From 4323df43e453d7b3bc7f9ca2fffced52a83ffb9b Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sat, 8 Feb 2025 20:02:51 +0900 Subject: [PATCH 01/11] feat: use yaml for users and groups permissions of LuckPerms --- .../luckperms-permission-configs.yaml | 455 ++++++++++++++++++ .../common-configs/plugin-configs.yaml | 18 +- .../templates/debug-s1/seichiassist.yaml | 97 ++-- 3 files changed, 523 insertions(+), 47 deletions(-) create mode 100644 seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml new file mode 100644 index 000000000..47b4e8a32 --- /dev/null +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -0,0 +1,455 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: common-luckperms-permission-configs +data: + #region groups + # NOTE: ファイルとして Pod 内に配置する場合は `yaml-storage/groups/グループ名.yml`というパスになる。(UUIDはハイフン付き) + group-default.yml: | + name: default + permissions: + - worldguard.region.claim: + value: false + context: + world: world_tt + - shopchest.buy: + value: true + context: + world: world_towny + - shopchest.create: + value: true + context: + world: world_towny + - shopchest.sell: + value: true + context: + world: world_towny + - worldguard.region.claim: + value: false + context: + world: world_the_end_tt + - worldguard.region.claim: + value: false + context: + world: world_the_end + - worldguard.region.flag.flags.deny-spawn.*: + value: true + context: + world: world_the_end + - worldguard.region.flag.flags.enderpearl.*: + value: true + context: + world: world_the_end + - worldguard.region.flag.flags.mob-damage.*: + value: true + context: + world: world_the_end + - worldguard.region.flag.flags.mob-spawning.*: + value: true + context: + world: world_the_end + - region.flagmenu.mob-spawning: + value: true + context: + world: world_the_end + - worldguard.region.claim: + value: false + context: + world: world_sw_the_end + - worldguard.region.claim: + value: false + context: + world: world_sw_nether + - worldguard.region.flag.flags.fire-spread.*: + value: true + context: + world: world_sw_4 + - worldguard.region.claim: + value: false + context: + world: world_sw_3 + - worldguard.region.flag.flags.fire-spread.*: + value: true + context: + world: world_sw_2 + - worldguard.region.claim: + value: false + context: + world: world_sw + - worldguard.region.claim: + value: false + context: + world: world_nether_tt + - worldguard.region.flag.flags.deny-spawn.*: + value: true + context: + world: world_nether + - worldguard.region.flag.flags.enderpearl.*: + value: true + context: + world: world_nether + - worldguard.region.flag.flags.mob-damage.*: + value: true + context: + world: world_nether + - worldguard.region.flag.flags.mob-spawning.*: + value: true + context: + world: world_nether + - region.flagmenu.mob-spawning: + value: true + context: + world: world_nether + - worldguard.region.removeowner.own.*: + value: true + context: + world: world_dot + - worldguard.region.removemember.*: + value: true + context: + world: world_dot + - worldguard.region.flag.flags.enderpearl.*: + value: true + context: + world: world_2 + - worldguard.region.flag.flags.deny-spawn.*: + value: true + context: + world: world + - worldguard.region.flag.flags.enderpearl.*: + value: true + context: + world: world + - worldguard.region.flag.flags.mob-damage.*: + value: true + context: + world: world + - worldguard.region.flag.flags.mob-spawning.*: + value: true + context: + world: world + - region.flagmenu.mob-spawning: + value: true + context: + world: world + - worldguard.region.flag.flags.farewell.* + - worldguard.region.flag.flags.grass-grouth.* + - worldguard.region.flag.flags.greeting.* + - worldguard.region.flag.flags.ice-melt.* + - worldguard.region.flag.flags.mushroom-grouth.* + - worldguard.region.flag.flags.mycelium-spread.* + - worldguard.region.flag.flags.pvp.* + - worldguard.region.flag.flags.ride.* + - worldguard.region.flag.flags.sleep.* + - worldguard.region.flag.flags.snow-melt.* + - worldguard.region.flag.flags.soil-dry.* + - worldguard.region.flag.flags.teleport.* + - worldguard.region.flag.flags.time-lock.* + - worldguard.region.flag.flags.use.* + - worldguard.region.flag.flags.vine-grouth.* + - worldguard.region.flag.flags.weather-lock.* + - worldguard.region.flag.regions.own.