Configuration
Configuration
Structure
The configuration files are YAML files that contain all the configuration options for your server. They're used to set up the GroupSecurity instance and customize its behavior.
📁 The configuration files are located in the directory /plugins/GroupSecurity.
- 📄
config.yml: The main configuration file. - 📄
messages-xx-xx.yml: Language files for messages. Formatted in MiniMessage. See more info
Walkthrough
language
The language of the messages. The default is en-us, but you can change it to any of these:
en-usen-gbse-sefr-cafi-fi
debug
Whether to enable debug mode. This will print additional information to the console which are not useful for most people. I don't recommend enabling this if you don't know what you're doing.
update_checker
Whether to enable the plugin's update checker. This will check for updates on startup.
database
The database settings. This is where you can configure the database connection.
permission_handler
Default: AUTO, this will choose Vault in spigot, and force LuckPerms in proxy. Possible values here are:
AUTO(preferred)LUCKPERMS(preferred)VAULT
use_permissions
Whether to use permissions to show autocompletions and other stuff. Use this if you want to restrict normal players from seeing GroupSecurity commands.
Default: false (recommended on true)
secure
The secure settings. This is where you can configure the security engine and other security-related settings.
type
The security engine to use. Possible values are:
NO_COMMANDSPERMISSIONS_AFTER
allow_moving
Whether to allow moving and using commands without logging in. Default: true
ip_check
Not written yet.
auto_logout_time
Not written yet.
kick_unknown_ips
Whether to kick unknown ips. ipCheck must be enabled for this to work. Default: true
max_tries
The maximum number of tries a player has to login before being kicked. Default: 10
actions_on_max_tries
Example syntax:
actions_on_max_tries:
- KICK;<red>You have reached the maximum number of login attempts. Please try again later.Find out the full syntax in the Actions section.
actions_on_failed_login
Actions to run when a player fails to login. Find out the full syntax in the Actions section.
actions_on_login
Actions to run when a player logs in. Find out the full syntax in the Actions section.
password
Settings that apply for the password mode. These are pretty straight forward.
min_length: The minimum length of the password. Set to -1 to disable.max_length: The maximum length of the password. Set to -1 to disable.require_uppercase: Whether to require at least one uppercase letter.require_lowercase: Whether to require at least one lowercase letter.require_number: Whether to require at least one number.require_special: Whether to require at least one special character.hashing: The hashing solution to use. The default isBCRYPT, because of it's speed.
Here's a table what you can use and their differences:
| Property | BCRYPT | Argon2 | Scrypt |
|---|---|---|---|
| Strength | 🟢 Strong | 🔵 Very Strong | 🟢 Strong |
| Speed | 🟠 Slow | 🟠 Slow | 🟠 Slow |
| Memory Usage | 🟢 Low | 🔴 High | 🔴 High |
| CPU Usage | 🟢 Low | 🔴 High | 🔴 High |
| GPU Resistant | ✅ Yes | ✅ Yes | ✅ Yes |
| Hashing Type | 🔄 Adaptive | 🔄 Adaptive | 🔄 Adaptive |
| Notes | 👍 Good | 🏆 Best | 👍 Good |
argon2
memory: The amount of memory to use in KB. Default is 65,536 (64MB).iterations: The number of iterations to use. Default is 3.parallelism: The parallelism to use. Default is 1.
scrypt
memory: The amount of memory to use in KB. Default is 65,536 (64MB).iterations: The number of iterations to use. Default is 16,384parallelism: The parallelism to use. Default is 1.
pin
Settings that apply for the pin mode. These are pretty straight forward.
length: Set to -1 to disable, or to set bounds, set this to -1 and set min_length and max_lengthmin_length: The minimum length of the pin. Set to -1 to disable.max_length: The maximum length of the pin. Set to -1 to disable.can_be_straight: Set's if the pin can be the numbers next to each other. Only works in the length is less than 9
webhook
The webhook settings. This is where you can configure the webhook connection.
enabled
Whether to enable the webhook. This will send messages to a discord channel.
url
The URL of the webhook.
send_failed_login
Whether to send a message when a player fails to login.
send_login
Whether to send a message when a player logs in.
send_auto_login
Whether to send a message when a player logs in automatically through IP.
login_message
The message to send when a player logs in. See more about the variables in the webhook messages section.
fail_message
The message to send when a player fails to login. See more about the variables in the webhook messages section.
ip_failure_message
The message to send when a player tries to join auto-authenticated from an unknown IP-address. See more about the variables in the webhook messages section.
max_tries_message
The message to send when a player has reached the maximum number of login attempts. See more about the variables in the webhook messages section.
auto_login_message
The message to send when a player has been auto-authenticated with GroupSecurity. See more about the variables in the webhook messages section.
platform
The platform settings. This is where you can configure the platform settings.
bungee
bungee_brigadier_emulation_experiment: Whether to enable experimental brigadier emulation. This is experimental, and may not work as expected. We recommend you to use Velocity.
disabled_commands
The commands to disable. This is useful if you want to disable certain commands from being registered. For example, if you want to disable the /resetpassword command, you can add it to this list.
disabled_commands:
- resetpasswordWebhook messages
<name>: The name of the player.<uuid>: The UUID of the player.
