[Support] ich777 - Gameserver Dockers


Recommended Posts

5 hours ago, ich777 said:

That's a thing I can't answer...

I've now pulled a fresh copy from the CA App and have no issue that the server is showing up in the Steam Server Browser:

screenshot1.thumb.png.ed799a9dcb9f964a44d8d28b6fb47336.png

screenshot2.png.dbefdce943dee6b950a5bbaef78fdfa9.png

 

Have both of you just yet tried to run a complete vanilla version from the container without changing anything in the template and/or config files?

 

I've attached also the log from the first start up from the container itself: ark.log

I pulled a fresh copy from the CA apps now like you recommended and there is "slight" progress.

My server now shows up in Steam server list under LAN tab. However it still will not show up in the public list.

The ports are forwarded properly in my router and everything.

 

What game parameters do I need to enter to make the server show up publicly so people can connect?

Link to comment
29 minutes ago, SadgePanda said:

My server now shows up in Steam server list under LAN tab. However it still will not show up in the public list.

Are you sure that you've set all options correct in the in game server list? This list is a mess from my perspective because if you have set one option wrong it will prevent the server from showing up.

 

Also keep in mind that it can take a bit until it shows up in the in game server list. Are you sure that hair pin NAT is working correctly? Have you yet tried to connect from a computer from outside your LAN? Are you also sure that you are not behind a CG-NAT? Please double check the port forwarding and only forward the ports with the appropriate protocol as listed in the template, if a port is listed as only UDP then forward only UDP and not TCP/UDP same goes for TCP ports.

 

29 minutes ago, SadgePanda said:

What game parameters do I need to enter to make the server show up publicly so people can connect?

There is none, the game will show up by default in the public server list by default if everything is forwarded correctly and it is actually reachable from the Internet.

Link to comment
8 hours ago, ich777 said:

That's a thing I can't answer...

I've now pulled a fresh copy from the CA App and have no issue that the server is showing up in the Steam Server Browser:

screenshot1.thumb.png.ed799a9dcb9f964a44d8d28b6fb47336.png

screenshot2.png.dbefdce943dee6b950a5bbaef78fdfa9.png

 

Have both of you just yet tried to run a complete vanilla version from the container without changing anything in the template and/or config files?

 

I've attached also the log from the first start up from the container itself: ark.log

welp
tried booting it up with br0 after leaving it overnight and its working on my custom IP

I hate networking stuff
I literally just turned it off and back on again in just enough of a right way that it decides to work
I give up
sorry to bother everyone
its working now I guess

  • Like 1
Link to comment

Getting an error starting the CoreKeeper server, any ideas?
 

[S_API FAIL] Tried to access Steam interface SteamNetworkingUtils004 before SteamAPI_Init succeeded.
/opt/scripts/start-server.sh: line 84:   207 Segmentation fault      ${SERVER_DIR}/CoreKeeperServer -batchmode -logfile -nographics ${SERVER_DIR}/CoreKeeperServerLog.txt -world ${WORLD_INDEX} -worldname "${WORLD_NAME}" -datapath "${SERVER_DIR}/Save" ${GAME_PARAMS} 2 > /dev/null


Using Unraid (6.11.5) with fresh CoreKeeper image and SteamCMD re-downloaded.

Modified the following directory paths, everything else is default.
 

SteamCMD: /mnt/user/Applications/steamcmd
ServerFiles: /mnt/user/Applications/corekeeper


EDIT: Looks like there's an issue with the underlying server via https://steamcommunity.com/app/1621690/discussions/0/3759978783504303058/

Edited by mmtaii
Link to comment
10 hours ago, mmtaii said:

Modified the following directory paths, everything else is default.

I can not reproduce this on my server, here is the output from a new container installation: corekeeper.log

 

Are you sure that you are on the latest container image? I've edited the container about two weeks ago because a user was reporting a similar issue.

 

10 hours ago, mmtaii said:
ServerFiles: /mnt/user/Applications/corekeeper

 

I would also recommend that you use the real file path (/mnt/cache/... or /mnt/diskX/...) instead of the FUSE file path to avoid issues since some games simply will give you issues when using the FUSE file path and some games wont run at all.