* + - worldguard.region.addmember.own.* + - worldguard.region.remove.own.* + - worldguard.region.removemember.own.* + - worldguard.region.select.own.* + - worldguard.region.info.* + - worldguard.region.list.* + - worldguard.region.teleport.* + - bukkit.command.*: + value: false + - minecraft.command.*: + value: false + - multiverse.portal.access.* + - multiverse.access.* + - multiverse.access.work: + value: false + - tradesystem.trade.initiate + - tradesystem.trade + - luckperms: + value: false + - luckperms.*: + value: false + - clicktpa.tpa + - clicktpa.tpacancel + - clicktpa.tpaccept + - clicktpa.tpadeny + - clicktpa.tpahere + - clicktpa.tptoggle + - discordsrv.link + - discordsrv.linked + - discordsrv.unlink + - dynmap.hide.self: + value: false + - dynmap.show.self + - elevator.down + - elevator.up + - elytra.auto + - elytra.const-flight + - elytra.runup + - elytra.shift-activation + - elytra.speedup + - fastcraft.command.craft + - fastcraft.command.craft.fastcraft + - fastcraft.command.toggle + - fastcraft.use + - litebans.notify.broadcast: + value: false + - luckperms: + value: false + - lunachat.message + - lunachat.reply + - minecraft.command.help: + value: false + - minecraft.command.list + - minecraft.command.me: + value: false + - multiverse.core.spawn.self + - multiverse.help: + value: false + - multiverse.core.list.who + # TODO: デバッグサーバには各ワールドへのポータルがないので暫定措置 + - multiverse.teleport.* + - region.flagmenu.chest-access + - region.flagmenu.farewell + - region.flagmenu.grass-grouth + - region.flagmenu.greeting + - region.flagmenu.ice-melt + - region.flagmenu.mushroom-grouth + - region.flagmenu.mycelium-spread + - region.flagmenu.pvp + - region.flagmenu.ride + - region.flagmenu.sleep + - region.flagmenu.snow-melt + - region.flagmenu.soil-dry + - region.flagmenu.time-lock + - region.flagmenu.use + - region.flagmenu.vine-grouth + - region.flagmenu.weather-lock + - region.manage.addmember + - region.manage.delmember + - region.manage.delregion + - region.manage.flagmenu + - region.manage.open + - region.open.world + - region.open.world_2 + - region.open.world_SW_2 + - region.open.world_SW_4 + - region.open.world_build + - region.open.world_dot + - seichiassist.ec + - seichiassist.ef + - seichiassist.fd + - seichiassist.fly + - seichiassist.hat + - seichiassist.home + - seichiassist.sethome + - seichiassist.map + - seichiassist.shareinv + - seichiassist.mebius + - seichiassist.minestack + - seichiassist.stick + - seichiassist.stickmenu + - seichiassist.x-transfer + - joinleave.silentleave + - shopkeeper.player: + value: false + - towny.command.plot.set.shop + - wesv.toggle + - wesv.use + - worldedit.selection.contract + - worldedit.selection.expand + - worldedit.selection.pos + - worldedit.analysis.sel + - worldedit.wand + - worldguard.region.claim + - worldguard.region.remove.own.* + - worldguard.region.list.own + - worldguard.region.flag.flags.chest-access.allow: + value: false + - worldguard.region.flag.flags.chest-access.deny + - worldguard.region.flag.flags.chest-access.none + - worldguard.region.info.* + - worldguard.region.select.own.* + - worldguard.region.list + - worldguard.region.wand + meta: + - default: + value: 'true' + group-onserver.yml: | + name: observer + permissions: + - observerutils.obs + - seichiassist.lastquit + - weight.1 + parents: + - default + meta: + - default: + value: 'false' + group-observerplus.yml: | + name: observerplus + permissions: + - worldguard.region.addmember.*: + value: true + context: + world: world_tt + - worldguard.region.removemember.*: + value: true + context: + world: world_tt + - worldguard.region.addmember.*: + value: true + context: + world: world_the_end_tt + - worldguard.region.removemember.*: + value: true + context: + world: world_the_end_tt + - worldguard.region.addmember.*: + value: true + context: + world: world_nether_tt + - worldguard.region.removemember.*: + value: true + context: + world: world_nether_tt + - worldguard.region.addmember.*: + value: true + context: + world: world + - worldguard.region.removemember.*: + value: true + context: + world: world + - dynmap.hide.self + - spectatortheater.end + - spectatortheater.list + - spectatortheater.start + - weight.2 + parents: + - observer + meta: + - default: + value: 'false' + group-admin.yml: | + name: admin + permissions: + - mv.bypass.gamemode.