Navigation

    Colyseus
    • Register
    • Login
    • Search
    • Recent
    • Tags
    • Users
    1. Home
    2. mdotedot
    M

    mdotedot

    @mdotedot

    Chat Follow Unfollow
    9
    Reputation
    43
    Posts
    1783
    Profile views
    0
    Followers
    0
    Following
    Joined Last Online

    • Profile
    • More
      • Continue chat with mdotedot
      • Flag Profile
      • Following
      • Followers
      • Topics
      • Posts
      • Best
      • Groups
    mdotedot Follow

    Posts made by mdotedot

    Colyseus and wss proxy (to a docker)

    Installing Local Certificate Authority for testing purposes.

    I wanted to create a proxy from wss to ws connection. But I didn't want to touch my production environment.

    So I created a local certificate authority on my local = private computer.

    This is how I did this (Oracle Enterprise Linux = CentOS = RedHat - based)

    (First start with a root login)

    • vi /etc/yum/repos.d/epel-yum-ol7.repo
    [ol7_epel]
    name=Oracle Linux $releasever EPEL ($basearch)
    baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/developer_EPEL/$basearch/
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
    gpgcheck=1
    enabled=1
    
    • yum repolist

    • yum -y install easy-rsa

    Connect non-root-user

    • useradd myrsa

    • passwd myrsa

    • su - myrsa

    (add user to sudoers)

    • mkdir ~/easy-rsa

    • ln -s /usr/share/easy-rsa/3/* ~/easy-rsa/

    • chmod 700 ~/easy-rsa

    • cd ~/easy-rsa
      *./easyrsa init-pki

    • vi vars

    set_var EASYRSA_REQ_COUNTRY    "NL"
    set_var EASYRSA_REQ_PROVINCE   "MyProv"
    set_var EASYRSA_REQ_CITY       "MyCity"
    set_var EASYRSA_REQ_ORG        "MyOrg"
    set_var EASYRSA_REQ_EMAIL      "admin@localhost"
    set_var EASYRSA_REQ_OU         "Community"
    set_var EASYRSA_ALGO           "ec"
    set_var EASYRSA_DIGEST         "sha512"
    
    • ./easyrsa build-ca nopass
    . . .
    Enter New CA Key Passphrase:
    Re-Enter New CA Key Passphrase:
    . . .
    Common Name (eg: your user, host, or server name) [Easy-RSA CA]:
    
    CA creation complete and you may now import and sign cert requests.
    Your new CA certificate file for publishing is at:
    ~/easy-rsa/pki/ca.crt
    
    • cat ~/easy-rsa/pki/ca.crt

    Other Server : WebServer (or the same system : in my case the same system )

    • vi /tmp/ca.crt
      pate data from the ca.crt you created earlier

    • sudo cp /tmp/ca.crt /etc/pki/ca-trust/source/anchors/

    • sudo update-ca-trust

    Make private key

    • openssl genrsa -out webserver.key

    Certificate SIGNING request : CSR

    • openssl req -new -key webserver.key -out webserver.req

    Verify:

    • openssl req -in webserver.req -noout -subject

    • cat webserver.req
      -----BEGIN CERTIFICATE REQUEST-----
      ....

    Transport this certificate to the ca-server

    • vi /tmp/webserver.req
      paste - webserver.req from other server
    • cd ~/easy-rsa
    • ./easyrsa import-req /tmp/webserver.req webserver
    • ./easyrsa sign-req server webserver
      Enter: Yes

    Certificate created at: .../webserver.crt

    • cat ~/easy-rsa/pki/issued/webserver.crt

    -----BEGIN CERTIFICATE-----

    Take this certifcate to the webserver

    • vi /tmp/webserver_ca.crt
      Paste certificate

    WebServer (root)

    • cp /tmp/webserver_ca.crt /etc/pki/tls/certs/webserver_ca.crt
    • cp webserver.key /etc/pki/tls/private/webserver.key
    • chmod 600 /etc/pki/tls/private/webserver.key
    • yum -y install httpd mod_ssl mod_dav_svn ssl proxy proxy_http proxy_html proxy_wstunne
    • vi /etc/httpd/conf.d/ssl.conf

    SSLCertificateFile /etc/pki/tls/certs/webserver_ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/webserver.key
    SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

    service httpd restart

    Importing CA in Browser

    In order for the client to trust the server it should also trust the CA that made the key.

