Password on Bot Server missing in version 2.0.

[bacrossland]

I was running a bot using version 1.9 and it had the option of setting a password on the server by passing the flag -Ptriplea.server.password="$BOT_PASSWORD" at start. In 2.0, the flag is still accepted because triplea.server.password is still a property however it is not honored when running in headless mode.

Checking the code for game-core/src/main/java/org/triplea/game/server/HeadlessGameServer.java there is nothing that deals with server password.

Was the feature of running a headless server with a password removed deliberately or is this a feature that was missed in porting from 1.9?

[Cernelius]

At least previous to TripleA 2 (but maybe not immediately so (maybe this is something even before 1.9)), there were at least 2 passwords for automated hosts. One was for making the host otherwise inaccessible to anyone trying to join it and the other one was for otherwise disabling moderators to operate on the host (like disconnecting users from it). The first password made the automated host substantially private while the second password would inhibit moderators (not knowing the password) from doing stuff to it.

[bacrossland]

It's the first password, making the automated host substantially private, that is not working. The second password, for moderators, appears to still work.

[DanVanAtta]

The removal was intentional. The reasoning is that we do not get very many long-lived bots, the concept of 'private-bots' is not something we fully want when we have a number of bots we host ourselves. FWIW we try to avoid a "premium lane" and allow all features to be available to all users. Secondarily, we don't see many independent bot hosts, and we typically do not see them hosting bots for the long-term. As such, password feature on bots is just not used heavily. I don't think we can trace back to any original requirements to have it, very likely it was 'thrown in' to have parity to game hosts, but I'm not sure if we ever considered "do we really need this feature?"

The moderator password functionality likely should be removed as well since. AFAIK it's not used, bots will respond to commands issued to them via the lobby from moderators regardless of any moderator password.

[bacrossland]

Interesting. I used a long lived 1.9 private bot that I hosted on AWS for the last 35 days. It had a password on it solely to make sure it was not hijacked by players that were not supposed to be on that server since the players who were using it were not on it every night. I hosted the private bot because there didn't appear to be any way to run a server in headless mode without making it a bot. Looking at the code for headless server, it still has the code that forces you only to run it as a bot.

The game that server was running originally started out hosted by another player. Since not all the players could play at the same time it required that the player whose turn it was and the host had to coordinate times. The slightest interruption to the host machine (power, internet, kids, resource shortage, etc.) and the host went offline. Couple that with scheduling conflicts and the frustration level was high. The host quit the game (temporarily) sighting those issues of hosting as taking away from the fun of playing. Moving to server fixed all of that.

I understand the desire not to have passwords on the bots. Is it on the road map to allow for running a non-bot private server or should I add that as a feature request?

[Cernelius]

So it was practically for playing PBEM style, but always online. I guess most times a single user would take all the factions, when it was the turn of the faction which was supposed to be assigned to him/her? I'm curious how you were dealing with casualties selection. The idea itself seems smart, and it seems a good compromise between live play and PBEM.

I tend to think such hosts, rather than only passworded, should also be non-connected to the lobby (accessible through direct connection) (practically, you would need to know and imput the port, the IP and the password).

[DanVanAtta]

Is it on the road map to allow for running a non-bot private server or should I add that as a feature request?

I believe that should be possible today. If you host, either on lobby, or directly, you can add a password. Let me know if I'm missing something.

[bacrossland]

I guess most times a single user would take all the factions, when it was the turn of the faction which was supposed to be assigned to him/her?

Yes. We went with an honor system and selected only default casualties. Defending subs always submerged if possible. We emailed the group at the end of every turn to say who was up next. If another player could be online when you were then you both took your own positions. Ideally it was one player from each faction so you each took your factions positions for casualty selection.

The honor system worked mainly because this group of players have been playing together offline for years. I can only recall needing to edit the game once in all 18 turns and that was because a player forced a defending sub to stay when it should have submerged.

[bacrossland]

I tend to think such hosts, rather than only passworded, should also be non-connected to the lobby (accessible through direct connection) (practically, you would need to know and imput the port, the IP and the password).

Exactly. We had one player that was having an issue logging into the lobby. I walked him through using the Connect to Network Game to connect to the server directly. He used that for the rest of the game.

Having the server listed in the lobby was nice because most players went there to connect. It made sense to them since the server is "online" and we were playing "online".

[bacrossland]

I believe that should be possible today. If you host, either on lobby, or directly, you can add a password. Let me know if I'm missing something.

It's possible but you have to have the UI running. On a headless server there is no UI. That is key, running with no UI. Running headless doesn't have the password option and also blocks you from running as a "non-bot" server (https://github.com/triplea-game/triplea/blob/master/game-core/src/main/java/org/triplea/game/server/HeadlessGameServer.java#L340).

[DanVanAtta]

@bacrossland how often has this come up as a problem? I understand the use-case now, admittedly it is interesting. I'm just consdering the ROI here. Eventually we'd want the bot servers to be transparently hosted on the lobby whenever you host a game if the network rules are not there for a player. So I'm wondering if it's just as well to "kick" players out of your bot server when needed by simply asking them to and/or restarting the bot. Generally bots are meant to be available to all players and enough of them that always some are available. WDYT?

[Cernelius]

I think that, rather than a password, the feature for this issue would be making every automated host able not to connect to the lobby.

I would remove both passwords from every automated host if not yet. I think they are substantially incompatible with the current rules, especially the password for disabling moderators to operate on the host (of course, this can be solved by modifying the rules, instead).

[DanVanAtta]

AFAIK the 'moderator password' is no longer active (or even perhaps there).

Having headless game hosts for non-lobby play, interesting, but really just not sure if worth the ROI.

[bacrossland]

@DanVanAtta for the players I play with the issue is all the time. They don't want to use a public Bot because there is no way to secure the game so you can leave it up and come back to it. Hosting privately on another person's machine at home runs into issues of stable connections as well as non-technical players not understanding what they need to change in their home networks to make that happen. Some don't manage their own network equipment (their ISP does) or they don't have the skills to know where to begin. I have one player who twice now has locked his TripleA account out from the Lobby trying to host. I still don't understand how he does it.

So maybe the solution here is not to change the Bot code but to allow a game to be hosted headless by a player. That hosted headless game would have the same features that you get by hosting locally just minus the integrated UI. The player running it would be able to connect with their client and manage it. Other players connect with their client to play. It becomes more of a client server model for play.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. If there is something that can be done to resolve this issue, please add a comment indicating what that would be and this issue will be re-opened. If there are multiple items that can be completed independently, we encourage you to use the "reference in new issue" option next to any outstanding comment so that we may divide and conquer.

[ashleyghooper]

I'm also trying to host a game for myself and one or two friends, and noticed that with version 2.x the triplea.server.password argument is no longer honoured.

Since triplea.lobby.uri is required, is there really no way to run a private headless server?

[bacrossland]

There is no way using the current 2.* code. I do it running a modified version of the code that I keep on a separate branch on my fork of the main code. That modified version has the password feature still enabled. It allows me to do exactly what you are asking for @ashleyghooper.

If this is a feature you and others want back in, I suggest the request for it get posted on the triplea forums.