* + - worldguard.region.bypass.*: + value: false + - seichiassist.present.* + - luckperms.* + - luckperms + - minecraft.command.deop: + value: false + - minecraft.command.op: + value: false + - weight.10 + meta: + - default: + value: 'false' + group-worldguardbypass.yml: | + name: worldguard-bypass + permissions: + - worldguard.region.bypass.* + - weight.11 + meta: + - default: + value: 'false' + #endregion + #region users + # NOTE: ファイルとしてPod内に配置する場合は `yaml-storage/users/UUID.yml`というパスになる。(UUIDはハイフン付き) + user-shirotubu.yml: | + uuid: 0a25e0f2-b952-4fe4-9843-3c5608aa2f0c + name: shirotubu + primary-group: user + parents: + - admin + - default + user-lucky3028.yml: | + uuid: 0ea34656-b1c7-45c0-8b89-1ec55a70fe17 + name: lucky3028 + primary-group: worldguard-bypass + parents: + - admin + - default + - worldguard-bypass + user-tyanimo.yml: | + uuid: 4becf8bc-9a46-4f8b-b6e6-9193cf53b46f + name: tyanimo + primary-group: admin + parents: + - admin + - default + user-ploptaw.yml: | + uuid: 788bf7d5-f61a-4090-aec7-2e3a281eaf49 + name: ploptaw + primary-group: admin + permissions: + - group.worldguard-bypass: + value: false + parents: + - admin + - default + user-taaa150.yml: | + uuid: 9599901c-fa82-4943-b748-b46e183c53f4 + name: taaa150 + primary-group: admin + parents: + - admin + - default + user-igarasi_k.yml: | + uuid: b59f5861-f3f1-447f-945f-a40412ef7340 + name: igarasi_k + primary-group: admin + parents: + - admin + - default + - worldguard-bypass + user-unchama.yml: | + uuid: b66cc3f6-a045-42ad-b4b8-320f20caf140 + name: unchama + primary-group: admin + parents: + - admin + - default + user-_megatron_.yml: | + uuid: b7c16b91-57ca-4bbb-95f7-9e9144474799 + name: _megatron_ + primary-group: admin + parents: + - admin + - default + user-m1sk9.yml: | + uuid: bb991c6b-aafb-405c-b2af-57cd5828962d + name: m1sk9 + primary-group: worldguard-bypass + parents: + - admin + - default + - worldguard-bypass + user-specialboywaka.yml: | + uuid: d22fe904-d76a-4ec7-a0a8-48f0146d8549 + name: specialboywaka + primary-group: worldguard-bypass + parents: + - admin + - default + - worldguard-bypass + user-rito_5289.yml: | + uuid: e1ee55bb-c993-4896-88e9-9893a11df27a + name: rito_5289 + primary-group: default + parents: + - admin + - default + user-b_makkuro.yml: | + uuid: e9c3ac5f-7c6a-45f6-a251-4c24a4a3beea + name: b_makkuro + primary-group: worldguard-bypass + parents: + - admin + - default + - worldguard-bypass + #endregion diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/plugin-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/plugin-configs.yaml index 98232da08..ed95b0def 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/plugin-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/plugin-configs.yaml @@ -3526,7 +3526,9 @@ data: # # - A H2 database is the default option. # - If you want to edit data manually in "traditional" storage files, we suggest using YAML. - storage-method: MariaDB + # NOTE: 基本はYAMLでIaCとして管理するが、一部適さない設定もあるので、MariaDBに保存するものもある。 + # 詳細は、split-storage の設定項目を参照してください。 + storage-method: yaml # The following block defines the settings for remote database storage methods. # @@ -3624,14 +3626,16 @@ data: # - The connection options above still have to be correct for each type here. split-storage: # Don't touch this if you don't want to use split storage! - enabled: false + enabled: true methods: # These options don't need to be modified if split storage isn't enabled. - user: h2 - group: h2 - track: h2 - uuid: h2 - log: h2 + user: yaml + group: yaml + track: yaml + # LuckPerms が独自に管理する UUID と MCID の紐づけキャッシュ。特に IaC として管理する必要がないため、DB 管理。 + uuid: mariadb + # LuckPerms の操作ログ。MariaDB に入れておけば、Grafana で検索できるため、DB 管理。 + log: mariadb diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/debug-s1/seichiassist.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/debug-s1/seichiassist.yaml index 7b8bcabfe..7ca4c02b0 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/debug-s1/seichiassist.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/debug-s1/seichiassist.yaml @@ -181,45 +181,6 @@ spec: rg addmember -w world_SW_2 __global__ b66cc3f6-a045-42ad-b4b8-320f20caf140 rg flag -w world_SW_2 __global__ build -g members allow rg flag -w world_SW_the_end __global__ deny-spawn ENDER_DRAGON - lp group default permission set multiverse.core.list.who true - lp group default permission set multiverse.teleport.