Configuration

Structure

The configuration files are YAML files that contain all the configuration options for your server. They're used to set up the GroupSecurity instance and customize its behavior.

📁 The configuration files are located in the directory /plugins/GroupSecurity.

📄 config.yml: The main configuration file.
📄 messages-xx-xx.yml: Language files for messages. Formatted in MiniMessage. See more info

config.yml

messages-xx-xx.yml

Walkthrough

language

The language of the messages. The default is en-us, but you can change it to any of these:

en-us
en-gb
se-se
fr-ca
fi-fi

debug

Whether to enable debug mode. This will print additional information to the console which are not useful for most people. I don't recommend enabling this if you don't know what you're doing.

update_checker

Whether to enable the plugin's update checker. This will check for updates on startup.

database

The database settings. This is where you can configure the database connection.

permission_handler

Default: AUTO, this will choose Vault in spigot, and force LuckPerms in proxy. Possible values here are:

AUTO (preferred)
LUCKPERMS (preferred)
VAULT

use_permissions

Whether to use permissions to show autocompletions and other stuff. Use this if you want to restrict normal players from seeing GroupSecurity commands. Default: false (recommended on true)

secure

The secure settings. This is where you can configure the security engine and other security-related settings.

type

The security engine to use. Possible values are:

NO_COMMANDS
PERMISSIONS_AFTER

allow_moving

Whether to allow moving and using commands without logging in. Default: true

ip_check

Not written yet.

auto_logout_time

Not written yet.

kick_unknown_ips

Whether to kick unknown ips. ipCheck must be enabled for this to work. Default: true

max_tries

The maximum number of tries a player has to login before being kicked. Default: 10

actions_on_max_tries

Example syntax:

actions_on_max_tries:
    - KICK;<red>You have reached the maximum number of login attempts. Please try again later.

Find out the full syntax in the Actions section.

actions_on_failed_login

Actions to run when a player fails to login. Find out the full syntax in the Actions section.

actions_on_login

Actions to run when a player logs in. Find out the full syntax in the Actions section.

password

Settings that apply for the password mode. These are pretty straight forward.

min_length: The minimum length of the password. Set to -1 to disable.
max_length: The maximum length of the password. Set to -1 to disable.
require_uppercase: Whether to require at least one uppercase letter.
require_lowercase: Whether to require at least one lowercase letter.
require_number: Whether to require at least one number.
require_special: Whether to require at least one special character.
hashing: The hashing solution to use. The default is BCRYPT, because of it's speed.

Here's a table what you can use and their differences:

Property	BCRYPT	Argon2	Scrypt
Strength	🟢 Strong	🔵 Very Strong	🟢 Strong
Speed	🟠 Slow	🟠 Slow	🟠 Slow
Memory Usage	🟢 Low	🔴 High	🔴 High
CPU Usage	🟢 Low	🔴 High	🔴 High
GPU Resistant	✅ Yes	✅ Yes	✅ Yes
Hashing Type	🔄 Adaptive	🔄 Adaptive	🔄 Adaptive
Notes	👍 Good	🏆 Best	👍 Good

argon2

memory: The amount of memory to use in KB. Default is 65,536 (64MB).
iterations: The number of iterations to use. Default is 3.
parallelism: The parallelism to use. Default is 1.

scrypt

memory: The amount of memory to use in KB. Default is 65,536 (64MB).
iterations: The number of iterations to use. Default is 16,384
parallelism: The parallelism to use. Default is 1.

Settings that apply for the pin mode. These are pretty straight forward.

length: Set to -1 to disable, or to set bounds, set this to -1 and set min_length and max_length
min_length: The minimum length of the pin. Set to -1 to disable.
max_length: The maximum length of the pin. Set to -1 to disable.
can_be_straight: Set's if the pin can be the numbers next to each other. Only works in the length is less than 9

webhook

The webhook settings. This is where you can configure the webhook connection.

enabled

Whether to enable the webhook. This will send messages to a discord channel.

url

The URL of the webhook.

send_failed_login

Whether to send a message when a player fails to login.

send_login

Whether to send a message when a player logs in.

send_auto_login

Whether to send a message when a player logs in automatically through IP.

login_message

The message to send when a player logs in. See more about the variables in the webhook messages section.

fail_message

The message to send when a player fails to login. See more about the variables in the webhook messages section.

ip_failure_message

The message to send when a player tries to join auto-authenticated from an unknown IP-address. See more about the variables in the webhook messages section.

max_tries_message

The message to send when a player has reached the maximum number of login attempts. See more about the variables in the webhook messages section.

auto_login_message

The message to send when a player has been auto-authenticated with GroupSecurity. See more about the variables in the webhook messages section.

platform

The platform settings. This is where you can configure the platform settings.

bungee

bungee_brigadier_emulation_experiment: Whether to enable experimental brigadier emulation. This is experimental, and may not work as expected. We recommend you to use Velocity.

disabled_commands

The commands to disable. This is useful if you want to disable certain commands from being registered. For example, if you want to disable the /resetpassword command, you can add it to this list.

disabled_commands:
    - resetpassword

Webhook messages

<name>: The name of the player.
<uuid>: The UUID of the player.

