feat(dnsmasq): SRV record so clients connect to mc.<domain> without a port

Minecraft is a custom TCP protocol, not HTTP, so the no-port UX is solved with
a DNS SRV record (_minecraft._tcp.mc.<domain> -> :25565) rather than an HTTP
reverse proxy. Landing page now shows the bare address.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-24 05:08:07 +02:00
parent d6e7504d6e
commit df8561c798
2 changed files with 9 additions and 2 deletions

View File

@@ -3,6 +3,12 @@
address=/${BASE_DOMAIN}/${HOST_LAN_IP}
no-resolv
# Minecraft SRV record: guests connect to "mc.${BASE_DOMAIN}" with NO port —
# the SRV lookup points the client at port 25565. Target mc.${BASE_DOMAIN}
# resolves to HOST_LAN_IP via the wildcard above.
# Format: srv-host=_service._proto.name,target,port
srv-host=_minecraft._tcp.mc.${BASE_DOMAIN},mc.${BASE_DOMAIN},25565
# Full client air-gap (see plan/11-full-airgap-mirror.md): spoof the real
# upstream hosts -> our Caddy mirror. Auth hosts (session/textures/api.mojang)
# are NOT spoofed — drasl handles those via authlib-injector. Keep this list in

View File

@@ -7,8 +7,9 @@ export const site = {
tagline: "LAN-party Minecraft server",
baseDomain: BASE_DOMAIN,
// Connect target shown to guests.
serverAddress: `mc.${BASE_DOMAIN}:25565`,
// Connect target shown to guests. No port needed — a dnsmasq SRV record
// (_minecraft._tcp.mc.<domain>) points clients at 25565.
serverAddress: `mc.${BASE_DOMAIN}`,
// Drasl auth web UI + authlib-injector API root.
authUrl: `http://auth.${BASE_DOMAIN}`,