Frobtads on AWS Lightsail

Otto73 · July 2, 2019, 3:43pm

I’m attempting to set up a public TADS server using Frobtads-1.2.3 on an AWS Lightsail server. Everything installed and frobtads appears to run: ‘frob -N 44 Game.t3’ starts a process, which gives a web address. However, it runs on localhost, which makes it very hard to connect to.
I have very little (i.e. no) experience with servers, so I’m thinking there’s something fairly obvious I’m doing wrong here?

RealNC · July 2, 2019, 3:48pm

Have you read this yet:

https://tads.org/t3doc/doc/sysman/webhost.htm

Otto73 · July 2, 2019, 4:00pm

I have, but clearly need to go over it again. So it’s not possible to simply start frobtads from the command line and connect to it any way other than locally, without the php scripts - I guess that’s the obvious bit I’m missing.

RealNC · July 2, 2019, 4:18pm

Does your instance have an external IP? According to the guide, AWS uses NAT, so there is no external IP for frob to listen to. You need to forward all user ports (1024 to 65535) to your instance. Someone wrote a guide for AWS lightsail:

~~https://exain.wordpress.com/2017/07/19/port-forwarding-in-aws-lightsail-or-ec2-machines-via-ssh~~

Note that running frob this way is not very useful when running on a server. Running it this way is meant for playing or testing WebUI games locally. Every frob instance is meant for one play session. Once you quit the game, you need to start another frob instance. It is not really a server in the traditional sense. It doesn’t serve multiple game sessions to multiple players. It’s one frob instance for one player and one session.

RealNC · July 2, 2019, 4:31pm

Hm. I take that back. The port forwarding guide is for something completely different. Please disregard. It seems lightsail instances do have a static external IP.

Otto73 · July 2, 2019, 4:44pm

Yes, it definitely has an external IP. It was just meant to be a quick test run of frobtads from the command line - I wrongly assumed it would run using the external IP address, not localhost. I guess there’s no simple way to run frobtads with the external IP so I’ll have to install the PHP scripts and do all the config.

Otto73 · July 5, 2019, 4:16pm

I’ve got as far installing the PHP scripts, following the instructions here - [https://tads.org/t3doc/doc/sysman/webhost.htm]
I get an ‘OK’ when type [http://54.64.119.192/t3launch/t3launch.php?ping] into the address bar. However, when I try to start a game, using [http://54.64.119.192/t3launch/t3launch.php?storyfile=http://seriousgames.atwebpages.com/WebUIdemo/WebUIdemo.t3] - the interpreter seems to start up, in that the gamefile gets downloaded to the /tmp directory, it seems to start a session as I get redirected to a random port with a TADS session ID, but the response is always:

This site can’t be reached

54.64.119.192 took too long to respond.

Even though the site appears to be running fine.

RealNC · July 5, 2019, 6:32pm

Check to see if you need to allow all ports in the instance’s firewall configuration. Add an “application” (you can name it however you like) where you specify a range of 1024-65535 for TCP to be allowed.

Although I think you can just use a range of 49152–65535, since I believe this is the range TADS will use (this is the “private” port range.)

By the way, you should run frob in plain mode when running WebUI games. Add --interface plain to T3RUN_OPTS (in inc/config.php) to avoid frob setting up an ncurses session.

Otto73 · July 6, 2019, 4:03pm

Thanks very much - that did the trick, all up and running now, although just FYI, the port numbers go much lower than 49152 - I’m not sure what the exact range is.

RealNC · July 6, 2019, 5:15pm

Hm. It uses whatever port the OS gives it. I assumed wrongly that it would use 49152 and up. So it’s 1024-65535 (0-1023 are never assigned to non-privileged processes.)

RealNC · July 6, 2019, 6:04pm

OK, I completely forgot that this is tweakable on Linux. This command will print the port range the system will assign to applications:

cat /proc/sys/net/ipv4/ip_local_port_range

or:

sysctl net.ipv4.ip_local_port_range

(You could change this through sysctl, but you don’t need to.)

cstevens · July 11, 2019, 10:10pm

I found my notes, posting here so they may be helpful

Setting Up A Custom server

NOTE: Updated code here, though principles the same: https://bitbucket.org/bcressey/t3launch

Downloaded/Compiled server

NOTE: SQL Is already on server, will just do that

== PHP Apache Configuration

This is already here: /etc/apache2/mods-enabled/php5.conf

NOTE: This configuration will deny all files without ‘php’ extention

NOTE: Do this after downloading t3launch.zip

.haccess override allow/deny settings
Download t3launch.zip found here: http://www.tads.org/t3dl/t3launch.zip

plato: /doc/if/t3_server_files/t3launch.zip

unzip t3launch.zip
move unziped files to apache subdirectory
root@plato:/var/www/html# mv /home/cstevens/doc/if/t3_server_files/t3launch /var/www/html

== Install PHP5 MySQL modules
root@plato:/ sudo apt-get install php5-mysql

== Configure MySQL

cstevens@plato: mysql -u root -p

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

mysql>

create user t3launch identified by ‘password’;
create database t3launch;
use t3launch;
grant all on t3launch.* to t3launch;

== Set up home directory
NOTE: Run as root

groupadd nobody
chown nobody.nobody /home/db
touch /home/db/t3launch.db

== Modify plato:~/doc/if/t3_server_files/t3launch/inc/config.php

Made backup copy to config.php.orig

Uncommented the following and modified password:

define(“DB_ENGINE”, “mysql”);
define(“DB_HOST”, “localhost”);
define(“DB_USERNAME”, “t3launch”);
define(“DB_PASSWORD”, “password”);
define(“DB_SCHEMA”, “t3launch”);

// frobtads executable (uncommented)
define(“T3RUN_EXE”, “/usr/local/bin/frob”);

// frobtads option switches (uncommented)
define(“T3RUN_OPTS”, “–interface plain --safety-level 44 --net-safety-level 00 --no-pause”);
define(“T3RUN_OPT_WEBHOST”, “–webhost”);
define(“T3RUN_OPT_WEBSID”, “–websid”);
define(“T3RUN_OPT_GAMEURL”, “–webimage”);

// Not behind a NAT (at least for testing)
define(“USING_NAT”, 0);

// Cache location
define(“T3_CACHE_DIR”, “/tmp”);

Improve performance (as root)

modify /etc/sysctl.conf
echo “0” > /proc/sys/net/ipv4/tcp_slow_start_after_idle

Modify Apache2 to permit php in /etc/apache2/apache2.conf
NOTE This is probably not the problem, removing
<Directory /var/www/t3launch>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted

sudo service apache2 restart

== Test Installation

In the browser:
http://localhost/t3launch/t3launch.php?ping

=== Make sure it is secure
http://localhost/t3launch/inc/config.php

NOTE: This yielded a blank in my Firefox browser, not a 403 Error. CHECK SECURITY

The security is wrong, entry in /var/log/apache2/access.log:
GET /t3launch/inc/config.php HTTP/1.1" 200 224 “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0”

NOTE: /var/www/t3launch/inc/config.php --safety-level 00 may be unsafe!

== Add /usr/local/bin/tadsweb.config
NOTE: Configure and move to another location
Contents:
storage.rootpath = /
watchdog = no

I could play the instance using this URL (after seeting the --saftey-level to 00 in inc/config.php)

http://localhost/t3launch/t3launch.php?storyfile=http://localhost/t3launch/the_tarlatt_slough_trail.t3

RealNC · July 12, 2019, 12:30am

That link doesn’t seem to work for me (404).

You really should be enabling the watchdog. Otherwise, frob instances could be running forever, or they could hog the server if a game goes into an infinite loop.