Yuanshen server architecture construction tool + environment configuration data
I am Ai Xi, and today I will share with you a detailed tutorial on the structure of the Yuanshen server, from the acquisition of the server to the use of ports and the DAIL signature of Android and ios, etc. Let you understand how to set up the Yuanshen server and which tools What does the information mean (nanny-level teaching)
Grasscutter
项目: xxxxx://github.XXX/Grasscutters/Grasscutter
GuanFWiki source: xxxxx://github.XXX/Grasscutters/Grasscutter/wiki
Basic principle: It is to capture packets and intercept the network requests of GuanF games, then analyze the requests and return values, and then simulate these requests to return and write a server. There are many similar things, Grasscutter is just one of them.
MITM is the middle man GJ (Man-in-the-middle attack). The DAIL used for the middleman GJ will first forward the request like a normal DAIL to ensure the communication between the server and the client, and then check and record the intercepted data in a timely manner, or tamper with the data to trigger specific behaviors on the server or client.
Fiddler is xxxxDAIL on the client and server sides, and it is also one of the most commonly used xxxx packet capture tools. It can record all xxxx requests between the client and the server. It can analyze request data, set breakpoints, debug web applications, modify requested data, and even modify data returned by the server for specific xxxx requests. It has very powerful functions. It is a powerful tool for web debugging.
Shadowrocket is an earlier client supporting the SSR protocol on the iOS/iPadOS platform, known as "Little Rocket". It has been taken off the shelves in the mainland, please use the account in the M area to download it in the AppStore
Docker is an open platform for developing, delivering and running applications. Applications can be separated from infrastructure, allowing rapid software delivery. Function: Package and package the entire environment into a mirror image, without the need to repeatedly configure the environment, and solve various problems caused by the environment. Docker containers are process-isolated, and no one will affect anyone.
Party documentation: xxxxx://docs.docker.XXX/get-started/
Shadowrochket
Register an Apple ID in M area and activate it
Using DAIL: Open the SSR software, select a USA node, and change the DAIL rule to "global DAIL"
(Registration and activation must use DAIL)
Register Apple ID in M area: open appleid.apple.XXX, create your Apple ID, fill in GR information (note that "GJ and region" select USA, "DHHM" use Temporary SMS and Disposable Numbers to obtain a virtual USADHHM) and email verification Verify with DIANHUA number (the DHHM verification code is obtained from the above-mentioned website), and then log in to the Apple ID in M area after successful registration, and replace the "trusted DHHM" with your own domestic SHOUJ number
Activate the Apple ID in the M area: Open the App Store of the mobile phone, enter the newly registered Apple ID in the M area, it will prompt that this apple id has not yet been used in the itunes store (this Apple ID has not yet been used in the iTunes store), click Review --Using the USA virtual GR information to generate and fill in the information (Street means street, Zip means zip code, especially pay attention to choose a state that is free of SUI: Alaska, Delaware, Montana, New Hampshire, Oregon, otherwise GOUMApp will receive SUI )
Use the M area gift card CQGOUM
If you have PayPal, just bind it up. Without it, the paid software in the App Store in the GOUMM area needs to go to the gift cardCQ in the Taobao GOUMM area.
Go to the gift card in the GOUMM area of Taobao (can be used superimposedly). Once you open the App Store in the M area, click Redeem Gift Card or Code and enter the purchased card information to complete the CQ.
Search for the Shadowrocket software in the App Store in the M area, and its basic usage will not be repeated here.
Apply for a generic domain name SSLzhengs
Next, we will use the acme.sh open source project to apply for free Let' S Encrypt generic domain name SSLzhengs.
Install acme.sh.
Both ordinary users and root users can install and use, and the installation process is carried out in a few steps:
Install acme.sh to your root directory, and create a bash alias for your convenience.
Automatically create a cronjob for you, automatically detect all zhengs at 0:00, if it is about to expire and needs to be updated, it will automatically update zhengs.
