Commit Graph

120 Commits

Author SHA1 Message Date
08fe8c9c53 docs(files): record the general.host trap + that a green monitor proves nothing
Propagate the bare-hostname fix (10b86ae) to the docs that still said "three
traps", and write down the meta-lesson it exposed.

The bug was invisible to every check we had: Filestash strips the scheme
before its own Host check, so `curl /` returned 200, the API answered, wrong
passwords were rejected, and the brand-new Uptime Kuma HTTP monitor stayed
green — while the SPA computed `http://https://files...` and no browser could
use the site. An HTTP monitor asserts "server returned 200", which is a much
weaker claim than "the app works".

- CLAUDE.md / README: four traps now, host-scheme first; add the post-change
  check (`/api/config` → origin must be the real https URL).
- 19-routes: login form only renders at ?action=redirect (a bare 303 is
  normal, not a bug); assert origin after config changes.
- 10-uptime-kuma: an HTTP monitor cannot see an SPA break — use a Keyword
  monitor if you want teeth, and don't read green as "users can log in".

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-14 18:31:46 +02:00
10b86ae23e fix(files): general.host must be a bare hostname, not a URL
The SPA computes its redirect origin as (force_ssl ? "https://" : "http://")
+ general.host. With host set to "https://files.${BASE_DOMAIN}" that produced
"http://https://files.ulicraft.net", so every client-side redirect broke and
the page never routed anywhere.

Server-side this was invisible: SecureOrigin strips the scheme before the
Host check, so `curl /` returned 200, the API answered, and the uptime
monitor stayed green — only real browsers failed. The tell is a
`POST /report?...msg=Redirecting to http://https://...` line in the log.

Set host to the bare hostname and force_ssl=true (which the origin needs to
build https://, and which only emits an HSTS header — it does not redirect,
so it can't loop behind the plain-http nginx→caddy hop).

Verified: origin is now "https://files.ulicraft.net"; login + ls still work.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-14 18:27:42 +02:00
cd79b0e540 docs(files): document filestash across plan/README/deploy skill
Fold files./filestash into the docs that carry the service list, the vhost
map and the deploy procedure — README stack table, 00-overview, 02-caddy,
12-build-order, 14-deploy, and the deploy skill.

Two real gaps the filestash deploy exposed, now guardrails in the skill:
- update-all.sh never touches host nginx, so a NEW SUBDOMAIN silently 404s
  after deploy. It needs issue-letsencrypt.sh + render-nginx.sh --install.
- a new service with ${FOO:?} guards fails the WHOLE compose file, so a
  missing .env var means `up` starts nothing — and --hard has already run
  `down`. Check the host's .env BEFORE tearing the stack down.

Also: filestash/config.json is a single-file bind mount re-rendered every
run, so a rolling update-all leaves it on a stale inode (same trap as the
caddy conf) — force-recreate after any FILES_* change.

Correct the cochi divergence section: `git diff HEAD` on the host is now
empty (verified this deploy — the ff-pull succeeded). The documented
docker-compose.yml/package.json divergence was converged; only untracked
dnsmasq/, caddy-root-ca.crt and a stale pack/ remain. The stash-pull-pop
procedure it prescribed is no longer needed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-14 18:23:18 +02:00
25df9f9398 feat(files): add Filestash player file share at files.${BASE_DOMAIN}
One shared login (htpasswd) for all players, writable. Config is rendered
from a template and mounted read-only, so git stays authoritative — the
admin console loads but cannot save, by design.

Filestash's OIDC/SAML middlewares are enterprise-only, so Keycloak SSO is
out; FILES_AUTH keeps htpasswd/passthrough switchable for later. Auth-off
(passthrough) is only valid once the host is off the public internet —
render-config.sh warns loudly when rendering it.

Three traps, all found by testing against the pinned image:
- the `local` backend is admin-gated: without LOCAL_BACKEND_SECRET in the
  connection params every login fails with "backend error - Not Allowed"
- the htpasswd plugin only accepts $2a$ bcrypt, so a $2y$ hash from
  `htpasswd -B` fails every login silently — use `openssl passwd -6`.
  render-config.sh rejects the wrong format rather than shipping it
- APPLICATION_URL/ADMIN_PASSWORD env make filestash rewrite config.json at
  boot, which fails on the :ro mount — both live in the rendered config

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-14 18:08:46 +02:00
1958a96acf chore(mods): classify 11 new distribution mods
Distribution added 11 jars. classify-mods.py seeds all as `both`
(none declare CLIENT in neoforge.mods.toml). Hand-flip the two
pure-client cosmetic ones so sync-server-mods.sh drops them:

- ExtremeSoundMuffler: client-side sound muffling UI
- ToastControl: client-side toast popup suppression

Rest stay `both` — Placebo/moonlight/caelus are libs, and
amendments/etched/fishingoverhaul/immersive_paintings/
createornithopterglider/emotecraft add server-side content or sync.

