Skip to content

Commit e664d5e

Browse files
committed
feat: use secure websocket connection
1 parent e59659c commit e664d5e

File tree

8 files changed

+73
-13
lines changed

8 files changed

+73
-13
lines changed

docker-compose.prod.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ services:
77
REACT_APP_ENV: Production
88
REMOVE_CF_IPS: "false"
99
ports:
10-
- 80:80
10+
- 443:443
1111
depends_on:
1212
- game-service
1313
game-service:
@@ -16,7 +16,7 @@ services:
1616
expose:
1717
- 50051
1818
environment:
19-
URL: ws://0.0.0.0:50051
19+
URL: wss://0.0.0.0:50051
2020
FLECK_LOG: Info
2121
IM_LOG: Debug
2222
GAME_LOG: Debug

src/frontend/nginx.conf

Lines changed: 39 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,44 @@ http {
1616
server game-service:50051;
1717
}
1818

19-
server {
19+
server {
2020
listen 80;
21-
server_name _;
21+
server_name localhost;
22+
23+
location / {
24+
gzip_static on;
25+
root /usr/share/nginx/html;
26+
index index.html;
27+
}
28+
29+
location /game {
30+
# Upgrade to WebSocket protocol over HTTP
31+
proxy_pass http://game/;
32+
proxy_set_header X-Real-IP $remote_addr;
33+
proxy_set_header Host $host;
34+
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
35+
proxy_http_version 1.1;
36+
proxy_set_header Upgrade $http_upgrade;
37+
proxy_set_header Connection "Upgrade";
38+
}
39+
}
40+
41+
server {
42+
listen 80;
43+
server_name maplefighters.io www.maplefighters.io;
44+
45+
# Redirect all HTTP requests to HTTPS
46+
return 301 https://$host$request_uri;
47+
}
48+
49+
server {
50+
listen 443 ssl;
51+
server_name maplefighters.io www.maplefighters.io;
52+
53+
ssl_certificate /etc/nginx/ssl/server.crt;
54+
ssl_certificate_key /etc/nginx/ssl/server.key;
55+
ssl_protocols TLSv1.2 TLSv1.3;
56+
ssl_ciphers HIGH:!aNULL:!MD5;
2257

2358
limit_req zone=req burst=10 delay=5;
2459
limit_req_status 444;
@@ -31,14 +66,11 @@ http {
3166
}
3267

3368
location /game {
34-
# Source: https://github.com/nicokaiser/nginx-websocket-proxy/blob/master/simple-ws.conf
35-
# redirect all HTTP traffic to game-service
36-
proxy_pass http://game/;
69+
# Upgrade to WebSocket protocol over HTTPS
70+
proxy_pass https://game/;
3771
proxy_set_header X-Real-IP $remote_addr;
3872
proxy_set_header Host $host;
3973
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
40-
41-
# WebSocket support (nginx 1.4)
4274
proxy_http_version 1.1;
4375
proxy_set_header Upgrade $http_upgrade;
4476
proxy_set_header Connection "Upgrade";

src/game-service/Game.Application/GameApplication.cs

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
using System;
2+
using System.Security.Cryptography.X509Certificates;
23
using DotNetEnv;
34
using Fleck;
45
using Game.Application;
@@ -23,7 +24,9 @@
2324
GameLog.Level = (GameLogLevel)Enum.Parse(typeof(GameLogLevel), gameLog);
2425

2526
var url = Env.GetString("URL");
26-
var server = new WebSocketServer(url);
27+
var certificatePassword = Env.GetString("CERT_PASSWORD");
28+
var serverUri = new Uri(url);
29+
var server = new WebSocketServer($"{serverUri.Scheme}://{serverUri.Host}:{serverUri.Port}");
2730
var serverComponents = new ComponentCollection(new IComponent[]
2831
{
2932
new IdGenerator(),
@@ -41,6 +44,11 @@
4144
serverComponents?.Dispose();
4245
};
4346

47+
if (string.IsNullOrEmpty(certificatePassword) == false)
48+
{
49+
server.Certificate = new X509Certificate2("server.pfx", certificatePassword);
50+
}
51+
4452
server.Start((connection) =>
4553
{
4654
var id = idGenerator.GenerateId();

src/game-service/Game.Application/Makefile

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,10 @@ build:
22
docker build -t game-service .
33

44
run:
5-
docker run -p 50051:50051 game-service -e URL=ws://0.0.0.0:50051 \
5+
docker run -p 50051:50051 game-service -e \
6+
URL=ws://0.0.0.0:50051 \
67
FLECK_LOG=Info \
78
IM_LOG=Debug \
8-
GAME_LOG=Debug
9+
GAME_LOG=Debug \
10+
CONFIG_SOURCE=v2.0 \
11+
MAX_CONNECTIONS=100

src/maple-fighters/Assets/Maple Fighters/Resources/Configurations/NetworkConfiguration.asset

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,15 @@ MonoBehaviour:
1414
m_EditorClassIdentifier:
1515
HostingData:
1616
- Name: Editor
17+
Protocol: ws
1718
Host: localhost
1819
Environment: 0
1920
- Name: Development
21+
Protocol: ws
2022
Host: localhost
2123
Environment: 1
2224
- Name: Production
25+
Protocol: wss
2326
Host: maplefighters.io
2427
Environment: 2
2528
Environment: 0

src/maple-fighters/Assets/Maple Fighters/Scripts/ScriptableObjects/Configurations/HostingData.cs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@ public class HostingData
77
{
88
public string Name;
99

10+
public string Protocol;
11+
1012
public string Host;
1113

1214
public HostingEnvironment Environment;

src/maple-fighters/Assets/Maple Fighters/Scripts/ScriptableObjects/Configurations/NetworkConfiguration.cs

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,18 @@ public class NetworkConfiguration : ScriptableSingleton<NetworkConfiguration>
1414

1515
public HostingEnvironment Environment;
1616

17+
public string GetProtocol()
18+
{
19+
var hostingData =
20+
HostingData.FirstOrDefault((x) => x.Environment == Environment);
21+
if (hostingData != null)
22+
{
23+
return hostingData.Protocol;
24+
}
25+
26+
return string.Empty;
27+
}
28+
1729
public string GetHost()
1830
{
1931
var hostingData =

src/maple-fighters/Assets/Maple Fighters/Scripts/Services/GameApi/WebSocketGameApi.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,7 @@ private void Start()
7777

7878
var uriBuilder = new UriBuilder()
7979
{
80-
Scheme = "ws",
80+
Scheme = networkConfiguration.GetProtocol(),
8181
Host = networkConfiguration.GetHost(),
8282
Path = "game"
8383
};

0 commit comments

Comments
 (0)