Note: The installation process will not pollute any existing system functions and files, and all modifications are limited to the installation directory. Don't worry about the problem that socat is not installed, it is only needed when xxxx verifies that there is no Web Server.
Generate SSL generic domain name zhengs
acme.sh implements all authentication protocols supported by the acme protocol, generally there are two authentication methods: xxxx and dns authentication.
xxxx Verification: The xxxx method needs to place a file in the root directory of your website to verify your domain name ownership.
dns verification: dns mode, add a txt resolution record to the domain name to verify the ownership of the domain name.
In the dns mode, you can use the API provided by the domain name resolution provider to automatically add txt records to complete the verification. Next, we will use this method to apply for Namesilo’s pan-domain name zhengs.
Step1: Open xxxxx://www.namesilo.XXX/account/api-manager to apply for NameSilo API, check the second check box, and click Generate to generate it.
Note: Be sure not to check the check box of Generate key for read-only access, otherwise it will cause the problem of Unable to add the DNS record. Error add txt for domain. In addition, the generated API only appears once, if you don't write it down, you can only reset it.
Step2: Enter the following command on the server to realize automatic dns verification and generate pan-domain name zhengs.
Wait for 1800s to see the applied SSLzhengs (NameSilo verification is relatively slow, and the 900s written in the GuanF document is sometimes not enough to complete the verification)
The generated files are placed in the root/.acme.sh/example.XXX/ directory, where example.XXX.key is the key file, and Fulichain.cer is the zhengs file.
Note: If your domain name is not owned by NameSilo, the above operation is different, please refer to: xxxxx://github.XXX/acmesh-official/acme.sh/wiki/dnsapi
The project depends on the environment to build
Build a Docker environment
Create a Docker network
The official environment uses the docker network to manage the Docker containers. For services such as the MongoDB database, it does not provide external ports. The internal communication between the containers is through the hostname to protect the system security.
Docker-MongoDB environment construction
There is no need to set up password authentication, and there is no need to expose ports. Add the Grasscutter container to the same docker network, and communicate internally through hostname.
Note: Since it is not exposed to the outside world, if you want to access the MongoDB database, you can only enter the container to view it through commands, and the visual management tool cannot be connected outside.
Docker JDK environment construction
Build the Docker-JDK17 environment (other versions cannot be used), and the Chinese version is used for Grasscutter below.
Note: Ports 22102 and 443 need to be mapped when creating a container, which is used for subsequent construction of GrasscutterSIF. 22102 is the port of the game server (GameServer), which is used to process some information such as transmission and damage calculation. If it is deployed on the server, remember to release the UDP protocol of this port in the security group to prevent the 4206 error from entering the game. 443 is the port used to handle login and game updates (DispatchServer, the default 443 is likely to be occupied and can be replaced with another.
Build SIF using Grasscutter
Prepare Grasscutter server and resources
The server configuration file uses: xxxxx://github.XXX/Grasscutters/Grasscutter.
xxxxx://github.XXX/Grasscutters/Grasscutter-Protos
The server jar package uses: xxxxx://t.me/genkitCN/37
The resource pack is using: xxxxx://github.XXX/Dimbreath/GenshinData.
xxxxx://github.XXX/radioegor146/gi-bin-output
Build the Grasscutter server
The first startup will definitely fail, so that a configjson will be automatically generated when the jar package is executed (if there is one, it will not be regenerated). Next, we need to modify the configuration inside:
Description of configuration meaning:
If it is running locally, the two Publiclp inside do not need to be moved. If it is placed on the server, you need to change the two Publiclp to the public IP of the server.
The "Port" above: 22102 is the port of the game server (GameServer), which is used to process some information such as transmission and damage value calculation. If it is deployed on the server, remember to release the UDP protocol of this port in the security group. Prevent the 4206 error from entering the game. In addition to the security group, check whether the firewall is open.
