From 6489675040473f96c9bcd45fac6eb34da7cc45db Mon Sep 17 00:00:00 2001 From: Mick Vermeulen Date: Wed, 16 Sep 2020 14:36:02 +0200 Subject: [PATCH] add extra information regarding certificates --- .env.sample | 29 +++++++++++++++++------------ README.md | 12 +++++++++--- Uchu | 2 +- Uchu.Dockerfile | 3 ++- config.default.xml | 14 +++++++------- docker-compose.yaml | 15 ++++++++++----- 6 files changed, 46 insertions(+), 29 deletions(-) diff --git a/.env.sample b/.env.sample index 68fa565..24bca12 100644 --- a/.env.sample +++ b/.env.sample @@ -1,18 +1,23 @@ -# Configuration file for Uchu Docker -DATABASE_PORT=5432 -REDIS_PORT=6379 -ADMINER_PORT=8080 -DATA_FOLDER=./data +# Only this variable has to be changed GAME_FOLDER=/res -# Postgres specific setup +# No modifications needed by default +DATA_FOLDER=./data +CERTIFICATE=./cert.pfx + +# Postgres specific setup, no modifications needed by default POSTGRES_USER=uchu POSTGRES_PASSWORD=uchu POSTGRES_DB=uchu -# Uchu specific setup -CHARACTER_PORT=2002 -API_PORT=10000 -MAX_WORLD_SERVERS=100 -# Should be API_PORT + MAX_WORLD_SERVERS -MAX_API_PORT=10100 \ No newline at end of file +# Exposed Uchu specific setup, no modifications needed by default +DATABASE_PORT=5432 +REDIS_PORT=6379 +ADMINER_PORT=8080 +UCHU_HANDSHAKE_PORT=1001 +UCHU_CHARACTER_PORT=2002 +UCHU_CHAT_PORT=2004 +UCHU_API_PORT_RANGE=10000-10100 +UCHU_WORLD_PORT_RANGE=20000-20100 +UCHU_SERVER_PORT=21836 +UCHU_AUTH_PORT=40000 \ No newline at end of file diff --git a/README.md b/README.md index 4ce7499..6a29da3 100644 --- a/README.md +++ b/README.md @@ -48,10 +48,16 @@ This allows you to input shell commands like `/adduser `. You can exit docker-compose down ``` +## Applying changes to .env + +When applying any changes to the `.env` file after your initial `docker-compose up -d`, the changes aren't built into the container. First run `docker-compose build --no-cache` to apply your `.env` file changes after which `docker-compose up -d` can be used again to start up Uchu. Note that this is not required if you only changed the LU resource location before running your first `docker-compose up -d`, but is required for any subsequent changes. + ## Adminer -Uchu Docker also automatically runs [Adminer](https://www.adminer.org), which allows you to easily modify the Uchu database in a user friendly way. After running Uchu Docker you can access Adminer through your browser at 0.0.0.0:8080 (or at 0.0.0.0:$ADMINER_PORT if you changed this in the `.env` file). Select the `PostgreSQL` database type, set the server to `db` and enter the credentials found in the `.env` file to login. More info on how to use Adminer can be found on their website. +Uchu Docker also automatically runs [Adminer](https://www.adminer.org), which allows you to easily modify the Uchu database in a user friendly way. After running Uchu Docker you can access Adminer through your browser at 0.0.0.0:8080. Select the `PostgreSQL` database type, set the server to `db` and enter the credentials found in the `.env` file to login. More info on how to use Adminer can be found on their website. + +## Hosting (Advanced) -## World ports (Advanced) +This Docker setup can be used to host Uchu as long as all ports are exposed (see the .env.sample file for all ports that need to be exposed). Do note that hosting Uchu on anything other than `localhost` requires a valid PFX certificate from a trusted CA like Let's Encrypt and therefore also a valid domain name. You *cannot* use a self signed certificate even if you first