* true - lp group default permission set multiverse.core.spawn.self true - lp group default permission set worldedit.wand true - lp group default permission set worldedit.selection.pos true - lp group default permission set worldedit.selection.expand true - lp group default permission set worldedit.analysis.sel true - lp group default permission set worldguard.region.claim true - lp group default permission set worldguard.region.select.own.* true - lp group default permission set worldguard.region.list.own true - lp group default permission set worldguard.region.info.* true - lp group default permission set worldguard.region.flag.regions.own.* true - lp group default permission set worldguard.region.remove.own.* true - lp group default permission set fastcraft.command.craft.fastcraft true - lp group default permission set seichiassist.fly true - lp group default permission set seichiassist.stick true - lp group default permission set seichiassist.shareinv true - lp group default permission set seichiassist.mebius true - lp group default permission set seichiassist.home true - lp group default permission set seichiassist.sethome true - lp group default permission set seichiassist.stickmenu true - lp group default permission set seichiassist.fd true - lp group default permission set seichiassist.hat true - lp group default permission set seichiassist.ec true - lp group default permission set seichiassist.minestack true - lp group default permission set seichiassist.map true - lp group default permission set seichiassist.ef true - lp group default permission set elytra.auto true - lp group default permission set elytra.const-flight true - lp group default permission set elytra.runup true - lp group default permission set elytra.shift-activation true - lp group default permission set elytra.speedup true - lp group default permission set clicktpa.tpa true - lp group default permission set clicktpa.tpacancel true - lp group default permission set clicktpa.tpadeny true - lp group default permission set clicktpa.tpaccept true - lp group default permission set clicktpa.tpahere true - lp group default permission set clicktpa.tptoggle true - lp group default permission set joinleave.silentleave true image: ghcr.io/giganticminecraft/seichi_minecraft_server_debug_base_1_18_2:sha-b6ee419 name: minecraft @@ -430,10 +391,63 @@ spec: mountPath: /plugins/LiteBans/config.yml subPath: LiteBans-config.yml - # LuckPerms プラグインの設定ファイル + # LuckPerms プラグイン周りの設定ファイル - name: common-mcserver-plugin-configs mountPath: /plugins/LuckPerms/config.yml subPath: LuckPerms-config.yml + # groups + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/groups/default.yml + subPath: group-default.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/groups/observer.yml + subPath: group-observer.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/groups/observerplus.yml + subPath: group-observerplus.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/groups/admin.yml + subPath: group-admin.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/groups/worldguardbypass.yml + subPath: group-worldguardbypass.yml + # users + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/0a25e0f2-b952-4fe4-9843-3c5608aa2f0c.yml + subPath: user-shirotubu.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/0ea34656-b1c7-45c0-8b89-1ec55a70fe17.yml + subPath: user-lucky3028.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/4becf8bc-9a46-4f8b-b6e6-9193cf53b46f.yml + subPath: user-tyanimo.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/788bf7d5-f61a-4090-aec7-2e3a281eaf49.yml + subPath: user-ploptaw.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/9599901c-fa82-4943-b748-b46e183c53f4.yml + subPath: user-taaa150.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/b59f5861-f3f1-447f-945f-a40412ef7340.yml + subPath: user-igarasi_k.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/b66cc3f6-a045-42ad-b4b8-320f20caf140.yml + subPath: user-unchama.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/b7c16b91-57ca-4bbb-95f7-9e9144474799.yml + subPath: user-_megatron_.