RikkaNaa

RikkaNaa

Artemis Reverse Proxy Configuration Reference

Preface#

If you want to use Artemis on a server, you will need a reverse proxy. After all, you don't want to sacrifice ports 80/443 on your server just for it.

Things You Need#

  • A clear mind
  • A domain name that has been resolved to the server
  • A server with Nginx/Caddy installed

Artemis Configuration#

To make the reverse-proxied Artemis work properly, you need to make the following modifications to core.yaml:

server:
  listen_address: "127.0.0.1"
  hostname: "aime.example.com" #modify to your desired domain name
  is_develop: False
  is_using_proxy: True
  proxy_port: 80
  proxy_port_ssl: 443
allnet:
  standalone: False
billing:
  standalone: False
aimedb:
  listen_address: "0.0.0.0"

The complete configuration file is as follows:

core.yaml
server:
  listen_address: "127.0.0.1"
  hostname: "aime.example.com" #modify to your desired domain name
  port: 8088
  ssl_key: "cert/title.key"
  ssl_cert: "cert/title.crt"
  allow_user_registration: True
  allow_unregistered_serials: True
  name: "ARTEMiS"
  is_develop: False
  is_using_proxy: True
  proxy_port: 80
  proxy_port_ssl: 443
  log_dir: "logs"
  check_arcade_ip: False
  strict_ip_checking: False

title:
  loglevel: "info"
  reboot_start_time: ""
  reboot_end_time : ""

database:
  host: "127.0.0.1"
  username: "aime"
  password: "password"
  name: "aime"
  port: 3306
  protocol: "mysql"
  sha2_password: False
  loglevel: "info"
  enable_memcached: True
  memcached_host: "localhost"

frontend:
  enable: False
  port: 8089
  loglevel: "info"
  secret: ""

allnet:
  standalone: False
  port: 80
  loglevel: "info"
  allow_online_updates: False
  update_cfg_folder: ""

billing:
  standalone: False
  loglevel: "info"
  port: 8443
  ssl_key: "cert/server.key"
  ssl_cert: "cert/server.pem"
  signing_key: "cert/billing.key"

aimedb:
  enable: True
  listen_address: "0.0.0.0"
  loglevel: "info"
  port: 22345
  key: "Copyright(C)SEGA"
  id_secret: ""
  id_lifetime_seconds: 86400

mucha:
  loglevel: "info"

Nginx Configuration#

If you need an SSL Title Server or the game is not patched, you will need a valid SSL certificate. You can use acme/certbot to automatically apply for renewal.

ALL.Net#

::: warning
Please use naominet.jp as the server_name, otherwise the network self-check will fail.
:::

server {
  listen 80;
  server_name naominet.jp;
	
  location / {
  	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  	proxy_pass_request_headers on;
  	proxy_pass http://localhost:8088/;
  }
}

Title#

server {
  listen 80;
  server_name aime.example.com; #the hostname you set in core.yaml

  location / {
  	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  	proxy_pass_request_headers on;
  	proxy_pass http://localhost:8088/;
  }
}

#Remove the following section if SSL Title is not needed
server {
  listen 443 ssl;
  server_name aime.example.com;

  ssl_certificate /path/to/your/certificate; #certificate path
  ssl_certificate_key /path/to/your/privatekey; #private key path
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_ciphers "ALL:@SECLEVEL=0";
  ssl_prefer_server_ciphers off;

  location / {
  	proxy_pass http://localhost:8088/;
  }
}

Billing#

server {
  listen 8443 ssl;	
  server_name ib.naominet.jp;
    
  ssl_certificate /path/to/your/certificate; #certificate path
  ssl_certificate_key /path/to/your/privatekey; #private key path
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_ciphers "ALL:@SECLEVEL=0";
  ssl_prefer_server_ciphers off;

  location / {
  	proxy_pass http://localhost:8088/;
  }
}

Caddy Configuration#

Refer to the Nginx configuration and write as follows:
Not tested yet, but it should work theoretically

# ALL.Net
naominet.jp:80 {
  reverse_proxy http://localhost:8088
}

# Title
aime.example.com:80 {
  reverse_proxy http://localhost:8088
}

# SSL Title
aime.example.com:443 {
  reverse_proxy http://localhost:8088
  tls /path/to/your/certificate /path/to/your/privatekey
}

# Billing
ib.naominet.jp:8443 {
  reverse_proxy http://localhost:8088
  tls /path/to/your/certificate /path/to/your/privatekey
}

Game Configuration#

After default= in segatools.ini, write the domain name you used earlier (e.g., aime.example.com) and make sure allnet_accounting is turned off.

This article is synchronized and updated to xLog by Mix Space.
The original link is https://rikka.im/posts/manual/artemis-prod


Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.