How can the server be reached in arma 3?

[CubelightCodes]

Hey there,

I managed to setup the app with steam auth, installing arma 3 server and adding a scenario and mods and configuring the server. But it does not show up under direct connect with the vps server IP and 2302 port, and i also cant query it by keywords. Do i have to open ports first? According to logs it seems to be running

The app currently runs in a network with nginx proxy manager and is served over it.

Here my configurations below:

[fugasjunior]

Hi, would you mind sharing more info about the VPS and your setup such as your OS, whether you're running the manager in Docker or natively and whether you use the host network mode or expose specific ports?

In the meantime, by using Nginx Proxy Manager, I'll assume that you use Docker with only exposing specific ports. In such case, you need to expose ports 2302 (server port) and 2303 (steam query port) directly from the Arma server manager docker service. You also need to make sure that the ports are open and not blocked by any kind of firewall.

[CubelightCodes]

Hi, the VPS has a Ubuntu 22.04. LTS OS and I run the manager via docker fully. The special thing is that I changed the compose yaml file so that all containers join a common docker network with the nginx proxy manager. This is necessary so that NPM can expose the container to the web and add a certificate for example (You and I discussed earlier about documenting a reverse proxy setup to secure the arma manager for public accessibility -> Maybe I am soon ready to write one having maneuvered myself painfully through everything :D). As of my understanding currently all of the container ports (8080, 8090, 3306 etc.) are opened also without proxy (I know its bad practice with the db being open to the web on 3306, but I am setting this up for testing purposes).

Here is the specified docker compose yaml for the arma server manager

version: '3.3'

services:
  db:
    image: mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}"
      MYSQL_DATABASE: "${MYSQL_DB_NAME}"
      MYSQL_USER: "${MYSQL_USER}"
      MYSQL_PASSWORD: "${MYSQL_PASSWORD}"
    networks:
      - nginx-proxy-manager_default
    ports:
      - "3306:3306"
    volumes:
      - armaservermanager-db:/var/lib/mysql

  adminer:
    image: adminer
    restart: always
    networks:
      - nginx-proxy-manager_default
    ports:
      - "8090:8080"

  armaservermanager:
    image: "fugasjunior/armaservermanager:${VERSION}"
    restart: always
    #    Not available on Windows. If you need to run this image on Windows, you need to set up port mappings manually.
    # network_mode: host
    networks:
      - nginx-proxy-manager_default
    depends_on:
      - db
    volumes:
      #      - /home/armaservermanager/storage:/home/steam/armaservermanager/
      - armaservermanager-storage:/home/steam/armaservermanager/
    environment:
      AUTH_USERNAME: "${AUTH_USERNAME}"
      AUTH_PASSWORD: "${AUTH_PASSWORD}"
      SPRING_DATASOURCE_URL: "${MYSQL_DB_URL}"
      SPRING_DATASOURCE_USERNAME: "${MYSQL_USER}"
      SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
      STEAM_API_KEY: "${STEAM_API_KEY}"
      JWT_SECRET: "${JWT_SECRET}"
      DATABASE_ENCRYPTION_SECRET: "${DATABASE_ENCRYPTION_SECRET}"

networks:
  nginx-proxy-manager_default:
    external: true

volumes:
  armaservermanager-db:
  armaservermanager-storage:

Additionally the nginx proxy manager configuration for the proxy host:

Is there anything specific I could provide? docker ps or docker network inspect results or something?

[CubelightCodes]

So, no I disabled the network_mode: host as it was incompatible with networking together with NPM. What do you mean by opening the 2302/2303 ports from the arma server manager docker configuration? I am new to docker and docker compose, what specifically should be updated in my upper yaml file?

[fugasjunior]

Thanks for the info. In such case, you definitely need to expose server ports in the docker-compose.yml file. I'm not aware of any method which would allow you to proxy the traffic to Arma server ports through Nginx proxy manager.

You need to add something like:

ports:
  - "2302:2302"
  - "2303:2303"

to the armaservermanager service. In your case, the file would look like this:

version: '3.3'

services:
  db:
    image: mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}"
      MYSQL_DATABASE: "${MYSQL_DB_NAME}"
      MYSQL_USER: "${MYSQL_USER}"
      MYSQL_PASSWORD: "${MYSQL_PASSWORD}"
    networks:
      - nginx-proxy-manager_default
    ports:
      - "3306:3306"
    volumes:
      - armaservermanager-db:/var/lib/mysql

  adminer:
    image: adminer
    restart: always
    networks:
      - nginx-proxy-manager_default
    ports:
      - "8090:8080"

  armaservermanager:
    image: "fugasjunior/armaservermanager:${VERSION}"
    restart: always
    #    Not available on Windows. If you need to run this image on Windows, you need to set up port mappings manually.
    # network_mode: host
    networks:
      - nginx-proxy-manager_default
    ports:
      - "2302:2302"
      - "2303:2303"
    depends_on:
      - db
    volumes:
      #      - /home/armaservermanager/storage:/home/steam/armaservermanager/
      - armaservermanager-storage:/home/steam/armaservermanager/
    environment:
      AUTH_USERNAME: "${AUTH_USERNAME}"
      AUTH_PASSWORD: "${AUTH_PASSWORD}"
      SPRING_DATASOURCE_URL: "${MYSQL_DB_URL}"
      SPRING_DATASOURCE_USERNAME: "${MYSQL_USER}"
      SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
      STEAM_API_KEY: "${STEAM_API_KEY}"
      JWT_SECRET: "${JWT_SECRET}"
      DATABASE_ENCRYPTION_SECRET: "${DATABASE_ENCRYPTION_SECRET}"

networks:
  nginx-proxy-manager_default:
    external: true

volumes:
  armaservermanager-db:
  armaservermanager-storage:

Keep in mind that if you change these ports or add more servers running on different ports, you also need to reflect the changes in the docker-compose.yml file.

