Table of Contents
About
This is a template of configurations to configure your Apache2 service to proxy the Cockatrice websocket server. Many of the details are glossed over unlike the SSL Websockets - NGINX article.
Servatrice
Configuring Servatrice
In order for us to accept websocket connections, we have to configure Servatrice to accept them:
[server]
; Servatrice can listen for clients on websockets, too. Unfortunately it can't support more than one thread.
; Set to 0 to disable the websocket server.
websocket_number_pools=1
; The TCP port number servatrice will listen on for websocket clients; default is 4748
websocket_port=4748
We now need to tell servatrice where to find the real IP of the connecting client. Since we are proxying via Apache, the real address can be found in the X-Forwarded-For header.
You will need to add this line to your servatrice.ini
; The header to check for the client's actual IP address
web_socket_ip_header="X-Forwarded-For"
Apache2
Start of by creating a regular subdomain configuration via apache2 and set it up with Cert Bot for SSL certificates.
This should generate a apache VirtualHost configuration with the Lets Encrypt configuration setup somewhere around /etc/apache2/sites-available.
Enable the proxy engines we will be using:
$ a2enmod proxy
$ a2enmod proxy_http
$ a2enmod proxy_wstunnel
Now in your new VirtualHost, add the RewriteEngine rules to rewrite upgrade connects, and the ProxyPass rule to proxy WS traffic:
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:4748/$1 [P,L]
ProxyPreserveHost On
ProxyRequests Off
ProxyPass "/servatrice" "ws://localhost:4748/servatrice"
ProxyPassReverse "/servatrice" "ws://localhost:4748/servatrice"
Note that we are redirecting the traffic /servatrice to ws://localhost:4748/servatrice. The game server is hosted in the /servatrice folder.
If you want to be fancy, you can make all traffic auto route to this folder with a slight change of the ProxyPass, but this might interfere if you have a website also running on that route (self-hosted webatrice for example)
Aaaand done. Simply restart your servatrice and apache2 configuration for it to apply. A full VirtualHost module may look something like:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@chickatrice.net
ServerName mtg.chickatrice.net
DocumentRoot /var/www/mtg.chickatrice.net/
ErrorLog ${APACHE_LOG_DIR}/mtg.error.log
CustomLog ${APACHE_LOG_DIR}/mtg.access.log combined
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:4748/$1 [P,L]
# Disabled: We only need to rewrite WS requests to servatrice
# RewriteCond %{HTTP:Upgrade} !=websocket [NC]
# RewriteRule /(.*) http://localhost:4748/$1 [P,L]
ProxyPreserveHost On
ProxyRequests Off
ProxyPass "/servatrice" "ws://localhost:4748/servatrice"
ProxyPassReverse "/servatrice" "ws://localhost:4748/servatrice"
SSLCertificateFile /etc/letsencrypt/live/mtg.chickatrice.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mtg.chickatrice.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
( dont blindly copy above, this is a mix of auto-generated and site specific configuration )
Welcome to the Cockatrice Wiki
- One Minute Game Guide
- Getting Started (placeholder)
- Tutorials
- Public Servers
- EDH Kingdoms
- Limited Formats
- The Cockatrice Etiquette Primer
Technical
Customizing Cockatrice
Servatrice Server
- Setting up Servatrice
- Installing Servatrice on Kubernetes
- Server Maintenance
- Servatrice Command Line Reference
- FAQ / Troubleshooting
- SSL Websockets - NGINX
- SSL Websockets - Apache2
Helping Cockatrice