Also map iris as `client`. It is referenced by distribution.json but
absent from the local (gitignored) dist jar dir, so classify-mods.py
never sees it; mapping it keeps mods-sides.json aligned with the
manifest. Client-only, so the sync selection is unchanged.

server-mods/ now 130 jars (was 123).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-09 20:29:35 +02:00
e45ce210ba docs(mc): document Simple Voice Chat voice_host gotcha + commit prod snapshot
voice_host lives in the mc_data volume and regenerates empty on world wipe,
silently breaking remote voice (secret sent, UDP handshake never completes →
red icon). Document the set/restore steps and the VPN-client false-positive
(Cloudflare One/WARP, FortiClient drop voice UDP). Add a known-good prod
snapshot at server-configs/voicechat-server.properties (voice_host=ulicraft.net).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 23:16:02 +02:00
d12071df04 fix(mc): ONLINE_MODE=true — authlib-injector needs online handshake for skins
online-mode=false made the server skip the online-auth handshake entirely, so
authlib-injector never validated sessions against Drasl: players got offline-hash
UUIDs and no skin textures (everyone Steve). authlib-injector's whole purpose is
to redirect the *online* handshake from Mojang to Drasl, so online-mode must be
true; only the 1.21+ secure profile stays off (ENFORCE_SECURE_PROFILE=false +
Drasl SignPublicKeys=false). Correct the conflation in CLAUDE.md and
plan/05-minecraft.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 22:34:47 +02:00
a67b9cf59e fix(mc): mount only kubejs source subdirs ro, keep kubejs root writable
Mounting the whole kubejs dir read-only made KubeJS's BaseProperties.save()
throw NPE on boot (it writes config/cache/generated/logs under kubejs/),
so KubeJS never initialised. Bind only the source subdirs (server_scripts,
startup_scripts, data, assets) read-only and let the kubejs root live
writable in mc_data.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 22:01:07 +02:00
d303d23d18 feat(mc): mount distribution kubejs + CustomSkinLoader into server
The minecraft container only received forgemods jars via ./server-mods.
The distribution's files/kubejs (server_scripts, data, startup_scripts)
and CustomSkinLoader never reached the server, so server-side kubejs
recipes/scripts were silently absent.

Bind-mount both from DISTRIBUTION_WEB_ROOT (read-only, to avoid the
server polluting the client distribution with kubejs-generated files).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 21:53:47 +02:00
614e47598b chore(mods): repoint rechiseled (both) + fusion (client) to fixed jars
Distribution replaced the wrong-version jars: rechiseled now
mc1.21 (gate [1.21,1.21.2) — valid for 1.21.1, no longer the broken
mc1.21.11 build) so back to `both`; fusion bumped 1.3.2a→1.3.2b, stays
`client` (resource-pack texture feature). Dropped the two stale entries.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-22 23:39:09 +02:00
69871c8a93 fix(mods): drop rechiseled from server — wrong MC version
rechiseled-1.2.5-neoforge-mc1.21.11.jar targets Minecraft 1.21.11 /
NeoForge 21.11, not this server's 1.21.1 / 21.1.233. As `both` it crashed
the server at pre-load (FATAL ModLoader: requires minecraft 1.21.11). Mark
`client` to exclude it from server-mods so the server boots.

