From 0e3fd5a5a4d38055715f39c51677a25839e4cab3 Mon Sep 17 00:00:00 2001 From: EmilyxFox <48589793+EmilyxFox@users.noreply.github.com> Date: Sun, 7 Dec 2025 01:16:03 +0100 Subject: [PATCH 1/6] deps: upgrade mc-server-runner 1.14.0 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 36545d205e5..f6cf6c9ca8c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -44,7 +44,7 @@ RUN easy-add --var os=${TARGETOS} --var arch=${TARGETARCH}${TARGETVARIANT} \ --var version=${MC_MONITOR_VERSION} --var app=mc-monitor --file {{.app}} \ --from ${GITHUB_BASEURL}/itzg/{{.app}}/releases/download/{{.version}}/{{.app}}_{{.version}}_{{.os}}_{{.arch}}.tar.gz -ARG MC_SERVER_RUNNER_VERSION=1.13.5 +ARG MC_SERVER_RUNNER_VERSION=1.14.0 RUN easy-add --var os=${TARGETOS} --var arch=${TARGETARCH}${TARGETVARIANT} \ --var version=${MC_SERVER_RUNNER_VERSION} --var app=mc-server-runner --file {{.app}} \ --from ${GITHUB_BASEURL}/itzg/{{.app}}/releases/download/{{.version}}/{{.app}}_{{.version}}_{{.os}}_{{.arch}}.tar.gz From b1957d82ed7a98811185f77bf04ac9a27881e6ca Mon Sep 17 00:00:00 2001 From: EmilyxFox <48589793+EmilyxFox@users.noreply.github.com> Date: Sun, 7 Dec 2025 02:08:57 +0100 Subject: [PATCH 2/6] docs: websocket api documentation --- docs/{ => sending-commands}/commands.md | 4 +- docs/sending-commands/websocket.md | 76 +++++++++++++++++++++++++ 2 files changed, 78 insertions(+), 2 deletions(-) rename docs/{ => sending-commands}/commands.md (94%) create mode 100644 docs/sending-commands/websocket.md diff --git a/docs/commands.md b/docs/sending-commands/commands.md similarity index 94% rename from docs/commands.md rename to docs/sending-commands/commands.md index cff557e5acd..62775f1395b 100644 --- a/docs/commands.md +++ b/docs/sending-commands/commands.md @@ -1,5 +1,5 @@ --- -title: Sending commands +title: With Docker --- [RCON](http://wiki.vg/RCON) is enabled by default, so you can `exec` into the container to @@ -66,4 +66,4 @@ and then Control-p Control-q to **detach**. !!! info "RCON is required for fully interactive, color console" - RCON must be enabled, which is the default, in order to use a fully interactive console with auto-completion and colorized log output. \ No newline at end of file + RCON must be enabled, which is the default, in order to use a fully interactive console with auto-completion and colorized log output. diff --git a/docs/sending-commands/websocket.md b/docs/sending-commands/websocket.md new file mode 100644 index 00000000000..a2b4246ce77 --- /dev/null +++ b/docs/sending-commands/websocket.md @@ -0,0 +1,76 @@ +--- +title: With websocket +--- + +With `WEBSOCKET_CONSOLE` set to `true`, logs can be streamed, and commands sent, over a websocket connection. + +## Password +A password must be supplied using the `Sec-WebSocket-Protocol` header. This is done by putting `mc-server-runner-ws-v1` in the first slot, and the password in the second. The password can be set with `RCON_PASSWORD` or `WEBSOCKET_PASSWORD`. The latter overwrites the former. Authentication can be disabled with `WEBSOCKET_DISABLE_AUTHENTICATION`. + +## Allowed origins +A list of allowed origins should be supplied with `WEBSOCKET_ALLOWED_ORIGINS`. Origin checking can be disabled with `WEBSOCKET_DISABLE_ORIGIN_CHECK`. + +## Listen address +The listen address and port can be set with `WEBSOCKET_ADDRESS` (defaults to `0.0.0.0:80`), but it's recommended to listen on all interfaces when running in