~ 5 Minute Read.

The most chal­leng­ing project I worked on since quite a while was the We­b­VR game Vhite Rab­bit built for the Vir­tuleap Com­pe­ti­tion. With mul­ti­play­er be­ing one of the fea­tures we want­ed to have for it, a whole new set of skills had to be ac­quired.

I had writ­ten a bit of net code be­fore (with py­ro­ma­nia), but I nev­er re­al­ized de­ploy­ing and set­ting up the serv­er and all the in­fra­struc­ture around it would be such a task. It turned out to be those 80% of the time you spend on the 20% of work!

We orig­i­nal­ly want­ed to run the serv­er on Uberspace, which cur­rent­ly runs Cen­tOS 6, though, with GCC 4.4.7 (ear­ly 2012)—not great for mod­ern C++ code and not sup­port­ed by Mag­num. Al­so, CMake 2.8.12.2 runs there, which is just suf­fi­cient for Mag­num on the oth­er hand, but in­suf­fi­cient for POCO.

“Just build ev­ery­thing my­self!”, I thought. Thank­ful­ly I got ad­vice against that; prob­a­bly pre­vent­ing a huge num­ber of prob­lems with all of that. In­stead, I found out that Uberspace is up­grad­ing to Cen­tOS 7! Way more ac­cept­able en­vi­ron­ment there, but they’re in be­ta with that and the fea­ture to open a port to the out­side is not avail­able yet… 1

Fi­nal­ly, I end­ed up on dig­i­tal ocean! 2 Boy that was ex­cit­ing. First of all I felt re­al­ly “pro­fes­sion­al” be­ing on such a pow­er­ful cloud plat­form—very im­por­tant :P—and sec­ond of all I had a blank can­vas of Cen­tOS 7 now, which al­lowed me to trans­fer all the work I had done for run­ning the mul­ti­play­er serv­er on Uberspace be­fore I found out that that port open­ing fea­ture was miss­ing there.

First, I learnt about some SSH stuff that was not yet ful­ly de­vel­oped in my brain yet, then that git-bash has an ssh-client I now pre­fer over put­ty on Win­dows. I went on to re­al­ize what su­do is ac­tu­al­ly about and that it’s not just equiv­a­lent to “run as ad­min­is­tra­tor” on Win­dows. I learnt how to set­up a ser­vice us­ing sys­temd and hard­ened some unix knowl­edge.

Good that I al­ready knew how to quit vim. 3

Build­ing and De­ploy­ing

Build­ing hap­pens through Git­lab CI, not on the serv­er. Af­ter the build­ing is done on a cus­tom Cen­tOS dock­er con­tain­er, which builds a greater CMake ver­sion and pre­builds some de­pen­den­cies to speed up the builds, the bi­na­ries are up­load­ed to the serv­er us­ing scp.

Ob­vi­ous­ly the serv­er needs to be stopped be­fore copy­ing and then start­ed again once the copy fin­ished. While in this mo­ment I re­al­ize that this downs the serv­er should the copy ev­er fail, but apart from that it works very well! To al­low Git­lab CI to do this via ssh, I use su­do to make ex­act­ly those com­mands avail­able to the us­er I cre­at­ed for it.

SSL

We will be host­ing our We­b­VR game on an SSL en­crypt­ed web page (hence, https://). Turns out if you do that, you can no longer use the in­se­cure Web­Sock­et pro­to­col for con­nect­ing to the mul­ti­play­er serv­er. You use wss:// in­stead of ws://.

You don’t want to know how much time I had to spend learn­ing about how SSL gen­er­al­ly works and why the hell it wasn’t suf­fi­cient to grab a cer­tifi­cate from let­sen­crypt.org and be hap­py.

The serv­er needs to sup­port the https pro­to­col (ob­vi­ous­ly now, but I didn’t re­al­ize at first) for the en­crypt­ed Web­Sock­et hand­shake. That re­quires you to con­fig­ure POCO with the cor­rect keys you re­trieved from the CA (cer­tifi­cate au­thor­i­ty, in this case letsen­crypt.org) and have it ini­tial­ize OpenSSL in the cor­rect way. Did you know that there is not just one way to SSL? SSL has many “cyphers” and dif­fer­ent pro­to­cols and re­spec­tive ver­sions.

Now I’m stuck try­ing to get Chrome and my serv­er to find over­lap­ping cyphers, which I be­lieve I found the so­lu­tion for al­ready (Ed­it 2018-07-11: I didn’t). And even if that is not the so­lu­tion, I will push through. Like with all of those oth­er prob­lems I had.

Do a project you re­al­ly want to hap­pen and your pas­sion will make you run through walls and learn an as­tound­ing amount of new things in the process.

1
Al­so, chang­ing the web­serv­er is not pos­si­ble yet, oth­er­wise I could have tried to find a so­lu­tion mis­us­ing web ports.
2
They ac­cept pay­pal, which was great! AWS for ex­am­ple just takes a cred­it/deb­it card even for their free plan and I do not own such a thing. There­fore was hap­py to pay the 5$ in a way I could. Al­so, that’s a refer­al link. Use it to get 10$ to start off with.
3
I’ve been us­ing vim for over two years on a day-to-day ba­sis, at least 8 hours per day. I’m writ­ing this in vim.

Writ­ten in 50 min­utes, ed­it­ed in 5 min­utes.