diff --git a/docker-compose.yml b/docker-compose.yml index 8aa0c92..ae13029 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,13 @@ # ────────────────────────────────────────────────────────────────── -# Minecraft 1.21.1 NeoForge + Drasl auth (with Keycloak OIDC) +# Ulicraft LAN-party stack — Minecraft 1.21.1 NeoForge + Drasl auth # ────────────────────────────────────────────────────────────────── -# Assumes: -# - Keycloak is already running and reachable at https://keycloak.home.local -# - AdGuard Home resolves drasl.home.local -> this host's LAN IP -# - This host's LAN IP is on the same segment as the LAN party +# Topology (single source of config: BASE_DOMAIN + HOST_LAN_IP in .env): +# - dnsmasq resolves *.${BASE_DOMAIN} -> HOST_LAN_IP for guest laptops +# - caddy is the only HTTP ingress; holds mcnet aliases so the stack +# resolves auth.${BASE_DOMAIN} / packwiz.${BASE_DOMAIN} internally too +# - drasl handles auth (password login; NO Keycloak/OIDC in this stack) +# - packwiz pack is served by caddy at packwiz.${BASE_DOMAIN} +# - minecraft installs mods via PACKWIZ_URL, authlib-injector -> auth. # ────────────────────────────────────────────────────────────────── services: @@ -73,6 +76,7 @@ services: EULA: "TRUE" TYPE: "NEOFORGE" VERSION: "1.21.1" + # Verify NEOFORGE_VERSION against projects.neoforged.net before deploy. NEOFORGE_VERSION: "21.1.209" # pin a known-good build; update deliberately # ── Memory / performance ──────────────────────────────────── @@ -84,7 +88,7 @@ services: # ── Auth: offline mode + authlib-injector pointing at Drasl ─ ONLINE_MODE: "FALSE" # mount authlib-injector.jar at /extras/authlib-injector.jar - JVM_OPTS: "-javaagent:/extras/authlib-injector.jar=http://drasl.home.local:25585/authlib-injector" + JVM_OPTS: "-javaagent:/extras/authlib-injector.jar=http://auth.${BASE_DOMAIN}/authlib-injector" # ── Server config ─────────────────────────────────────────── DIFFICULTY: "normal" @@ -96,12 +100,8 @@ services: ENFORCE_SECURE_PROFILE: "FALSE" # required for authlib-injector on 1.21+ ALLOW_FLIGHT: "TRUE" # many tech mods need this - # ── Mod sources (Modrinth recommended over CF) ────────────── - MODRINTH_PROJECTS: "@/extras/modrinth-mods.txt" - MODRINTH_DOWNLOAD_DEPENDENCIES: "required" - # Optional, only if you need CF-exclusive mods: - # CF_API_KEY: ${CF_API_KEY} - # CURSEFORGE_FILES: "@/extras/cf-mods.txt" + # ── Mod source: packwiz pack served by caddy ──────────────── + PACKWIZ_URL: "http://packwiz.${BASE_DOMAIN}/pack.toml" # ── RCON for remote admin ─────────────────────────────────── ENABLE_RCON: "TRUE" @@ -111,9 +111,10 @@ services: TZ: "Europe/Madrid" volumes: - mc_data:/data - - ./extras:/extras:ro # authlib-injector.jar + mod lists live here + - ./runtime:/extras:ro # authlib-injector.jar lives here depends_on: - drasl + - caddy # packwiz pack is served by caddy networks: - mcnet