NOTE: the jar is still wrong-version for clients too (same gate) — it must
be removed from / replaced in the distribution to be usable at all.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-22 23:36:03 +02:00
015bf7fbe3 chore(mods): classify fusion (client) + rechiseled (both)
Two new distribution mods. rechiseled adds decorative blocks → both
(server needs the block registry). fusion is a client-only resource-pack
texture/model feature (no blocks/logic) → client, so sync drops it from
server-mods.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-22 23:31:25 +02:00
d0bc81f0f7 chore(mods): classify ulicraftmod as both
New custom mod ulicraftmod-1.21.1-1.0.0-6.0.10 added to the distribution;
content mod (server + client), so both.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-22 23:07:26 +02:00
35be2e6b76 docs(plan): scrub stale pack subdomain + packwiz from live-arch docs
The pack./packwiz service was removed operationally long ago, but several
plan docs still presented pack. as a live caddy vhost / DNS subdomain and
render-pack.sh as a current tool. Remove those references from the
current-architecture docs (overview, caddy, tooling, uptime-kuma,
letsencrypt, mc-backup); leave the migration log (04-mods.md), superseded
banner (04-packwiz.md), commit history (12-build-order.md), and planned
landing rework (18) intact as deliberate history.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-22 20:15:22 +02:00
33b9ebc7f6 feat(landing): slim status section, hero, and server-card icon
- Remove the stat-grid from the status section (server card only); prune the
  now-orphaned site.stats, MOD_COUNT_KEY, statLabels (3 locales), and
  .stat-grid/.tile CSS.
- Empty-roster message -> "Nobody online", now localized (status.empty in
  en/es/eu) and wired to both ServerCard instances.
- Flatten the server-card icon (drop the inset emboss bevel on .sc-icon).
- Drop "Solo LAN" (hero metaLan) from the hero meta row; prune metaLan (3 locales).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-21 19:45:19 +02:00
b9929da54d chore(mods): add geckolib + terrablender (Yungs worldgen deps)
YUNG's Cave Biomes hard-requires geckolib>=4.7.6 and terrablender>=4.1.0.8;
both now in the distribution. Classified both (server worldgen libs).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-21 19:21:56 +02:00
36c28362bc chore(mods): sync mods-sides.json with distribution
+21 new (Yungs* + Moogs* worldgen, lootjs, solcarrot, melter,
seamless-loading-screen), -8 removed (FramedBlocks, GnKinetics,
create_vibrant_vaults, createtransmission, interiors, picaxe,
bellsandwhistles, welcomescreen). seamless-loading-screen hand-edited
to client (pure client UI). Worldgen mods stay both — server generates
structures.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-21 19:05:44 +02:00
07a4ae469d docs(minecraft): document OP-via-RCON, not itzg OPS env
OPS env resolves names via Mojang lookup, but the server is offline-mode
with Drasl auth (own UUIDs) → wrong UUID, inert op entry. Document the
RCON procedure that uses the cached Drasl UUID from usercache.json.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-21 15:00:22 +02:00
2c3e4cf385 feat(branding): use goat logo in header on all pages
The home page header already used ulicraft-logo-mini.svg; apply the same
brand mark to the register, account, and fjord page headers (and footers),
replacing the leftover Creeper pixel-art.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-11 10:11:09 +02:00
4855447b29 feat(branding): use Ulicraft goat logo in header, ServerCard, and server icon
- landing header + footer brand: swap the Creeper pixel-art for the
  ulicraft-logo-mini.svg goat mark.
- ServerCard fallback icon: same logo (real SLP favicon still overrides on
  a successful ping).
- minecraft: set ICON=/extras/server-icon.png + OVERRIDE_ICON so the
  in-game server-list entry and the SLP favicon use the goat logo. PNG
  ships in ./runtime (mounted /extras).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-11 09:59:07 +02:00
14ef545bbb chore: remove pack (packwiz) service and subdomain
The pack service was already gone from compose/caddy and the landing is
off packwiz. Remove the remaining live references: the pack. TLS vhost in
the host nginx template, pack from LE_SUBDOMAINS, and stale docs in README
and CLAUDE.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-11 09:38:28 +02:00
7222904c91 docs(readme): document the mc-status server-status JSON endpoint
Describe the self-hosted mc-status pinger (mcstatus.io v2 JSON, same-origin via
caddy /api/mcstatus/* → mc-status:8080) that the landing ServerCard reads, with
the apex endpoint and a direct-to-caddy curl example.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 02:27:41 +02:00
8a71709048 docs(deploy): caddy conf bind mounts are inode-pinned — recreate, not reload
Document the gotcha hit fixing distribution CORS: caddy/conf.d/*.caddy are
single-file bind mounts pinned to the host inode at container creation. git pull
rewrites tracked files via atomic rename (new inode), so a running caddy keeps
the old config; `restart`/`caddy reload` reuse the stale inode. Apply conf
changes with `docker compose up -d --force-recreate caddy` (or the --hard
down/up). Added to plan/14-deploy.md and the deploy skill guardrails.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 02:26:42 +02:00
db63aa7d10 fix(caddy): allow CORS on distribution /launcher/* for launcher.json fetch
The landing page (apex origin) fetches launcher.json from the distribution
vhost cross-origin to render download buttons; add Access-Control-Allow-Origin
on /launcher/* so the browser doesn't block it. Public assets, no credentials.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 02:05:54 +02:00
39b9262ee9 fix(landing): fetch launcher downloads from live launcher.json on load
The build-time download buttons baked stale/placeholder URLs (the host has no
synced launcher.json, so the build fell back to launcher.example.json). Render
a skeleton at build time instead and fetch the live launcher.json client-side
once on page load (no polling) from
https://distribution.${BASE_DOMAIN}/launcher/launcher.json, building per-OS
buttons from files[]. On fetch error the skeleton clears.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 02:03:22 +02:00
037b1777d6 feat(landing): rename crew to "El valle" + source downloads from launcher.json
Rename all "crew" mentions (en/es/eu) to the untranslated proper name
"El valle" across hero, members, and features copy in i18n/ui.ts.