 

EDIT: I pushed another update to the container, can you test if this is working for you now?

Link to comment
14 hours ago, ich777 said:

I can not reproduce this on my server, here is the output from a new container installation: corekeeper.log

 

Are you sure that you are on the latest container image? I've edited the container about two weeks ago because a user was reporting a similar issue.

 

I would also recommend that you use the real file path (/mnt/cache/... or /mnt/diskX/...) instead of the FUSE file path to avoid issues since some games simply will give you issues when using the FUSE file path and some games wont run at all.

 

EDIT: I pushed another update to the container, can you test if this is working for you now?


I've tried all of the above but continue to receive Segmentation Fault error.

Any way to confirm I'm using the latest image beyond deleting when removing Docker container in Unraid UI? :(

Edit: using docker inspect I've confirmed I have latest image hash... no dice.

 

/opt/scripts/start-server.sh: line 84:   208 Segmentation fault      ${SERVER_DIR}/CoreKeeperServer -batchmode -logfile ${SERVER_DIR}/CoreKeeperServerLog.txt -world ${WORLD_INDEX} -worldname "${WORLD_NAME}" -datapath "${SERVER_DIR}/Save" ${GAME_PARAMS} 2 > /dev/null
Terminated

 

Edited by mmtaii
Link to comment

Hey folks who may or may not be messing around with the KF2(killing floor 2) server image. Ive spent the last week or so messing around with it and I feel a warning is only fair to those looking to host one these days. 

First off you should be aware, the server code is designed in a way that makes it a target for people looking to amplify their DDos attacks, there is no rate limit on the UDP game port that it uses to accept connections. So bad actors spoof the ip of their target and then push packets to our servers. before you open your ports you should figure out some sort of protection. Here is a link to the tripwire forum post where some peeps seem to have something figured it. it's over my head so I'm just gonna shut mine down! (and close those ports again)

 https://forums.tripwireinteractive.com/index.php?threads/kf2-or-any-unreal-engine-3-server-on-redhat-centos-rocky-alma-linux-ddos-defense-with-the-help-of-firewalld.2337631/ 

 

Second off, if you want to run custom maps, and follow the workshop downloads instructions, you will find they don't work. The solution is a bit ass backwards, but here is what I did. 
If you go into the console for the docker, you can use steam cmd to download maps. This is important because the server wont do it it's self due to some sort of file mismatch (netcomego code 8). But its not super hard, all you need to do is open the docker console and then put each of these lines in individually. 

 

bash

cd /serverdata/steamcmd

su steam

./steamcmd.sh

login anonymous

workshop_download_item 232090 <workshopID from url>


You may have to then move these into the Cache folder inside your game (appdata/KFGame/Cache).

Or not... I'm not %100 sure as I had to mess around a bunch 

What the above does, if you're as Linux inept as I am;

 

  • opens Bash which is a terminal emulator, I'm not sure if this is necessary, but I think it is for the user switch you have to do?
  • cd (change directory) gets you to where the steam application is.
  • su (switch user) steam changes the the user account you're launching steamcmd as, this is important so it has permissions to save the files to its directory.
  • ./ launches steamcmd.sh 
  • then you're logging in as anonymous, which is how most server stuff works with steamcmd.
  • Lastly you're directing it to download an item for game id 232090 (linux version of KF2 server) and then what item you pick.

Once that's all good and done, peeps still wont be able to download your maps. HA!
What you have to do is give them some where to get them. 

 

So what I did was make my own HTTP redirect server. 

This guide will get you close.

https://www.reddit.com/r/killingfloor/comments/w2lg4a/a_guide_on_setting_up_a_kf2_server_and_a_url_for/

 

But you want to run that NGINX in a docker right? I installed the one from the community apps. https://github.com/linuxserver/docker-nginx#readme which is the one that comes up as just NGINX when you search for that in our community apps page. 