    Generate a key you can import in a browser:

    • cd /home/myrsa/easy-rsa
    • openssl pkcs12 -export -in pki/ca.crt -inkey pki/private/ca.key -out browser.pfx

    Browser / Client

    Client computer:
    c> pscp root@ca_server:/home/myrsa/easy-rsa/browser.pfx Downloads

    Add the name 'webserver' to your host-resolver:

    C> notepad c:\windows\system32\drivers\etc\hosts
    192.168.0.12 webserver

    Open browser

    • chrome://settings/security?search=certificat
      Go to certificate management and import the PFX into the Trusted ROOT CERTIFICATES

    You can now make a secure connection to the webserver:

    https://webserver

    Proxy Forward

    • vi /etc/httpd/conf.d/ssl.conf
      Add below in the file :

    To make sure that all non-browser traffic goes to specific port I open up the 8567 port instead of 443

      <VirtualHost *:8567>
        
        SSLEngine On
        SSLCertificateFile /etc/pki/tls/certs/webserver_ca.crt
        SSLCertificateKeyFile /etc/pki/tls/private/webserver.key
        SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
    
         RewriteEngine On
    
        RewriteCond %{HTTP:Upgrade} =websocket [NC]
            # Port 3567 is where the docker is listening for
        RewriteRule ^/(.*)    ws://0.0.0.0:3567/$1 [P,L]
    
      </VirtualHost>
    

    My docker is started like this:

    • docker run --name=col -h col --dns=8.8.8.8 -p 3567:3567 -v /home/root:/home/extern/ -t -d oel /bin/bash

    Port forward trafic comming from 3567 is going inside the docker where colyseus is listening on 3567 as well.

    Firewall is completely open on my private server.
    This should never be done for global servers. But for global servers you really need a non-self-signed certificate.

    You now have a secure connection to the server and it will proxy the stream to the docker. Inside the docker (colyseus-code) nothing has to be altered!

    posted in Links & Resources •
    RE: Stencyl (HaXe) Extension

    While preparing for the LD47 I revisted an old (LD38) project and converted it into a Client-As-A-Server game.

    LD38_Recreate

    The left shows player control using the arrow keys and the right session you control the rock with the mouse.

    The Extension Demo Page where you can play yourself is:
    StencylColsyeusDemoPage

    posted in Showcase •
    RE: Stencyl (HaXe) Extension

    Since I want to join the Ludum Dare Jam 47 (2nd October) and make an on-line game we need to make resources public available.
    Therefore I have made the Stencyl Extension available as a public beta : Stencyl Colyseus Extension Page

    Last days I've worked on the documentation

    And I worked on implementing a turn based card game.

    alt physics

    Sending and receiving data is a breeze with Colyseus.

    It all depends on the game-logic and how to show the state of the game.

    I hope that the docker container that I provide to the Stencyl users will make running of the server easier for them.

    As mentioned before I have made the extension based on the work of serjek (haxe externs) on top of the Colyseus engine.

    The server has only three logic parts : Turn based and Locking mechanism and a check on active seat.
    All other logic has to run on the client.

    Of course most good server implementations need more logic on the server,
    but I still am not certain how to provide the stencyl users with a relative easy way to make server-side code.

    The best 'feel' you get is when you implement the Lock Room Type for your game. The room-data is kind of like a database server
    that allows only one player to modify the data.

    But, to be honest, most Stencyl users want to create physics based games. I provide examples how to run a client-as-a-server approach.
    That seems to work since all clients see the same 'server'-state. But it is never as fast as it could be with server-side-physics.

    I've attempted to create physics logic on the server based on the Box2D library.
    The problems arise when doing client side prediction and server lag compensation. I wasn't able to get that to work. The data on the
    clients 'jumped' all over the place. It works when you have minimal player interaction on the physics objects, but then the 'client-as-a-server' approach
    is way easier to implement.

    posted in Showcase •
    RE: Stencyl (HaXe) Extension

    Working towards a beta release of the Colyseus Stencyl Extension.

    I had already Lock, TurnBased and Raw room-types.

    Most of the progress has been made with the Client-As-A-Server concept.
    I know that the best way to handle multiplayer is on the server-side.
    But many of the Stencyl users are not comfortable writing the server-side logic.

    Therefore I attempted for a Client-Server-Relay kind of thing.
    The collision and logic is handled on the client side with one of the clients acting as the server.
    On that client the real physics objects are hidden and only the data that is send to all players is displayed.

