Site News

This is a somewhat longer post, not merely site news, but also some background about what is going on with the Portal, and why things are the way they are. Please read on after the divider…

First, a few words about myself, to give some background on where I am coming from and why my goals with the Portal are what they are. You all know me as Andi; I am currently the owner and operator of Rondak’s Portal after Rondak himself retired from running the site several years ago. Professionally, I am a systems engineer for a company specializing in EFC (Electronic Fare Collection) systems used by various public transport agencies. If you have ridden the public transit system in Seattle, WA, in Salt Lake City, UT, in Dallas, TX, in Edmonton, AB, Canada, in Beijing, Shanghai, Bangkok, Stockholm, on the Stagecoach system in the UK and on various smaller agencies around the world, you have come in contact with my employer’s, if not my personal work. In particular, I am in charge of the core infrastructure services for the Americas, ranging from web and mail servers over databases to authentication services. In particular, I am responsible for maintaining the compliance of our central database instances with PCI-DSS security standards.

As I said earlier, I took over Rondak’s Portal several years ago, when Rondak decided he had had enough of running it and wanted it out of his basement. The site has been under reconstruction since, with numerous false starts in development as I attempted to figure out how to do things the Right Way. I finally think I am making headway, so I want to share where the Portal came from, and where it is going.

The original code dates back to 1997 / 1998. Rondak was setting up a web site to use for continuing to play RPGs with his personal friends as the group found less and less opportunity for in-person gaming. It has existed since then, with more or less reach among the gaming community.

Architecturally speaking, Rondak’s Portal as it currently exists is a mixture of technologies, employing static HTML pages, Perl and C-based CGI programs, PHP scripts and a bolted-on forum written in PHP but independent of the core code. All of this runs on top of a MySQL database holding all the information of the site. Originally, all of this operated out of a single Apache HTTPd 1.3 server instance exposed directly to the internet.

Since I took over Rondak’s Portal, I have made several changes to improve on that architecture. Primarily, I split up Rondak’s Portal across three virtual machines, each with a dedicated role. There is now a dedicated database server communicating with the rest of the application solely through MySQL client connections; there is an application server hosting the Portal’s actual code; and there is a front-end server doing SSL termination and basic request filtering. The application server has also been split up, with static pages, CGI programs and PHP now being served out of different applications and different file system locations, to keep them separate. I have also enabled tighter validation of MySQL queries; this is what led to the recent spree of bugs involving the database code.

User authentication on Rondak’s Portal is basic HTTP authentication – you all know the old-style broswer logon windows that noone but the Portal uses any more.

My goal for Rondak’s Portal is to modernize its infrastructure as well as presentation. I aim to run the entirety of the Portal out of a single C++17 application server, rather than the current mix of technologies; I want to move authentication from basic HTTP authentication to OAuth 2.0, which will allow federation of accoutns – that is, people will be able to log in with Google, MSN and Facebook accounts; I might add other providers if there is an interest and they support OAuth 2. I aim to cleanly separate Portal UI and Portal logic, to allow both for easier development of UI skins, and allow me to support various devices and form factors, rather than a single page suitable for a desktop broswer.

Since this a news post, as promised, there are some news – I have completed my current work on infrastructure code and am back to writing actual user-facing application code. Specifically, I am working on getting the authentication server component to work. I am still hopeful I will have a pre-alpha demo in a state to show off by summer.