Added FORCE_REDOWNLOAD support for Bukkit/Spigot (#1879)

Also:
- added info for multi-line MOTD

.github/workflows/stale-check.yml

@@ -12,7 +12,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Process Stale Issues
-        uses: actions/stale@v6
+        uses: actions/stale@v7
         with:
           stale-issue-label: status/stale
           stale-pr-label: status/stale

Dockerfile

@@ -39,16 +39,15 @@ RUN easy-add --var os=${TARGETOS} --var arch=${TARGETARCH}${TARGETVARIANT} \
   --from https://github.com/itzg/{{.app}}/releases/download/{{.version}}/{{.app}}_{{.version}}_{{.os}}_{{.arch}}.tar.gz
 
 RUN easy-add --var os=${TARGETOS} --var arch=${TARGETARCH}${TARGETVARIANT} \
-  --var version=1.8.1 --var app=mc-server-runner --file {{.app}} \
+  --var version=1.8.2 --var app=mc-server-runner --file {{.app}} \
   --from https://github.com/itzg/{{.app}}/releases/download/{{.version}}/{{.app}}_{{.version}}_{{.os}}_{{.arch}}.tar.gz
 
 RUN easy-add --var os=${TARGETOS} --var arch=${TARGETARCH}${TARGETVARIANT} \
   --var version=0.1.1 --var app=maven-metadata-release --file {{.app}} \
   --from https://github.com/itzg/{{.app}}/releases/download/{{.version}}/{{.app}}_{{.version}}_{{.os}}_{{.arch}}.tar.gz
 
-ARG MC_HELPER_VERSION=1.22.7
-ARG MC_HELPER_RELEASE=v${MC_HELPER_VERSION}
-ARG MC_HELPER_BASE_URL=https://github.com/itzg/mc-image-helper/releases/download/${MC_HELPER_RELEASE}
+ARG MC_HELPER_VERSION=1.22.12
+ARG MC_HELPER_BASE_URL=https://github.com/itzg/mc-image-helper/releases/download/${MC_HELPER_VERSION}
 RUN curl -fsSL ${MC_HELPER_BASE_URL}/mc-image-helper-${MC_HELPER_VERSION}.tgz \
   | tar -C /usr/share -zxf - \
   && ln -s /usr/share/mc-image-helper-${MC_HELPER_VERSION}/bin/mc-image-helper /usr/bin

README.md

@@ -142,6 +142,16 @@ Now you can recreate the container with any environment variable changes, etc by
 docker run -d -it --name mc-new -v mc:/data -p 25565:25565 -e EULA=TRUE -e MEMORY=2G itzg/minecraft-server
 ```
 
+### Locating filesystem path of anonymous volume
+
+The `Source` field from the output of this command will show where the anonymous volume is mounted from:
+
+```shell
+docker inspect -f "{{json .Mounts}}" CONTAINER_NAME_OR_ID
+```
+
+> **NOTE** On Windows with WSL the volumes path is `\\wsl$\docker-desktop-data\data\docker\volumes`
+
 ## Versions
 
 To use a different Minecraft version, pass the `VERSION` environment variable (case sensitive), which can have the value
@@ -411,6 +421,8 @@ Enable Bukkit/Spigot server mode by adding a `-e TYPE=BUKKIT` or `-e TYPE=SPIGOT
         -e TYPE=SPIGOT \
         -p 25565:25565 -e EULA=TRUE --name mc itzg/minecraft-server
 
+If the downloaded server jar is corrupted, set `FORCE_REDOWNLOAD` to "true" to force a re-download during next container startup. After successfully re-downloading, you should remove that or set to "false".
+
 If you are hosting your own copy of Bukkit/Spigot you can override the download URLs with:
 
 - -e BUKKIT_DOWNLOAD_URL=<url>
@@ -420,7 +432,7 @@ You can build spigot from source by adding `-e BUILD_FROM_SOURCE=true`
 
 Plugins can either be managed within the `plugins` subdirectory of the [data directory](#data-directory) or you can also [attach a `/plugins` volume](#optional-plugins-mods-and-config-attach-points). If you add plugins while the container is running, you'll need to restart it to pick those up.
 
-[You can also auto-download plugins using `SPIGET_RESOURCES`.](#auto-downloading-spigotmcbukkitpapermc-plugins)
+[You can also auto-download plugins using `SPIGET_RESOURCES`.](#auto-downloading-spigotmcbukkitpapermc-plugins-with-spiget)
 
 > NOTE some of the `VERSION` values are not as intuitive as you would think, so make sure to click into the version entry to find the **exact** version needed for the download. For example, "1.8" is not sufficient since their download naming expects `1.8-R0.1-SNAPSHOT-latest` exactly.
 
@@ -438,7 +450,7 @@ If you are hosting your own copy of Paper you can override the download URL with
 
 If you have attached a host directory to the `/data` volume, then you can install plugins via the `plugins` subdirectory. You can also [attach a `/plugins` volume](#optional-plugins-mods-and-config-attach-points). If you add plugins while the container is running, you'll need to restart it to pick those up.
 
-[You can also auto-download plugins using `SPIGET_RESOURCES`.](#auto-downloading-spigotmcbukkitpapermc-plugins)
+[You can also auto-download plugins using `SPIGET_RESOURCES`.](#auto-downloading-spigotmcbukkitpapermc-plugins-with-spiget)
 
 ### Running a Pufferfish server
 
@@ -681,7 +693,7 @@ These paths work well if you want to have a common set of modules in a separate
 
 > For more flexibility with mods/plugins preparation, you can declare directories to use in [the `MODS` variable](#downloadable-modplugin-pack-for-forge-fabric-and-bukkit-like-servers)
 
-### Auto-downloading SpigotMC/Bukkit/PaperMC plugins
+### Auto-downloading SpigotMC/Bukkit/PaperMC plugins with Spiget
 
 The `SPIGET_RESOURCES` variable can be set with a comma-separated list of SpigotMC resource IDs to automatically download [SpigotMC resources/plugins](https://www.spigotmc.org/resources/) using [the spiget API](https://spiget.org/). Resources that are zip files will be expanded into the plugins directory and resources that are simply jar files will be moved there.
 
@@ -805,7 +817,9 @@ GENERIC_PACKS_SUFFIX=.zip
 
 would expand to `https://cdn.example.org/configs-v9.0.1.zip,https://cdn.example.org/mods-v4.3.6.zip`.
 
-If applying large generic packs, the update check can be time-consuming since a SHA1 checksum is compared. To skip the update check set `SKIP_GENERIC_PACK_UPDATE_CHECK` to "true". Conversely, the generic pack(s) can be forced to be applied without comparing the checksum by setting `FORCE_GENERIC_PACK_UPDATE` to "true".
+If applying large generic packs, the update can be time-consuming. To skip the update set `SKIP_GENERIC_PACK_UPDATE_CHECK` to "true". Conversely, the generic pack(s) can be forced to be applied by setting `FORCE_GENERIC_PACK_UPDATE` to "true".
+
+The most time consuming portion of the generic pack update is generating and comparing the SHA1 checksum. To skip the checksum generation, set `SKIP_GENERIC_PACK_CHECKSUM` to "true.
