From df8561c798476cd47fc32bfb00b6cdec5f28590b Mon Sep 17 00:00:00 2001 From: Oier Bravo Urtasun Date: Sun, 24 May 2026 05:08:07 +0200 Subject: [PATCH] feat(dnsmasq): SRV record so clients connect to mc. without a port Minecraft is a custom TCP protocol, not HTTP, so the no-port UX is solved with a DNS SRV record (_minecraft._tcp.mc. -> :25565) rather than an HTTP reverse proxy. Landing page now shows the bare address. Co-Authored-By: Claude Opus 4.7 (1M context) --- dnsmasq/dnsmasq.conf.tmpl | 6 ++++++ landing/src/data/site.ts | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/dnsmasq/dnsmasq.conf.tmpl b/dnsmasq/dnsmasq.conf.tmpl index 911ab9f..2ed0f7d 100644 --- a/dnsmasq/dnsmasq.conf.tmpl +++ b/dnsmasq/dnsmasq.conf.tmpl @@ -3,6 +3,12 @@ address=/${BASE_DOMAIN}/${HOST_LAN_IP} no-resolv +# Minecraft SRV record: guests connect to "mc.${BASE_DOMAIN}" with NO port — +# the SRV lookup points the client at port 25565. Target mc.${BASE_DOMAIN} +# resolves to HOST_LAN_IP via the wildcard above. +# Format: srv-host=_service._proto.name,target,port +srv-host=_minecraft._tcp.mc.${BASE_DOMAIN},mc.${BASE_DOMAIN},25565 + # Full client air-gap (see plan/11-full-airgap-mirror.md): spoof the real # upstream hosts -> our Caddy mirror. Auth hosts (session/textures/api.mojang) # are NOT spoofed — drasl handles those via authlib-injector. Keep this list in diff --git a/landing/src/data/site.ts b/landing/src/data/site.ts index 9ff939d..19f4a3e 100644 --- a/landing/src/data/site.ts +++ b/landing/src/data/site.ts @@ -7,8 +7,9 @@ export const site = { tagline: "LAN-party Minecraft server", baseDomain: BASE_DOMAIN, - // Connect target shown to guests. - serverAddress: `mc.${BASE_DOMAIN}:25565`, + // Connect target shown to guests. No port needed — a dnsmasq SRV record + // (_minecraft._tcp.mc.) points clients at 25565. + serverAddress: `mc.${BASE_DOMAIN}`, // Drasl auth web UI + authlib-injector API root. authUrl: `http://auth.${BASE_DOMAIN}`,