Docker. + +## Log history +When a connection is established, the last 50 (by default, configurable with `WEBSOCKET_LOG_BUFFER_SIZE`) log lines are sent with a `logHistory` type message. + +## Docker port forwarding +Remember to forward the websocket port to the host: +```yaml title="compose.yaml" +services: + mc: + ports: + - '25565:25565' + - '80:80' +``` + +## Environment variables +| Environment Variable | Usage | Default | +| ---------------------------------- | ---------------------------------------------------------- | ------------ | +| `WEBSOCKET_CONSOLE` | Allow remote shell over websocket | `false` | +| `WEBSOCKET_ADDRESS` | Bind address for websocket server | `0.0.0.0:80` | +| `WEBSOCKET_DISABLE_ORIGIN_CHECK` | Disable checking if origin is trusted | `false` | +| `WEBSOCKET_ALLOWED_ORIGINS` | Comma-separated list of trusted origins | ` ` | +| `WEBSOCKET_PASSWORD` | Password will be the same as RCON_PASSWORD if unset | ` ` | +| `WEBSOCKET_DISABLE_AUTHENTICATION` | Disable websocket authentication | `false` | +| `WEBSOCKET_LOG_BUFFER_SIZE` | Number of log lines to save and send to connecting clients | `50` | + +## API Schema +```ts title="API Schema" +interface StdinMessage { + type: "stdin"; + data: string; +} + +interface StdoutMessage { + type: "stdout"; + data: string; +} + +interface StderrMessage { + type: "stderr"; + data: string; +} + +interface LogHistoryMessage { + type: "logHistory"; + lines: string[]; +} + +interface AuthFailureMessage { + type: "authFailure"; + reason: string; +} + +// Messages sent from Client -> Server +export type ClientMessage = StdinMessage; + +// Messages sent from Server -> Client +export type ServerMessage = + | StdoutMessage + | StderrMessage + | LogHistoryMessage + | AuthFailureMessage; +``` From 7415f472695644701ebdf455a533dfbaf904e380 Mon Sep 17 00:00:00 2001 From: EmilyxFox <48589793+EmilyxFox@users.noreply.github.com> Date: Wed, 10 Dec 2025 03:48:37 +0100 Subject: [PATCH 3/6] put docker port forwarding tip in tip block --- docs/sending-commands/websocket.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/sending-commands/websocket.md b/docs/sending-commands/websocket.md index a2b4246ce77..b15600a4f39 100644 --- a/docs/sending-commands/websocket.md +++ b/docs/sending-commands/websocket.md @@ -16,15 +16,15 @@ The listen address and port can be set with `WEBSOCKET_ADDRESS` (defaults to `0. ## Log history When a connection is established, the last 50 (by default, configurable with `WEBSOCKET_LOG_BUFFER_SIZE`) log lines are sent with a `logHistory` type message. -## Docker port forwarding -Remember to forward the websocket port to the host: -```yaml title="compose.yaml" -services: - mc: - ports: - - '25565:25565' - - '80:80' -``` +??? tip "Tip: Remember to forward the websocket port on the host" + + ```yaml title="compose.yaml" + services: + mc: + ports: + - '25565:25565' + - '80:80' + ``` ## Environment variables | Environment Variable | Usage | Default | From 38c0de5323cab5299b02a1be9f70f9da13413e69 Mon Sep 17 00:00:00 2001 From: EmilyxFox <48589793+EmilyxFox@users.noreply.github.com> Date: Wed, 10 Dec 2025 03:48:56 +0100 Subject: [PATCH 4/6] specify allowed origins list is comma-separated --- docs/sending-commands/websocket.