Rewire the homepage launcher download list to the custom-launcher build
output launcher.json (productName/version/files[]) instead of the
never-produced launcher-manifest.json shape. site.ts now reads launcher.json
and normalizes files[] -> internal builds[]; launcher.example.json is the
committed fallback. Drop the stale launcher-manifest.example/schema, update
.gitignore and docs (CLAUDE.md, plan/18).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 01:55:05 +02:00
1019da66a3 chore(mods): reconcile sides for distribution mod changes
Added picaxe (both). Pruned 5 stale keys for removed jars: LittleFrames,
waterframes, watermedia, watervision (WaterMedia stack dropped from the
pack) and the orphan iris key. sides keys 135→131 = current dist count.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 01:36:25 +02:00
0b098ae06e fix(mods): mark WaterMedia stack client — refuses dedicated server
watermedia throws IllegalEnvironmentException on server-side ("keep it
on client"). Its natives (wm_binaries) and dependents (watervision,
waterframes) are client-render media mods too — flip all four to client
so sync drops them.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 01:26:24 +02:00
db270a9695 fix(mods): mark cwb (Cubes Without Borders) client — crashes dedicated server
cwb declares @Mod(dist=CLIENT); classify-mods.py read its toml side as
BOTH (the dist annotation isn't in the manifest), so it synced to the
server and RuntimeDistCleaner FATAL'd on CubesWithoutBordersImpl. Flip
to client so sync drops it.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 01:23:40 +02:00
4750c0d6c7 feat(mods): classify 59 new distribution jars (Create ecosystem)
Distribution grew 76→135 forgemods; classify-mods.py seeded the 59
new jars into mods-sides.json (57 both, 2 client). Unblocks the server
mod sync — server was stuck on the old 52-jar subset.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 01:21:42 +02:00
220b43d007 docs(deploy): document update-all.sh as the post-pull orchestrator
Rewrite the routine-redeploy section around update-all.sh (rolling vs --hard),
list the steps it runs, note the python>=3.11 requirement for build-modlist on
cochi (default python3 is 3.10), and that www/ + mods.json are generated every
run. The deploy skill = pull + fetch-authlib + ./update-all.sh --hard.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 01:06:39 +02:00
37d21cacf9 fix(update-all): run build-modlist.py under python >=3.11
The host's default python3 may predate stdlib tomllib (cochi/Ubuntu 22.04 ships
3.10), so the shebang-resolved python3 failed the version guard and strict-halt
aborted the run. Pick the first python3.11+ interpreter instead.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 00:05:03 +02:00
3af14d0144 feat(tooling): add update-all.sh post-pull orchestrator; deploy skill uses it
update-all.sh is the single source of truth for the on-host post-pull build +
restart steps: render drasl/nmsr configs, sync server mods, regen the landing
mod list, rebuild www/, then apply via docker compose. Two modes:
- default (rolling): up -d --build, then restart ONLY services whose mounted
  inputs changed since a pre-run snapshot — drasl/nmsr on a config re-render,
  minecraft on a mod change. Minimal downtime. (Cannot detect caddy static-conf
  changes — use --hard for those.)
- --hard: down --remove-orphans && up -d --build (full restart, MC downtime).

