Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] ich777 - Gameserver Dockers

Featured Replies

  • Author
36 minutes ago, zan335 said:

Could your dockers for example like terraria or palworld, essentially your game server dockers in general, be used with a "vpn/vps" so that the public ip I give is the one provided said "vpn/vps" like 876.543.21 then my "actual public ip" like 123.456.78

Yes why not?

 

31 minutes ago, zan335 said:

which is why I would like to essentially mask my public ip for something else, hence why the question of using a vpn/vps service came into mind, but I don't know of other dockers or commands that would allow me to this with your docker, or even if your docker would allow for such tampering in the first place. 

Sure there are multiple ways to do that but this is out of scope for this thread, but here are a few examples:

  • VPN: VPN provider that provides you a (semi-)static public IP and that allows ports to be opened, I think there are providers out there which support that but I'm not too sure about that.
    Then you have to set up a VPN container which is basically the gateway for all the containers that you want to "protect" and that you have to route through that VPN container (you can look for example into my OpenVPN container, it should be even possible through Wireguard).
  • VPS: You can do this in two different ways:
    - The first more complicated way is to set up a revers SSH tunnel that you tunnel through the TCP and UDP ports <- the latter can be quite complicated
    - The second more easy way is to run the container directly on the VPS.

Don't focus too much on game servers when doing your research, there are a few posts already in the forums for http and https traffic and how to route counter traffic through a VPN.

 

I assume there are also other ways to do that but these are the ones that I can think of.

 

BTW if you are not comfortable sharing your IP, I'm not really sure if it wouldn't be better to not host game servers on your server, you know that there are third party server browsers for available games out there (even if you specified to not list them eg Palworld) that would list your server too even with your public IP.

Try to search your servername there, I'm sure you'll find it including your public IP.

Please keep in mind, as you start to host something (not only limited to game servers), your public IP will be public available somewhere, be it on Google through their search engine or whatever.

  • Replies 12.5k
  • Views 2.2m
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Just thought I'd share my experience setting up a Valheim server with this docker app from @ich777(thank you!)   You don't need to worry about Steam authentication for Valheim, the default a

  • Dockers Available:   SteamCMD DedicatedServers: CounterStrike: Source CounterStrike 2 TeamFortress 2 ArmA3 - requested by @MrSage Deathmatch Classic

  • This will hopefully shed some light on the underside working bits of building a cluster of servers for ARK:SurvivalEvolved.   With the inspiration (read thievery) from @growlith I present th

Posted Images

47 minutes ago, ich777 said:

Dedicated game servers in general?

 

Ahh yeh sorry, ambiguously worded I guess. I meant self-hosted game servers. Or, more specifically, self-hosting a server when there are free dedicated servers available on steam (I know several games that no longer have public servers, so having the ability to spin up a private server for those is of course very important). 

 

 

47 minutes ago, ich777 said:

 

This is true for most games but not for all because not every developer provides their own dedicated public servers <- so to speak no official servers provided by the developers (don't quote me on that but games that came into mind are Astroneer & Valheim).

 

Sure you can host it locally yourself on your PC and invite friends but what if your friends want to play when you got no time to start your PC because real life... that's where such a dedicated server come into play. Your friends can basically join whenever they want.

 

Good point. I personal have run a Minecraft server, so that people could log in even when I wasn't around. I just didn't think a lot of the listed games had that kind of persistence (however I am only familiar with a handful!). 

I also thought that the games with persistence (like Valheim, I believe?) saved your progress locally... but I may be totally wrong on that!

 

47 minutes ago, ich777 said:

There is also the risk, if we are talking about a survival game, if the server owner wipes the save without you knowing and probably ruined hours/days/weeks of gameplay.

 

This also depends in my opinion, sure for Palworld you need plenty of RAM and a good CPU since it seems like the game is not really optimized but for something like Astroneer or CounterStrike2 you don't need that much hardware and the experience can be better or on par on a server that you have at home since most hosting providers also run consumer hardware or even share resources for your game server with other people.

Of course you can customize it how you like it. It's basically yours and you can do whatever you want with it without any fees (besides that what you pay for electricity, Internet,... to run your server).

 

Depends, for some people it's a feature to own their data and that they know the are in control, for some people it's a feature to run multiple dedicated game servers on their server because it is cheaper than running multiple game servers on a hosting provider, setting up clusters for ARK for example where you can travel between worlds and so on, run mods that need their on specific extra port to view the map in real time and so on...

 

Of course not for everyone everything listed is a feature, it always depends and if you don't want to run a game server that's also fine.

 

Thanks, I'll be keeping an eye on this list and seeing what games might take my game-groups fancy. Thanks again for the reply!