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/sending-commands/websocket.md b/docs/sending-commands/websocket.md index b15600a4f39..da8563f63c7 100644 --- a/docs/sending-commands/websocket.md +++ b/docs/sending-commands/websocket.md @@ -8,7 +8,7 @@ With `WEBSOCKET_CONSOLE` set to `true`, logs can be streamed, and commands sent, A password must be supplied using the `Sec-WebSocket-Protocol` header. This is done by putting `mc-server-runner-ws-v1` in the first slot, and the password in the second. The password can be set with `RCON_PASSWORD` or `WEBSOCKET_PASSWORD`. The latter overwrites the former. Authentication can be disabled with `WEBSOCKET_DISABLE_AUTHENTICATION`. ## Allowed origins -A list of allowed origins should be supplied with `WEBSOCKET_ALLOWED_ORIGINS`. Origin checking can be disabled with `WEBSOCKET_DISABLE_ORIGIN_CHECK`. +A list of comma-separated allowed origins should be supplied with `WEBSOCKET_ALLOWED_ORIGINS`. Origin checking can be disabled with `WEBSOCKET_DISABLE_ORIGIN_CHECK`. ## Listen address The listen address and port can be set with `WEBSOCKET_ADDRESS` (defaults to `0.0.0.0:80`), but it's recommended to listen on all interfaces when running in Docker. From add3c1119c5e8684af6f85211b09632bc52eb732 Mon Sep 17 00:00:00 2001 From: EmilyxFox <48589793+EmilyxFox@users.noreply.github.com> Date: Wed, 10 Dec 2025 03:49:23 +0100 Subject: [PATCH 5/6] add javascript example of how to supply password as i think my explanation is confusing --- docs/sending-commands/websocket.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/sending-commands/websocket.md b/docs/sending-commands/websocket.md index da8563f63c7..a75b273a2db 100644 --- a/docs/sending-commands/websocket.md +++ b/docs/sending-commands/websocket.md @@ -6,6 +6,10 @@ With `WEBSOCKET_CONSOLE` set to `true`, logs can be streamed, and commands sent, ## Password A password must be supplied using the `Sec-WebSocket-Protocol` header. This is done by putting `mc-server-runner-ws-v1` in the first slot, and the password in the second. The password can be set with `RCON_PASSWORD` or `WEBSOCKET_PASSWORD`. The latter overwrites the former. Authentication can be disabled with `WEBSOCKET_DISABLE_AUTHENTICATION`. +??? Example "Examples" + ```js title="JavaScript example" + let socket = new WebSocket("http://localhost:80/websocket", ["mc-server-runner-ws-v1", "rcon-password"]); + ``` ## Allowed origins A list of comma-separated allowed origins should be supplied with `WEBSOCKET_ALLOWED_ORIGINS`. Origin checking can be disabled with `WEBSOCKET_DISABLE_ORIGIN_CHECK`. From bd9190bec1322c81bbff2c2661d6ca8161d63a50 Mon Sep 17 00:00:00 2001 From: EmilyxFox <48589793+EmilyxFox@users.noreply.github.com> Date: Wed, 10 Dec 2025 03:49:44 +0100 Subject: [PATCH 6/6] clerify API path --- docs/sending-commands/websocket.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/sending-commands/websocket.md b/docs/sending-commands/websocket.md index a75b273a2db..afb6880d2b0 100644 --- a/docs/sending-commands/websocket.md +++ b/docs/sending-commands/websocket.md @@ -3,6 +3,7 @@ title: With websocket --- With `WEBSOCKET_CONSOLE` set to `true`, logs can be streamed, and commands sent, over a websocket connection. +The API is available on `/websocket`. ## Password A password must be supplied using the `Sec-WebSocket-Protocol` header. This is done by putting `mc-server-runner-ws-v1` in the first slot, and the password in the second. The password can be set with `RCON_PASSWORD` or `WEBSOCKET_PASSWORD`. The latter overwrites the former. Authentication can be disabled with `WEBSOCKET_DISABLE_AUTHENTICATION`.