 
 ### Mod/Plugin URL Listing File 
 
@@ -990,6 +1004,10 @@ renders
 
 ![](docs/motd-example.png)
 
+To produce a multi-line MOTD, you will need to double escape the newline such as
+
+    -e MOTD="Line one\\nLine two"
+
 ### Difficulty
 
 The difficulty level (default: `easy`) can be set like:
@@ -1005,12 +1023,12 @@ values.
 > **NOTE** it is very important to set this with servers exposed to the internet where you want only limited players to join.
 
 To whitelist players for your Minecraft server, you can:
-- Provide the url or path to a whitelist file via `WHITELIST_FILE` environment variable  
-    `docker run -d -e WHITELIST_FILE=/extra/whitelist.json ...`
 - Provide a list of usernames and/or UUIDs separated by commas via the `WHITELIST` environment variable  
-    `docker run -d -e WHITELIST=user1,uuid2 ...`
+  `docker run -d -e WHITELIST=user1,uuid2 ...`
+- Provide the url or path to a whitelist file via `WHITELIST_FILE` environment variable  
+  `docker run -d -e WHITELIST_FILE=/extra/whitelist.json ...`
 
-To enforce the whitelist and auto-kick players not included in whitelist configuration, set `ENFORCE_WHITELIST=TRUE`. **By default** any user can join your Minecraft server if it's publicly accessible, regardless of your whitelist configuration.
+When either is set, [whitelisting of connecting users](https://minecraft.fandom.com/wiki/Server.properties#white-list) is enabled . If managing the list manually, `ENABLE_WHITELIST` can be set to "true" to set the `white-list` property.
 
 If whitelist configuration already exists, `WHITELIST_FILE` will not be retrieved and any usernames in `WHITELIST` are **added** to the whitelist configuration. You can enforce regeneration of the whitelist on each server startup by setting `OVERRIDE_WHITELIST` to "true". This will delete the whitelist file before processing whitelist configuration.
 
@@ -1020,7 +1038,7 @@ If whitelist configuration already exists, `WHITELIST_FILE` will not be retrieve
 
 > If running Minecraft 1.7.5 or earlier, these variables will apply to `white-list.txt`, with 1.7.6 implementing support for `whitelist.json`. Make sure your `WHITELIST_FILE` is in the appropriate format.
 
-If either `WHITELIST_FILE` or `WHITELIST` is provided, the server property `white-list` is automatically set to `true`, enabline whitelist functionality. Alternatively you can set `ENABLE_WHITELIST=TRUE` to only set the server property `white-list` without modifying the whitelist file. In this case the whitelist can be managed using the `whitelist add` and `whitelist remove` commands. Remember you can set enforcement via the `ENFORCE_WHITELIST` variable.
+To [enforce the whitelist changes immediately](https://minecraft.fandom.com/wiki/Server.properties#enforce-whitelist) when whitelist commands are used , set `ENFORCE_WHITELIST` to "true".
 
 ### Op/Administrator Players
 
@@ -1039,6 +1057,7 @@ If ops configuration already exists, `OPS_FILE` will not be retrieved and any us
 New to [22W42A](https://www.minecraft.net/en-us/article/minecraft-snapshot-22w42a), datapacks with feature flags can be controlled before initial world creation by setting these to a comma separated list of packs:
 
 - `INITIAL_ENABLED_PACKS`
+  such as "update_1_20,bundle"
 - `INITIAL_DISABLED_PACKS`
 
 ### Server icon
@@ -1052,13 +1071,17 @@ The server icon which has been set doesn't get overridden by default. It can be
 
     docker run -d -e ICON=http://..../some/other/image.png -e OVERRIDE_ICON=TRUE...
 
-### Rcon
+### RCON
 
-To use rcon use the `ENABLE_RCON` and `RCON_PASSWORD` variables.
-The default RCON password is _"minecraft",_ but it's **highly** recommended to override that.
-By default rcon port will be `25575` but can easily be changed with the `RCON_PORT` variable.
+RCON is **enabled by default** to allow for graceful shut down the server and coordination of save state during backups. RCON can be disabled by setting `ENABLE_RCON` to "false".
 
-    docker run -d -e ENABLE_RCON=true -e RCON_PASSWORD=testing
+The default password is "minecraft" but **change the password before deploying into production** by setting `RCON_PASSWORD`.
+
+**DO NOT MAP THE RCON PORT EXTERNALLY** unless you aware of all the consequences and have set a **secure password** with `RCON_PASSWORD`. 
+
+> Mapping ports (`-p` command line or `ports` in compose) outside the container and docker networking needs to be a purposeful choice. Most production Docker deployments do not need any of the Minecraft ports mapped externally from the server itself.
+
+By default, the server listens for RCON on port 25575 within the container. It can be changed with `RCON_PORT` but only do this if you have a very good reason. **DO NOT change `rcon.port` via `server.properties`** or integrations will break.
 
 ### Query
 
@@ -1477,15 +1500,47 @@ To let the JVM calculate the heap size from the container declared memory limit,
 
 General JVM options can be passed to the Minecraft Server invocation by passing a `JVM_OPTS`
 environment variable. The JVM requires `-XX` options to precede `-X` options, so those can be declared in `JVM_XX_OPTS`. Both variables are space-delimited, raw JVM arguments.
+
 ```
--e JVM_OPTS="-someJVMOption someJVMOptionValue"
+docker run ... -e JVM_OPTS="-someJVMOption someJVMOptionValue" ...
 ```
 
-For some cases, if e.g. after removing mods, it could be necessary to startup minecraft with an additional `-D` parameter like `-Dfml.queryResult=confirm`. To address this you can use the environment variable `JVM_DD_OPTS`, which builds the params from a given list of values separated by space, but without the `-D` prefix. To make things running under systems (e.g. Plesk), which doesn't allow `=` inside values, a `:` (colon) could be used instead. The upper example would look like this:
-`JVM_DD_OPTS=fml.queryResult:confirm`, and will be converted to `-Dfml.queryResult=confirm`.
+**NOTE** When declaring `JVM_OPTS` in a compose file's `environment` section with list syntax, **do not** include the quotes:
+
+```yaml
+    environment:
+      - EULA=true
+      - JVM_OPTS=-someJVMOption someJVMOptionValue 
+```
+
+Using object syntax is recommended and more intuitive:
+
+```yaml
+    environment:
+      EULA: "true"
+      JVM_OPTS: "-someJVMOption someJVMOptionValue"
+# or
+#     JVM_OPTS: -someJVMOption someJVMOptionValue
+```
+
+As a shorthand for passing several system properties as `-D` arguments, you can instead pass a comma separated list of `name=value` or `name:value` pairs with `JVM_DD_OPTS`. (The colon syntax is provided for management platforms like Plesk that don't allow `=` inside a value.)
+
+For example, instead of passing
+
+```yaml
+  JVM_OPTS: -Dfml.queryResult=confirm -Dname=value
+```
+
+you can use
+
+```yaml
+  JVM_DD_OPTS: fml.queryResult=confirm,name=value
+```
+
+### Extra Arguments
+
+Arguments that would usually be passed to the jar file (those which are written after the filename) can be passed via the `EXTRA_ARGS` environment variable.
 
-### Jarfile Options
-Options that would usually be passed to the jar file (those which are written after the filename) can be passed via the `EXTRA_ARGS` environment variable.
 See [Custom worlds directory path](#custom-worlds-directory-path) for an example.
