible/roles/podman/tasks/containers/home/gregtime.yml index 9e67729..aaf22f5 100644 --- a/ansible/roles/podman/tasks/containers/home/gregtime.yml +++ b/ansible/roles/podman/tasks/containers/home/gregtime.yml @@ -52,6 +52,7 @@ - "{{ gregtime_path }}/logs:/app/logs" - "{{ gregtime_path }}/data:/app/data" - "{{ zomboid_path }}/data:/zomboid-logs:ro" + - "{{ podman_volumes }}/zomboid-stats.json:/app/data/zomboid-stats.json:ro" - name: create systemd startup job for gregtime include_tasks: podman/systemd-generate.yml diff --git a/ansible/roles/podman/tasks/containers/home/zomboid.yml b/ansible/roles/podman/tasks/containers/home/zomboid.yml index 10ca3c6..ffdba16 100644 --- a/ansible/roles/podman/tasks/containers/home/zomboid.yml +++ b/ansible/roles/podman/tasks/containers/home/zomboid.yml @@ -64,7 +64,7 @@ - name: create zomboid stats file with correct permissions become: true ansible.builtin.file: - path: "{{ gregtime_path }}/data/zomboid-stats.json" + path: "{{ podman_volumes }}/zomboid-stats.json" state: touch owner: "{{ podman_user }}" group: "{{ podman_user }}" @@ -279,6 +279,28 @@ - zomboid_ini_stat.stat.exists tags: zomboid-conf +# Firewall logging for player IP correlation +# Logs new UDP connections to Zomboid port for IP address tracking +- name: add firewall rule to log zomboid connections + become: true + ansible.builtin.command: > + firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 + -p udp --dport 16261 -m conntrack --ctstate NEW + -j LOG --log-prefix "ZOMBOID_CONN: " --log-level 4 + register: firewall_result + changed_when: "'already' not in firewall_result.stderr" + failed_when: false + notify: restart firewalld + +- name: add firewall rule to log zomboid connections (runtime) + become: true + ansible.builtin.command: > + firewall-cmd --direct --add-rule ipv4 filter INPUT 0 + -p udp --dport 16261 -m conntrack --ctstate NEW + -j LOG --log-prefix "ZOMBOID_CONN: " --log-level 4 + changed_when: false + failed_when: false + # World reset is now triggered via Discord bot -> systemd path unit # See zomboid-world-reset.path and zomboid-world-reset.service - name: enable zomboid world reset path unit diff --git a/ansible/roles/podman/tasks/main.yml b/ansible/roles/podman/tasks/main.yml index 2c2b4f8..b029215 100644 --- a/ansible/roles/podman/tasks/main.yml +++ b/ansible/roles/podman/tasks/main.yml @@ -73,7 +73,7 @@ - import_tasks: containers/debyltech/fulfillr.yml vars: - image: git.debyl.io/debyltech/fulfillr:20260123.1704 + image: git.debyl.io/debyltech/fulfillr:20260124.0411 tags: debyltech, fulfillr - import_tasks: containers/debyltech/uptime-kuma.yml @@ -92,7 +92,7 @@ - import_tasks: containers/home/gregtime.yml vars: - image: localhost/greg-time-bot:2.0.11 + image: localhost/greg-time-bot:3.0.1 tags: gregtime - import_tasks: containers/home/zomboid.yml diff --git a/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 b/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 index 77b902f..1c1696a 100644 --- a/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 +++ b/ansible/roles/podman/templates/fluent-bit/fluent-bit.conf.j2 @@ -25,6 +25,17 @@ Read_From_Tail On Strip_Underscores On +# ============================================================================= +# INPUT: Kernel firewall logs for Zomboid connections +# ============================================================================= +# Captures ZOMBOID_CONN firewall events with source IP for player correlation +[INPUT] + Name systemd + Tag firewall.zomboid + Systemd_Filter _TRANSPORT=kernel + Read_From_Tail On + Strip_Underscores On + # ============================================================================= # INPUT: Caddy access logs (JSON format) # ============================================================================= @@ -56,6 +67,12 @@ Record source sshd Record log_type security +# Copy msg to MESSAGE for caddy logs (GELF requires MESSAGE) +[FILTER] + Name modify + Match caddy.* + Copy msg MESSAGE + [FILTER] Name record_modifier Match caddy.* @@ -63,6 +80,19 @@ Record source caddy Record log_type access +# Filter kernel logs to only keep ZOMBOID_CONN messages +[FILTER] + Name grep + Match firewall.zomboid + Regex MESSAGE ZOMBOID_CONN + +[FILTER] + Name record_modifier + Match firewall.zomboid + Record host {{ ansible_hostname }} + Record source firewall + Record log_type zomboid_connection + # ============================================================================= # OUTPUT: All logs to Graylog GELF UDP # ============================================================================= diff --git a/ansible/roles/podman/templates/fluent-bit/parsers.conf.j2 b/ansible/roles/podman/templates/fluent-bit/parsers.conf.j2 index bd8919a..bb87e98 100644 --- a/ansible/roles/podman/templates/fluent-bit/parsers.conf.j2 +++ b/ansible/roles/podman/templates/fluent-bit/parsers.conf.j2 @@ -3,3 +3,15 @@ Format json Time_Key ts Time_Format %s.%L + +# Generic JSON parser for nested message fields +[PARSER] + Name json + Format json + +# Parse ZOMBOID_CONN firewall logs to extract source IP +# Example: ZOMBOID_CONN: IN=enp0s31f6 OUT= MAC=... SRC=45.5.113.90 DST=192.168.1.10 ... +[PARSER] + Name zomboid_firewall + Format regex + Regex ZOMBOID_CONN:.*SRC=(?[0-9.]+).*DST=(?[0-9.]+).*DPT=(?[0-9]+) diff --git a/ansible/roles/podman/templates/fulfillr/production.json.j2 b/ansible/roles/podman/templates/fulfillr/production.json.j2 index 445b121..0ab42bb 100644 --- a/ansible/roles/podman/templates/fulfillr/production.json.j2 +++ b/ansible/roles/podman/templates/fulfillr/production.json.j2 @@ -10,7 +10,7 @@ }, "tax": { "ein": "{{ fulfillr_tax_ein }}", - "ioss": "{{ fulfillr_tax_ioss }}" + "ioss": nil }, "sender_address": { "city": "Newbury", diff --git a/ansible/roles/podman/templates/zomboid/zomboid-stats.sh.j2 b/ansible/roles/podman/templates/zomboid/zomboid-stats.sh.j2 index f1c9e01..d7b894e 100644 --- a/ansible/roles/podman/templates/zomboid/zomboid-stats.sh.j2 +++ b/ansible/roles/podman/templates/zomboid/zomboid-stats.sh.j2 @@ -1,3 +1,3 @@ #!/bin/bash # Write zomboid container stats to file for gregtime to read -podman stats --no-stream --format json zomboid 2>/dev/null > {{ gregtime_path }}/data/zomboid-stats.json || true +podman stats --no-stream --format json zomboid 2>/dev/null > {{ podman_volumes }}/zomboid-stats.json || true