You are free to suggest new variables to be added to the webhook messages. Just open an ticket on our Discord!

Actions

Example syntax:

actions_on_max_tries:
    - KICK;<red>You have reached the maximum number of login attempts. Please try again later.

The format is <action>;<message>, where <action> is the action to take and <message> is the message to send. The action can be one of the following:

KICK
COMMAND
MESSAGE

Example files

config.yml

# ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
# ┃       GroupSecurity Config   ┃
# ┃    Developed by ArikSquad    ┃
# ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
# ┣╸ Config Help: https://groupsecurity.mikart.eu/configuration/config.yml
# ┗╸ Documentation: https://groupsecurity.mikart.eu/

# Locale of the default language file to use. Docs: https://groupsecurity.mikart.eu/configuration/language-files
language: en-us
# Whether to enable developer debug mode. This will print additional information to the console which are not useful for most people. I don't recommend enabling this if you don't know what you're doing.
debug: false
# Whether to enable the plugin's update checker.
update_checker: true
# Database settings
database:
  # Type of database to use (SQLITE, MYSQL, MARIADB)
  type: SQLITE
  # Specify credentials here for your MYSQL or MARIADB database
  credentials:
    host: localhost
    port: 3306
    database: GroupSecurity
    username: root
    password: pa55w0rd
    parameters: ?autoReconnect=true&useSSL=false&useUnicode=true&characterEncoding=UTF-8
  # MYSQL / MARIADB database Hikari connection pool properties. Don't modify this unless you know what you're doing!
  connection_pool:
    size: 10
    idle: 10
    lifetime: 1800000
    keepalive: 0
    timeout: 5000
  # Names of tables to use on your database. Don't modify this unless you know what you're doing!
  table_names:
    meta_data: groupsecurity_metadata
    user_data: groupsecurity_users
# What permission handler to use. If you want to use this plugin in combination with proxy,
# you must use LuckPerms and MySQL database IN LUCKPERMS. Possible values here: AUTO, LUCKPERMS, VAULT.
# Automatic will choose Vault in spigot, and force LuckPerms in proxy.
permission_handler: AUTO
# Use permissions to show autocompletions and other stuff, use this if you want to restrict normal players from seeing GroupSecurity commands
use_permissions: false
# Secure settings
secure:
  # What security engine to use. Possible values are listed in the documentation.
  type: NO_COMMANDS
  # Allow moving and using commands without logging in.
  allow_moving: true
  # If set to true, players will be logined in automatically if ip matches the last ip they logged in with before.
  ip_check: false
  # Time in seconds before a player is automatically logged out after disconnecting. Can be combined with ip check. Set to 0 to disable.
  auto_logout_time: 120
  # Whether to kick unknown ips. ipCheck must be enabled for this to work.
  kick_unknown_ips: true
  # Maximum number of tries a player has to login before being kicked.
  max_tries: 10
  # Actions to take when a player reaches the maximum number of login attempts. Search the documentation for more information.
  actions_on_max_tries:
  - KICK;<red>You have reached the maximum number of login attempts. Please try again
    later.
  # Actions to run when a player fails to login. Search the documentation for more information.
  actions_on_failed_login: []
  # Command to run when a player logs in. Search the documentation for more information.
  actions_on_login: []
  # Settings that apply for the password mode.
  password:
    min_length: -1
    max_length: -1
    require_uppercase: false
    require_lowercase: false
    require_number: false
    require_special: false
    # Hashing solution, check documentation for their differences.
    hashing: BCRYPT
    # Hashing settings for Argon2
    argon2:
      # The amount of memory to use in KB. Default is 65536 (64MB).
      memory: 65536
      # The number of iterations to use. Default is 3.
      iterations: 3
      # The parallelism to use. Default is 1.
      parallelism: 1
    # Hashing settings for Scrypt
    scrypt:
      # The amount of memory to use in KB. Default is 65536 (64MB).
      memory: 65536
      # The number of iterations to use. Default is 16384.
      iterations: 16384
      # The parallelism to use. Default is 1.
      parallelism: 1
  # Settings that apply for the pin mode.
  pin:
    # Set to -1 to disable, or to set bounds, set this to -1 and set min_length and max_length
    length: 4
    min_length: 4
    max_length: 6
    # Set's if the pin can be the numbers next to each other. Only works in the length is less than 9
    can_be_straight: true
# Webhook settings
webhook:
  # Whether to enable the webhook. This will send messages to a discord channel.
  enabled: false
  # The URL of the webhook.
  url: ''
  # If true, the webhook will send a message when a player fails to login.
  send_failed_login: true
  # If true, the webhook will send a message when a player logs in.
  send_login: true
  # If true, the webhook will send a message when a player logs in automatically through IP.
  send_auto_login: true
  # Webhook sent on login
  login_message:
    tts: false
    embeds:
    - title: Login Success
      description: Player `<name>` has been authenticated with GroupSecurity
      color: '#00ff00'
      footer:
        text: 'UUID: <uuid> | GroupSecurity by AriDev'
        icon_url: https://minotar.net/avatar/<name>/100.png
      fields: []
  # Webhook sent on a singular fail
  fail_message:
    tts: false
    embeds:
    - title: Login Failed
      description: Player `<name>` has failed to authenticate with GroupSecurity
      color: '#ffff00'
      footer:
        text: 'UUID: <uuid> | GroupSecurity by AriDev'
        icon_url: https://minotar.net/avatar/<name>/100.png
      fields: []
  # Webhook sent on an unknown ip connection
  ip_failure_message:
    tts: false
    embeds:
    - title: Login Failed
      description: Player `<name>` tried to join auto-authenticated from an unknown
        IP-address.
      color: '#ff0000'
      footer:
        text: 'UUID: <uuid> | GroupSecurity by AriDev'
        icon_url: https://minotar.net/avatar/<name>/100.png
      fields: []
  # Webhook sent on a max tries fail
  max_tries_message:
    tts: false
    embeds:
    - title: Login Failed
      description: Player `<name>` has reached the maximum number of login attempts.
      color: '#ff0000'
      footer:
        text: 'UUID: <uuid> | GroupSecurity by AriDev'
        icon_url: https://minotar.net/avatar/<name>/100.png
      fields: []
  # Webhook sent on auto login
  auto_login_message:
    tts: false
    embeds:
    - title: Login Success
      description: Player `<name>` has been auto-authenticated with GroupSecurity
      color: '#00ff00'
      footer:
        text: 'UUID: <uuid> | GroupSecurity by AriDev'
        icon_url: https://minotar.net/avatar/<name>/100.png
      fields: []
# Platform settings
platform:
  bungee:
    # Whether to enable experimental brigadier emulation. This is experimental, and may not work as expected. We recommend you to use Velocity.
    bungee_brigadier_emulation_experiment: false
# Add GroupSecurity commands to this list to prevent them from being registered (e.g. ['resetpassword'])
disabled_commands: []

