diff --git a/core/config.py b/core/config.py index 47a3ff3..e5d0f35 100644 --- a/core/config.py +++ b/core/config.py @@ -84,6 +84,16 @@ class ServerConfig: self.__config, "core", "title", "proxy_port", default=0 ) + @property + def proxy_port_ssl(self) -> int: + """ + What port the proxy is listening for secure connections on. This will be sent + instead of 'port' if is_using_proxy is True and this value is non-zero + """ + return CoreConfig.get_config_field( + self.__config, "core", "title", "proxy_port_ssl", default=0 + ) + @property def log_dir(self) -> str: return CoreConfig.get_config_field( diff --git a/core/utils.py b/core/utils.py index 4dfb4dc..469a03f 100644 --- a/core/utils.py +++ b/core/utils.py @@ -40,9 +40,17 @@ class Utils: def get_title_port(cls, cfg: CoreConfig): if cls.real_title_port is not None: return cls.real_title_port - cls.real_title_port = cfg.server.proxy_port if cfg.server.is_using_proxy else cfg.server.port + cls.real_title_port = cfg.server.proxy_port if cfg.server.is_using_proxy and cfg.server.proxy_port else cfg.server.port return cls.real_title_port + + @classmethod + def get_title_port_ssl(cls, cfg: CoreConfig): + if cls.real_title_port_ssl is not None: return cls.real_title_port_ssl + + cls.real_title_port_ssl = cfg.server.proxy_port_ssl if cfg.server.is_using_proxy and cfg.server.proxy_port_ssl else Utils.get_title_port(cfg) + + return cls.real_title_port_ssl def create_sega_auth_key(aime_id: int, game: str, place_id: int, keychip_id: str, b64_secret: str, exp_seconds: int = 86400, err_logger: str = 'aimedb') -> Optional[str]: logger = logging.getLogger(err_logger) diff --git a/example_config/core.yaml b/example_config/core.yaml index ac3a69e..464da8b 100644 --- a/example_config/core.yaml +++ b/example_config/core.yaml @@ -10,6 +10,7 @@ server: is_develop: True is_using_proxy: False proxy_port: 0 + proxy_port_ssl: 0 log_dir: "logs" check_arcade_ip: False strict_ip_checking: False diff --git a/example_config/cxb.yaml b/example_config/cxb.yaml index 7723ff4..5cc4f90 100644 --- a/example_config/cxb.yaml +++ b/example_config/cxb.yaml @@ -1,3 +1,4 @@ server: enable: True - loglevel: "info" \ No newline at end of file + loglevel: "info" + use:https: True \ No newline at end of file diff --git a/example_config/nginx_example.conf b/example_config/nginx_example.conf index ef3b7d4..1790b84 100644 --- a/example_config/nginx_example.conf +++ b/example_config/nginx_example.conf @@ -6,7 +6,7 @@ server { location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_request_headers on; - proxy_pass http://localhost:8000/; + proxy_pass http://localhost:8080/; } } @@ -42,7 +42,7 @@ server { } } -# Billing +# Billing, comment this out if running billing standalone server { listen 8443 ssl; server_name ib.naominet.jp; @@ -58,28 +58,6 @@ server { ssl_prefer_server_ciphers off; location / { - proxy_pass http://localhost:8444/; - } -} - -# Pokken, comment this out if you don't plan on serving pokken. -server { - listen 443 ssl; - server_name pokken.hostname.here; - - ssl_certificate /path/to/cert/pokken.pem; - ssl_certificate_key /path/to/cert/pokken.key; - ssl_session_timeout 1d; - ssl_session_cache shared:MozSSL:10m; - ssl_session_tickets off; - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; - ssl_ciphers "ALL:@SECLEVEL=0"; - ssl_prefer_server_ciphers off; - - location / { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass_request_headers on; proxy_pass http://localhost:8080/; } } @@ -92,7 +70,7 @@ server { location / { return 301 https://$host$request_uri; # If you don't want https redirection, comment the line above and uncomment the line below - # proxy_pass http://localhost:8090/; + # proxy_pass http://localhost:8080/; } } @@ -118,6 +96,6 @@ server { location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_request_headers on; - proxy_pass http://localhost:8090/; + proxy_pass http://localhost:8080/; } } diff --git a/titles/cxb/config.py b/titles/cxb/config.py index fa5a6a3..49ab7c0 100644 --- a/titles/cxb/config.py +++ b/titles/cxb/config.py @@ -18,6 +18,12 @@ class CxbServerConfig: self.