add docker container secret management via env

Dockerfile

@@ -16,9 +16,18 @@ VOLUME ${DATA_PATH}
 
 
 ENV MEMORY=4G
+ENV PROXY_SECRET=change_me
+ENV SERVERS=lobby="lobby:25565";survival="survival:25565"
+ENV TRY=lobby;survival
 
 WORKDIR ${WORKDIR_PATH}/config
 
 EXPOSE 25565/tcp
 
-CMD java -Xms${MEMORY} -Xmx${MEMORY} -XX:+UseG1GC -XX:G1HeapRegionSize=4M -XX:+UnlockExperimentalVMOptions -XX:+ParallelRefProcEnabled -XX:+AlwaysPreTouch -XX:MaxInlineLevel=15 -jar *.jar
+# TODO: Make awk commands sapn multiple lines
+# TODO: Use one call to awk to perform substitutions
+CMD \
+    sed -i "s/_PROXY_SECRET_/${PROXY_SECRET}/g" forwarding.secret && \
+    awk -v servers_str="${SERVERS}" '{ count=split(servers_str,servers_arr,";"); servers_fmt_str = ""; for (i = 1; i <= count; i++) servers_fmt_str = servers_fmt_str servers_arr[i] "\n"; sub(/_SERVERS_/,servers_fmt_str); print }' velocity.toml > velocity.toml.tmp && mv -T -f velocity.toml.tmp velocity.toml &&\
+    awk -v try_str="${TRY}" '{ count=split(try_str,try_arr,";"); try_fmt_str = ""; for (i = 1; i <= count; i++) try_fmt_str = try_fmt_str "\"" try_arr[i] "\"" ",\n    "; sub(/_TRY_/,try_fmt_str); print }' velocity.toml > velocity.toml.tmp && mv -T -f velocity.toml.tmp velocity.toml && \
+    java -Xms${MEMORY} -Xmx${MEMORY} -XX:+UseG1GC -XX:G1HeapRegionSize=4M -XX:+UnlockExperimentalVMOptions -XX:+ParallelRefProcEnabled -XX:+AlwaysPreTouch -XX:MaxInlineLevel=15 -jar *.jar

src/forwarding.secret

@@ -1 +1 @@
-${PROXY_FORWARDING_SECRET}
+_PROXY_SECRET_

src/velocity.toml

@@ -13,7 +13,7 @@ motd = "<#09add3>A Velocity Server"
 show-max-players = 500
 
 # Should we authenticate players with Mojang? By default, this is on.
-online-mode = true
+online-mode = false
 
 # Should the proxy enforce the new public key security standard? By default, this is on.
 force-key-authentication = true
@@ -34,7 +34,7 @@ prevent-client-proxy-connections = false
 #                  unable to implement network level firewalling (on a shared host).
 # - "modern":      Forward player IPs and UUIDs as part of the login process using
 #                  Velocity's native forwarding. Only applicable for Minecraft 1.13 or higher.
-player-info-forwarding-mode = "NONE"
+player-info-forwarding-mode = "modern"
 
 # If you are using modern or BungeeGuard IP forwarding, configure a file that contains a unique secret here.
 # The file is expected to be UTF-8 encoded and not empty.
@@ -77,26 +77,24 @@ enable-player-address-logging = true
 [servers]
 # Configure your servers here. Each key represents the server's name, and the value
 # represents the IP address of the server to connect to.
-lobby = "127.0.0.1:30066"
-factions = "127.0.0.1:30067"
-minigames = "127.0.0.1:30068"
+_SERVERS_
 
 # In what order we should try servers when a player logs in or is kicked from a server.
 try = [
-    "lobby"
+    _TRY_
 ]
 
 [forced-hosts]
 # Configure your forced hosts here.
-"lobby.example.com" = [
-    "lobby"
-]
-"factions.example.com" = [
-    "factions"
-]
-"minigames.example.com" = [
-    "minigames"
-]
+# "lobby.example.com" = [
+#     "lobby"
+# ]
+# "factions.example.com" = [
+#     "factions"
+# ]
+# "minigames.example.com" = [
+#     "minigames"
+# ]
 
 [advanced]
 # How large a Minecraft packet has to be before we compress it. Setting this to zero will