 
 ### Interactive and Color Console
@@ -1559,7 +1614,7 @@ To enable remote JMX, such as for profiling with VisualVM or JMC, add the enviro
 
 ### Enable Aikar's Flags
 
-[Aikar has does some research](https://aikar.co/2018/07/02/tuning-the-jvm-g1gc-garbage-collector-flags-for-minecraft/) into finding the optimal JVM flags for GC tuning, which becomes more important as more users are connected concurrently. The set of flags documented there can be added using
+[Aikar has done some research](https://aikar.co/2018/07/02/tuning-the-jvm-g1gc-garbage-collector-flags-for-minecraft/) into finding the optimal JVM flags for GC tuning, which becomes more important as more users are connected concurrently. The set of flags documented there can be added using
 
     -e USE_AIKAR_FLAGS=true
 
@@ -1707,6 +1762,8 @@ On startup the `server.properties` file is checked and, if applicable, a warning
 
 The utility used to wake the server (`knock(d)`) works at network interface level. So the correct interface has to be set using the `AUTOPAUSE_KNOCK_INTERFACE` variable when using non-default networking environments (e.g. host-networking, Portainer oder NAS solutions). See the description of the variable below.
 
+A file called `.paused` is created in `/data` directory when the server is paused and removed when the server is resumed. Other services may check for this file's existence before waking the server.
+
 A starting, example compose file has been provided in [examples/docker-compose-autopause.yml](examples/docker-compose-autopause.yml).
 
 ### Enabling Autopause

build/alpine/install-packages.sh

@@ -23,4 +23,5 @@ apk add --no-cache -U \
     sudo \
     knock \
     tar \
-    zstd
+    zstd \
+    nfs-utils

build/ubuntu/install-packages.sh

@@ -23,6 +23,7 @@ apt-get install -y \
   unzip \
   zstd \
   lbzip2 \
-  knockd
+  knockd \
+  nfs-common
 
 apt-get clean

examples/docker-compose-curseforge-atm7.yaml

@@ -132,7 +132,6 @@ services:
       OVERRIDE_SERVER_PROPERTIES: "true"
       DIFFICULTY: "easy"
       MAX_TICK_TIME: "-1"
-      VIEW_DISTANCE: "6"
       ALLOW_FLIGHT: "true"
       OPS: ""
       VIEW_DISTANCE: 10

examples/multi-project/README.md

@@ -0,0 +1,10 @@
+This project demonstrates the use of two compose projects, `dbs` and `servers`, where the following capabilities are demonstrated:
+
+- Managing databases, such as MariaDB, in its own compose project: `dbs`
+- Using an `.env` file to avoid including user details within the compose file 
+- Accessing the database from a separate project, `servers`, via an external network declaration
+  - LuckPerms is configured to access the MariaDB instance
+- Isolating the Minecraft server container by purposely **not** declaring port mappings
+- Running Waterfall as a proxy
+- Using configuration mount points to pre-configure Waterfall and the Minecraft server
+- Using Spiget to download plugins, in this case LuckPerms

examples/multi-project/dbs/.env

@@ -0,0 +1,2 @@
+LUCKPERMS_USER=luckperms
+LUCKPERMS_PASSWORD=luckpermspw

examples/multi-project/dbs/docker-compose.yml

@@ -0,0 +1,21 @@
+version: "3.8"
+
+services:
+  mariadb:
+    image: mariadb:10
+    environment:
+      MARIADB_RANDOM_ROOT_PASSWORD: yes
+      MARIADB_DATABASE: luckperms
+      # These are loaded by compose from .env
+      MARIADB_USER: ${LUCKPERMS_USER}
+      MARIADB_PASSWORD: ${LUCKPERMS_PASSWORD}
+    volumes:
+      - mariadb:/var/lib/mysql
+
+  adminer:
+    image: adminer
+    ports:
+      - "8806:8080"
+
+volumes:
+  mariadb: {}

examples/multi-project/servers/docker-compose.yml

@@ -0,0 +1,41 @@
+version: "3.8"
+
+services:
+  proxy:
+    image: itzg/bungeecord
+    environment:
+      TYPE: WATERFALL
+    ports:
+      - "25565:25577"
+    volumes:
+      - waterfall:/server
+      - ./waterfall-config:/config
+
+  mc:
+    image: itzg/minecraft-server
+    environment:
+      EULA: "true"
+      TYPE: PAPER
+      # 28140: luckperms
+      SPIGET_RESOURCES: "28140"
+      # since we're behind a proxy
+      ONLINE_MODE: "false"
+    volumes:
+      - mc:/data
+      # mainly to drop in config files specific to plugins
+      - ./mc-plugins:/plugins
+    networks:
+      # so proxy can reach us
+      - default
+      # so we can use databases project
+      - dbs
+
+volumes:
+  mc: {}
+  waterfall: {}
+
+networks:
+  dbs:
+    # declared in ../dbs
+    external: true
+    name: dbs_default

examples/multi-project/servers/mc-plugins/LuckPerms/config.yml

@@ -0,0 +1,710 @@
+####################################################################################################
+# +----------------------------------------------------------------------------------------------+ #
+# |                                   __         __   ___  __         __                         | #
+# |                        |    |  | /  ` |__/  |__) |__  |__)  |\/| /__`                        | #
+# |                        |___ \__/ \__, |  \  |    |___ |  \  |  | .__/                        | #
+# |                                                                                              | #
+# |                                     https://luckperms.net                                    | #
+# |                                                                                              | #
+# |  WIKI:        https://luckperms.net/wiki                                                     | #
+# |  DISCORD:     https://discord.gg/luckperms                                                   | #
+# |  BUG REPORTS: https://github.com/lucko/LuckPerms/issues                                      | #
+# |                                                                                              | #
+# |  Each option in this file is documented and explained here:                                  | #
+# |   ==>  https://luckperms.net/wiki/Configuration                                              | #
+# |                                                                                              | #
+# |  New options are not added to this file automatically. Default values are used if an         | #
+# |  option cannot be found. The latest config versions can be obtained at the link above.       | #
+# +----------------------------------------------------------------------------------------------+ #
+####################################################################################################
+
+# +----------------------------------------------------------------------------------------------+ #
+# |                                                                                              | #
+# |                                      ESSENTIAL SETTINGS                                      | #
+# |                                                                                              | #
+# |                   Important settings that control how LuckPerms functions.                   | #
+# |                                                                                              | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# The name of the server, used for server specific permissions.
+#
+# - When set to "global" this setting is effectively ignored.
+# - In all other cases, the value here is added to all players in a "server" context.
+# - See: https://luckperms.net/wiki/Context
+server: global
+
+# If the servers own UUID cache/lookup facility should be used when there is no record for a player
+# already in LuckPerms.
+#
+# - When this is set to 'false', commands using a player's username will not work unless the player
+#   has joined since LuckPerms was first installed.
+# - To get around this, you can use a player's uuid directly in the command, or enable this option.
+# - When this is set to 'true', the server facility is used. This may use a number of methods,
+#   including checking the servers local cache, or making a request to the Mojang API.
