UserVM Handbook: Difference between revisions

Jump to navigation Jump to search
no edit summary
No edit summary
No edit summary
It's also VERY important that mail ports are BLOCKED on your VM (the CollabNet guide config includes this). If you do not block them, your IP effectively becomes an open relay which will very likely get you suspended by your ISP or hosting provider. We will not add VMs with accessible mail ports
== Configuration ==
Now we need to fill out the config file for your VM. Copy config.example.toml to config.toml, and open it in an editor. It is well commented so each value should be self-explanatory. If you have questions, feel free to ask in our Discord server.
 
<!-- Wikitext table syntax is SO ass I'll stick to HTML thanks -->
<table class="wikitable">
<tr><th>Config value</th><th>Explanation</th></tr>
<tr><td>host</td><td>Host IP for the server to bind to. 99% of the time this will be 127.0.0.1 on proxied instances and 0.0.0.0 on non-proxied (see below)</td></tr>
<tr><td>port</td><td>Port for your server to bind to. This must be different for each VM you host, and cannot be the same as any other server running on your system (see the output of <code>ss -tuln</code> to see what ports are used)</td></tr>
<tr><td>proxying</td><td>If your server will be behind a reverse proxy, usually Nginx. This isn't a requirement, however, we recommend you do so for things like TLS support, and minimizing the number of ports open on your server. This requires additional configuration of your web server. If you edit this, make sure to go back and update <code>host</code> accordingly</td></tr>
<tr><td>proxyAllowedIps</td><td>IPs allowed to reverse proxy your server. Can be ignored if you're not using proxying mode. 99% of the time, this will just be 127.0.0.1</td></tr>
<tr><td>qemuArgs</td><td>Command line to launch QEMU with. You'll have this from setting up your VM earlier. If you're not sure, check out the QEMU guides linked above</td></tr>
<tr><td>vncPort</td><td>Port to be used internally for VNC. Must be at least 5900. You don't need to pay too much attention to this unless you're running multiple VMs (In which case just increment the port by 1 for each VM)</td></tr>
<tr><td>snapshots</td><td>Whether or not your VM should have vote resets, and reset to its initial state on server restart. If you disable this on a public VM, prepare for it to get trashed quickly.</td></tr>
<tr><td>qmpSockDir</td><td>Directory for QEMU to put its QMP socket for internal use. This can stay default unless you have a special reason to change it</td></tr>
<tr><td>node</td><td>A unique ID for your VM. Your VM will be directly accessible at <code>https://computernewb.com/collab-vm/user-vm/#&lt;this id&gt;</code>. You should take care to name this something separate from any other VM on the UserVM roster, or your VM might be unaccessible</td></tr>
<tr><td>displayname</td><td>VM title that shows up in the list. Format with HTML</td></tr>
<tr><td>motd</td><td>Message of the day, displayed when someone joins your VM. Format with HTML</td></tr>
<tr><td>bancmd</td><td>Command to be run when you click the ban button. By default this adds a non-persistent iptables rule, but we recommend you change this</td></tr>
<tr><td>moderatorEnabled</td><td>Whether or not the moderator rank is enabled, in addition to Admin.</td></tr>
<tr><td>usernameblacklist</td><td>Array of usernames the server should not allow</td></tr>
<tr><td>maxChatLength</td><td>Max amount of characters a user can send in a chat message. Further characters will be truncated.</td></tr>
<tr><td>automute</td><td>Whether or not the server should automatically mute users who spam messages. You can also specify how many messages within how many seconds should trigger the mute.</td></tr>
<tr><td>tempMuteTime</td><td>How long a temporary mute lasts</td></tr>
<tr><td>turnTime</td><td>How long a turn lasts</td></tr>
<tr><td>voteTime</td><td>How long a vote to reset lasts, before results are tallied</td></tr>
<tr><td>voteCooldown</td><td>How long before another reset vote can be started after one ends</td></tr>
<tr><td>adminpass</td><td>SHA256 hash of your admin password. Can be generated with the command <code>printf &quot;&lt;your admin password&quot;&gt; | sha256sum -</code>. Make sure this is something hard to guess as anyone with this password could execute arbitrary commands on your server.</td></tr>
<tr><td>modpass</td><td>SHA256 hash of your mod password. Generated same as admin. Does nothing if the moderator rank is not enabled.</td></tr>
<tr><td><b>moderatorPermissions</b></td><td>Controls the individual actions a moderator can do. Each one is described below. Does nothing if the moderator rank is not enabled.</td></tr>
<tr><td>restore</td><td>Reset the VM back to it's initial state.</td></tr>
<tr><td>reboot</td><td>Reboot the VM</td></tr>
<tr><td>ban</td><td>Ban a user from your VM</td></tr>
<tr><td>forcevote</td><td>Forcibly pass or cancel a vote to reset</td></tr>
<tr><td>mute</td><td>Mute a user, preventing them from chatting or taking turns</td></tr>
<tr><td>kick</td><td>Kick a user from the VM</td></tr>
<tr><td>bypassturn</td><td>Jump to the front of the turn queue, as well as clear the turn queue and end individual turns</td></tr>
<tr><td>rename</td><td>Rename another user</td></tr>
<tr><td>grabip</td><td>Get the IP address of another user</td></tr>
<tr><td>xss</td><td>Send a raw (not HTML-sanitized) chat message, allowing the execution of arbitrary scripts on another user's browser. Admins will not be affected by XSS messages sent by mods.</td></tr>
</table>
=== Setting up reverse proxying (Optional) ===
'''This is REQUIRED for UserVM as, for technical reasons, only TLS-equipped WebSockets can be accepted'''

Navigation menu