Configuration
Cube is configured entirely by command-line flags — there's no config file to manage.
Flags
| Flag | Default | Purpose |
|---|---|---|
-addr | :8080 | Listen address for the web UI. |
-data | ./data | Directory for the database and server files. |
-secure | false | Set the Secure flag on session cookies and enable HSTS. Turn on when served over HTTPS. |
-trust-proxy | false | Trust X-Forwarded-For for the client IP. Only enable behind a trusted reverse proxy. |
Data directory layout
data/
├── cube.db # SQLite: servers, accounts, roles, sessions
└── servers/
└── <id>/ # one working directory per server (jar, world, configs)Running behind HTTPS
Cube serves plain HTTP and expects to sit behind a TLS-terminating reverse proxy (nginx, Caddy, Traefik, …) in production. Forward traffic to its -addr, and run it with -secure so cookies are only sent over HTTPS. If your proxy sets X-Forwarded-For, add -trust-proxy so rate-limiting and session bookkeeping see the real client IP.
Leaving -secure on while serving plain HTTP will break login, because the browser won't send a Secure cookie back over an insecure connection.