+use-server-uuid-cache: false
+
+
+
+
+# +----------------------------------------------------------------------------------------------+ #
+# |                                                                                              | #
+# |                                       STORAGE SETTINGS                                       | #
+# |                                                                                              | #
+# |                Controls which storage method LuckPerms will use to store data.               | #
+# |                                                                                              | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# How the plugin should store data
+#
+# - The various options are explained in more detail on the wiki:
+#   https://luckperms.net/wiki/Storage-types
+#
+# - Possible options:
+#
+#   |  Remote databases - require connection information to be configured below
+#   |=> MySQL
+#   |=> MariaDB (preferred over MySQL)
+#   |=> PostgreSQL
+#   |=> MongoDB
+#
+#   |  Flatfile/local database - don't require any extra configuration
+#   |=> H2 (preferred over SQLite)
+#   |=> SQLite
+#
+#   |  Readable & editable text files - don't require any extra configuration
+#   |=> YAML (.yml files)
+#   |=> JSON (.json files)
+#   |=> HOCON (.conf files)
+#   |=> TOML (.toml files)
+#   |
+#   | By default, user, group and track data is separated into different files. Data can be combined
+#   | and all stored in the same file by switching to a combined storage variant.
+#   | Just add '-combined' to the end of the storage-method, e.g. 'yaml-combined'
+#
+# - A H2 database is the default option.
+# - If you want to edit data manually in "traditional" storage files, we suggest using YAML.
+storage-method: MariaDB
+
+# The following block defines the settings for remote database storage methods.
+#
+# - You don't need to touch any of the settings here if you're using a local storage method!
+# - The connection detail options are shared between all remote storage types.
+data:
+
+  # Define the address and port for the database.
+  # - The standard DB engine port is used by default
+  #   (MySQL: 3306, PostgreSQL: 5432, MongoDB: 27017)
+  # - Specify as "host:port" if differs
+  address: mariadb
+
+  # The name of the database to store LuckPerms data in.
+  # - This must be created already. Don't worry about this setting if you're using MongoDB.
+  database: luckperms
+
+  # Credentials for the database.
+  username: luckperms
+  password: 'luckpermspw'
+
+  # These settings apply to the MySQL connection pool.
+  # - The default values will be suitable for the majority of users.
+  # - Do not change these settings unless you know what you're doing!
+  pool-settings:
+
+    # Sets the maximum size of the MySQL connection pool.
+    # - Basically this value will determine the maximum number of actual
+    #   connections to the database backend.
+    # - More information about determining the size of connection pools can be found here:
+    #   https://github.com/brettwooldridge/HikariCP/wiki/About-Pool-Sizing
+    maximum-pool-size: 10
+
+    # Sets the minimum number of idle connections that the pool will try to maintain.
+    # - For maximum performance and responsiveness to spike demands, it is recommended to not set
+    #   this value and instead allow the pool to act as a fixed size connection pool.
+    #   (set this value to the same as 'maximum-pool-size')
+    minimum-idle: 10
+
+    # This setting controls the maximum lifetime of a connection in the pool in milliseconds.
+    # - The value should be at least 30 seconds less than any database or infrastructure imposed
+    #   connection time limit.
+    maximum-lifetime: 1800000 # 30 minutes
+
+    # This setting controls how frequently the pool will 'ping' a connection in order to prevent it
+    # from being timed out by the database or network infrastructure, measured in milliseconds.
+    # - The value should be less than maximum-lifetime and greater than 30000 (30 seconds).
+    # - Setting the value to zero will disable the keepalive functionality.
+    keepalive-time: 0
+
+    # This setting controls the maximum number of milliseconds that the plugin will wait for a
+    # connection from the pool, before timing out.
+    connection-timeout: 5000 # 5 seconds
+
+    # This setting allows you to define extra properties for connections.
+    #
+    # By default, the following options are set to enable utf8 encoding. (you may need to remove
+    # these if you are using PostgreSQL)
+    #   useUnicode: true
+    #   characterEncoding: utf8
+    #
+    # You can also use this section to disable SSL connections, by uncommenting the 'useSSL' and
+    # 'verifyServerCertificate' options below.
+    properties:
+      useUnicode: true
+      characterEncoding: utf8
+      #useSSL: false
+      #verifyServerCertificate: false
+
+  # The prefix for all LuckPerms SQL tables.
+  #
+  # - This only applies for remote SQL storage types (MySQL, MariaDB, etc).
+  # - Change this if you want to use different tables for different servers.
+  table-prefix: 'luckperms_'
+
+  # The prefix to use for all LuckPerms MongoDB collections.
+  #
+  # - This only applies for the MongoDB storage type.
+  # - Change this if you want to use different collections for different servers. The default is no
+  # prefix.
+  mongodb-collection-prefix: ''
+
+  # The connection string URI to use to connect to the MongoDB instance.
+  #
+  # - When configured, this setting will override anything defined in the address, database,
+  #   username or password fields above.
+  # - If you have a connection string that starts with 'mongodb://' or 'mongodb+srv://', enter it
+  #   below.
+  # - For more information, please see https://docs.mongodb.com/manual/reference/connection-string/
+  mongodb-connection-uri: ''
+
+# Define settings for a "split" storage setup.
+#
+# - This allows you to define a storage method for each type of data.
+# - The connection options above still have to be correct for each type here.
+split-storage:
+  # Don't touch this if you don't want to use split storage!
+  enabled: false
+  methods:
+    # These options don't need to be modified if split storage isn't enabled.
+    user: h2
+    group: h2
+    track: h2
+    uuid: h2
+    log: h2
+
+
+
+
+# +----------------------------------------------------------------------------------------------+ #
+# |                                                                                              | #
+# |                            UPDATE PROPAGATION & MESSAGING SERVICE                            | #
+# |                                                                                              | #
+# |    Controls the ways in which LuckPerms will sync data & notify other servers of changes.    | #
+# |     These options are documented on greater detail on the wiki under "Instant Updates".      | #
+# |                                                                                              | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# This option controls how frequently LuckPerms will perform a sync task.
+#
+# - A sync task will refresh all data from the storage, and ensure that the most up-to-date data is
+#   being used by the plugin.
+# - This is disabled by default, as most users will not need it. However, if you're using a remote
+#   storage type without a messaging service setup, you may wish to set this to something like 3.
+# - Set to -1 to disable the task completely.
+sync-minutes: -1
+
+# If the file watcher should be enabled.
+#
+# - When using a file-based storage type, LuckPerms can monitor the data files for changes, and
+#   automatically update when changes are detected.
+# - If you don't want this feature to be active, set this option to false.
+watch-files: true
+
+# Define which messaging service should be used by the plugin.
+#
+# - If enabled and configured, LuckPerms will use the messaging service to inform other connected
+#   servers of changes.
+# - Use the command "/lp networksync" to manually push changes.
+# - Data is NOT stored using this service. It is only used as a messaging platform.
+#
+# - If you decide to enable this feature, you should set "sync-minutes" to -1, as there is no need
+#   for LuckPerms to poll the database for changes.
+#
+# - Possible options:
+#   => sql       Uses the SQL database to form a queue system for communication. Will only work when
+#                'storage-method' is set to MySQL or MariaDB. This is chosen by default if the
+#                option is set to 'auto' and SQL storage is in use. Set to 'notsql' to disable this.
+#   => pluginmsg Uses the plugin messaging channels to communicate with the proxy.
+#                LuckPerms must be installed on your proxy & all connected servers backend servers.
+#                Won't work if you have more than one proxy.
+#   => lilypad   Uses LilyPad pub-sub to push changes. You need to have the LilyPad-Connect plugin
+#                installed.
+#   => redis     Uses Redis pub-sub to push changes. Your server connection info must be configured
+#                below.