You are free to suggest new variables to be added to the webhook messages. Just open an ticket on our Discord!
Actions
Example syntax:
actions_on_max_tries:
- KICK;<red>You have reached the maximum number of login attempts. Please try again later.The format is <action>;<message>, where <action> is the action to take and <message> is the message to send. The action can be one of the following:
KICKCOMMANDMESSAGE
Example files
config.yml
# ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
# ┃ GroupSecurity Config ┃
# ┃ Developed by ArikSquad ┃
# ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
# ┣╸ Config Help: https://groupsecurity.mikart.eu/configuration/config.yml
# ┗╸ Documentation: https://groupsecurity.mikart.eu/
# Locale of the default language file to use. Docs: https://groupsecurity.mikart.eu/configuration/language-files
language: en-us
# Whether to enable developer debug mode. This will print additional information to the console which are not useful for most people. I don't recommend enabling this if you don't know what you're doing.
debug: false
# Whether to enable the plugin's update checker.
update_checker: true
# Database settings
database:
# Type of database to use (SQLITE, MYSQL, MARIADB)
type: SQLITE
# Specify credentials here for your MYSQL or MARIADB database
credentials:
host: localhost
port: 3306
database: GroupSecurity
username: root
password: pa55w0rd
parameters: ?autoReconnect=true&useSSL=false&useUnicode=true&characterEncoding=UTF-8
# MYSQL / MARIADB database Hikari connection pool properties. Don't modify this unless you know what you're doing!
connection_pool:
size: 10
idle: 10
lifetime: 1800000
keepalive: 0
timeout: 5000
# Names of tables to use on your database. Don't modify this unless you know what you're doing!
table_names:
meta_data: groupsecurity_metadata
user_data: groupsecurity_users
# What permission handler to use. If you want to use this plugin in combination with proxy,
# you must use LuckPerms and MySQL database IN LUCKPERMS. Possible values here: AUTO, LUCKPERMS, VAULT.
# Automatic will choose Vault in spigot, and force LuckPerms in proxy.
permission_handler: AUTO
# Use permissions to show autocompletions and other stuff, use this if you want to restrict normal players from seeing GroupSecurity commands
use_permissions: false
# Secure settings
secure:
# What security engine to use. Possible values are listed in the documentation.
type: NO_COMMANDS
# Allow moving and using commands without logging in.
allow_moving: true
# If set to true, players will be logined in automatically if ip matches the last ip they logged in with before.
ip_check: false
# Time in seconds before a player is automatically logged out after disconnecting. Can be combined with ip check. Set to 0 to disable.
auto_logout_time: 120
# Whether to kick unknown ips. ipCheck must be enabled for this to work.
kick_unknown_ips: true
# Maximum number of tries a player has to login before being kicked.
max_tries: 10
# Actions to take when a player reaches the maximum number of login attempts. Search the documentation for more information.
actions_on_max_tries:
- KICK;<red>You have reached the maximum number of login attempts. Please try again
later.
# Actions to run when a player fails to login. Search the documentation for more information.
actions_on_failed_login: []
# Command to run when a player logs in. Search the documentation for more information.
actions_on_login: []
# Settings that apply for the password mode.
password:
min_length: -1
max_length: -1
require_uppercase: false
require_lowercase: false
require_number: false
require_special: false # Hashing solution, check documentation for their differences.
hashing: BCRYPT # Hashing settings for Argon2
argon2: # The amount of memory to use in KB. Default is 65536 (64MB).
memory: 65536 # The number of iterations to use. Default is 3.
iterations: 3 # The parallelism to use. Default is 1.
parallelism: 1 # Hashing settings for Scrypt
scrypt: # The amount of memory to use in KB. Default is 65536 (64MB).
memory: 65536 # The number of iterations to use. Default is 16384.
iterations: 16384 # The parallelism to use. Default is 1.
parallelism: 1
# Settings that apply for the pin mode.
pin: # Set to -1 to disable, or to set bounds, set this to -1 and set min_length and max_length
length: 4
min_length: 4
max_length: 6 # Set's if the pin can be the numbers next to each other. Only works in the length is less than 9
can_be_straight: true
# Webhook settings
webhook:
# Whether to enable the webhook. This will send messages to a discord channel.
enabled: false
# The URL of the webhook.
url: ''
# If true, the webhook will send a message when a player fails to login.
send_failed_login: true
# If true, the webhook will send a message when a player logs in.
send_login: true
# If true, the webhook will send a message when a player logs in automatically through IP.
send_auto_login: true
# Webhook sent on login
login_message:
tts: false
embeds: - title: Login Success
description: Player `<name>` has been authenticated with GroupSecurity
color: '#00ff00'
footer:
text: 'UUID: <uuid> | GroupSecurity by AriDev'
icon_url: https://minotar.net/avatar/<name>/100.png
fields: []
# Webhook sent on a singular fail
fail_message:
tts: false
embeds: - title: Login Failed
description: Player `<name>` has failed to authenticate with GroupSecurity
color: '#ffff00'
footer:
text: 'UUID: <uuid> | GroupSecurity by AriDev'
icon_url: https://minotar.net/avatar/<name>/100.png
fields: []
# Webhook sent on an unknown ip connection
ip_failure_message:
tts: false
embeds: - title: Login Failed
description: Player `<name>` tried to join auto-authenticated from an unknown
IP-address.
