Open ChristopherHaws opened 1 year ago
Currently supports setting secrets through environment variables FABRIC_PROXY_SECRET
.
I use velocity in docker and I'd love to be able to add that one file to both containers without fussing with ansible.
@ryleu If you're using itzg/minecraft-server
for the server image and itzg/mc-proxy
for Velocity, it's already possible.
Both of these images allow for interpolation in the config files in order to replace env-vars with values.
I use this in conjunction with the optional config mount-point, and the following env-vars in the docker-compose.yml
and .env
files. Note! the forwarding secret requires the double quotes around the value.:
environment:
- REPLACE_ENV_DURING_SYNC=true
- REPLACE_ENV_VARIABLES=true
- CFG_FABRIC_PROXY_FORWARDING_SECRET="$VELOCITY_FORWARDING_SECRET"
- CFG_FABRIC_PROXY_HACK_EARLY_SEND=true
- CFG_FABRIC_PROXY_HACK_MESSAGE_CHAIN=true
Then in the FabricProxy-Lite.toml
file which is inside a persistent volume to the containers /config
dir, you'd set the variables like so:
hackOnlineMode = true
hackEarlySend = ${CFG_FABRIC_PROXY_HACK_EARLY_SEND}
hackMessageChain = ${CFG_FABRIC_PROXY_HACK_MESSAGE_CHAIN}
disconnectMessage = "This server requires you to connect with Velocity."
secret = ${CFG_FABRIC_PROXY_FORWARDING_SECRET}
These images are pretty neat, because they allow for automation like this, and e.g. installing mods/plugins automatically from CurseForge, Modrinth, or any site with a direct .jar
download link.
Documentation:
I like to keep my config files in source control. Currently I have to keep
FabricProxy-Lite.toml
in my.gitignore
file because it contains the private key. If I could configure FabricProxy-Lite to read the secret directly from a file, I could then point it to theforwarding.secret
so the config file doesn't contain any secret data.Thanks! :)