- Web page that publicly shows the status of valheimserver.service
- Has a public facing Copy to clipboard button for easy pasting into Valheim
- Can show (publicly or not) the Seed of the running world with a custom link to http://valheim-map.world/
- Turn off/on the valheimserver.service process
- Download a copy of your .DB and .FWL files
This GUI works/looks best in Chrome, ironing out non-Chrome errors is on the to-do list
Simple no database login from https://gist.github.com/thagxt/94b976db4c8f14ec1527
This would not work without https://github.com/Nimdy/Dedicated_Valheim_Server_Script
These instrcutions assume you are working on Ubuntu server as outlined by Nimdy.
- Follow Nimdy's instuctions for setting up and configuring your Valheim server ( https://github.com/Nimdy/Dedicated_Valheim_Server_Script#readme )
If you did not enable HTTP when creating the VM you will need to enable it.
Per the GCP help file: https://cloud.google.com/vpc/docs/special-configurations
If you already have existing default-http and default-https firewall rules, you can apply the firewall rule to existing instances by enabling the Allow HTTP or Allow HTTPS options on the instance's details page.
Go to the VM instances page.
Click the name of the desired instance.
Click Edit button at the top of the page.
Scroll down to the Firewalls section.
Check the Allow HTTP or Allow HTTPS options under your desired VPC network.
Click Save.
- Install PHP and Apache2
sudo apt install php libapache2-mod-php
Verify that the install was successful by putting the IP of the server in your web browser. You should see the default Apache2 Ubuntu page. If you have connection issues with this default page, you should verify that HTTP is enabled on the VM.
- Remove the default html folder from /var/www/ and then install repository to /var/www/ then set appropriate permissions.
sudo rm -R /var/www/
cd ~
git clone https://github.com/Peabo83/Valheim-Server-Web-GUI.git
sudo cp -R ~/Valheim-Server-Web-GUI/www/ /var/
sudo chown -R www-data /var/www/
sudo chown -R :www-data /var/www/
Now when visting the IP of the server you should see the main GUI screen.
- Change the default username/password/hash keys. Using your preferred text editor open /var/www/VSW-GUI-CONFIG, you will see the inital section with the variables to change:
// *************************************** //
// * VARIABLES * //
// *************************************** //
$username = 'Default_Admin';
$password = 'ch4n93m3';
$random1 = 'secret_key1';
$random2 = 'secret_key2';
$hash = md5($random1.$pass.$random2);
$self = $_SERVER['REQUEST_URI'];
$make_seed_public = false;
$server_log = true;
Change $username and $password to your preffered values. Change $random1 and $random2 to any variables of your choice, like 'Valheim365' and 'OdinRules'.
- To execute systemctl commands the PHP user (www-data) needs to be able to run systemctl commands, which by default it can not. The following will allow www-data to run the specific commands used to make the GUI work.
sudo visudo
This will open your sudo file, add the following at the bottom:
# Valheim web server commands
www-data ALL = (root) NOPASSWD: /bin/systemctl restart valheimserver.service
www-data ALL = (root) NOPASSWD: /bin/systemctl start valheimserver.service
www-data ALL = (root) NOPASSWD: /bin/systemctl stop valheimserver.service
www-data ALL = (root) NOPASSWD: /bin/grep
Then hit CTRL + X to exit VI, you will be prompted to save, so press Y. VI will then ask where to save a .tmp file, just hit Enter again. After you save the .tmp visudo will check the file for errors, if there are none it will push the content to the live file automatically.
Notes for updating
##Hide Apache Version and Operating System /etc/apache2/apache2.conf
added
ServerSignature Off ServerTokens Prod
##Disable Directory Listing and FollowSymLinks
/etc/apache2/apache2.conf
EDIT - add the "-" in options
<Directory /var/www/> Options -Indexes -FollowSymLinks AllowOverride None Require all granted
Also to Disable TRACE HTTP Request ADD:
TraceEnable off
##mod_security and mod_evasive
sudo apt install libapache2-mod-security2 -y sudo systemctl restart apache2
sudo apt install libapache2-mod-evasive -y sudo systemctl restart apache2
##Setup HTTPS
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt
-Enter Info
sudo vi /etc/apache2/conf-available/ssl-params.conf
Enter:
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff SSLCompression off SSLUseStapling on SSLStaplingCache "shmcb:logs/stapling-cache(150000)" SSLSessionTickets Off
- Added CSP headers for additional security
- jquery library moved to inside this repo. This was done because when the CSP rule "require-trusted-types-for 'script';" it breaks the functionality of the jquery library, specifically the use of ".innerHTML". The included jquery library has added checks and sanitations on all of its uses of .innerHTML.
- Added placeholder values to the username and input fields