color: '#ff0000'
footer:
text: 'UUID: <uuid> | GroupSecurity by AriDev'
icon_url: https://minotar.net/avatar/<name>/100.png
fields: []
# Webhook sent on a max tries fail
max_tries_message:
tts: false
embeds: - title: Login Failed
description: Player `<name>` has reached the maximum number of login attempts.
color: '#ff0000'
footer:
text: 'UUID: <uuid> | GroupSecurity by AriDev'
icon_url: https://minotar.net/avatar/<name>/100.png
fields: []
# Webhook sent on auto login
auto_login_message:
tts: false
embeds: - title: Login Success
description: Player `<name>` has been auto-authenticated with GroupSecurity
color: '#00ff00'
footer:
text: 'UUID: <uuid> | GroupSecurity by AriDev'
icon_url: https://minotar.net/avatar/<name>/100.png
fields: []
# Platform settings
platform:
bungee: # Whether to enable experimental brigadier emulation. This is experimental, and may not work as expected. We recommend you to use Velocity.
bungee_brigadier_emulation_experiment: false
# Add GroupSecurity commands to this list to prevent them from being registered (e.g. ['resetpassword'])
disabled_commands: []messages-en-us.yml
# ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
# ┃ GroupSecurity - Locales ┃
# ┃ Developed by ArikSquad ┃
# ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
# ┣╸ Thanks for using AnimVanish.
# ┗╸ Check the docs: https://groupsecurity.mikart.eu/
locales:
servername: GroupSecurity
prefix: <color:#77DD77>[GroupSecurity]</color>
reload: <color:#77DD77>Reloading GroupSecurity...</color>
reloaded: <color:#77DD77>Reloaded GroupSecurity in %1ms.</color>
not_console: <color:#FF6961>You need to be console to use this command!</color>
console_not_supported: Console not supported for this command!
not_admin: <color:#FF6961>You are not bestowed with the noble privilege to undertake
this action!</color>
sql_failure: <color:#FF6961>Couldn't reach the SQL servers!</color>
unknown_ip: <color:#FF6961>Unrecognized IP!</color>
not_2fa: <color:#FF6961>You are not using 2FA!</color>
login_usage: '<color:#FF6961>Usage: /login <code></color>'
login_you_are_indeed_logged_in: <color:#FF6961>You are already logged in!</color>
login_invalid_code: <color:#FF6961>Incorrect code!</color>
not_registered: <color:#FF6961>You haven't registered yet!</color>
already_registered: <color:#FF6961>You have already registered!</color>
already_logged: <color:#FF6961>You are already logged in!</color>
not_logged: <color:#FF6961>You are not logged in!</color>
args_not_supplied: '<color:#FF6961>You need to input all args.</color> <green>Syntax:
<syntax></green>'
arg_only_console: <color:#FF6961>This argument can only be used by console!</color>
ready_to_login: <color:#77DD77><servername> needs you to log in with your security
code. Please type <yellow>/login <code> <color:#77DD77>to log in.</color>
still_setup: <color:#77DD77><servername> needs you to set up your account. Please
type <yellow>/register <color:#77DD77>to set up your account.</color>
now_setupped: <color:#77DD77>Your account is set up! Please do /login <code> to
log in!</color>
already_setup: <color:#FF6961>Your account is already set up.</color>
login_done: <color:#77DD77>You are now logged in!</color>
logout_done: <color:#77DD77>You are now logged out!</color>
need_setup: <color:#FF6961>You need to set up first! Do /register</color>
register_general: <br><green>You're now an %1%! Do <yellow>/register (%2%)</yellow>
to access your newfound permissions.
register_twofactor: <br>green>You're now an %1%! Do <yellow>/register</yellow> to
begin the setup of 2-factor authentication.
invalid_type: '<color:#FF6961>Invalid engine! (Valid engines: %1%)</color>'
scan_2fa: <color:#77DD77>Scan the QR code in your inventory or use the manual code
in the last message. Do <yellow>/register <code></yellow> to register your 2FA.</color>
manual_2fa: <green>Manual 2-factor authentication code:</green> <white>%1%</white>.
Do <yellow>/register <code></yellow> to register your 2FA.
database_added: Added %1% to the database!