On 2/12/2024 at 4:58 AM, ich777 said:

This is your issue.

 

  1. Stop the container
  2. Edit the configuration file
  3. Start the container

 

If you are editing the file when the container is running and simply restart the container then you changes will be discarded.

Many thanks, the issue has been resolved!

 

Would you mind me to ask that, is there any thoughts on the Scum container release?

  • Author
7 minutes ago, Nirin said:

I also thought that the games with persistence (like Valheim, I believe?) saved your progress locally...

I'm not 100% sure, they changed that didn't they? Even if they didn't change that, the world state and everything in the chests and everything that you've built is saved on the server. But Valheim is a exception, usually player data is also stored on the server and not the client <- for security measurements like cheating and so on.

 

8 minutes ago, Nirin said:

but I may be totally wrong on that!

Not at all, there might be games that are saved locally but most save the states from the players on the server like: Palworld, Minecraft, Sons of the Forest, The Forest,... (these are the ones that came first into mind).

 

10 minutes ago, Nirin said:

Thanks, I'll be keeping an eye on this list and seeing what games might take my game-groups fancy.

Usually Minecraft is pretty easy to run, you only need a good single core performance CPU since it is not very good with using multiple threads and if the world needs to be generated it can be a quite large performance hit since this is quite heavy on the CPU however if players only building like you would do it normally in Minecraft the performance hit will be negligible, of course always depens on how many players are on the server if really complicated Redstone circuits are set up and so on...

 

You can always try and see how it goes, but expect some game servers to need quite some RAM.

 

Hope that helps. :)

  • Author
5 minutes ago, i ii said:

Would you mind me to ask that, is there any thoughts on the Scum container release?

Sorry but I don't accept any container requests anymore since I have now almost 200 applications in the CA App and I can't maintain more, however there are other community developers out there which continue my work with game server like @Nodiaque & @Jamxx maybe one of them can help. :)

6 minutes ago, ich777 said:

Sorry but I don't accept any container requests anymore since I have now almost 200 applications in the CA App and I can't maintain more, however there are other community developers out there which continue my work with game server like @Nodiaque & @Jamxx maybe one of them can help. :)

You've done more than enough already.

Many thanks for palworld container release!

Many thanks for the happiness that your effort takes to my friends and I!

7 hours ago, zan335 said:

 while I perfectly trust my friend, I don't really know his friends, which is why I would like to essentially mask my public ip


honestly, this is kinda.. pointless.

Your public IP isn't some secret identifier.  Every website you visit logs it.  Every botnet in the world is scanning random IPs and ports constantly and yours is one of them.   As long as you don't have unnecessary ports open and are not hosting some severely out of date or insecure service on those ports, you're fine 99.99% of the time.

Could someone identify your ISP?  Sure.
Could they identify where in the world you might be?  Also, yep.
Can they pinpoint the city, address, or any identifying information about you?  Not a chance.

best they could do is figure out within maybe 50-100 miles of where you might be, and that varies greatly by which DC you're connected to and how close to it you are.

 

26 minutes ago, dlchamp said:



Could someone identify your ISP?  Sure.
Could they identify where in the world you might be?  Also, yep.
Can they pinpoint the city, address, or any identifying information about you?  Not a chance.

 

But they do this on the tv.... 🤣🤣

26 minutes ago, dlchamp said:

Can they pinpoint the city, address, or any identifying information about you?  Not a chance.

Depends if "they" includes law enforcement or a civil court with subpoena powers.

  • Author
2 minutes ago, JonathanM said:

Depends if "they" includes law enforcement or a civil court with subpoena powers.

I also beleive Google geolocation service can do that too if they really want to they cpuld map the public IP that your WIFI is on and the location data from your phone.

If course these are all assumptions. 😂

Hey 

Has anyone managed to get the Palworld server running via reverse proxy? 

Or seen any weird access through the palworld port? 
I am not sure if there is any security implication by exposing my Port to the public? 

Thanks for any help or suggestions. 

  • Author
20 minutes ago, Beryllium said:

Has anyone managed to get the Palworld server running via reverse proxy? 

This was discussed a few times. Why would you do that? This will complicate your setup very much since you have to use streaming ports, it will maybe work but I can't guarantee it and it is not worth the effort/time in my opinion and you have to expose a port anyways, even if you do it through a reverse proxy.

 

Please keep in mind that game servers most of the times use their own protocol and are not answering to http and https requests as like a reverse proxy is intended to do.

 

If you simply try to reverse proxy the dedicated server (like Plex or some other web application) the client can't understand what the Server is trying to say because these are completely different protocols.