Strict halt on any error; landing build sources nvm + pnpm (never npm) and bakes
.env. fetch-authlib stays out (rarely changes) — the deploy skill runs it before
update-all. Refactor the deploy skill to `pull && fetch-authlib && update-all.sh
--hard` so the step list can't drift.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 00:03:57 +02:00
369b4dc0a0 style(landing): bump roster player name to 18px
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 23:28:01 +02:00
c3b2d89ddc feat(landing): switch heading font to Block Blueprint
Replace Pixelify Sans with Block Blueprint as the heading font (theme.headFont).
Block Blueprint isn't on Google Fonts, so it's vendored straight from 1001fonts
(License: 1001Fonts Free For Personal Use — fine for this private friends'
server) as a TTF, with a hand-written @font-face appended to fonts.css. The
vendor step is added to fetch-fonts.sh (runs after the Google rewrite so it
survives re-runs). Pixelify stays available as a HEAD_FONTS option + the
hard-coded fallback.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 22:17:52 +02:00
362228f985 feat(landing): 230px fullbody roster, features goat column, trimmed header
- Members roster avatars render 230px tall (full body); NMSR size bumped to 256
  and tiles widened to fit the portrait.
- Features section is now two columns: the 4 feature cards stacked on the left, a
  Minecraft goat image on the right (public/Goat_JE1_BE1.webp). Stacks on narrow
  screens.
- Header nav links trimmed to How to Join + Status; the auth CTA cluster is now
  Register / Account / Play (the old "Log in" button relabeled Account →
  Cuenta/Kontua).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 22:13:58 +02:00
c8a6c77a8e feat(landing): rework — es default, 2-step join, roster + account polish
- Default language Spanish at root /, English moves to /en/ (eu unchanged):
  getStaticPaths {lang:undefined}->es + LANG_*_PATH maps swapped in ui.ts.
- Section order: hero -> join -> status -> members -> mods -> features.
- Join flow 3 -> 2 steps (drop the Connect/IP step; launcher handles the
  address). Remove the hero IP CopyChip. Header CTA renamed Play/Jugar/Jolastu
  and gains Register + Login links on all four pages.
- Account page: hide the whole login block once authenticated (not just the
  form), add an avatar Refresh button (cache-busted NMSR re-fetch), flatten the
  avatar (no bevel). New i18n key account.refresh.
- Register page: new REGISTRATION_SHOW_INVITE env (default false/hidden) toggles
  the invite-code field independently of the REGISTRATION_MODE backend gate.
- Members roster: drop the `admin` account, render full-body via a new
  ROSTER_AVATAR_MODE (default fullbodyiso); portrait tiles.
- Style: flatten emboss on feature icons (.picon) + player tiles (.roster-tile).
  PixelIcon gains optional image support (/icons/<name>.png|svg).
- Favicon now /favicon.png (committed) on all pages.
- Docs: plan/09-landing.md Assets section (logo/favicon/features-icons drop
  points) + default-language note; .env.example documents the two new vars.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 22:03:18 +02:00
c233b1bfbc docs(drasl): record admin bootstrap + config-key/CORS/NMSR gotchas
Capture what this session learned the hard way, in plan/03-drasl.md and CLAUDE.md:

- Correct admin key is DefaultAdmins (not DefaultAdminUsernames); wrong/unknown
  keys are silently ignored by drasl (logged as "unknown config option").
- CORSAllowOrigins must be top-level, before any [Section], or it's ignored.
- First-admin bootstrap under invite mode is a chicken-egg → temp-flip
  RequireInvite=false, register, revert.
- NMSR needs the auth. host-gateway pin + https mojank endpoints or avatars
  render the default skin (cross-ref plan/19-routes.md).
- Fix the stale example config and mark the admin-bootstrap task done.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 21:20:54 +02:00
de1ac2ee17 fix(nmsr): render real skins, not default — pin auth. to host over https
Every avatar rendered the default skin. NMSR fetched the player profile from
Drasl fine, but the profile embeds an absolute HTTPS skin URL (Drasl BaseURL is
https), and NMSR could not connect to auth.${BASE_DOMAIN}:443: the mcnet alias
resolves auth. -> caddy, which only listens on :80 internally. Logs showed
`fetch_texture_from_mojang … client error (Connect)` for the skin URL, so NMSR
fell back to the default skin.