Once you have that, you're gonna almost follow the instructions from the reddit, except you want the files to be in a subdirectory of the "www" folder. also I recommend changing the port number for this. no need to collect the heat from having it on port 80. (change it during install)
Just copy the entirety of the folder that steam downloaded all your custom maps, into the directory you're hosting in the "www" folder. Don't worry about directory neatness or anything. 

you should be able to visit your index by typing <ip>:port/www/<maps or what ever you called it> if you can, and don't get a 403 or 404 you're set. 

In the ini file, you should add the url that the outside world would connect to your fileserver, for example if you're using a domain, put that in there. even if you connect over lan it will still work. Did for me any way.

Once that's all said and done, you should be able to connect in game, and if you decide to go to a custom map, keep in mind that the game is poorly made, you will be greeted with the loading screen saying downloading success 0% map name. just be patient the loading thing doesn't look like its working but it is, eventually you'll hop right into the game. Once the client has the map, that isn't an issue.  

I sincerely hope this helps, id say ask me if you have any questions, but considering I barely fumbled my way through it, got it working and now give up cause I cant figure out how to secure the game server from DDOsing I don't know if I'm truly going to be able to help!
 

That being said, if you're reading this and have and idea on how I could dump all that DDos traffic and not kill my home network let me know! when my box get's hit I'm uploading 40-80Mbps and my isp router struggles hard, basically kills my network. :( one day ill have to build my own router but as of right now I'm using the one my isp gave me when I upgraded to gigabit fiber.

 

 

 

Edited by Emenblade
Plea for help at the bottom! And fixed some capitalization and spelling mistakes
Link to comment
1 hour ago, Emenblade said:

The solution is a bit ass backwards, but here is what I did. 

This is a solution how you could do it yes, but I would recommend that you either do these commands:

su $USER
$STEAMCMD_DIR/steamcmd.sh +force_install_dir $SERVER_DIR +login anonymous +workshop_download_item 232090 <workshopID from url> +quit

(this does basically the same)

 

I know this command is a bit complicated but for the container it's appropriate and will do the same all in 2 lines.

 

You could also download the workshop contents on your local PC and place the downloaded maps into the appropriate server directory like if you would do it for CS:GO or any other Source game.

 

Modding is always up to the user because I only provide the basic functionality because I simply can't know how to mod every game... :D

 

1 hour ago, Emenblade said:

But you want to run that NGINX in a docker right? I installed the one from the community apps. https://github.com/linuxserver/docker-nginx#readme which is the one that comes up as just NGINX when you search for that in our community apps page. 

I haven't read through the whole thread for what this is exactly but I think you are trying to set up a URL for the server and a mirror for the maps correct?

 

The easiest way would be ultimately to use SWAG from Linuxserver.io which is also available on the CA App.

With this you just set up your domain and boom you can connect to the server if you want to have a mirror or better speaking fastdownload server for the maps you have to put everything in the www folder and configure it accordingly.

 

1 hour ago, Emenblade said:

DDos

This is a topic that could be discussed really long and opinions on this are really different.

The first thing that you have to keep in mind that I really don't know someone is interested in DDOS your server, of course it could happen but I wouldn't spread the fear that someone could DDOS you, the risk is always there, even with other services but if the game server has no rate limit I would pitch that to the developers from the dedicated server that they implement a rate limit.

Link to comment

Hey thanks @ich777 for cleaning up the code bit there! Also thank you in general for these game servers, I've used a few of them and have had a lot of fun!

 

But not to be argumentative, in regards to the DDoS thing. I wasn't personally the target, the bad actor uses the kf2 server UDP connection hand shake as a way to amplify their attack on some one else. They do this by spoofing the return IP in their handshake, so that our kf2 servers start sending data to their spoofed IP(actual target). But for us home gamers it's enough traffic to flood a network. This provides a nearly 2x amplification in data. I have a gigabit connection, and my network was inoperable. It's also fairly easy to collect the IPs of the servers (like mine) because the servers do broadcast in-order to populate the server list in game. I think the bad actor refreshes their list every day or two, given I had about 36 hours of uptime untill I got hit. 

