Roots是一个游戏服务器守护进程，用于管理游戏服务器的Docker容器。

Roots是一个游戏服务器守护进程，用于管理游戏服务器的Docker容器。
Roots is a game server daemon that manages Docker containers for game servers

原始链接: https://github.com/SproutPanel/roots

## Roots：游戏服务器管理守护进程 Roots 是一个使用 Docker 容器管理游戏服务器的守护进程，提供全面的控制和监控 API。它提供 HTTP/HTTPS API、通过 WebSocket 的实时控制台访问以及用于文件管理的 SFTP。配置通过 `config.yaml` 文件处理（默认：`/etc/roots/config.yaml`），需要设置 Sprout Panel URL 和 API 令牌。配置还允许自定义 Docker 设置（socket、网络）、存储路径和资源限制（内存、磁盘）。可以使用 Let's Encrypt 或自签名选项启用 TLS/SSL。 Roots 提供一个 CLI 用于管理守护进程和服务器：启动、停止、重启、列出和访问控制台。它还具有自动更新功能，通过连接的 Sprout Panel 检查新版本。提供了一个 systemd 服务文件，以便于部署和自动重启。API 认证使用 Bearer 令牌，通过 HTTP 请求头和 WebSocket 连接的查询参数传递。

## Roots：一个新的游戏服务器守护进程 Kerrick最近在Hacker News上分享了“Roots”，一个基于Docker容器的游戏服务器守护进程（github.com/sproutpanel），引发了讨论。最初被描述为守护进程，但一位评论员指出它具有成为IaaS/PaaS平台的潜力，并带有插件模型。然而，该项目也受到了一些批评。一些人指出缺少许可证，并质疑其功能，建议使用Pterodactyl和LinuxGSM等提供更广泛游戏支持的替代方案。还有人争论在Docker容器中运行游戏服务器的做法，并就其性能影响进行了正反两方面的论证。一些用户强调了Docker为特定游戏（如Minecraft）带来的好处，例如易于版本和模组管理。该项目的创建日期最近，提交历史记录有限，也引起了人们对其成熟度的担忧。

原文

Roots is a game server daemon that manages Docker containers for game servers. It provides an HTTP/HTTPS API for server management, real-time console access via WebSocket, and SFTP file access.

# Build the binary
make build

# Or manually
go build -o roots ./cmd/roots

# Build with version info from git
make build-release

# Install to /usr/local/bin
sudo make install

Roots looks for configuration at /etc/roots/config.yaml by default. You can specify an alternative path with the --config flag.

This will prompt you for the essential settings and create the config file.

Configuration File Format

# Panel connection settings
panel:
  url: "https://panel.example.com"    # URL of the Sprout Panel (required)
  token: "your-api-token"             # API token for authentication (required)

# Daemon settings
daemon:
  host: "0.0.0.0"                     # Listen address (default: 0.0.0.0)
  port: 8443                          # Listen port (default: 8443)
  tls:
    enabled: false                    # Enable HTTPS (default: false)
    cert_file: "/etc/roots/cert.pem"  # Path to TLS certificate
    key_file: "/etc/roots/key.pem"    # Path to TLS private key

# Docker settings
docker:
  socket: "/var/run/docker.sock"      # Docker socket path (auto-detected)
  network: "roots_network"            # Docker network for containers (default: roots_network)

# Storage paths (defaults vary by OS, see below)
storage:
  servers: "/var/lib/roots/servers"   # Server data directory
  backups: "/var/lib/roots/backups"   # Backup directory

# SFTP server settings
sftp:
  enabled: true                       # Enable SFTP server (default: true)
  port: 2022                          # SFTP port (default: 2022)
  host_key: "/etc/roots/ssh_host_key" # SSH host key path

# Resource limits for this node
resources:
  memory: "16GB"                      # Total memory available for servers
  disk: "100GB"                       # Total disk space available for servers

Configuration Options Reference

Option	Type	Required	Default	Description
`url`	string	Yes	`http://localhost:3000`	URL of the Sprout Panel
`token`	string	Yes	-	API token for panel authentication

Option	Type	Required	Default	Description
`host`	string	No	`0.0.0.0`	IP address to listen on
`port`	int	No	`8443`	Port to listen on (1-65535)

Option	Type	Required	Default	Description
`enabled`	bool	No	`false`	Enable HTTPS
`cert_file`	string	If TLS enabled	-	Path to TLS certificate file
`key_file`	string	If TLS enabled	-	Path to TLS private key file