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/bb991c6b-aafb-405c-b2af-57cd5828962d.yml + subPath: user-m1sk9.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/d22fe904-d76a-4ec7-a0a8-48f0146d8549.yml + subPath: user-specialboywaka.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/e1ee55bb-c993-4896-88e9-9893a11df27a.yml + subPath: user-rito_5289.yml + - name: common-luckperms-permission-configs + mountPath: /plugins/LuckPerms/yaml-storage/users/e9c3ac5f-7c6a-45f6-a251-4c24a4a3beea.yml + subPath: user-b_makkuro.yml # Multiverse-Core プラグインの設定ファイル - name: common-mcserver-plugin-configs @@ -607,6 +621,9 @@ spec: - name: common-mcserver-plugin-configs configMap: name: common-mcserver-plugin-configs + - name: common-luckperms-permission-configs + configMap: + name: common-luckperms-permission-configs - name: common-dynmap-config configMap: name: common-dynmap-config From d92aebe2537a7315f35590fe0c9993891ceb681f Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sat, 8 Feb 2025 20:07:40 +0900 Subject: [PATCH 02/11] docs: fix typo --- .../templates/common-configs/luckperms-permission-configs.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index 47b4e8a32..37b992ea3 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -4,7 +4,7 @@ metadata: name: common-luckperms-permission-configs data: #region groups - # NOTE: ファイルとして Pod 内に配置する場合は `yaml-storage/groups/グループ名.yml`というパスになる。(UUIDはハイフン付き) + # NOTE: ファイルとして Pod 内に配置する場合は `yaml-storage/groups/グループ名.yml`というパスになる。 group-default.yml: | name: default permissions: From da78e2708bfeced63144aab2e120a2c03f433a17 Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:17:20 +0900 Subject: [PATCH 03/11] docs: add space --- .../templates/common-configs/luckperms-permission-configs.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index 37b992ea3..b883edec1 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -359,7 +359,7 @@ data: value: 'false' #endregion #region users - # NOTE: ファイルとしてPod内に配置する場合は `yaml-storage/users/UUID.yml`というパスになる。(UUIDはハイフン付き) + # NOTE: ファイルとして Pod 内に配置する場合は `yaml-storage/users/UUID.yml`というパスになる。(UUID はハイフン付き) user-shirotubu.yml: | uuid: 0a25e0f2-b952-4fe4-9843-3c5608aa2f0c name: shirotubu From 3e6f65a4f69128846f0e53f162ebde99ac79e4ea Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:23:01 +0900 Subject: [PATCH 04/11] feat: set shopkeeper perms denied for players --- .../common-configs/luckperms-permission-configs.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index b883edec1..2b70741c7 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -254,6 +254,14 @@ data: - joinleave.silentleave - shopkeeper.player: value: false + - shopkeeper.hire: + value: false + - shopkeeper.sign: + value: false + - shopkeeper.hanging-sign: + value: false + - shopkeeper.entity.*: + value: false - towny.command.plot.set.shop - wesv.toggle - wesv.use From 9823cb8cab29d659dd83c7b2e41f76733ef3a911 Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:23:53 +0900 Subject: [PATCH 05/11] fix: remove duplicated perm --- .../templates/common-configs/luckperms-permission-configs.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index 2b70741c7..bf9420f4b 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -195,8 +195,6 @@ data: - fastcraft.use - litebans.notify.broadcast: value: false - - luckperms: - value: false - lunachat.message - lunachat.reply - minecraft.command.help: From 194f3ef2d310f8c65c14bb1447c471a1094e2579 Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:40:52 +0900 Subject: [PATCH 06/11] refactor: sort perms --- .../luckperms-permission-configs.yaml | 114 +++++++++--------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index bf9420f4b..b7fa2acdd 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -8,10 +8,6 @@ data: group-default.yml: | name: default permissions: - - worldguard.region.claim: - value: false - context: - world: world_tt - shopchest.buy: value: true context: @@ -27,29 +23,13 @@ data: - worldguard.region.claim: value: false context: - world: world_the_end_tt + world: world_tt - worldguard.region.claim: value: false context: - world: world_the_end - - worldguard.region.flag.flags.deny-spawn.*: - value: true - context: - world: world_the_end - - worldguard.region.flag.flags.enderpearl.