Imagine it that way that you have two people that are trying to talk to each other (one is the server and one the client), both of them speak English natively and you now introduce a third person as a translator (the reverse proxy) that speaks German to translate between those two native English speaking people, I hope this makes it a bit more clear what a reverse proxy does for a game server (at least most of the game servers).

 

20 minutes ago, Beryllium said:

Or seen any weird access through the palworld port? 

What do you mean with that?

 

20 minutes ago, Beryllium said:

I am not sure if there is any security implication by exposing my Port to the public? 

My containers all run the dedicated servers inside with lower privileges and it should not be a security implication.

 

As a final word, I would not recommend even trying to reverse proxy a game server with streaming ports since this over complicates the setup and you will most likely run into trouble, just forward the port that is specified in the template and you are good to go.

46 minutes ago, ich777 said:

This was discussed a few times. Why would you do that? This will complicate your setup very much since you have to use streaming ports, it will maybe work but I can't guarantee it and it is not worth the effort/time in my opinion and you have to expose a port anyways, even if you do it through a reverse proxy.

 

Please keep in mind that game servers most of the times use their own protocol and are not answering to http and https requests as like a reverse proxy is intended to do.

 

If you simply try to reverse proxy the dedicated server (like Plex or some other web application) the client can't understand what the Server is trying to say because these are completely different protocols.

Imagine it that way that you have two people that are trying to talk to each other (one is the server and one the client), both of them speak English natively and you now introduce a third person as a translator (the reverse proxy) that speaks German to translate between those two native English speaking people, I hope this makes it a bit more clear what a reverse proxy does for a game server (at least most of the game servers).

 

What do you mean with that?

 

My containers all run the dedicated servers inside with lower privileges and it should not be a security implication.

 

As a final word, I would not recommend even trying to reverse proxy a game server with streaming ports since this over complicates the setup and you will most likely run into trouble, just forward the port that is specified in the template and you are good to go.



Thanks a lot! 

I was just recently hacked and wanted to minimize the attack vector. Instead of giving the IP out, I will add a CNAME in Cloudflare with DNS only and then the can manually add the port at the end of the URL. I just wanted to check with someone :D

The docker does not have privileged permissions. 

I initially tried it with the cloudflare tunnel service, since it would still just connect normally, but it seems Palworld can't resolve URLs without a port. 

6 minutes ago, Beryllium said:


Instead of giving the IP out, I will add a CNAME in Cloudflare with DNS only and then the can manually add the port at the end of the URL.

Youre still handing an IP out, lol.

10 minutes ago, Beryllium said:

Instead of giving the IP out, I will add a CNAME in Cloudflare with DNS only and then the can manually add the port at the end of the URL

It's entirely useless since the domain is the IP and just "ping domainname" will give it.

Edited by Kilrah

  • Author
16 minutes ago, Beryllium said:

The docker does not have privileged permissions. 

Non of my containers are running privileged (at least that I can think of) because it's most of the times not needed anyways.

 

16 minutes ago, Beryllium said:

I was just recently hacked

Really, how did that happen? Do you know through what service/container/whatever you where hacked? Social Engineering,...?

 

16 minutes ago, Beryllium said:

Instead of giving the IP out, I will add a CNAME in Cloudflare with DNS only and then the can manually add the port at the end of the URL. I just wanted to check with someone :D

Yes, but as @Mainfrezzer & @Kilrah already pointed out DNS resolution will return you public IP.

 

16 minutes ago, Beryllium said:

I initially tried it with the cloudflare tunnel service, since it would still just connect normally, but it seems Palworld can't resolve URLs without a port. 

I think Couldflare has also a paid tier where you can entirely hide your IP and tunnel it through their servers so only the IP from Cloudflare is shown but you then have to forward the ports in the Cloudflare Admin Panel and as said, that's a paid option AFAIK and I don't think that's cheap.

hahahaha 
yeah very true. Just a bit paranoid. I mean I am aware that the URL just resolves the IP, but maybe I could bypass the most basic script kiddies hahaha :D Thanks @Mainfrezzer @Kilrah @ich777

I think its more malware on my personal machine. It seems like a cookie session hijack. since the accounts that were hacked had to common email or password. 

Alright, then I will just do it normally and keep an eye on it. Since its only dedicated friends I wanted to whitelist their IPs, but theirs rotate every 24 hours. 

Thanks for all the help! 
 

4 minutes ago, ich777 said:

Non of my containers are running privileged (at least that I can think of) because it's most of the times not needed anyways.

 

Really, how did that happen? Do you know through what service/container/whatever you where hacked? Social Engineering,...?