    These are the things that are currently made with the Client-As-A-Server approach:

    alt pong

    Left Window is a Windows executable
    Right Window is a web-page

    alt physics

    I hope to do some more beta-testing with other Stencyl users to gain more information about this approach.

    posted in Showcase •
    RE: Raspberry PI and Colyseus ( and Haxe)

    From my setup:

    root@raspberrypi:~/colyseus-hxjs-examples# haxe -version

    4.0.0-rc.2
    

    root@raspberrypi:~/colyseus-hxjs-examples# haxelib list

    colyseus-hxjs: [git]
    hxnodejs: [10.0.0]
    tink_core: [1.23.0]
    tink_lang: [0.6.2]
    tink_macro: [0.17.7]
    tink_priority: [0.1.4]
    tink_syntaxhub: [0.4.3]
    

    root@raspberrypi:~/colyseus-hxjs-examples# cat src/colyseus/server/schema/Schema.hx | grep MapSchemaUtil

    class MapSchemaUtil {
    

    Your tink_core is different than mine. Don't know if that is the only thing that is different?

    posted in Showcase •
    RE: Raspberry PI and Colyseus ( and Haxe)

    Not sure if you are mixing libraries. The stuff that I rely on is from serjek and was based on 0.10 release. There is now a 0.11 release so I hope you didn't load any of that?!

    posted in Showcase •
    RE: Raspberry PI and Colyseus ( and Haxe)

    Unfortunately I can't confirm now on my system, but you might try to move the contents of that hxjs directory to the [git] (or copy)
    So that /usr/lib/haxe/lib/colyseus/-hxjs/git has the src, haxelib.json, README.md and extraParams.hxml

    And then try again haxe server.hxml

    posted in Showcase •
    RE: Raspberry PI and Colyseus ( and Haxe)

    @closetmonkey
    Hmm that is a strange output of haxelib list on colyseus-hxjs

    From memory (I don't have access to it now since I'm at work) the colyseus-hxjs should only have one version behind it :
    colyseus-hxjs: [git]

    this was used to tell haxelib what version it should use:
    echo "git" > /usr/lib/haxe/lib/colyseus-hxjs/.current

    what is the contents of your .current file?!

    Maybe you just edit the /usr/lib/haxe/lib/ (or your own haxelib path) /colyseus-hxjs/.current and make sure it only has the git in it?!

    posted in Showcase •
    RE: Raspberry PI and Colyseus ( and Haxe)

    what does ' haxelib list ' show?

    I had to use a mix of steps ( haxelib install and copying files) before haxe server.hxml could find all types.

    posted in Showcase •
    Raspberry PI and Colyseus ( and Haxe)

    Raspberry PI & Colyseus ( & Haxe )

    Currently there are two basic ways to deploy my Colyseus server:

    • (Virtual) Host on premise or in the cloud
    • Docker container running on premise or in the cloud

    For my Console system I wanted to run Colyseus and Haxe on a Raspberry PI.
    You could use this as a low budget computer for testing purposes or use port forwarding on your router to host it to the rest of the world.

    The steps below could be used to create a nodejs server and you can avoid all the extra steps to get haxe working.

    For small multiplayer games or for turnbased/idle games this would be a cheap way to run a server from your home.

    The procedure for a Virtual Raspberry PI (VirtualBox/XenServer) is much simpler because the x86 can work with lix.
    Unfortunately I haven't managed to get lix working on the real (ARM) hardware. It defaults to an incompatible distribution.

    If anyone knows how to tell lix to get the ARM based executables that would make this procedure a lot easier

    Installation Steps:

    Components:

    • Raspberry PI B v1.2 : 1GB Ram, 4x 1.2 Ghz Cores
    • Stretch image 2018-11-13-raspbian-stretch from https://distrowatch.com/?newsid=10376
    • Use Win32DiskImage/RUFUS to write the image to a 16GB SD card. The haxe software that we will install brings it to 14 GB!

    Boot raspbian (default it will use DHCP to get an IP address)
    Open terminal : sudo su - (Become root)

    vi /etc/ssh/sshd_config 
    

    change permitRootLogin to : permitRootLogin yes

    change password for root : passwd root

    Allow putty / ssh into the PI

    systemctl enable ssh
    systemctl start ssh
    

    Update/upgrade

    apt update
    apt upgrade
    
    rpi-update
    

    restart the PI

    Get the IP address:

    ip addr show      
    

    login as root to do the (remote) installation

    cd /root
    #nodejs
    #curl -sL https://deb.nodesource.com/setup_8.x | bash - # used for x86 version of pi
    curl -sL https://deb.nodesource.com/setup_10.x | bash -
    apt-get -y install nodejs
    node -v
    npm -v
    

    You can install the node stuff for Colyseus and run the NodeJS version.

    But I wanted HaXe so these are the steps we need to make before we can compile the neko and haxe versions

    If you are on x86 versions you can use the serjek example github files and use ' lix download' to download the binaries.