The following "Port": 443 is the port (DispatchServer) used to handle login and game updates. The default 443 port server may not be easy to handle. It may need to be registered before it can be used in China, or it may be occupied by services such as nginx. Windows may also be occupied by VMWare's Share sharing service or Steam, so it can be changed to another port. After the modification, if it is a server, remember to release the TCP protocol of this port in the security group. In addition to the security group, check whether the firewall is open.
"WelcomeMotd" : "Welcome to Grasscutter emu", this is the welcome sentence sent to you by the server after entering the server, it can be changed to something fun, "Welcome to XXXSIF" and the like.
"KeystorePassword" : "123456", this is the password of the zhengs file (no need to modify), the latest version of zhengs has a password, remember to fill it in.
"AutomaticallyCreateAccounts" : false, this is to control the automatic creation of accounts. After changing to true, if there is no such account when logging in to SIF, one will be automatically created and logged in, and then the default uid will be assigned, starting from 10001 and then postponed.
"MaxAvatarsInTeam" : 4 "MaxAvatarsInTeamMultiplayer" : 4, the maximum number of characters in the online team, the number of online can be switched after changing.
Modified configuration example
(If you follow my above operation, you only need to modify the IP and domain name in the following configuration):
Note: Even if your port 443 is occupied, and you changed it to 444 like me, the PublicPort in DispatchServer must also fill in 443, otherwise a 4206 error will occur.
When updating in the future, just replace the grasscutterjar, and the config.json should be regenerated and modified.
Start without nohup first, if no error is reported throughout the process and a log similar to the following figure appears, the startup is successful.
4.3 Add reverse DAIL and enable xxxxx
Add reverse DAIL: pagoda panel - website - setting - reverse DAIL - add reverse DAIL - fill in DAIL name and target URL ( xxxxx://127.0.0.1.444 )
Open xxxxx: pagoda panel a website---settings----SSL---- other zhengs, put the example.com.key key file,
Copy the fullchain.cerzhengs file and force xxxxx.
Note: The target URL when adding reverse DAIL must be xxxxx://. and not xxxx://. Otherwise, the reverse DAIL cannot be corrected. After the configuration is successful, the browser accesses the xxxxx:// domain name and you can see "hello" typeface.
5. The basic configuration of the client
5.1 Basic configuration of Win10 client
It is recommended to use Fiddler as a traffic hijacking tool on Win10. Open Fiddler is SIF, and close Fiddler is the official server.
Fiddler下载: xxxxx://www.telerik.XXX/fiddler/filddler-classic
Configuration instructions:
Step1: Select Tools-Options in the upper left corner, and select Decrypt xxxxx trafic in xxxxx.
Step2: Select Connections, and then select a port. To avoid port 8888, I use port 8181 here, and click OK.
Step3: Find FiddlerScript on the right side of Fiddler, delete all the original code, and then put the following piece of code into it (just change the host to - -), then click Save Script in the upper left corner to save the script to make it take effect.
Note: After that, you can open YuanShen.exe in Genshin Impact Game to start the game. During this period, an option to trust zhengs will pop up, just select Yes.
Basic configuration of iOS client
On the iOS side, it is recommended to use Shadowrocket as a traffic hijacking tool. Turn on DAIL and then run the game to enter SIF. Running the game without DAIL is the official server.
Step1: Shadowrocket > Configuration > Module > New Module, write the following content (replace the domain name with the actual value)
Step2: Enable and configure MitM
Shadowrocket > Configuration > Local Files > Select the i icon to the right of the active configuration > xxxxx decrypt, enable, generate and trust zhengs. Don't forget to go to Settings>General>About the bottom trust root stats>Start Shadowrocket
The basic use of Yuanshin SIF
Yuanshin SIF obtains resources by sending commands to the administrator. For specific instructions, see: Dev branch Chinese command list
Since it is not convenient to type commands, the various small tools made by the group friends are as follows is a command generator.
Project address: xxxxx://github.XXX/jie65535/GrasscutterXXXmandGenerator
I'm Essie, that's all for today's sharing, see you next time