however how can I change the "END POINT" property ( URL of Colyseus srv) from the C2 script itself,
now url needs to be hard coded through properties dialog which makes it very difficult to run both
debug and release versions of game, there is a need to contact two different servers.

It would be very handy feature to give the server URL as parameter to Colyseus.Connect( any server name here)
instead of editing xml file by hand:

<instance type="Colyseus" uid="3">
<properties>
<end-point>wss://srvnamehere</end-point>
</properties>
</instance>

I need to switch using webpack + TS yet. I'll use the distribution files for this project.

I'll have a look on your code later to see if some feature are redundant.
However, the purpose of the tools seems to be quite different.

usage example:

import { wireEvents } from 'colyseus-events';
const room: Room<GameState> = await client.joinOrCreate("game");
const events = wireEvents(room.state, new EventEmitter());
// `events` will emit json-patch events whenever the room state changes

const saveGameData = new SaveGame(); // make a custom schema for saved games data
... /* add all state objects from your game manager to saveGameData */
const serialized = await schemaToString(saveGameData);
... /* save to file, read from file etc. */
const loadedGameData: SaveGame = await stringToSchema(SaveGame, serialized );
... /* take game state object from loadedGameData into your game manager */

see code in this gist

I wanted to create a proxy from wss to ws connection. But I didn't want to touch my production environment.

So I created a local certificate authority on my local = private computer.

This is how I did this (Oracle Enterprise Linux = CentOS = RedHat - based)

(First start with a root login)

• vi /etc/yum/repos.d/epel-yum-ol7.repo

[ol7_epel]
name=Oracle Linux $releasever EPEL ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/developer_EPEL/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

• yum repolist

• yum -y install easy-rsa

Connect non-root-user

• useradd myrsa

• passwd myrsa

• su - myrsa

(add user to sudoers)

• mkdir ~/easy-rsa

• ln -s /usr/share/easy-rsa/3/* ~/easy-rsa/

• chmod 700 ~/easy-rsa

• cd ~/easy-rsa
  *./easyrsa init-pki

• vi vars

set_var EASYRSA_REQ_COUNTRY    "NL"
set_var EASYRSA_REQ_PROVINCE   "MyProv"
set_var EASYRSA_REQ_CITY       "MyCity"
set_var EASYRSA_REQ_ORG        "MyOrg"
set_var EASYRSA_REQ_EMAIL      "admin@localhost"
set_var EASYRSA_REQ_OU         "Community"
set_var EASYRSA_ALGO           "ec"
set_var EASYRSA_DIGEST         "sha512"

• ./easyrsa build-ca nopass

. . .
Enter New CA Key Passphrase:
Re-Enter New CA Key Passphrase:
. . .
Common Name (eg: your user, host, or server name) [Easy-RSA CA]:

CA creation complete and you may now import and sign cert requests.
Your new CA certificate file for publishing is at:
~/easy-rsa/pki/ca.crt

• cat ~/easy-rsa/pki/ca.crt

Other Server : WebServer (or the same system : in my case the same system )

• vi /tmp/ca.crt
  pate data from the ca.crt you created earlier

• sudo cp /tmp/ca.crt /etc/pki/ca-trust/source/anchors/

• sudo update-ca-trust

Make private key

• openssl genrsa -out webserver.key

Certificate SIGNING request : CSR

• openssl req -new -key webserver.key -out webserver.req

Verify:

• openssl req -in webserver.req -noout -subject

• cat webserver.req
  -----BEGIN CERTIFICATE REQUEST-----
  ....

Transport this certificate to the ca-server

• vi /tmp/webserver.req
  paste - webserver.req from other server

• cd ~/easy-rsa
• ./easyrsa import-req /tmp/webserver.req webserver
• ./easyrsa sign-req server webserver
  Enter: Yes

Certificate created at: .../webserver.crt

• cat ~/easy-rsa/pki/issued/webserver.crt

-----BEGIN CERTIFICATE-----

Take this certifcate to the webserver

• vi /tmp/webserver_ca.crt
  Paste certificate

WebServer (root)

• cp /tmp/webserver_ca.crt /etc/pki/tls/certs/webserver_ca.crt
• cp webserver.key /etc/pki/tls/private/webserver.key
• chmod 600 /etc/pki/tls/private/webserver.key

• yum -y install httpd mod_ssl mod_dav_svn ssl proxy proxy_http proxy_html proxy_wstunne
• vi /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/webserver_ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/webserver.key
SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

service httpd restart

Importing CA in Browser

In order for the client to trust the server it should also trust the CA that made the key.