*: - value: true - context: - world: world_the_end - - worldguard.region.flag.flags.mob-damage.*: - value: true - context: - world: world_the_end - - worldguard.region.flag.flags.mob-spawning.*: - value: true - context: - world: world_the_end - - region.flagmenu.mob-spawning: - value: true + world: world_the_end_tt + - worldguard.region.claim: + value: false context: world: world_the_end - worldguard.region.claim: @@ -60,18 +40,10 @@ data: value: false context: world: world_sw_nether - - worldguard.region.flag.flags.fire-spread.*: - value: true - context: - world: world_sw_4 - worldguard.region.claim: value: false context: world: world_sw_3 - - worldguard.region.flag.flags.fire-spread.*: - value: true - context: - world: world_sw_2 - worldguard.region.claim: value: false context: @@ -83,31 +55,43 @@ data: - worldguard.region.flag.flags.deny-spawn.*: value: true context: - world: world_nether + world: world_the_end - worldguard.region.flag.flags.enderpearl.*: value: true context: - world: world_nether + world: world_the_end - worldguard.region.flag.flags.mob-damage.*: value: true context: - world: world_nether + world: world_the_end - worldguard.region.flag.flags.mob-spawning.*: + value: true + context: + world: world_the_end + - worldguard.region.flag.flags.fire-spread.*: + value: true + context: + world: world_sw_4 + - worldguard.region.flag.flags.fire-spread.*: + value: true + context: + world: world_sw_2 + - worldguard.region.flag.flags.deny-spawn.*: value: true context: world: world_nether - - region.flagmenu.mob-spawning: + - worldguard.region.flag.flags.enderpearl.*: value: true context: world: world_nether - - worldguard.region.removeowner.own.*: + - worldguard.region.flag.flags.mob-damage.*: value: true context: - world: world_dot - - worldguard.region.removemember.*: + world: world_nether + - worldguard.region.flag.flags.mob-spawning.*: value: true context: - world: world_dot + world: world_nether - worldguard.region.flag.flags.enderpearl.*: value: true context: @@ -128,6 +112,14 @@ data: value: true context: world: world + - region.flagmenu.mob-spawning: + value: true + context: + world: world_the_end + - region.flagmenu.mob-spawning: + value: true + context: + world: world_nether - region.flagmenu.mob-spawning: value: true context: @@ -148,18 +140,42 @@ data: - worldguard.region.flag.flags.use.* - worldguard.region.flag.flags.vine-grouth.* - worldguard.region.flag.flags.weather-lock.* + - worldguard.region.flag.flags.chest-access.allow: + value: false + - worldguard.region.flag.flags.chest-access.deny + - worldguard.region.flag.flags.chest-access.none - worldguard.region.flag.regions.own.* - - worldguard.region.addmember.own.* - worldguard.region.remove.own.* + - worldguard.region.removeowner.own.*: + value: true + context: + world: world_dot + - worldguard.region.addmember.own.* - worldguard.region.removemember.own.* + - worldguard.region.removemember.*: + value: true + context: + world: world_dot - worldguard.region.select.own.* - worldguard.region.info.* - worldguard.region.list.* - worldguard.region.teleport.* + - worldguard.region.claim + - worldguard.region.remove.own.* + - worldguard.region.list.own + - worldguard.region.info.* + - worldguard.region.select.own.* + - worldguard.region.list + - worldguard.region.wand - bukkit.command.*: value: false - minecraft.command.*: value: false + - minecraft.command.help: + value: false + - minecraft.command.list + - minecraft.command.me: + value: false - multiverse.portal.access.* - multiverse.access.* - multiverse.access.work: @@ -197,11 +213,6 @@ data: value: false - lunachat.message - lunachat.reply - - minecraft.command.help: - value: false - - minecraft.command.list - - minecraft.command.me: - value: false - multiverse.core.spawn.self - multiverse.help: value: false @@ -268,17 +279,6 @@ data: - worldedit.selection.pos - worldedit.analysis.sel - worldedit.wand - - worldguard.region.claim - - worldguard.region.remove.own.* - - worldguard.region.list.own - - worldguard.region.flag.flags.chest-access.allow: - value: false - - worldguard.region.flag.flags.chest-access.deny - - worldguard.region.flag.flags.chest-access.none - - worldguard.region.info.* - - worldguard.region.select.own.