+#   => rabbitmq  Uses RabbitMQ pub-sub to push changes. Your server connection info must be
+#                configured below.
+#   => custom    Uses a messaging service provided using the LuckPerms API.
+#   => auto      Attempts to automatically setup a messaging service using redis or sql.
+messaging-service: auto
+
+# If LuckPerms should automatically push updates after a change has been made with a command.
+auto-push-updates: true
+
+# If LuckPerms should push logging entries to connected servers via the messaging service.
+push-log-entries: true
+
+# If LuckPerms should broadcast received logging entries to players on this platform.
+#
+# - If you have LuckPerms installed on your backend servers as well as a BungeeCord proxy, you
+#   should set this option to false on either your backends or your proxies, to avoid players being
+#   messaged twice about log entries.
+broadcast-received-log-entries: true
+
+# Settings for Redis.
+# Port 6379 is used by default; set address to "host:port" if differs
+redis:
+  enabled: false
+  address: localhost
+  username: ''
+  password: ''
+
+# Settings for RabbitMQ.
+# Port 5672 is used by default; set address to "host:port" if differs
+rabbitmq:
+  enabled: false
+  address: localhost
+  vhost: '/'
+  username: 'guest'
+  password: 'guest'
+
+
+
+
+# +----------------------------------------------------------------------------------------------+ #
+# |                                                                                              | #
+# |                                    CUSTOMIZATION SETTINGS                                    | #
+# |                                                                                              | #
+# |              Settings that allow admins to customize the way LuckPerms operates.             | #
+# |                                                                                              | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# Controls how temporary permissions/parents/meta should be accumulated.
+#
+# - The default behaviour is "deny".
+# - This behaviour can also be specified when the command is executed. See the command usage
+#   documentation for more info.
+#
+# - Possible options:
+#   => accumulate   durations will be added to the existing expiry time
+#   => replace      durations will be replaced if the new duration is later than the current
+#                   expiration
+#   => deny         the command will just fail if you try to add another node with the same expiry
+temporary-add-behaviour: deny
+
+# Controls how LuckPerms will determine a users "primary" group.
+#
+# - The meaning and influence of "primary groups" are explained in detail on the wiki.
+# - The preferred approach is to let LuckPerms automatically determine a users primary group
+#   based on the relative weight of their parent groups.
+#
+# - Possible options:
+#   => stored                  use the value stored against the users record in the file/database
+#   => parents-by-weight       just use the users most highly weighted parent
+#   => all-parents-by-weight   same as above, but calculates based upon all parents inherited from
+#                              both directly and indirectly
+primary-group-calculation: parents-by-weight
+
+# If the plugin should check for "extra" permissions with users run LP commands.
+#
+# - These extra permissions allow finer control over what users can do with each command, and who
+#   they have access to edit.
+# - The nature of the checks are documented on the wiki under "Argument based command permissions".
+# - Argument based permissions are *not* static, unlike the 'base' permissions, and will depend upon
+#   the arguments given within the command.
+argument-based-command-permissions: false
+
+# If the plugin should check whether senders are a member of a given group before they're able to
+# edit the groups data or add/remove other users to/from it.
+# Note: these limitations do not apply to the web editor!
+require-sender-group-membership-to-modify: false
+
+# If the plugin should send log notifications to users whenever permissions are modified.
+#
+# - Notifications are only sent to those with the appropriate permission to receive them
+# - They can also be temporarily enabled/disabled on a per-user basis using
+#   '/lp log notify <on|off>'
+log-notify: true
+
+# Defines a list of log entries which should not be sent as notifications to users.
+#
+# - Each entry in the list is a RegEx expression which is matched against the log entry description.
+log-notify-filtered-descriptions:
+#  - "parent add example"
+
+# If LuckPerms should automatically install translation bundles and periodically update them.
+auto-install-translations: true
+
+# Defines the options for prefix and suffix stacking.
+#
+# - The feature allows you to display multiple prefixes or suffixes alongside a players username in
+#   chat.
+# - It is explained and documented in more detail on the wiki under "Prefix & Suffix Stacking".
+#
+# - The options are divided into separate sections for prefixes and suffixes.
+# - The 'duplicates' setting refers to how duplicate elements are handled. Can be 'retain-all',
+#   'first-only' or 'last-only'.
+# - The value of 'start-spacer' is included at the start of the resultant prefix/suffix.
+# - The value of 'end-spacer' is included at the end of the resultant prefix/suffix.
+# - The value of 'middle-spacer' is included between each element in the resultant prefix/suffix.
+#
+# - Possible format options:
+#   => highest                        Selects the value with the highest weight, from all values
+#                                     held by or inherited by the player.
+#
+#   => lowest                         Same as above, except takes the one with the lowest weight.
+#
+#   => highest_own                    Selects the value with the highest weight, but will not
+#                                     accept any inherited values.
+#
+#   => lowest_own                     Same as above, except takes the value with the lowest weight.
+#
+#   => highest_inherited              Selects the value with the highest weight, but will only
+#                                     accept inherited values.
+#
+#   => lowest_inherited               Same as above, except takes the value with the lowest weight.
+#
+#   => highest_on_track_<track>       Selects the value with the highest weight, but only if the
+#                                     value was inherited from a group on the given track.
+#
+#   => lowest_on_track_<track>        Same as above, except takes the value with the lowest weight.
+#
+#   => highest_not_on_track_<track>   Selects the value with the highest weight, but only if the
+#                                     value was inherited from a group not on the given track.
+#
+#   => lowest_not_on_track_<track>    Same as above, except takes the value with the lowest weight.
+#
+#   => highest_from_group_<group>     Selects the value with the highest weight, but only if the
+#                                     value was inherited from the given group.
+#
+#   => lowest_from_group_<group>      Same as above, except takes the value with the lowest weight.
+#
+#   => highest_not_from_group_<group> Selects the value with the highest weight, but only if the
+#                                     value was not inherited from the given group.
+#
+#   => lowest_not_from_group_<group>  Same as above, except takes the value with the lowest weight.
+meta-formatting:
+  prefix:
+    format:
+      - "highest"
+    duplicates: first-only
+    start-spacer: ""
+    middle-spacer: " "
+    end-spacer: ""
+  suffix:
+    format:
+      - "highest"
+    duplicates: first-only
+    start-spacer: ""
+    middle-spacer: " "
+    end-spacer: ""
+
+
+
+
+# +----------------------------------------------------------------------------------------------+ #
+# |                                                                                              | #
+# |                            PERMISSION CALCULATION AND INHERITANCE                            | #
+# |                                                                                              | #
+# |    Modify the way permission checks, meta lookups and inheritance resolutions are handled.   | #
+# |                                                                                              | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# The algorithm LuckPerms should use when traversing the "inheritance tree".
+#
+# - Possible options:
+#   => breadth-first            See: https://en.wikipedia.org/wiki/Breadth-first_search
+#   => depth-first-pre-order    See: https://en.wikipedia.org/wiki/Depth-first_search
+#   => depth-first-post-order   See: https://en.wikipedia.org/wiki/Depth-first_search
+inheritance-traversal-algorithm: depth-first-pre-order
+
+# If a final sort according to "inheritance rules" should be performed after the traversal algorithm
+# has resolved the inheritance tree.
+#
+# "Inheritance rules" refers to things such as group weightings, primary group status, and the
+# natural contextual ordering of the group nodes.