    But for now I had to compile the ARM versions:

    # ---------------
    # Neko / HaXe / Colyseus-hxjs 
    # ---------------
    # base software packages  
    # execute line after line (do not copy-paste-run!)
    mkdir -p ~/Development/haxe/{dev,lib,source}
    cd ~/Development/haxe/source
    apt-get install -y build-essential git cmake
    apt-get install -y libgc-dev libgc1c2 libpcre3 libpcre3-dev
    apt-get install -y apache2-dev libmariadb-client-lgpl-dev-compat    
    apt-get install -y libsqlite3-0 sqlite3 libsqlite3-dev    
    apt-get install -y libgtk2.0-dev
    apt-get install -y libudev-dev
    apt-get install -y libasound2-dev
    apt-get install -y zlib1g libmariadb2 libmbedtls-dev libmbedcrypto0 libmbedtls10 libmbedx509-0
    apt-get install -y m4 ocaml ocaml-native-compilers libpcre-ocaml-dev libextlib-ocaml libextlib-ocaml-dev opam
    apt-get install -y openssl libssl-dev 
    

    Interactive setup/install:

    opam init
    ocamlc -config|grep arch # should be arm 
    #interactive:
    opam install conf-m4 ocamlfind sedlex depext xml-light extlib rope ptmap sha
    

    We are ready to install neko and haxe:

    export HAXE_VERSION='4.0.0-rc.2'
    export NEKO_VERSION='v2-2-0'
    
    cd /root
    eval `opam config env`
    #
    #Neko install
    #
    git clone --recursive  https://github.com/HaxeFoundation/neko -b $NEKO_VERSION
    cd neko 
    mkdir build
    cd build
    cmake -DRELOCATABLE=OFF ..
    make
    make install
    

    Test the neko by typing in neko and check that the version is 2.2.0

      
    #
    # haxe install
    #  
    eval `opam config env`
    cd ~/Development/haxe/source
    git clone --recursive https://github.com/HaxeFoundation/haxe -b $HAXE_VERSION
    cd haxe
    make
    make tools
    make install  
      
    

    haxe --version # should give you 4.0.0-rc.2

    Setting up the libraries to run the examples

    haxelib setup
    # default /usr/lib/haxe/lib
     
    # yarn
    npm i yarn -g
    yarn
    
    # Get Haxe Libraries
    cd /usr/lib/haxe/lib
    # haxelib git colyseus-hxjs https://github.com/serjek/colyseus-hxjs
    git clone https://github.com/serjek/colyseus-hxjs
    
    

    Unfortunately I'm not good enough with haxe and lix libraries and I needed a hack to get
    the colyseus-hxjs library to work with the compiled ARM versions.

    Apparently the required versions are different from the default haxelib installations.
    Since I know that the lix steps worked for x86 installations I used a mix of installation steps to get it to work.

    npm i lix -g
    
    cd /root
    git clone https://github.com/serjek/colyseus-hxjs-examples.git
    cd /root/colyseus-hxjs-examples
    # We are still going to download the latest haxe_libraries but we are using the haxelib versions later
    lix download
    haxelib install tink_core
    haxelib install tink_lang
    haxelib install hxnodejs
    
    # Now we need to copy some of the /root/haxe/haxe_libraries to the haxelib libraries:
    mkdir -p /usr/lib/haxe/lib/colyseus-hxjs/git/src
    cp -r /root/haxe/haxe_libraries/colyseus-hxjs/0.0.0/github/*6  /usr/lib/haxe/lib/colyseus-hxjs/git
    mv /usr/lib/haxe/lib/colyseus-hxjs/git/*6/src  /usr/lib/haxe/lib/colyseus-hxjs/git/src
    cp -r /root/haxe/haxe_libraries/hxnodejs/6.9.1/haxelib/src/ /usr/lib/haxe/lib/hxnodejs/10,0,0
    
    echo "git" > /usr/lib/haxe/lib/colyseus-hxjs/.current
    
    haxelib list
    

    With these hacked haxe libraries we can then run the steps to create node versions from the haxe code:

    haxe server.hxml
    
    cd bin/server
    yarn
    node index.js
    
    

    You can now tell your client to connect to the examples.

    My pre-alpha Stencyl Extension Server was used by myself to run the TicTacToe game.

    For that I installed a webserver on the PI and uploaded both the server code and the client code to the Raspberry PI:

    #
    # Apache WebServer
    #
    apt-get install apache2
    systemctl enable apache2
    

    Copy your project to /var/www/html
    and
    Visit your game with a browser to the following URL: http://raspberry_pi_ip_address

    You can use win32diskimage to create an image from the SD card as a back-up.

    posted in Showcase •