messages-en-us.yml

# ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
# ┃   GroupSecurity - Locales    ┃
# ┃   Developed by ArikSquad     ┃
# ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
# ┣╸ Thanks for using AnimVanish.
# ┗╸ Check the docs: https://groupsecurity.mikart.eu/

locales:
  servername: GroupSecurity
  prefix: <color:#77DD77>[GroupSecurity]</color>
  reload: <color:#77DD77>Reloading GroupSecurity...</color>
  reloaded: <color:#77DD77>Reloaded GroupSecurity in %1ms.</color>
  not_console: <color:#FF6961>You need to be console to use this command!</color>
  console_not_supported: Console not supported for this command!
  not_admin: <color:#FF6961>You are not bestowed with the noble privilege to undertake
    this action!</color>
  sql_failure: <color:#FF6961>Couldn't reach the SQL servers!</color>
  unknown_ip: <color:#FF6961>Unrecognized IP!</color>
  not_2fa: <color:#FF6961>You are not using 2FA!</color>
  login_usage: '<color:#FF6961>Usage: /login <code></color>'
  login_you_are_indeed_logged_in: <color:#FF6961>You are already logged in!</color>
  login_invalid_code: <color:#FF6961>Incorrect code!</color>
  not_registered: <color:#FF6961>You haven't registered yet!</color>
  already_registered: <color:#FF6961>You have already registered!</color>
  already_logged: <color:#FF6961>You are already logged in!</color>
  not_logged: <color:#FF6961>You are not logged in!</color>
  args_not_supplied: '<color:#FF6961>You need to input all args.</color> <green>Syntax:
    <syntax></green>'
  arg_only_console: <color:#FF6961>This argument can only be used by console!</color>
  ready_to_login: <color:#77DD77><servername> needs you to log in with your security
    code. Please type <yellow>/login <code> <color:#77DD77>to log in.</color>
  still_setup: <color:#77DD77><servername> needs you to set up your account. Please
    type <yellow>/register <color:#77DD77>to set up your account.</color>
  now_setupped: <color:#77DD77>Your account is set up! Please do /login <code> to
    log in!</color>
  already_setup: <color:#FF6961>Your account is already set up.</color>
  login_done: <color:#77DD77>You are now logged in!</color>
  logout_done: <color:#77DD77>You are now logged out!</color>
  need_setup: <color:#FF6961>You need to set up first! Do /register</color>
  register_general: <br><green>You're now an %1%! Do <yellow>/register (%2%)</yellow>
    to access your newfound permissions.
  register_twofactor: <br>green>You're now an %1%! Do <yellow>/register</yellow> to
    begin the setup of 2-factor authentication.
  invalid_type: '<color:#FF6961>Invalid engine! (Valid engines: %1%)</color>'
  scan_2fa: <color:#77DD77>Scan the QR code in your inventory or use the manual code
    in the last message. Do <yellow>/register <code></yellow> to register your 2FA.</color>
  manual_2fa: <green>Manual 2-factor authentication code:</green> <white>%1%</white>.
    Do <yellow>/register <code></yellow> to register your 2FA.
  database_added: Added %1% to the database!

Configuration

On this page