 

And while I definitely do agree that tripwire should absolutely patch their code to prevent this, it's been an issue for community servers since at least 2021. My server was only online for a few days and I started to get flooded with UDP traffic. I'm not necessarily trying to fear monger but the game is being completely sunset this year, I kinda doubt they are going to do anything about it. 

 

GIven the headache to get the custom maps working, because their own wiki that tells you how to setup the server directs people to use a system that is absolutely broken in regards to serving custom maps. And because the game is getting on the older side, I wanted to post something somewhere that would explain the current pitfalls of setting up a kf2 dedicated server in 2023. 

 

Ultimately I feel it's important to know that this is an issue that exists, because when I started the docker, I left it running like I would any game server. And when I got hit it took a while for me to figure out what was going on, when I did finally figure it out, I felt that the effort put in to get everything working wasn't worth it. The thing about unraid and these docker containers is that in general they are very easy to set up. If like me, a user have very little experience so far in Linux, but is capable of opening some ports and installing a docker from the apps page, if their network suddenly is saturated they might not know what's going on.

 

I'm not trying to fear monger, but make sure people are aware that this is an issue, and I did link to what is apparently the solution. It's just a little over my head.

 

Because for example I had both Valhiem and satisfactory servers running for over a month(satisfactory even uses the same port) and had no problems. Not all game servers are developed equally. And if had I known this was a vulnerability before setting this up, and given that a lot of us using unraid are doing so from our home networks. I think it's important that there is some awareness that this is a thing.

Link to comment

Also in regards to the webserver bit, I'm assuming that person has a domain, and just directing them how to set up the game server to point to their webserver that is hosting the maps. In the Reddit walk through there are some things that were assumed because the game server and webserver were running on the players windows computer. 

Link to comment
1 hour ago, Emenblade said:

But not to be argumentative, in regards to the DDoS thing. I wasn't personally the target, the bad actor uses the kf2 server UDP connection hand shake as a way to amplify their attack on some one else. They do this by spoofing the return IP in their handshake, so that our kf2 servers start sending data to their spoofed IP(actual target). But for us home gamers it's enough traffic to flood a network. This provides a nearly 2x amplification in data. I have a gigabit connection, and my network was inoperable. It's also fairly easy to collect the IPs of the servers (like mine) because the servers do broadcast in-order to populate the server list in game. I think the bad actor refreshes their list every day or two, given I had about 36 hours of uptime untill I got hit. 

This is definitely a game thing and they should fix it.

After reading that I'm thinking about pulling the container form the CA App...

 

1 hour ago, Emenblade said:

And when I got hit it took a while for me to figure out what was going on, when I did finally figure it out, I felt that the effort put in to get everything working wasn't worth it. The thing about unraid and these docker containers is that in general they are very easy to set up. If like me, a user have very little experience so far in Linux, but is capable of opening some ports and installing a docker from the apps page, if their network suddenly is saturated they might not know what's going on.

But then pass it over to the developers and make a post there maybe also with performance graphs so that you can proof that their dedicated server is actually bad...

 

1 hour ago, Emenblade said:

And if had I known this was a vulnerability before setting this up, and given that a lot of us using unraid are doing so from our home networks. I think it's important that there is some awareness that this is a thing.

This is certainly true but I'll sleep over it if I pull the container from the CA App.

 

As said above this needs to be passed over to the developers from KF2 so that they become aware of that, I can't think that they can't implement some kind of rate limit into the dedicated server...

Link to comment

I'm trying to get my Valheim server Problems solved and it seems i'm out of luck. So maybe you guys can help me out.

I get random disconnects to my server, checked the autoupdate thingy but as i understood it is fixed anyways because it is always "false". 

So the last thing i've read somewhere is that i have to make sure that my instance isn't using crossplay and to remove the -crossplay option in my start_server.sh. But all of those articles are dealing with normal dedicated server installations and not this docker version. 

So how do i make sure that my container isn't using the -crossplay option?

Or do you have any other ideas? I'm hosting some other games and services and there are no problems with disconnects like we have here with this Valheim docker container.

I have nothing i can do and those constant and randomly occuring disconnects makes playing a real pain.

