s8n/minecraft-server

Fork 0

Commit graph

Author	SHA1	Message	Date
s8n	3336f52142	redact: scrub leaked Minecraft secrets from public repo Replaced literal values with env-var placeholders (${RCON_PASSWORD}, ${MGMT_SECRET}, ${MC_RCON_PASSWORD}) across server.properties, .rcon-cli.env, docker-compose.yml(s), backup scripts, and AUDIT-2026-05-07.md. Affected secrets: - Paper management-server-secret (HIGH; mitigated by management-server-enabled=false) - RCON password 'redacted' (MEDIUM; bound to 127.0.0.1) - MC_RCON_PASSWORD backup-pipeline default fallback (MEDIUM; same blast radius) WARNING: HEAD redaction only — values remain in git history. Treat as compromised and rotate (closes F-17 audit-finding's deferred TODO). Originals backed up to private s8n/secrets/minecraft-server/.	2026-05-08 15:36:20 +01:00
s8n	a1cc3940cf	docs: 2026-05-07 incident audit + backup strategy Player YOU500 lost full inventory to AuthLimbo void-death at 17:13:39. Investigation revealed deployed /opt/docker/backup.sh is an 88-line stub missing the Minecraft block; last successful world backup 2026-05-02 (already pruned). No recoverable .dat exists. Files: - AUDIT-2026-05-07.md — server-side findings F-01..F-06 (P0 backups, no-keepInventory, AuthLimbo silent failure, chunk preload race, Xmx > container headroom, container hardening gaps) - BACKUP-HUNT-2026-05-07.md — exhaustive backup scan; only 6-week-old archive at _archive/minecraft-old-2026-04-27.tar.gz - BACKUP-STRATEGY.md — restic-based plan; 5min/hourly/daily classes, off-host to onyx via Tailscale, monthly drill - CROSS-REFERENCE-2026-05-07.md — repo+doc landing map; flags pre-existing infra/STATE.md backup-broken note + HA-CLUSTER restic draft to extend rather than duplicate - docs/RUNBOOK-BACKUP-RESTORE.md — operator runbook for .dat restore, full-world restore, host-loss restore, drill log	2026-05-07 17:33:24 +01:00

Author

SHA1

Message

Date

s8n

3336f52142

redact: scrub leaked Minecraft secrets from public repo

Replaced literal values with env-var placeholders (${RCON_PASSWORD},
${MGMT_SECRET}, ${MC_RCON_PASSWORD}) across server.properties,
.rcon-cli.env, docker-compose.yml(s), backup scripts, and AUDIT-2026-05-07.md.

Affected secrets:
- Paper management-server-secret (HIGH; mitigated by management-server-enabled=false)
- RCON password '*redacted*' (MEDIUM; bound to 127.0.0.1)
- MC_RCON_PASSWORD backup-pipeline default fallback (MEDIUM; same blast radius)

WARNING: HEAD redaction only — values remain in git history. Treat as
compromised and rotate (closes F-17 audit-finding's deferred TODO).
Originals backed up to private s8n/secrets/minecraft-server/.

2026-05-08 15:36:20 +01:00

s8n

a1cc3940cf

docs: 2026-05-07 incident audit + backup strategy

Player YOU500 lost full inventory to AuthLimbo void-death at 17:13:39.
Investigation revealed deployed /opt/docker/backup.sh is an 88-line stub
missing the Minecraft block; last successful world backup 2026-05-02
(already pruned). No recoverable .dat exists.

Files:
- AUDIT-2026-05-07.md — server-side findings F-01..F-06 (P0 backups,
  no-keepInventory, AuthLimbo silent failure, chunk preload race,
  Xmx > container headroom, container hardening gaps)
- BACKUP-HUNT-2026-05-07.md — exhaustive backup scan; only 6-week-old
  archive at _archive/minecraft-old-2026-04-27.tar.gz
- BACKUP-STRATEGY.md — restic-based plan; 5min/hourly/daily classes,
  off-host to onyx via Tailscale, monthly drill
- CROSS-REFERENCE-2026-05-07.md — repo+doc landing map; flags
  pre-existing infra/STATE.md backup-broken note + HA-CLUSTER restic
  draft to extend rather than duplicate
- docs/RUNBOOK-BACKUP-RESTORE.md — operator runbook for .dat restore,
  full-world restore, host-loss restore, drill log

2026-05-07 17:33:24 +01:00

2 commits