generate your own root certificate, as the TcpUdp mod does not look at the OS certificate store for valid root certificates. You can specify the path to your PFX certificate using the `$CERTIFICATE` environment variable. -If you wish to change the world ports, you can change the exposed ports in the `.env` file easily. The internal ports are locked by default to `2002` for the charater port and `10000-10100` for the api and world ports. If you wish to change these internal ports update the internal port values in the `.env` file. Ensure that `INTERNAL_API_PORT_RANGE` is updated to match your updated `INTERNAL_API_PORT` and `INTERNAL_MAX_WORLDS`. \ No newline at end of file +When hosting Uchu on a private network, for example in a LAN scenario, it might be a bit cumbersome to get a valid certficate and a domain. An alternative solution would be to run Uchu on a host device, find it's private network IP using `ipconfig` or `ifconfig` and port-forwarding all Uchu ports on `localhost` on client machines to the private network IP and the respective ports. This way clients on the private network can connect with Uchu through `localhost` and therefore no certificate is required. To ensure this works port-forward all the ports from the `.env` file on all client machines to the host machine. \ No newline at end of file diff --git a/Uchu b/Uchu index 837e20b..33fc2ff 160000 --- a/Uchu +++ b/Uchu @@ -1 +1 @@ -Subproject commit 837e20b6562ef79b18aabab376e77c23d22b9dbc +Subproject commit 33fc2ff94368718d95ba43e9334919037697cda3 diff --git a/Uchu.Dockerfile b/Uchu.Dockerfile index fbbdf63..e74d7f7 100644 --- a/Uchu.Dockerfile +++ b/Uchu.Dockerfile @@ -1,7 +1,8 @@ FROM mcr.microsoft.com/dotnet/core/sdk:3.1-alpine COPY Uchu config.default.xml .env ./ -RUN apk add gettext +RUN apk update && apk add --no-cache gettext && apk add --no-cache openssl + RUN set -o allexport && source .env && set +o allexport && envsubst < config.default.xml > config.xml RUN dotnet build diff --git a/config.default.xml b/config.default.xml index bfc8ec8..dd0fb37 100644 --- a/config.default.xml +++ b/config.default.xml @@ -18,20 +18,20 @@ dotnet - ./Uchu.Instance/bin/Debug/netcoreapp3.1/Uchu.Instance.dll - ./Uchu.StandardScripts/bin/Debug/netcoreapp3.1/Uchu.StandardScripts.dll + Uchu.Instance/bin/Debug/netcoreapp3.1/Uchu.Instance.dll + Uchu.StandardScripts /res - - - $INTERNAL_CHARACTER_PORT + $CERTIFICATE + localhost + 2002 true true - $INTERNAL_MAX_WORLDS + 100 false @@ -40,7 +40,7 @@ http localhost - $INTERNAL_API_PORT + 10000 redis diff --git a/docker-compose.yaml b/docker-compose.yaml index 7cc0a66..73874d0 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -6,7 +6,7 @@ services: - .env restart: always ports: - - "${DATABASE_PORT}:5432" + - ${DATABASE_PORT}:5432 volumes: - ${DATA_FOLDER}:/var/lib/postgresql/data adminer: @@ -15,14 +15,14 @@ services: depends_on: - db ports: - - "${ADMINER_PORT}:8080" + - ${ADMINER_PORT}:8080 redis: image: redis:6.0.8-alpine env_file: - .env restart: always ports: - - "${REDIS_PORT}:6379" + - ${REDIS_PORT}:6379 volumes: - ${DATA_FOLDER}:/data uchu: @@ -37,7 +37,12 @@ services: volumes: - ${GAME_FOLDER}:/res ports: - - "${CHARACTER_PORT}:${INTERNAL_CHARACTER_PORT}" - - "${API_PORT_RANGE}:${INTERNAL_API_PORT_RANGE}" + - ${UCHU_HANDSHAKE_PORT}:1001 + - ${UCHU_CHARACTER_PORT}:2002 + - ${UCHU_CHAT_PORT}:2004 + - ${UCHU_API_PORT_RANGE}:10000-10100 + - ${UCHU_WORLD_PORT_RANGE}:20000-20100 + - ${UCHU_SERVER_PORT}:21836 + - ${UCHU_AUTH_PORT}:40000 tty: true stdin_open: true