By the way, great job with setting up the Nginx proxy manager! I'm using it on other projects and it would definitely be my go-to way of setting up HTTPS for the server manager now.

[CubelightCodes]

Alright I'll try that. Thank you!

[CubelightCodes]

Sorry if I am being a little stupid here, but somehow if I add your ports-configuration the main arma server manager app is not reachable over 8080 anymore. It starts, but the classic proxy host intended for the arma server manager app now points to the db adminer tool. If i add 8080 to the ports list in the yaml, I get a 502 bad gateway from nginx

[fugasjunior]

Hmm, that it weird. Have you changed anything else besides the ports for armaservermanager service?

I've tried setting this up locally and the proxy works fine with the exposed ports. I can connect to the server in Arma and I don't need to expose port 8080 from the armaservermanager service, only the ports used by the Arma server (2302 and 2303).

However, I did make a mistake in the initial instructions. By default, Docker assumes that the given ports are TCP, however, Arma server uses UDP ports which you need to specify manually. That means that the port configuration in the docker-compose.yml should look like this:

ports:
  - "2302:2302/udp"
  - "2303:2303/udp"

These are the relevant docker files: armaservermanager docker-compose.yml nginx_proxy_manager.yml

The proxy host is set up the same way as in your previous screenshot.

[CubelightCodes]

Okay I restarted all of the docker networks and containers and i get the arma server manager back over NPM. But i still cant find the gameserver ingame.

Here is a result of the command sudo lsof -i -P -n | grep LISTEN

Here is the game server log from the dashboard

16:21:31 InitSound ...
16:21:31 InitSound - complete
16:21:31 Dedicated host created.
16:21:31 PhysX3 SDK Init started ...
16:21:31 PhysX3 SDK Init ended.
16:21:34 [CBA] (xeh) INFO: [0,16.704,0] PreStart started.
16:21:34 [CBA] (settings) INFO: Userconfig: Ignored.
16:21:34 String STR_A3_C_CfgVehicles_B_HMG_02_high_weapon_F0 not found
16:21:34 String STR_A3_C_CfgVehicles_O_HMG_02_high_weapon_F0 not found
16:21:35 [ACE] (medical) INFO: Checking uniforms for correct medical hitpoints [208 units]
16:21:35 [CBA] (xeh) INFO: [0,17.873,0] PreStart finished.
16:21:37 Warning Message: You cannot play/edit this mission; it is dependent on downloadable content that has been deleted.\na3_characters_f
16:21:37 Loading movesType CfgGesturesMale
16:21:37 MovesType CfgGesturesMale load time 90.0 ms
16:21:37 Loading movesType CfgMovesMaleSdr
16:21:45 Warning: looped for animation: a3\anims_f_epa\data\anim\sdr\cts\hubcleaned\briefing\hubbriefing_loop.rtm differs (looped now 0)! MoveName: hubbriefing_ext
16:21:47 Warning: looped for animation: a3\anims_f_epa\data\anim\sdr\cts\hubcleaned\spectator\hubspectator_stand.rtm differs (looped now 1)! MoveName: hubspectator_stand_contact
16:21:47 MovesType CfgMovesMaleSdr load time 9765.0 ms
[S_API] SteamAPI_Init(): Loaded local 'steamclient.so' OK.
CAppInfoCacheReadFromDiskThread took 0 milliseconds to initialize
Setting breakpad minidump AppID = 107410
SteamInternal_SetMinidumpSteamID:  Caching Steam ID:  76561197960265728 [API loaded no]
dlmopen steamservice.so failed: steamservice.so: cannot open shared object file: No such file or directory
16:21:48 Game Port: 2302, Steam Query Port: 2303
16:21:48 Initializing Steam server - Game Port: 2302, Steam Query Port: 2303
Arma 3 Console version 2.14.150957 x64 : port 2302
16:21:48 Host identity created.
16:21:49 Connected to Steam servers

The ufw firewall seems to be disabled. I suspect the issue is the docker network somehow. I dont know how the arma 3 server is started from your app, but maybe this happens within the network itself. You originally start a host-type docker network for all your 3 containers, but mine is a brigde type network. Are you familiar with those? Maybe there is an issue.

Apart from that i already had steamcmd installed locally but I didnt use it for the setup process, as my steam account created for this purpose has no 2FA.

Thanks again for your efforts in helping! If you need further info that might not be safe to publish here, I am happy to add you on discord or some platform of your preference

[fugasjunior]

Did you make the change to the ports I mentioned so they are UDP instead of TCP? Your 2302 and 2303 are still open as TCP ports according to the screenshot you've sent, not UDP.

ports:
  - "2302:2302/udp"
  - "2303:2303/udp"

If you did, try recreating the containers (docker compose down && docker compose up -d) instead of restarting. I'm not sure whether just restart is sufficient when changing the docker-compose.yml file.

sudo lsof -i -P -n (without the grep) should show the following ports, among other ones:

[CubelightCodes]

Alright your comment fixed it! Thank you very much for this first class support of an open source project, your next beer is on me :)

[fugasjunior]

Awesome, I'm glad that worked! As to the log you've sent, the ReadTimeoutException you see are "normal" (although definitely not pretty, I'll try to get rid of these) as long as they don't keep showing up all the time. Basically, the manager tries to query the server right after its started, but it takes some time before the server is actually able to respond. So the queries fail the first couple of times, but should start responding eventually when the server is fully running. Feel free to reopen the issue if the problem shows up again. Huge thanks for the beer!