Mirror what the minecraft service already does: pin auth.${BASE_DOMAIN} to the
host via extra_hosts so NMSR reaches the host nginx on :443 (real LE cert,
publicly trusted — no private CA needed), and switch the nmsr mojank endpoints
from http:// to https:// so the profile/texture scheme matches the embedded
skin URLs.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 21:12:59 +02:00
5d5602fbd7 feat(nmsr): cut avatar refresh lag to ~1min + document HTTP routes
NMSR has no per-request avatar refresh (the `?skin=` override is ignored by this
build), so the only lever for a changed skin to appear is the resolve cache.
Drop resolve_cache_duration 15m -> 60s so account-page skin changes propagate
within ~1 min; texture cache stays 48h (Drasl skin URLs are content-hashed, so a
new skin is always a new URL — never stale). Cost is one extra internal Drasl
profile lookup per avatar per minute, trivial for 4-10 players.

Update the now-stale "~15 min" copy (skinLead + skinPreviewNote, en/es/eu) and
code comments to "~1 min".

Add plan/19-routes.md: a reference for the nmsr / landing / auth HTTP routes
(public via caddy + browser->Drasl + internal service-to-service), indexed in
plan/00-overview.md.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 20:58:57 +02:00
97347693b6 fix(drasl): correct admin key + CORS placement in config template
Two config keys were silently ignored by drasl (logged as "unknown config
option"), so neither took effect in production:

- `DefaultAdminUsernames` is not a drasl option; the correct top-level key is
  `DefaultAdmins`. With the wrong key, the `admin` user never got promoted —
  admin-only API routes (e.g. GET /players for the registered-players roster)
  returned 403.
- `CORSAllowOrigins` sat after the `[RegistrationNewPlayer]` table header, so
  TOML parsed it as `RegistrationNewPlayer.CORSAllowOrigins` (ignored → no CORS
  headers → landing register/account browser calls blocked). Moved it top-level,
  before any [Section], with a comment warning against re-nesting.

Verified against drasl master configuration.md.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 18:34:48 +02:00
a138bbfd72 fix(landing): add valid pnpm-workspace.yaml (packages + build approvals)
Host cochi carried an untracked landing/pnpm-workspace.yaml with a bogus
`allowBuilds:` key and no `packages:` field, which made pnpm 11 abort every
command with "packages field missing or empty" — breaking the deploy landing
rebuild. Track a correct file: `packages: ['.']` plus `onlyBuiltDependencies`
for esbuild/sharp. Verified install + astro build clean locally.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 18:27:30 +02:00
6c7e259fcb feat(landing): join-flow rework, player rosters, account page, mod list
Execute plan/18 (WS1-6) + plan/17.

- WS1: homepage join = 3 steps off packwiz (register -> UlicraftLauncher
  -> join); per-OS downloads from a synced launcher-manifest.json (schema +
  example committed); Fjord moved to its own /fjord page. Drop packwizUrl.
- WS2/3: mc-status gains an isolated /players endpoint (admin login ->
  Drasl GET /players, own client+TTL+token cache, never blocks the status
  path); online + registered rosters render shared name+avatar tiles;
  AVATAR_MODE env (default headiso).
- WS4: /account skin CRUD via browser-direct Drasl (login -> upload ->
  reset), in-memory token, players[0]; register relinks "Manage it here".
- WS5: footer link to status.${BASE_DOMAIN} in every footer.
- WS6: tooling/build-modlist.py generates mods.json + extracted logos from
  the distribution forgemods; ModList.astro renders a flat list; stat tile
  fed from the count.

Manifest/mods loaders read at build with a process.cwd() fallback (the
import.meta.url-only path does not resolve in Astro's bundled build).