+#
+# Setting this to 'true' will allow for the inheritance rules to take priority over the structure of
+# the inheritance tree.
+#
+# Effectively when this setting is 'true': the tree is flattened, and rules applied afterwards,
+# and when this setting is 'false':, the rules are just applied during each step of the traversal.
+post-traversal-inheritance-sort: false
+
+# Defines the mode used to determine whether a set of contexts are satisfied.
+#
+# - Possible options:
+#   => at-least-one-value-per-key   Set A will be satisfied by another set B, if at least one of the
+#                                   key-value entries per key in A are also in B.
+#   => all-values-per-key           Set A will be satisfied by another set B, if all key-value
+#                                   entries in A are also in B.
+context-satisfy-mode: at-least-one-value-per-key
+
+# LuckPerms has a number of built-in contexts. These can be disabled by adding the context key to
+# the list below.
+disabled-contexts:
+#  - "world"
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Permission resolution settings                                                               | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# If users on this server should have their global permissions applied.
+# When set to false, only server specific permissions will apply for users on this server
+include-global: true
+
+# If users on this server should have their global world permissions applied.
+# When set to false, only world specific permissions will apply for users on this server
+include-global-world: true
+
+# If users on this server should have global (non-server specific) groups applied
+apply-global-groups: true
+
+# If users on this server should have global (non-world specific) groups applied
+apply-global-world-groups: true
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Meta lookup settings                                                                         | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# Defines how meta values should be selected.
+#
+# - Possible options:
+#   => inheritance      Selects the meta value that was inherited first
+#   => highest-number   Selects the highest numerical meta value
+#   => lowest-number    Selects the lowest numerical meta value
+meta-value-selection-default: inheritance
+
+# Defines how meta values should be selected per key.
+meta-value-selection:
+#  max-homes: highest-number
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Inheritance settings                                                                         | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# If the plugin should apply wildcard permissions.
+#
+# - If set to true, LuckPerms will detect wildcard permissions, and resolve & apply all registered
+#   permissions matching the wildcard.
+apply-wildcards: true
+
+# If LuckPerms should resolve and apply permissions according to the Sponge style implicit wildcard
+# inheritance system.
+#
+# - That being: If a user has been granted "example", then the player should have also be
+#   automatically granted "example.function", "example.another", "example.deeper.nesting",
+#   and so on.
+apply-sponge-implicit-wildcards: false
+
+# If the plugin should apply negated Bukkit default permissions before it considers wildcard
+# assignments.
+#
+# - Plugin authors can define permissions which explicitly should not be given automatically to OPs.
+#   This is usually used for so called "anti-permissions" - permissions which, when granted, apply
+#   something negative.
+# - If this option is set to true, LuckPerms will consider any negated declarations made by
+#   plugins before it considers wildcards. (similar to the way the OP system works)
+# - If this option is set to false, LuckPerms will consider any wildcard assignments first.
+apply-default-negated-permissions-before-wildcards: false
+
+# If the plugin should parse regex permissions.
+#
+# - If set to true, LuckPerms will detect regex permissions, marked with "r=" at the start of the
+#   node, and resolve & apply all registered permissions matching the regex.
+apply-regex: true
+
+# If the plugin should complete and apply shorthand permissions.
+#
+# - If set to true, LuckPerms will detect and expand shorthand node patterns.
+apply-shorthand: true
+
+# If the plugin should apply Bukkit child permissions.
+#
+# - Plugin authors can define custom permissions structures for their plugin, which will be resolved
+#   and used by LuckPerms if this setting is enabled.
+apply-bukkit-child-permissions: true
+
+# If the plugin should apply Bukkit default permissions.
+#
+# - Plugin authors can define permissions which should be given to all users by default, or setup
+#   permissions which should/shouldn't be given to opped players.
+# - If this option is set to false, LuckPerms will ignore these defaults.
+apply-bukkit-default-permissions: true
+
+# If the plugin should apply attachment permissions.
+#
+# - Other plugins on the server are able to add their own "permission attachments" to players.
+# - This allows them to grant players additional permissions which last until the end of the
+#   session, or until they're removed.
+# - If this option is set to false, LuckPerms will not include these attachment permissions when
+#   considering if a player should have access to a certain permission.
+apply-bukkit-attachment-permissions: true
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Extra settings                                                                               | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# A list of context calculators which will be skipped when calculating contexts.
+#
+# - You can disable context calculators by either:
+#   => specifying the Java class name used by the calculator (e.g. com.example.ExampleCalculator)
+#   => specifying a sub-section of the Java package used by the calculator (e.g. com.example)
+disabled-context-calculators: []
+
+# Allows you to set "aliases" for the worlds sent forward for context calculation.
+#
+# - These aliases are provided in addition to the real world name. Applied recursively.
+# - Remove the comment characters for the default aliases to apply.
+world-rewrite:
+#  world_nether: world
+#  world_the_end: world
+
+# Define special group weights for this server.
+#
+# - Group weights can also be applied directly to group data, using the setweight command.
+# - This section allows weights to be set on a per-server basis.
+group-weight:
+#  admin: 10
+
+
+
+
+# +----------------------------------------------------------------------------------------------+ #
+# |                                                                                              | #
+# |                                      FINE TUNING OPTIONS                                     | #
+# |                                                                                              | #
+# |     A number of more niche settings for tweaking and changing behaviour. The section also    | #
+# | contains toggles for some more specialised features. It is only necessary to make changes to | #
+# |                  these options if you want to fine-tune LuckPerms behaviour.                 | #
+# |                                                                                              | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Server Operator (OP) settings                                                                | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# Controls whether server operators should exist at all.
+#
+# - When set to 'false', all players will be de-opped, and the /op and /deop commands will be
+#   disabled. Note that vanilla features like the spawn-protection require an operator on the
+#   server to work.
+enable-ops: true
+
+# Enables or disables a special permission based system in LuckPerms for controlling OP status.
+#
+# - If set to true, any user with the permission "luckperms.autoop" will automatically be granted
+#   server operator status. This permission can be inherited, or set on specific servers/worlds,
+#   temporarily, etc.
+# - Additionally, setting this to true will force the "enable-ops" option above to false. All users
+#   will be de-opped unless they have the permission node, and the op/deop commands will be
+#   disabled.
+# - It is recommended that you use this option instead of assigning a single '*' permission.
+auto-op: false
+
+# Defines if "opped" players should be able to use all LuckPerms commands by default.
+#
+# - Set to false to only allow users who have the permissions access to the commands
+commands-allow-op: true
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Vault integration settings                                                                   | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# If Vault lookups for offline players on the main server thread should be enabled.
+#
+# LuckPerms has a "catch" for plugins attempting to perform unsafe offline player data lookups
+# from the main server thread. This catch raises an exception (causes an error to occur) when unsafe
+# lookups are made, instead of allowing the lookup to happen, which would likely cause the server
+# to lag.
+#
+# However, if you're willing to accept the consequences, the catch can be disabled by setting this
+# option to 'true.
+vault-unsafe-lookups: false
+
+# If LuckPerms should use the 'display name' of a group when returning groups in Vault API calls.
+#
+# - When this option is set to true, the display name of the group is returned.
+# - When this option is set to false, the standard name/id of the group is returned.
+vault-group-use-displaynames: true
+
+# Controls which group LuckPerms should use for NPC players when handling Vault requests.