* - - worldguard.region.list - - worldguard.region.wand meta: - default: value: 'true' From 61b2d7df5abc713001dd011c16e0ca257be2b605 Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:42:54 +0900 Subject: [PATCH 07/11] refactor: remove RegionGUI permissions --- .../luckperms-permission-configs.yaml | 39 ------------------- 1 file changed, 39 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index b7fa2acdd..ff5cdd9d4 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -112,18 +112,6 @@ data: value: true context: world: world - - region.flagmenu.mob-spawning: - value: true - context: - world: world_the_end - - region.flagmenu.mob-spawning: - value: true - context: - world: world_nether - - region.flagmenu.mob-spawning: - value: true - context: - world: world - worldguard.region.flag.flags.farewell.* - worldguard.region.flag.flags.grass-grouth.* - worldguard.region.flag.flags.greeting.* @@ -219,33 +207,6 @@ data: - multiverse.core.list.who # TODO: デバッグサーバには各ワールドへのポータルがないので暫定措置 - multiverse.teleport.* - - region.flagmenu.chest-access - - region.flagmenu.farewell - - region.flagmenu.grass-grouth - - region.flagmenu.greeting - - region.flagmenu.ice-melt - - region.flagmenu.mushroom-grouth - - region.flagmenu.mycelium-spread - - region.flagmenu.pvp - - region.flagmenu.ride - - region.flagmenu.sleep - - region.flagmenu.snow-melt - - region.flagmenu.soil-dry - - region.flagmenu.time-lock - - region.flagmenu.use - - region.flagmenu.vine-grouth - - region.flagmenu.weather-lock - - region.manage.addmember - - region.manage.delmember - - region.manage.delregion - - region.manage.flagmenu - - region.manage.open - - region.open.world - - region.open.world_2 - - region.open.world_SW_2 - - region.open.world_SW_4 - - region.open.world_build - - region.open.world_dot - seichiassist.ec - seichiassist.ef - seichiassist.fd From 44b2b4acfa57d2e4db377d5322b9d17a9d092cc9 Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:46:59 +0900 Subject: [PATCH 08/11] refactor: sort perms --- .../luckperms-permission-configs.yaml | 170 +++++++++--------- 1 file changed, 85 insertions(+), 85 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index ff5cdd9d4..83b36c538 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -8,6 +8,71 @@ data: group-default.yml: | name: default permissions: + - bukkit.command.*: + value: false + - minecraft.command.*: + value: false + - minecraft.command.help: + value: false + - minecraft.command.list + - minecraft.command.me: + value: false + - clicktpa.tpa + - clicktpa.tpacancel + - clicktpa.tpaccept + - clicktpa.tpadeny + - clicktpa.tpahere + - clicktpa.tptoggle + - discordsrv.link + - discordsrv.linked + - discordsrv.unlink + - dynmap.hide.self: + value: false + - dynmap.show.self + - elevator.down + - elevator.up + - elytra.auto + - elytra.const-flight + - elytra.runup + - elytra.shift-activation + - elytra.speedup + - fastcraft.command.craft + - fastcraft.command.craft.fastcraft + - fastcraft.command.toggle + - fastcraft.use + - joinleave.silentleave + - litebans.notify.broadcast: + value: false + - luckperms: + value: false + - luckperms.*: + value: false + - lunachat.message + - lunachat.reply + - multiverse.help: + value: false + - multiverse.core.list.who + - multiverse.core.spawn.self + - multiverse.portal.access.* + - multiverse.access.* + - multiverse.access.work: + value: false + # TODO: デバッグサーバには各ワールドへのポータルがないので暫定措置 + - multiverse.teleport.* + - seichiassist.ec + - seichiassist.ef + - seichiassist.fd + - seichiassist.fly + - seichiassist.hat + - seichiassist.home + - seichiassist.sethome + - seichiassist.map + - seichiassist.shareinv + - seichiassist.mebius + - seichiassist.minestack + - seichiassist.stick + - seichiassist.stickmenu + - seichiassist.x-transfer - shopchest.buy: value: true context: @@ -20,6 +85,26 @@ data: value: true context: world: world_towny + - shopkeeper.player: + value: false + - shopkeeper.hire: + value: false + - shopkeeper.sign: + value: false + - shopkeeper.hanging-sign: + value: false + - shopkeeper.entity.*: + value: false + - towny.command.plot.set.shop + - tradesystem.trade.initiate + - tradesystem.trade + - wesv.toggle + - wesv.use + - worldedit.selection.contract + - worldedit.selection.expand + - worldedit.selection.pos + - worldedit.analysis.sel + - worldedit.wand - worldguard.region.claim: value: false context: @@ -155,91 +240,6 @@ data: - worldguard.region.select.own.