brass-and-sigil

minecraft/brass-and-sigil

Fork 0

Commit Graph

Author	SHA1	Message	Date
Matt Sijbers	bf53b65706	feat(auth): first-run password setup via web panel When `webPassword` is null and the daemon starts headless (systemd, piped SSH), no longer auto-generate a random password. Instead: - Boot normally with the gate denying everything except /api/auth/setup - Panel UI eagerly probes new /api/auth/state on load and renders a first-run setup overlay (password + confirm) when needsSetup=true - POST /api/auth/setup writes the chosen password and issues the auth cookie in the same response, so the operator lands logged in Interactive TTY behaviour (prompt at the console) is unchanged. The gate middleware is now registered unconditionally so first-run mode is still locked-down instead of wide-open.	2026-05-18 23:20:27 +01:00
Matt Sijbers	a1331212cb	Initial commit: Brass & Sigil monorepo Self-hosted Minecraft modpack distribution + administration system. - launcher/ Avalonia 12 desktop client; single-file win-x64 publish. Microsoft auth via XboxAuthNet, manifest+SHA-1 mod sync, portable install path, sidecar settings. - server/ brass-sigil-server daemon (.NET 8, linux-x64). Wraps the MC subprocess, embedded Kestrel admin panel with cookie auth + rate limiting, RCON bridge, scheduled backups, BlueMap CLI integration with player markers + skin proxy, friend-side whitelist request flow, world wipe with seed selection (keep current / random / custom). - pack/ pack.lock.json (Modrinth + manual CurseForge entries), data-only tweak source under tweaks/, build outputs in overrides/ (gitignored). - scripts/ Build-Pack / Build-Tweaks / Update-Pack / Check-Updates plus Deploy-Brass.ps1 unified one-shot deploy with version-bump pre-flight and daemon-state detection.	2026-05-05 00:19:05 +01:00

Author

SHA1

Message

Date

Matt Sijbers

bf53b65706

feat(auth): first-run password setup via web panel

When `webPassword` is null and the daemon starts headless (systemd, piped
SSH), no longer auto-generate a random password. Instead:
  - Boot normally with the gate denying everything except /api/auth/setup
  - Panel UI eagerly probes new /api/auth/state on load and renders a
    first-run setup overlay (password + confirm) when needsSetup=true
  - POST /api/auth/setup writes the chosen password and issues the auth
    cookie in the same response, so the operator lands logged in

Interactive TTY behaviour (prompt at the console) is unchanged. The gate
middleware is now registered unconditionally so first-run mode is still
locked-down instead of wide-open.

2026-05-18 23:20:27 +01:00

Matt Sijbers

a1331212cb

Initial commit: Brass & Sigil monorepo

Self-hosted Minecraft modpack distribution + administration system.

- launcher/  Avalonia 12 desktop client; single-file win-x64 publish.
             Microsoft auth via XboxAuthNet, manifest+SHA-1 mod sync,
             portable install path, sidecar settings.
- server/    brass-sigil-server daemon (.NET 8, linux-x64). Wraps the
             MC subprocess, embedded Kestrel admin panel with cookie
             auth + rate limiting, RCON bridge, scheduled backups,
             BlueMap CLI integration with player markers + skin proxy,
             friend-side whitelist request flow, world wipe with seed
             selection (keep current / random / custom).
- pack/      pack.lock.json (Modrinth + manual CurseForge entries),
             data-only tweak source under tweaks/, build outputs in
             overrides/ (gitignored).
- scripts/   Build-Pack / Build-Tweaks / Update-Pack / Check-Updates
             plus Deploy-Brass.ps1 unified one-shot deploy with
             version-bump pre-flight and daemon-state detection.

2026-05-05 00:19:05 +01:00

2 Commits