Option	Type	Required	Default	Description
`socket`	string	No	Auto-detected	Path to Docker socket
`network`	string	No	`roots_network`	Docker network name for containers

The Docker socket is auto-detected:

macOS: ~/.docker/run/docker.sock
Linux: /var/run/docker.sock

Option	Type	Required	Description
`servers`	string	No	Directory for server data
`backups`	string	No	Directory for backups

Default paths by OS:

OS	Servers	Backups	SSH Host Key
Linux	`/var/lib/roots/servers`	`/var/lib/roots/backups`	`/etc/roots/ssh_host_key`
macOS	`~/.local/share/roots/servers`	`~/.local/share/roots/backups`	`~/.config/roots/ssh_host_key`

Paths support ~ expansion for home directory.

Option	Type	Required	Default	Description
`enabled`	bool	No	`true`	Enable SFTP server
`port`	int	No	`2022`	SFTP port
`host_key`	string	No	`~/.config/roots/ssh_host_key`	Path to SSH host key

The SSH host key is auto-generated on first run if it doesn't exist.

Option	Type	Required	Default	Description
`memory`	string	No	-	Total memory limit for all servers
`disk`	string	No	-	Total disk limit for all servers

Resource values support human-readable formats:

Bytes: 1024, 1024B
Kilobytes: 512K, 512KB
Megabytes: 512M, 512MB
Gigabytes: 16G, 16GB
Terabytes: 1T, 1TB

# Start the daemon
roots run

# Start with custom config
roots run --config /path/to/config.yaml

# Check daemon status
roots status

# Watch status in real-time
roots status --watch

# Reload configuration without restart
roots reload

# Validate configuration
roots validate

# Run diagnostics
roots diagnostics

# List all servers
roots servers list

# Start a server (supports partial UUID)
roots servers start <uuid>

# Start all servers
roots servers start all

# Stop a server gracefully
roots servers stop <uuid>

# Stop all servers
roots servers stop all

# Restart a server
roots servers restart <uuid>

# Force kill a server
roots servers kill <uuid>

# Attach to server console
roots servers console <uuid>

# Check for updates
roots update --check

# Update to the latest version
roots update

# Update without confirmation
roots update --force

# Use beta channel
roots update --channel beta

The update command:

Fetches version info from the panel's /api/releases/latest endpoint
Compares versions and shows changelog
Downloads the new binary with checksum verification
Creates a backup before replacing the current binary
Works with both direct binaries and gzipped tarballs

Using Let's Encrypt (recommended for production)

# Install certbot
sudo apt install certbot

# Get certificate
sudo certbot certonly --standalone -d daemon.example.com

# Update config
daemon:
  tls:
    enabled: true
    cert_file: /etc/letsencrypt/live/daemon.example.com/fullchain.pem
    key_file: /etc/letsencrypt/live/daemon.example.com/privkey.pem

Using Self-Signed Certificate (development only)

# Generate self-signed certificate
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

# Update config
daemon:
  tls:
    enabled: true
    cert_file: /path/to/cert.pem
    key_file: /path/to/key.pem

Note: The CLI automatically allows self-signed certificates when connecting to localhost.

The daemon exposes a REST API for server management:

Method	Endpoint	Description
GET	`/health`	Health check (no auth)
GET	`/status`	Daemon status
POST	`/api/reload`	Reload configuration
GET	`/api/servers`	List all servers
POST	`/api/servers`	Create/install server
GET	`/api/servers/{uuid}`	Get server details
PUT	`/api/servers/{uuid}`	Update server
DELETE	`/api/servers/{uuid}`	Delete server
POST	`/api/servers/{uuid}/power`	Power actions (start/stop/restart/kill)
WS	`/api/servers/{uuid}/console`	Console WebSocket
WS	`/api/servers/{uuid}/stats`	Stats WebSocket
GET	`/api/servers/{uuid}/files`	List files
GET	`/api/servers/{uuid}/files/content`	Read file
PUT	`/api/servers/{uuid}/files/content`	Write file
GET	`/api/node/status`	Node resource stats
WS	`/api/node/stats`	Node stats WebSocket

All endpoints except /health require authentication via Bearer token:

Authorization: Bearer <token>

For WebSocket connections, the token can be passed as a query parameter:

wss://daemon.example.com/api/servers/{uuid}/console?token=<token>

Create /etc/systemd/system/roots.service:

[Unit]
Description=Roots Game Server Daemon
After=network.target docker.service
Requires=docker.service

[Service]
Type=simple
ExecStart=/usr/local/bin/roots run
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target

Enable and start:

sudo systemctl enable roots
sudo systemctl start roots