# NMSR-aas config — renders to nmsr/config.toml (gitignored) via # tooling/render-config.sh. Only ${BASE_DOMAIN} is substituted. # # Skins come from Drasl, NOT Mojang. Drasl exposes Mojang-compatible routes at # the bare BaseURL: # session_server -> {url}/session/minecraft/profile/{uuid} # mojang_api_server -> {url}/users/profiles/minecraft/{name} # and embeds absolute skin URLs (https://auth.${BASE_DOMAIN}/web/texture/skin/…) # in the profile — Drasl's BaseURL is https, so these are https and NMSR must # fetch them over :443. The mcnet alias only resolves auth. -> caddy on :80, so # the nmsr service pins auth.${BASE_DOMAIN} to the host (extra_hosts in # docker-compose.yml) and talks to the host nginx on :443 (real LE cert). Hence # the https:// endpoints below — they must match the scheme of the embedded # skin URLs, or the skin fetch Connect-fails and avatars render the default skin. [server] address = "0.0.0.0" port = 8080 [caching] cleanup_interval = "1h" # resolve_cache_duration caches the uuid -> profile (incl. skin URL) lookup, so # it bounds how long a changed skin keeps showing the OLD avatar. Kept short so # skin changes on the account page propagate within ~1 min (NMSR has no # per-request force-refresh; a `?skin=` override is ignored by this build). Cost # is one extra internal Drasl profile lookup per avatar per minute — trivial over # mcnet for a 4-10 player server. For an instant global flush: restart nmsr. resolve_cache_duration = "60s" # texture cache stays long: Drasl skin URLs are content-hashed # (/web/texture/skin/.png), so a new skin = new URL = fresh fetch; this # 48h cache never serves a stale skin. texture_cache_duration = "48h" [caching.cache_biases] [mojank] # Point every Mojang endpoint at Drasl over https — auth. is pinned to the host # (extra_hosts), so this reaches the host nginx on :443 with the real LE cert. # Must stay https to match the https skin URLs Drasl embeds in the profile. session_server = "https://auth.${BASE_DOMAIN}" textures_server = "https://auth.${BASE_DOMAIN}" mojang_api_server = "https://auth.${BASE_DOMAIN}" session_server_rate_limit = 10 # This is an offline-mode (authlib-injector) server — Drasl issues v3 offline # UUIDs, so they must be accepted. allow_offline_mode_uuids = true use_dashless_uuids = false [rendering] sample_count = 1 use_smaa = true