Generate a key you can import in a browser:

• cd /home/myrsa/easy-rsa
• openssl pkcs12 -export -in pki/ca.crt -inkey pki/private/ca.key -out browser.pfx

Browser / Client

Client computer:
c> pscp root@ca_server:/home/myrsa/easy-rsa/browser.pfx Downloads

Add the name 'webserver' to your host-resolver:

C> notepad c:\windows\system32\drivers\etc\hosts
192.168.0.12 webserver

Open browser

• chrome://settings/security?search=certificat
  Go to certificate management and import the PFX into the Trusted ROOT CERTIFICATES

You can now make a secure connection to the webserver:

https://webserver

Proxy Forward

• vi /etc/httpd/conf.d/ssl.conf
  Add below in the file :

To make sure that all non-browser traffic goes to specific port I open up the 8567 port instead of 443

  <VirtualHost *:8567>
    
    SSLEngine On
    SSLCertificateFile /etc/pki/tls/certs/webserver_ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/webserver.key
    SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

     RewriteEngine On

    RewriteCond %{HTTP:Upgrade} =websocket [NC]
        # Port 3567 is where the docker is listening for
    RewriteRule ^/(.*)    ws://0.0.0.0:3567/$1 [P,L]

  </VirtualHost>

My docker is started like this:

• docker run --name=col -h col --dns=8.8.8.8 -p 3567:3567 -v /home/root:/home/extern/ -t -d oel /bin/bash

Port forward trafic comming from 3567 is going inside the docker where colyseus is listening on 3567 as well.

Firewall is completely open on my private server.
This should never be done for global servers. But for global servers you really need a non-self-signed certificate.

You now have a secure connection to the server and it will proxy the stream to the docker. Inside the docker (colyseus-code) nothing has to be altered!

I'm running a NodeJS server on Ubuntu 18.04 behind an apache proxy.

For anyone looking for the config for an apache proxy look no further :)
After a lot of time spent searching for a solution, this is the solution I found.

*Note:
You'll need the following apache modules enabled:

• ssl
• proxy
• proxy_http
• proxy_html
• proxy_wstunnel

(or just run 'sudo a2enmod ssl proxy proxy_http proxy_html proxy_wstunnel')

<VirtualHost *:80>

    ServerName servername.xyz
        
    #redirect all requests received from port 80 to the HTTPS variant (force ssl)
    RewriteEngine On
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]

</VirtualHost>

<VirtualHost *:443>

    ServerName servername.xyz
        
    #enable SSL
    SSLEngine On
    SSLCertificateFile          /PATH/TO/CERT/FILE    (note: i'm using the fullchain.pem file which is generated using LetsEncrypt's certbot cli)
    SSLCertificateKeyFile       /PATH/TO/PRIVATE/KEY/FILE

    #setup the proxy to forward websocket requests properly (note: this proxy automatically converts the secure websocket (wss)
    #to a normal websocket and vice versa, so there's no need to change the colyseus library or the server for that matter)
    RewriteEngine On
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$           [NC,OR]
    RewriteCond %{HTTP:CONNECTION} ^Upgrade$          [NC]
    RewriteRule .* ws://127.0.0.1:APP-PORT-HERE%{REQUEST_URI}  [P,QSA,L]

    #setup the proxy to forward all https requests to http backend (also automatic conversion from https to http and vice versa)
    ProxyPass "/" "http://127.0.0.1:APP-PORT-HERE/"
    ProxyPassReverse "/" "http://127.0.0.1:APP-PORT-HERE/"

</VirtualHost>

I hope this post can be of any help :)

A few months ago I've started my project using Colyseus and Phaser 3:
https://github.com/damian-pastorini/dwdgame

After hit a few walls and considering it was my first project it took me some time until I was able to get the physics working on the server to avoid cheating.
The way I get it done was using Phaser physics engine P2JS: https://github.com/schteppe/p2.js
Doing this I was able to avoid an overhead of modules and stuff required to run a headless Phaser.

Here I bring for you a small example of how to recreate a Tiledmap using P2JS:
https://github.com/damian-pastorini/p2js-tiledmap-demo

I'm still finishing the dwdgame version 1.2.6 in which this demo will be fully integrated.

Hope you like it, and please I would love to get any feedback!