+#
+# - As NPCs aren't actually real players, LuckPerms does not load any user data for them. This
+#   becomes an issue when plugins want to check for their permissions using Vault.
+# - As a solution, Vault checks for NPCs fallback to a group, which is defined below.
+vault-npc-group: default
+
+# Controls how LuckPerms should consider the OP status of NPC players when handing Vault requests.
+#
+# - If you want NPCs to have the same permissions as "normal" players, set this option to false.
+# - If you want NPCs to have OP status, set this option to true.
+vault-npc-op-status: false
+
+# If the vault-server option below should be used.
+#
+# - When this option is set to false, the server value defined above under "server" is used.
+use-vault-server: false
+
+# The name of the server used within Vault operations.
+#
+# - If you don't want Vault operations to be server specific, set this to "global".
+# - Will only take effect if use-vault-server is set to true above.
+vault-server: global
+
+# If global permissions should be considered when retrieving meta or player groups
+vault-include-global: true
+
+# If Vault operations should ignore any world arguments if supplied.
+vault-ignore-world: false
+
+# +----------------------------------------------------------------------------------------------+ #
+# | Miscellaneous (and rarely used) settings                                                     | #
+# +----------------------------------------------------------------------------------------------+ #
+
+# If LuckPerms should produce extra logging output when it handles logins.
+#
+# - Useful if you're having issues with UUID forwarding or data not being loaded.
+debug-logins: false
+
+# If LuckPerms should allow usernames with non alphanumeric characters.
+#
+# - Note that due to the design of the storage implementation, usernames must still be 16 characters
+#   or less.
+allow-invalid-usernames: false
+
+# If LuckPerms should not require users to confirm bulkupdate operations.
+#
+# - When set to true, operations will be executed immediately.
+# - This is not recommended, as bulkupdate has the potential to irreversibly delete large amounts of
+#   data, and is not designed to be executed automatically.
+# - If automation is needed, users should prefer using the LuckPerms API.
+skip-bulkupdate-confirmation: false
+
+# If LuckPerms should prevent bulkupdate operations.
+#
+# - When set to true, bulkupdate operations (the /lp bulkupdate command) will not work.
+# - When set to false, bulkupdate operations will be allowed via the console.
+disable-bulkupdate: false
+
+# If LuckPerms should allow a users primary group to be removed with the 'parent remove' command.
+#
+# - When this happens, the plugin will set their primary group back to default.
+prevent-primary-group-removal: false
+
+# If LuckPerms should update the list of commands sent to the client when permissions are changed.
+update-client-command-list: true
+
+# If LuckPerms should attempt to register "Brigadier" command list data for its commands.
+register-command-list-data: true
+
+# If LuckPerms should attempt to resolve Vanilla command target selectors for LP commands.
+# See here for more info: https://minecraft.gamepedia.com/Commands#Target_selectors
+resolve-command-selectors: false

examples/multi-project/servers/waterfall-config/config.yml

@@ -0,0 +1,52 @@
+server_connect_timeout: 5000
+enforce_secure_profile: false
+remote_ping_cache: -1
+forge_support: true
+player_limit: -1
+permissions:
+  default:
+    - bungeecord.command.server
+    - bungeecord.command.list
+  admin:
+    - bungeecord.command.alert
+    - bungeecord.command.end
+    - bungeecord.command.ip
+    - bungeecord.command.reload
+    - bungeecord.command.kick
+timeout: 30000
+log_commands: false
+network_compression_threshold: 256
+online_mode: true
+disabled_commands:
+  - disabledcommandhere
+servers:
+  mc:
+    motd: 'Lobby'
+    address: mc:25565
+    restricted: false
+listeners:
+  - query_port: 25577
+    motd: '&1Another Bungee server'
+    tab_list: GLOBAL_PING
+    query_enabled: false
+    proxy_protocol: false
+    forced_hosts:
+      pvp.md-5.net: pvp
+    ping_passthrough: false
+    priorities:
+      - mc
+    bind_local_address: true
+    host: 0.0.0.0:25577
+    max_players: 1
+    tab_size: 60
+    force_default_server: false
+ip_forward: false
+remote_ping_timeout: 5000
+prevent_proxy_connections: false
+groups:
+  md_5:
+    - admin
+connection_throttle: 4000
+stats: 39440d41-8d83-40cb-a6a7-d95c3197c4d2
+connection_throttle_limit: 3
+log_pings: true

examples/multi-project/servers/waterfall-config/waterfall.yml

@@ -0,0 +1,10 @@
+plugin_channel_name_limit: 128
+use_netty_dns_resolver: true
+disable_modern_tab_limiter: true
+log_initial_handler_connections: true
+throttling:
+  tab_complete: 1000
+game_version: ''
+disable_tab_list_rewrite: true
+registered_plugin_channels_limit: 128
+disable_entity_metadata_rewrite: false

files/auto/pause.sh

@@ -21,4 +21,7 @@ if [[ $( ps -ax -o stat,comm | grep 'java' | awk '{ print $1 }') =~ ^S.*$ ]] ; t
   # finally pause the process
   logAutopauseAction "Pausing Java process"
   pkill -STOP java
+
+  # create .paused file in data directory
+  touch /data/.paused
 fi

files/auto/resume.sh

@@ -9,4 +9,7 @@ if [[ $( ps -ax -o stat,comm | grep 'java' | awk '{ print $1 }') =~ ^T.*$ ]] ; t
   logAutopauseAction "Knocked from $1, resuming Java process"
   echo "$1" > /var/log/knocked-source
   pkill -CONT java
+
+  # remove .paused file from data directory
+  rm -f /data/.paused
 fi

kustomize/README.md

@@ -0,0 +1,22 @@
+This directory provides a base to use with [kubectl kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/).
+
+## Example overlay content
+
+### kustomization.yml
+```yaml
+nameSuffix: "-forge"
+commonLabels:
+  server: forge
+bases:
+  - https://github.com/itzg/docker-minecraft-server.git/kustomize/base
+configMapGenerator:
+  - name: mc
+    envs:
+      - mc.env
+```
+
+### mc.env
+```
+EULA=true
+TYPE=FORGE
+```

kustomize/base/kustomization.yml

@@ -0,0 +1,3 @@
+resources:
+- statefulset.yml
+- service.yml

kustomize/base/service.yml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    service: mc
+  annotations: {}
+  # Such as
+  #   mc-router.itzg.me/externalServerName: $(EXTERNAL_SERVICE_NAME)
+  name: mc
+spec:
+  ports:
+    - name: minecraft
+      port: 25565
+      targetPort: 25565
+  type: NodePort
+  selector:
+    server: mc

kustomize/base/statefulset.yml

@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: mc
+spec:
+  replicas: 1
+  serviceName: mc
+  selector:
+    matchLabels:
+      server: mc
+  template:
+    metadata:
+      labels:
+        server: mc
+    spec:
+      containers:
+        - name: mc
+          envFrom:
+            - configMapRef:
+                name: mc
+                optional: true
+          env: []
+          image: itzg/minecraft-server
+          stdin: true
+          tty: true
+          volumeMounts:
+            - mountPath: /data
+              name: data
+          resources:
+            requests:
+              cpu: 150m
+          livenessProbe:
+            exec:
+              command: ["mc-health"]
+            initialDelaySeconds: 120
+            periodSeconds: 60
+          readinessProbe:
+            exec:
+              command: ["mc-health"]
+            initialDelaySeconds: 20
+            periodSeconds: 10
+            failureThreshold: 12
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 500Mi

scripts/start-deployBukkitSpigot

@@ -72,7 +72,7 @@ function downloadSpigot {
   fi
 
   setServerVar
-  if [ -f $SERVER ]; then
+  if [ -f "$SERVER" ] && ! isTrue "$FORCE_REDOWNLOAD"; then
     # tell curl to only download when newer
     curlArgs="-z $SERVER"
   fi
@@ -80,7 +80,7 @@ function downloadSpigot {
     curlArgs="$curlArgs -v"
   fi
   log "Downloading $match from $downloadUrl ..."