* - worldguard.region.list - worldguard.region.wand - - bukkit.command.*: - value: false - - minecraft.command.*: - value: false - - minecraft.command.help: - value: false - - minecraft.command.list - - minecraft.command.me: - value: false - - multiverse.portal.access.* - - multiverse.access.* - - multiverse.access.work: - value: false - - tradesystem.trade.initiate - - tradesystem.trade - - luckperms: - value: false - - luckperms.*: - value: false - - clicktpa.tpa - - clicktpa.tpacancel - - clicktpa.tpaccept - - clicktpa.tpadeny - - clicktpa.tpahere - - clicktpa.tptoggle - - discordsrv.link - - discordsrv.linked - - discordsrv.unlink - - dynmap.hide.self: - value: false - - dynmap.show.self - - elevator.down - - elevator.up - - elytra.auto - - elytra.const-flight - - elytra.runup - - elytra.shift-activation - - elytra.speedup - - fastcraft.command.craft - - fastcraft.command.craft.fastcraft - - fastcraft.command.toggle - - fastcraft.use - - litebans.notify.broadcast: - value: false - - lunachat.message - - lunachat.reply - - multiverse.core.spawn.self - - multiverse.help: - value: false - - multiverse.core.list.who - # TODO: デバッグサーバには各ワールドへのポータルがないので暫定措置 - - multiverse.teleport.* - - seichiassist.ec - - seichiassist.ef - - seichiassist.fd - - seichiassist.fly - - seichiassist.hat - - seichiassist.home - - seichiassist.sethome - - seichiassist.map - - seichiassist.shareinv - - seichiassist.mebius - - seichiassist.minestack - - seichiassist.stick - - seichiassist.stickmenu - - seichiassist.x-transfer - - joinleave.silentleave - - shopkeeper.player: - value: false - - shopkeeper.hire: - value: false - - shopkeeper.sign: - value: false - - shopkeeper.hanging-sign: - value: false - - shopkeeper.entity.*: - value: false - - towny.command.plot.set.shop - - wesv.toggle - - wesv.use - - worldedit.selection.contract - - worldedit.selection.expand - - worldedit.selection.pos - - worldedit.analysis.sel - - worldedit.wand meta: - default: value: 'true' From 24929a40a4e8d3781f44bb94af3f117337638b7e Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:47:20 +0900 Subject: [PATCH 09/11] refactor: sort perms --- .../common-configs/luckperms-permission-configs.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index 83b36c538..73a2c8a00 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -257,6 +257,10 @@ data: group-observerplus.yml: | name: observerplus permissions: + - dynmap.hide.self + - spectatortheater.end + - spectatortheater.list + - spectatortheater.start - worldguard.region.addmember.*: value: true context: @@ -289,10 +293,6 @@ data: value: true context: world: world - - dynmap.hide.self - - spectatortheater.end - - spectatortheater.list - - spectatortheater.start - weight.2 parents: - observer From 131cacfc54d945f5992065c8fbe937f8ef0b36d9 Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Sun, 9 Feb 2025 00:47:53 +0900 Subject: [PATCH 10/11] refactor: sort perms --- .../common-configs/luckperms-permission-configs.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index 73a2c8a00..5bf21c680 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -302,16 +302,16 @@ data: group-admin.yml: | name: admin permissions: - - mv.bypass.gamemode.* - - worldguard.region.bypass.*: - value: false - - seichiassist.present.* - - luckperms.* - - luckperms - minecraft.command.deop: value: false - minecraft.command.op: value: false + - luckperms.* + - luckperms + - mv.bypass.gamemode.* + - seichiassist.present.* + - worldguard.region.bypass.*: + value: false - weight.10 meta: - default: From dc0d050d430f87c32e81f359a08827e7e04dd93c Mon Sep 17 00:00:00 2001 From: Lucky3028 Date: Tue, 11 Feb 2025 19:26:38 +0900 Subject: [PATCH 11/11] feat: add all permission to admin --- .../templates/common-configs/luckperms-permission-configs.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml index 5bf21c680..986cb1633 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/app-templates/seichi-debug-minecraft-on-seichiassist-pr/templates/common-configs/luckperms-permission-configs.yaml @@ -302,6 +302,8 @@ data: group-admin.yml: | name: admin permissions: + # TODO: ホワイトリスト方式にする(ワイルドカードで権限を与えない) + - * - minecraft.command.deop: value: false - minecraft.command.op: