From 14ef545bbbb7e9609c61b1bb53be6ad2ca9cf6cf Mon Sep 17 00:00:00 2001 From: Oier Bravo Urtasun Date: Thu, 11 Jun 2026 09:38:28 +0200 Subject: [PATCH] chore: remove pack (packwiz) service and subdomain The pack service was already gone from compose/caddy and the landing is off packwiz. Remove the remaining live references: the pack. TLS vhost in the host nginx template, pack from LE_SUBDOMAINS, and stale docs in README and CLAUDE.md. Co-Authored-By: Claude Opus 4.8 (1M context) --- .env.example | 4 ++-- CLAUDE.md | 5 ++--- README.md | 28 +++++++++++++--------------- nginx/ulicraft-caddy.conf.tmpl | 23 ++--------------------- 4 files changed, 19 insertions(+), 41 deletions(-) diff --git a/.env.example b/.env.example index 8204ee6..bb91e64 100644 --- a/.env.example +++ b/.env.example @@ -2,7 +2,7 @@ # Single base domain for the whole stack; every service is a subdomain of this. # DNS is handled OUTSIDE this repo — point ${BASE_DOMAIN} and every subdomain -# (auth. pack. avatar. status. distribution. www.) at the host running nginx. +# (auth. avatar. status. distribution. www.) at the host running nginx. BASE_DOMAIN=ulicraft.net RCON_PASSWORD=change-me-to-something-random @@ -56,7 +56,7 @@ DISTRIBUTION_WEB_ROOT=/home/oier/projects/mc-mods/ulicraft-group/ulicraft-distri # Only needed to issue real TLS certs. DNS-01 needs no inbound ports. LE_EMAIL=you@example.com # space-separated subdomains; apex ${BASE_DOMAIN} is always included -LE_SUBDOMAINS=auth pack distribution www avatar status +LE_SUBDOMAINS=auth distribution www avatar status # OVH API creds (DNS zone write). Create at https://eu.api.ovh.com/createToken/ # OVH_CK can be blank on first run — acme.sh prints an auth URL, then paste it. OVH_END_POINT=ovh-eu diff --git a/CLAUDE.md b/CLAUDE.md index 7aa413c..70a498a 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -23,7 +23,7 @@ with `plan/` or the code, those win. One unified `docker-compose.yml`. The host's own nginx terminates TLS (Let's Encrypt) and reverse-proxies every vhost to caddy (published localhost-only) by Host header. caddy is the internal router; containers reach the stack's own names -via caddy's `mcnet` aliases (`auth.`, `pack.`). +via caddy's `mcnet` aliases (`auth.`). ``` Internet ── host nginx (TLS, LE certs, HSTS) ──► caddy (127.0.0.1:8880) @@ -119,8 +119,7 @@ mirrored at apex `/launcher/`. Per guest: `https://auth.${BASE_DOMAIN}/authlib-injector` (register/login at `https://auth.${BASE_DOMAIN}`). 3. The launcher installs the modpack from the distribution (`distribution.json`). - (NOTE: packwiz/`pack.` removed — the landing join step still references a - packwiz URL and needs reworking around the launcher/distribution flow.) + (packwiz and the `pack.` service/subdomain have been fully removed.) 4. Connect to `${BASE_DOMAIN}` (`:25565`). ## Open / Pending Work diff --git a/README.md b/README.md index d6245bc..152e0a3 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ # Ulicraft Server Self-hosted modded Minecraft (NeoForge 1.21.1) with self-hosted auth/skins -(Drasl), a packwiz modpack, avatar rendering, a guest landing page, and uptime -monitoring. One unified `docker-compose.yml` runs the whole stack behind the -host's nginx + Let's Encrypt. +(Drasl), a distribution-fed modpack, avatar rendering, a guest landing page, and +uptime monitoring. One unified `docker-compose.yml` runs the whole stack behind +the host's nginx + Let's Encrypt. ## Stack @@ -22,7 +22,6 @@ Vhosts (all proxied through the host nginx → caddy): - apex `${BASE_DOMAIN}` — landing page + `/launcher/` downloads - `auth.` — Drasl -- `pack.` — packwiz metadata + `/custom/` jars - `avatar.` — NMSR - `status.` — Uptime Kuma - `distribution.` — static site from another repo (`DISTRIBUTION_WEB_ROOT`) @@ -33,12 +32,11 @@ Config lives in `.env`: `BASE_DOMAIN`, `RCON_PASSWORD`, `CADDY_HTTP_PORT` / ## DNS Handled **outside this repo**. Point `${BASE_DOMAIN}` and every subdomain -(`auth. pack. avatar. status. distribution. www.`) at the host running nginx. +(`auth. avatar. status. distribution. www.