-  curl -fsSL -o $SERVER $curlArgs "$downloadUrl"
+  curl -fsSL -o "$SERVER" $curlArgs "$downloadUrl"
   if [[ $? != 0 || $(grep -c "DOCTYPE html" $SERVER) != 0 ]]; then
     cat <<EOF
 
@@ -92,12 +92,12 @@ ERROR: failed to download from $downloadUrl
 
 EOF
 
-    if isDebugging && [[ $(grep -c "DOCTYPE html" $SERVER) != 0 ]]; then
-      cat $SERVER
+    if isDebugging && [[ $(grep -c "DOCTYPE html" "$SERVER") != 0 ]]; then
+      cat "$SERVER"
     fi
 
     # remove invalid download
-    rm $SERVER
+    rm "$SERVER"
     exit 3
   fi
 
@@ -118,7 +118,7 @@ function setServerVar {
 
 if isTrue "$BUILD_SPIGOT_FROM_SOURCE" || isTrue "$BUILD_FROM_SOURCE"; then
   setServerVar
-  if [ ! -f $SERVER ] || [ -n "$FORCE_REDOWNLOAD" ]; then
+  if [ ! -f "$SERVER" ] || isTrue "$FORCE_REDOWNLOAD"; then
     buildSpigotFromSource
   fi
 else

scripts/start-deployCF

@@ -144,11 +144,13 @@ findStartScript() {
     -o -name ServerStartLinux.sh
     -o -name LaunchServer.sh
     -o -name server-start.sh
+    -o -name SERVER-START.sh
     -o -name start-server.sh
     -o -name startserver.sh
     -o -name StartServer.sh
     -o -name run.sh
     -o -name start.sh
+    -o -name launch.sh
   )
 
   if [ -d "${FTB_BASE_DIR}" ]; then

scripts/start-deployFTBA

@@ -46,10 +46,9 @@ if ! [ -f "${ftbInstallMarker}" ] || [ "$(cat "${ftbInstallMarker}")" != "${FTB_
     chmod +x "${ftbInstaller}"
   fi
 
-  rm -rf forge*jar mods config libraries defaultconfigs changelogs
-
   log "Installing modpack ID ${FTB_MODPACK_ID}, version ID ${FTB_MODPACK_VERSION_ID}"
-  ${ftbInstaller} ${FTB_MODPACK_ID} ${FTB_MODPACK_VERSION_ID} --noscript --auto
+  log "This could take a while..."
+  ${ftbInstaller} "${FTB_MODPACK_ID}" "${FTB_MODPACK_VERSION_ID}" --noscript --auto > ftb-installer.log
   rm -f forge*installer.jar
 
   echo "${FTB_MODPACK_ID}=${FTB_MODPACK_VERSION_ID}" > ${ftbInstallMarker}
@@ -62,7 +61,6 @@ else
   log "FTB modpack ID ${FTB_MODPACK_ID}, version ID ${FTB_MODPACK_VERSION_ID} is ready to go"
 fi
 
-isDebugging && cat version.json
 forgeVersion=$(jq -r '.targets|unique[] | select(.name == "forge") | .version' version.json)
 fabricVersion=$(jq -r '.targets|unique[] | select(.name == "fabric") | .version' version.json)
 mcVersion=$(jq -r '.targets|unique[] | select(.name == "minecraft") | .version' version.json)

scripts/start-deployVanilla

@@ -8,7 +8,6 @@ set -o pipefail
 export SERVER="minecraft_server.${VANILLA_VERSION// /_}.jar"
 
 if [ ! -e "$SERVER" ] || [ -n "$FORCE_REDOWNLOAD" ]; then
-  log "Locating download for $SERVER ..."
   debug "Finding version manifest for $VANILLA_VERSION"
   versionManifestUrl=$(get 'https://launchermeta.mojang.com/mc/game/version_manifest.json' | jq --arg VANILLA_VERSION "$VANILLA_VERSION" --raw-output '[.versions[]|select(.id == $VANILLA_VERSION)][0].url')
   result=$?
@@ -30,6 +29,7 @@ if [ ! -e "$SERVER" ] || [ -n "$FORCE_REDOWNLOAD" ]; then
     exit 1
   fi
 
+  log "Downloading $VANILLA_VERSION server..."
   debug "Downloading server from $serverDownloadUrl"
   get -o "$SERVER" "$serverDownloadUrl"
   result=$?

scripts/start-finalExec

@@ -93,16 +93,6 @@ if isTrue ${ENABLE_ROLLING_LOGS:-false}; then
   JVM_OPTS="-Dlog4j.configurationFile=/data/log4j2.xml ${JVM_OPTS}"
 fi
 
-# Make sure files exist and are valid JSON (for pre-1.12 to 1.12 upgrades)
-log "Checking for JSON files."
-JSON_FILES=$(find /data -maxdepth 1 -name '*.json')
-for j in $JSON_FILES; do
-  if [[ $(cat "$j" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') == "" ]]; then
-    log "Fixing JSON $j"
-    echo '[]' > $j
-  fi
-done
-
 # Optional disable console
 if versionLessThan 1.14 && [[ ${CONSOLE,,} = false ]]; then
   EXTRA_ARGS+=" --noconsole"
@@ -287,6 +277,7 @@ else
 
   log "Starting the Minecraft server..."
 
+  # shellcheck disable=SC2206
   finalArgs=(
     $JVM_XX_OPTS
     $JVM_OPTS

scripts/start-setupModpack

@@ -254,10 +254,14 @@ function genericPacks() {
       cp -R -f "${base_dir}"/* /data
       rm -rf $original_base_dir
 
-      log "Saving generic pack(s) checksum"
-      sha1sum "${packFiles[@]}" > "${sum_file}"
-      if isDebugging; then
-        cat "$sum_file"
+      if isTrue "${SKIP_GENERIC_PACK_CHECKSUM:-false}"; then
+        log "Skipping generic pack(s) checksum"
+      else
+        log "Saving generic pack(s) checksum"
+        sha1sum "${packFiles[@]}" > "${sum_file}"
+        if isDebugging; then
+          cat "$sum_file"
+        fi
       fi
     fi
   fi

scripts/start-spiget

@@ -66,7 +66,7 @@ getResourceFromSpiget() {
       newVersion=$(jq -r '.name' $versionfileNew)
       
       if [ "$installedVersion" = "$newVersion" ]; then
-        log "resource '${resource}' not downloaded because installed version '${installedVersion}' already up to date ('${newVersion}')"
+        log "Resource '${resource}': installed version '${installedVersion}' already up to date"
         mv "${versionfileNew}" "${versionfile}"
       else
         if downloadResourceFromSpiget "${resource}"; then