__config, "cxb", "server", "loglevel", default="info" ) ) + + @property + def use_https(self) -> bool: + return CoreConfig.get_config_field( + self.__config, "cxb", "server", "use_https", default=True + ) class CxbConfig(dict): diff --git a/titles/cxb/index.py b/titles/cxb/index.py index 345aa04..53930b4 100644 --- a/titles/cxb/index.py +++ b/titles/cxb/index.py @@ -89,18 +89,19 @@ class CxbServlet(BaseServlet): title_port_int = Utils.get_title_port(self.core_cfg) title_port_ssl_int = Utils.get_title_port_ssl(self.core_cfg) - proto = "https" if title_port_ssl_int != 443 else "http" + proto = "https" if self.game_cfg.server.use_https else "http" if proto == "https": - t_port = f":{title_port_ssl_int}" if title_port_ssl_int and not self.core_cfg.server.is_using_proxy else "" + t_port = f":{title_port_ssl_int}" if title_port_ssl_int != 443 else "" else: - t_port = f":{title_port_int}" if title_port_int and not self.core_cfg.server.is_using_proxy else "" + t_port = f":{title_port_int}" if title_port_int != 80 else "" return ( - f"{proto}://{self.core_cfg.server.hostname}{t_port}", + f"{proto}://{self.core_cfg.title.hostname}{t_port}", "", ) + async def preprocess(self, req: Request) -> Dict: req_bytes = await req.body() diff --git a/titles/ongeki/index.py b/titles/ongeki/index.py index f80214b..b217b2e 100644 --- a/titles/ongeki/index.py +++ b/titles/ongeki/index.py @@ -129,14 +129,21 @@ class OngekiServlet(BaseServlet): def get_allnet_info(self, game_code: str, game_ver: int, keychip: str) -> Tuple[str, str]: title_port_int = Utils.get_title_port(self.core_cfg) + title_port_ssl_int = Utils.get_title_port_ssl(self.core_cfg) proto = "https" if self.game_cfg.server.use_https and game_ver >= 120 else "http" - t_port = f":{title_port_int}" if title_port_int and not self.core_cfg.server.is_using_proxy else "" + + if proto == "https": + t_port = f":{title_port_ssl_int}" if title_port_ssl_int != 443 else "" + + else: + t_port = f":{title_port_int}" if title_port_int != 80 else "" return ( - f"{proto}://{self.core_cfg.server.hostname}{t_port}/{game_code}/{game_ver}/", - f"{self.core_cfg.server.hostname}{t_port}/", + f"{proto}://{self.core_cfg.title.hostname}{t_port}/{game_code}/{game_ver}/", + f"{self.core_cfg.title.hostname}{t_port}/", ) + async def render_POST(self, request: Request) -> bytes: endpoint: str = request.path_params.get('endpoint', '') version: int = request.path_params.get('version', 0) diff --git a/titles/pokken/index.py b/titles/pokken/index.py index ffd916c..8e2ce70 100644 --- a/titles/pokken/index.py +++ b/titles/pokken/index.py @@ -78,8 +78,8 @@ class PokkenServlet(BaseServlet): def get_allnet_info(self, game_code: str, game_ver: int, keychip: str) -> Tuple[str, str]: return ( - f"https://{self.game_cfg.server.hostname}:{self.game_cfg.ports.game}/pokken/", - f"{self.game_cfg.server.hostname}:{self.game_cfg.ports.game}/pokken/", + f"https://{self.game_cfg.server.hostname}:{Utils.get_title_port_ssl(self.core_cfg)}/pokken/", + f"{self.game_cfg.server.hostname}:{Utils.get_title_port_ssl(self.core_cfg)}/pokken/", ) def get_mucha_info(self, core_cfg: CoreConfig, cfg_dir: str) -> Tuple[bool, str]: diff --git a/titles/sao/index.py b/titles/sao/index.py index 4cabe30..e12dcbb 100644 --- a/titles/sao/index.py +++ b/titles/sao/index.py @@ -81,13 +81,14 @@ class SaoServlet(BaseServlet): port_normal = Utils.get_title_port(self.core_cfg) proto = "http" - port = f":{port_normal}" if not self.core_cfg.server.is_using_proxy and port_normal != 80 else "" + port = f":{port_normal}" if port_normal != 80 else "" if self.game_cfg.server.use_https: proto = "https" - port = f":{port_ssl}" if not self.core_cfg.server.is_using_proxy and port_ssl != 443 else "" + port = f":{port_ssl}" if port_ssl != 443 else "" + + return (f"{proto}://{self.core_cfg.title.hostname}{port}/", "") - return (f"{proto}://{self.core_cfg.server.hostname}{port}/", "") def get_mucha_info(self, core_cfg: CoreConfig, cfg_dir: str) -> Tuple[bool, str]: if not self.game_cfg.server.enable: