fix(landing): https + correct subdomains, drop dead CA-cert step
The guest landing page advertised http:// service URLs (mixed-content on the https origin) and the wrong packwiz subdomain: - authUrl / authlibUrl: http -> https - packwizUrl: http://packwiz. -> https://pack. (correct vhost) - serverAddress: mc. -> apex (connect to ${BASE_DOMAIN}:25565) - remove caCertUrl + the "trust the local CA" join step (airgap-only, /ca.crt no longer exists) and its en/es/eu i18n strings + type. Also fix the stale http BaseURL example in plan/03-drasl.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -24,19 +24,15 @@ export const site = {
|
|||||||
dust: true,
|
dust: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
// Connect target shown to guests. No port needed — a dnsmasq SRV record
|
// Connect target shown to guests. No port needed (defaults to 25565).
|
||||||
// (_minecraft._tcp.mc.<domain>) points clients at 25565.
|
serverAddress: `${BASE_DOMAIN}`,
|
||||||
serverAddress: `mc.${BASE_DOMAIN}`,
|
|
||||||
|
|
||||||
// Drasl auth web UI + authlib-injector API root.
|
// Drasl auth web UI + authlib-injector API root (public HTTPS).
|
||||||
authUrl: `http://auth.${BASE_DOMAIN}`,
|
authUrl: `https://auth.${BASE_DOMAIN}`,
|
||||||
authlibUrl: `http://auth.${BASE_DOMAIN}/authlib-injector`,
|
authlibUrl: `https://auth.${BASE_DOMAIN}/authlib-injector`,
|
||||||
|
|
||||||
// packwiz modpack entrypoint.
|
// packwiz modpack entrypoint (public HTTPS, pack. subdomain).
|
||||||
packwizUrl: `http://packwiz.${BASE_DOMAIN}/pack.toml`,
|
packwizUrl: `https://pack.${BASE_DOMAIN}/pack.toml`,
|
||||||
|
|
||||||
// Caddy local CA root — guests import this to trust the offline asset mirror.
|
|
||||||
caCertUrl: `http://${BASE_DOMAIN}/ca.crt`,
|
|
||||||
|
|
||||||
// Static server-list panel (Status section). No fake live count — see plan
|
// Static server-list panel (Status section). No fake live count — see plan
|
||||||
// 09-landing.md option B.
|
// 09-landing.md option B.
|
||||||
|
|||||||
@@ -54,9 +54,6 @@ export interface UI {
|
|||||||
pb: string; // after it
|
pb: string; // after it
|
||||||
copy: string;
|
copy: string;
|
||||||
registerPre: string;
|
registerPre: string;
|
||||||
caPre: string;
|
|
||||||
caLink: string;
|
|
||||||
caPost: string;
|
|
||||||
};
|
};
|
||||||
s3: { kicker: string; h: string; p: string };
|
s3: { kicker: string; h: string; p: string };
|
||||||
s4: {
|
s4: {
|
||||||
@@ -137,9 +134,6 @@ export const ui: Record<Lang, UI> = {
|
|||||||
pb: "account using this URL, then log in with your Ulicraft credentials.",
|
pb: "account using this URL, then log in with your Ulicraft credentials.",
|
||||||
copy: "Copy",
|
copy: "Copy",
|
||||||
registerPre: "Need credentials? Register at",
|
registerPre: "Need credentials? Register at",
|
||||||
caPre: "Offline party? Download and trust the",
|
|
||||||
caLink: "local CA certificate",
|
|
||||||
caPost: "so the game-file mirror works over HTTPS.",
|
|
||||||
},
|
},
|
||||||
s3: {
|
s3: {
|
||||||
kicker: "Modpack",
|
kicker: "Modpack",
|
||||||
@@ -226,9 +220,6 @@ export const ui: Record<Lang, UI> = {
|
|||||||
pb: "con esta URL y luego inicia sesión con tus credenciales de Ulicraft.",
|
pb: "con esta URL y luego inicia sesión con tus credenciales de Ulicraft.",
|
||||||
copy: "Copiar",
|
copy: "Copiar",
|
||||||
registerPre: "¿Sin credenciales? Regístrate en",
|
registerPre: "¿Sin credenciales? Regístrate en",
|
||||||
caPre: "¿Fiesta sin internet? Descarga y confía en el",
|
|
||||||
caLink: "certificado CA local",
|
|
||||||
caPost: "para que el mirror de archivos funcione por HTTPS.",
|
|
||||||
},
|
},
|
||||||
s3: {
|
s3: {
|
||||||
kicker: "Modpack",
|
kicker: "Modpack",
|
||||||
@@ -315,9 +306,6 @@ export const ui: Record<Lang, UI> = {
|
|||||||
pb: "kontu bat URL honekin, eta gero hasi saioa zure Ulicraft kredentzialekin.",
|
pb: "kontu bat URL honekin, eta gero hasi saioa zure Ulicraft kredentzialekin.",
|
||||||
copy: "Kopiatu",
|
copy: "Kopiatu",
|
||||||
registerPre: "Kredentzialik ez? Erregistratu hemen:",
|
registerPre: "Kredentzialik ez? Erregistratu hemen:",
|
||||||
caPre: "Internetik gabeko festa? Deskargatu eta fidatu",
|
|
||||||
caLink: "tokiko CA ziurtagiriaz",
|
|
||||||
caPost: "fitxategi-mirrorrak HTTPS bidez ibil dadin.",
|
|
||||||
},
|
},
|
||||||
s3: {
|
s3: {
|
||||||
kicker: "Modpacka",
|
kicker: "Modpacka",
|
||||||
|
|||||||
@@ -207,9 +207,6 @@ const dustBits = Array.from({ length: 16 }, (_, i) => {
|
|||||||
<p>
|
<p>
|
||||||
{t.join.s2.registerPre} <a href={site.authUrl}>{site.authUrl}</a>.
|
{t.join.s2.registerPre} <a href={site.authUrl}>{site.authUrl}</a>.
|
||||||
</p>
|
</p>
|
||||||
<span class="hint">
|
|
||||||
{t.join.s2.caPre} <a href={site.caCertUrl}>{t.join.s2.caLink}</a> {t.join.s2.caPost}
|
|
||||||
</span>
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ Config is **TOML only** (no env var support). So `config.toml` is rendered from
|
|||||||
## config.toml.tmpl (key fields)
|
## config.toml.tmpl (key fields)
|
||||||
|
|
||||||
```toml
|
```toml
|
||||||
BaseURL = "http://auth.${BASE_DOMAIN}"
|
BaseURL = "https://auth.${BASE_DOMAIN}" # public scheme is HTTPS (nginx TLS)
|
||||||
Domain = "auth.${BASE_DOMAIN}"
|
Domain = "auth.${BASE_DOMAIN}"
|
||||||
ListenAddress = "0.0.0.0:25585" # internal; Caddy proxies
|
ListenAddress = "0.0.0.0:25585" # internal; Caddy proxies
|
||||||
DefaultAdminUsernames = ["admin"]
|
DefaultAdminUsernames = ["admin"]
|
||||||
|
|||||||
Reference in New Issue
Block a user