`) at the host running nginx. ## Prerequisites -Docker + Docker Compose; for prep also `pnpm`, `packwiz`, `jq`, `curl`, -`envsubst`. +Docker + Docker Compose; for prep also `pnpm`, `jq`, `curl`, `envsubst`. ## Launch @@ -46,7 +44,8 @@ Docker + Docker Compose; for prep also `pnpm`, `packwiz`, `jq`, `curl`, cp .env.example .env # set BASE_DOMAIN, RCON_PASSWORD, DISTRIBUTION_WEB_ROOT # One-time / on change — render configs + build content: -tooling/render-config.sh # drasl + nmsr + packwiz configs from *.tmpl +tooling/render-config.sh # drasl + nmsr configs from *.tmpl +tooling/sync-server-mods.sh # filtered server mods → ./server-mods ( cd landing && pnpm install && BASE_DOMAIN="$BASE_DOMAIN" pnpm run build ) # → www/ tooling/fetch-launcher.sh # FjordLauncher assets → launcher/ (served at /launcher/) tooling/fetch-authlib.sh # authlib-injector.jar → runtime/ (server JVM agent) @@ -55,7 +54,7 @@ docker compose up -d --build # first run installs NeoForge + mods, builds nms docker compose down # stop ``` -First boot: itzg installs NeoForge + the packwiz mods into the `mc_data` volume; +First boot: itzg installs NeoForge + the synced server mods into the `mc_data` volume; nmsr does a one-time Rust compile. Watch `docker compose logs -f minecraft` until `Done`. @@ -69,7 +68,7 @@ certs and reverse-proxies every vhost to caddy by Host header. HTTPS-only: HTTP 1. **Issue certs** (OVH DNS-01, no inbound ports needed): ```sh # .env: BASE_DOMAIN, LE_EMAIL, OVH_* creds, - # LE_SUBDOMAINS="auth pack distribution www avatar status" + # LE_SUBDOMAINS="auth distribution www avatar status" tooling/issue-letsencrypt.sh # → certs//{cert,key}.pem ``` @@ -120,7 +119,6 @@ persists in the `kuma_data` volume): | Minecraft | Minecraft Server | `minecraft` : `25565` | | Drasl auth | HTTP(s) | `https://auth.${BASE_DOMAIN}` | | Landing (apex) | HTTP(s) | `https://${BASE_DOMAIN}` | -| Packwiz | HTTP(s) | `https://pack.${BASE_DOMAIN}` | | Distribution | HTTP(s) | `https://distribution.${BASE_DOMAIN}` | | Avatar (NMSR) | HTTP(s) | `https://avatar.${BASE_DOMAIN}` | @@ -161,7 +159,7 @@ Wired in `landing/src/data/site.ts` (`statusApi`) and `caddy/conf.d/10-static.ca 2. Add an **authlib-injector** account, URL `https://auth.${BASE_DOMAIN}/authlib-injector` (register/login at `https://auth.${BASE_DOMAIN}`). -3. Import the pack: `https://pack.${BASE_DOMAIN}/pack.toml`. +3. The launcher installs the modpack from the distribution automatically. 4. Connect to **`${BASE_DOMAIN}`** (Minecraft, `:25565`). ## Layout @@ -173,11 +171,11 @@ caddy/Caddyfile + conf.d/*.caddy # ingress vhost snippets drasl/config/config.toml.tmpl # auth config (rendered) nmsr/config.toml.tmpl # avatar renderer config, Drasl-backed (rendered) docker/nmsr/ # built-from-source NMSR image -pack/ # packwiz modpack source landing/ # Astro site → www/ launcher/ # FjordLauncher assets (gitignored) -tooling/ # render-config, render-pack, render-nginx, - # issue-letsencrypt, fetch-launcher, add-custom-mod +server-mods/ # filtered server mod jars (synced, gitignored) +tooling/ # render-config, sync-server-mods, render-nginx, + # issue-letsencrypt, fetch-launcher nginx/ulicraft-caddy.conf.tmpl # host-nginx TLS vhost template (front of caddy) plan/ # design docs ``` diff --git a/nginx/ulicraft-caddy.conf.tmpl b/nginx/ulicraft-caddy.conf.tmpl index b297fbb..e88949c 100644 --- a/nginx/ulicraft-caddy.conf.tmpl +++ b/nginx/ulicraft-caddy.conf.tmpl @@ -30,13 +30,12 @@ upstream ulicraft_caddy { server { listen 80; listen [::]:80; - server_name ${BASE_DOMAIN} www.${BASE_DOMAIN} auth.${BASE_DOMAIN} pack.${BASE_DOMAIN} distribution.${BASE_DOMAIN} avatar.${BASE_DOMAIN} status.${BASE_DOMAIN}; + server_name ${BASE_DOMAIN} www.${BASE_DOMAIN} auth.${BASE_DOMAIN} distribution.${BASE_DOMAIN} avatar.${BASE_DOMAIN} status.${BASE_DOMAIN}; return 301 https://$host$request_uri; } # One TLS server block per name (each has its own LE cert). All proxy to caddy; -# caddy routes by the forwarded Host header (apex -> www, auth -> drasl, -# pack -> packwiz files). +# caddy routes by the forwarded Host header (apex -> www, auth -> drasl). server { listen 443 ssl http2; listen [::]:443 ssl http2; @@ -90,24 +89,6 @@ server { } } -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - server_name pack.${BASE_DOMAIN}; - - ssl_certificate ${APP_DIR}/certs/pack.${BASE_DOMAIN}/cert.pem; - ssl_certificate_key ${APP_DIR}/certs/pack.${BASE_DOMAIN}/key.pem; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - location / { - proxy_pass http://ulicraft_caddy; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - server { listen 443 ssl http2; listen [::]:443 ssl http2;