Link to comment
10 minutes ago, screwbox said:

I get random disconnects to my server, checked the autoupdate thingy but as i understood it is fixed anyways because it is always "false". 

This is not a thing anymore, the auto update does nothing anymore.

 

11 minutes ago, screwbox said:

So the last thing i've read somewhere is that i have to make sure that my instance isn't using crossplay and to remove the -crossplay option in my start_server.sh.

11 minutes ago, screwbox said:

So how do i make sure that my container isn't using the -crossplay option?

If it's not in the Docker template at GAME_PARAMS then it's not enabled.

 

11 minutes ago, screwbox said:

I have nothing i can do and those constant and randomly occuring disconnects makes playing a real pain.

How often is randomly? Do you have CA Backup installed and active, if yes how often does it take a backup?

Do you use your LAN IP to connect to the server or do you use your public IP?

 

Can you share the container logs after it restarted?

Link to comment
3 hours ago, ich777 said:

But nobody answered my question yet... :D

Hahah, how do you and the other CA devs typically go about creating new containers?  I imagine you probably need the game or app to begin with, and they cost $$ :) Ya'll need a tip jar!

 

As a new user to unRAID, it's been a super great experience to utilize these dockers ya'll have put so much time into.  I very much appreciate you as a consumer of these things, and my gaming friends do too since I host a few servers for them :P 

  • Like 2
Link to comment
20 minutes ago, Zalszibar said:

I imagine you probably need the game or app to begin with

Exactly, I have created containers for games which I didn't own but giving support for these where a nightmare so I stopped doing that.

 

Lets see if they even publish the dedicated server at launch or if it takes them a year or two to publish the dedicated server like it was the case for The Forest.

EDIT: Found something Click

EDIT2: Found more things Click

 

20 minutes ago, Zalszibar said:

Ya'll need a tip jar!

I have one, but it's always empty because of new game requests. :D

The link is on all installed containers on your server from the CA App or in the first post... ;)

 

20 minutes ago, Zalszibar said:

As a new user to unRAID, it's been a super great experience to utilize these dockers ya'll have put so much time into.  I very much appreciate you as a consumer of these things, and my gaming friends do too since I host a few servers for them :P

Always nice to get from time to time positive feedback... Really much appreciated! :)

  • Like 2
Link to comment
4 hours ago, ich777 said:

This is definitely a game thing and they should fix it.

After reading that I'm thinking about pulling the container form the CA App...

 

But then pass it over to the developers and make a post there maybe also with performance graphs so that you can proof that their dedicated server is actually bad...

 

This is certainly true but I'll sleep over it if I pull the container from the CA App.

 

As said above this needs to be passed over to the developers from KF2 so that they become aware of that, I can't think that they can't implement some kind of rate limit into the dedicated server...

Agreed! Yeah my understanding from reading on their forums, they don't think it's a problem. I'm assuming they just have big pipes or something... Haha. Yeah they used to support the game or at least it looked like they did a few years back but they haven't seemed to put much into it in the last couple. Tis a shame! 

 

Yeah also I share the sentiment that @Zalszibar has, thank you in general for providing all this to us! The whole community apps thing in general is amazing and all the effort you put into making all these game ones is really really nice.

 

And in no way was I implicating your work into the adversity I've had with my lil kf2 server. I posted here simply because this is the first place I looked when I was having issues. Plus it's just so easy to setup using the CA page and your docker, I figure other people might end up in the same place I am. 

 

Purely hypothetically, I know dockers have their own networking built in. How hard do you think it would be to implement a connection limit per IP? Some of the folks on the tripwire forums were talking about iptables, firewalld, and or fail2ban. Like I guess I'm wondering if I were to figure that out so my server dumps the repeated connection requests instead of replying to them. Do you think it would be possible for me to implement that in the docker container, or would that be something I'd do on the actual box? Or in your opinion is that something I'd have to do at the router level? I know that's a lot of questions and your a busy person. I guess what I'd like to do is come up with a solution to it given that tripwire hasn't and I sincerely doubt they're going to given how little they seemed to have cared to fix their game over the last few years. 

  • Like 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.