New env: AVATAR_MODE, DRASL_ADMIN_USERNAME, DRASL_ADMIN_PASSWORD (mc-status
only). Generated mods.json / launcher-manifest.json / logos are gitignored;
.example.json files document the shapes. Build: 12 pages; mc-status builds.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 18:17:14 +02:00
096ef82420 docs(04-mods): record first-cutover deploy gotchas
Document the two crash classes hit on first deploy: NeoForge pin must match
the distribution's version, and client-only mods that declare BOTH crash the
dedicated server with "invalid dist DEDICATED_SERVER" (tomllib can't catch
them — hand-set to client + re-sync). Mark the decommission checklist done;
flag the landing join-flow rework as the one remaining open item. Current
state: 24 client / 52 both.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-10 01:16:48 +02:00
c249172baa fix(mods): mark client-only GUI mods as client in mods-sides.json
Drippy Loading Screen (and other client-only mods declaring BOTH in their
manifest) crashed the dedicated server with "Attempted to load class
net/minecraft/client/gui/screens/Screen for invalid dist DEDICATED_SERVER".
tomllib can't catch these (they declare BOTH), so hand-classify the leaf
client-only mods as `client`: BetterF3, JustEnoughResources, MouseTweaks,
Searchables, TravelersTitles, drippyloadingscreen, entityculling, fancymenu,
konkrete, melody, ponderjs, welcomescreen, yeetusexperimentus. Now 24 client
/ 52 both.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-10 00:07:50 +02:00
fa8cede6ae docs(roadmap): track post-migration mod follow-ups
Two follow-ups from the packwiz→04-mods migration: curate cosmetic-client
entries in mods-sides.json, and rework the landing join flow off the dead
packwiz pack.toml URL onto the HeliosLauncher/distribution.json flow.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-10 00:03:07 +02:00
84196d59d0 fix(minecraft): bump NeoForge pin to 21.1.233 to match distribution
The distribution-fed modset is built against NeoForge 21.1.233
(distribution.json); several mods hard-require it (ferritecore ≥21.1.218,
farmersdelight ≥21.1.219, configured ≥21.1.211). The old 21.1.209 pin made
the server crash in pre-load with "Missing or unsupported mandatory
dependencies: neoforge".

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 23:59:23 +02:00
27237bc7c1 feat(mods): replace packwiz with distribution-fed custom mod volume
Drop packwiz entirely. The server now loads a filtered mod subset from a
local ./server-mods volume instead of fetching a packwiz pack at boot.

New flow:
- tooling/classify-mods.py (tomllib only, no network) reads each jar's
  META-INF/neoforge.mods.toml and seeds mods-sides.json with a side
  (client|server|both; default both). Existing entries are preserved.
- mods-sides.json: committed, keyed by jar filename, hand-editable override
  surface. Initial seed: 65 both, 11 client, 0 server (76 jars).
- tooling/sync-server-mods.sh mirrors the both/server jars from
  $DISTRIBUTION_WEB_ROOT into ./server-mods/ (authoritative; prunes strays;
  halts on a missing jar). Replaces render-pack.sh.
- compose: minecraft mounts ./server-mods:/mods:ro with REMOVE_OLD_MODS=TRUE
  (itzg auto-syncs /mods -> /data/mods). Removed PACKWIZ_URL, the pack.
  extra_host (auth. kept for authlib), and depends_on caddy (drasl kept).

Both classify-mods.py and sync-server-mods.sh resolve their source dir as:
CLI arg / MODS_DIST_DIR env / $DISTRIBUTION_WEB_ROOT (in that order).

Removed: tooling/render-pack.sh + add-custom-mod.sh (packwiz tooling),
pack/ (packwiz source), custom/ (76 jars now sourced from the distribution),
the pack. caddy vhost + its mounts/alias, and the packwiz .gitignore block.

Client distribution is UNCHANGED: HeliosLauncher still installs the full
modset from distribution.json. Docs (CLAUDE.md, plan/04/05/14, runtime)
updated; plan/04-packwiz.md stubbed as superseded by plan/04-mods.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 23:34:38 +02:00
90c3be7bb5 https auth 2026-06-09 22:13:31 +02:00
d21a7f0e92 feat(landing): live server card backed by self-hosted mc-status
Add a featured live ServerCard to the landing (replaces the static
ServerListPanel in hero + status sections): server favicon, color MOTD,
online/offline pill, players online/max with fill bar, and a player-head
row rendered by our own NMSR from Drasl skins. Progressive enhancement —
SSG skeleton degrades gracefully when JS or the API is unavailable.

Back it with a self-hosted pinger instead of the public api.mcstatus.io:
mcstatus.io's API service is closed-source (only the mcutil library is
open), so docker/mc-status wraps mcutil and re-emits its v2 JSON shape,
keeping the frontend unchanged. The service ignores the path address and
only pings MC_STATUS_TARGET (no SSRF relay), with a 30s TTL cache.

Exposed same-origin via caddy at the apex /api/mcstatus/* path (no new DNS
subdomain or LE cert change, no CORS). Uptime Kuma stays the uptime
history + alerting backend; see plan/15-mc-status.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 22:08:30 +02:00