 

Yes, but as @Mainfrezzer & @Kilrah already pointed out DNS resolution will return you public IP.

 

I think Couldflare has also a paid tier where you can entirely hide your IP and tunnel it though their servers and so only the IP from Cloudflare is shown but you then have to forward the ports in the Cloudflare Admin Panel and as said, that's a paid option AFAIK.

 

Will need to look into this. If its not too expensive this may sound like a good option. 

2 minutes ago, Beryllium said:

 

Will need to look into this. If its not too expensive this may sound like a good option. 

Alternatively and given that you do know how to do it, you can just rent any cheap vps and put a wireguard server on it and tunnel your gameservers through that. Only real usefulness would be the static ip. 

If you really wanna be paranoid level secure, tailscale would be an option to connect you and your friends with your gameserver.

On 2/14/2024 at 1:45 AM, ich777 said:

Please look at this post:

 

EDIT: You mean you deleted the old port entry and created a new one correct?

Yes I removed the old entry and created a new one. I should just need forwarding rules in my router for 192.168.0.150:8211 and 192.168.0.150:25575 right? With my server being on 192.168.0.150 I just stop the container and update the ip value in PalWorldSettings.ini. (Going with the default port since I'm not setting something correctly and I can't even access the server once its up.)

Edited by andrew444

On 2/14/2024 at 7:46 AM, ich777 said:

Not possible with my container, it was never designed to be accessible directly, you can either connect to it through RCON (maybe with my plugin) or directly through the game itself.

Thank you for your reply! For my needs and the needs of my team, I'll probably need to look at a different solution - make sense though that you keep it simple!

Thanks for all the work you put into these (and answering questions all day) - your dockers are the quickest way to get something up and running.

  • Author
1 hour ago, andrew444 said:

25575

Not for this, RCON commands are unencrypted and unsafe, don't expose the RCON port to the Internet.

 

1 hour ago, andrew444 said:

I just stop the container and update the ip value in PalWorldSettings.ini

The container can check your public IP on each startup automatically, please read the variables in the Docker template.

  • Author
52 minutes ago, CaphalorAlb said:

Thank you for your reply! For my needs and the needs of my team, I'll probably need to look at a different solution - make sense though that you keep it simple!

You can set up AMP in a LXC container (I have a container for that if interested) and set up AMP in there.

 

If interested send me a PM.

Embarrassing to say but I was trying to setup a server without an inbound firewall rule to allow 8211... Thanks again for the docker image and the support in here!

Hello! I have had a Palworld server running for the past couple of weeks using ich777's SteamCMD container. Today it began repeatedly crashing on startup. I noticed someone else had this exact issue a couple of weeks ago but said their server had some bad memory modules that they replaced. I don't think that's the issue in my case.

The crash dump from Diagnostics.txt is below.

I have tried the basic troubleshooting of rebooting the container (many times) and rebooting the server machine itself. 

Interestingly enough, I deleted the game save folder and started with a fresh save. It worked totally fine. Put back the old save and it crashed again. This leads me to believe it's a Palworld issue, but from all of my searching it seems to be limited to Linux users.

Any other ideas would be greatly appreciated.

Generating report for minidump

Application version 5.1.1.0
 ... built from changelist 0

OS version Linux 6.1.64-Unraid (network name: beed1d7bd968)
Running 6 x86_64 processors (12 logical cores)
Exception was "SIGSEGV: invalid attempt to write memory at address 0x0000000000000003"

<SOURCE START>
<SOURCE END>

<CALLSTACK START>
PalServer-Linux-Test!UPalDynamicItemWorldSubsystem::Create_ServerInternal(FPalDynamicItemId const&, FName, FPalItemCreateParameter const&) [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalDynamicItemWorldSubsystem.cpp:138]
PalServer-Linux-Test!UPalDynamicItemWorldSubsystem::ApplyWorldSaveData(UPalWorldSaveGame const*) [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalDynamicItemWorldSubsystem.cpp:286]
PalServer-Linux-Test!non-virtual thunk to UPalDynamicItemWorldSubsystem::ApplyWorldSaveData(UPalWorldSaveGame const*) [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalDynamicItemWorldSubsystem.cpp:0]
PalServer-Linux-Test!UPalSaveGameManager::ApplyWorldSaveData(UPalWorldSaveGame const*, TArray<UPalGameSystemInitProcessHandle*, TSizedDefaultAllocator<32> >&) [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalSaveGameManager.cpp:1625]
PalServer-Linux-Test!UPalGameSystemInitSequence_ApplyWorldSaveData::ProcessImpl() [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalGameSystemInitSequences.cpp:216]
PalServer-Linux-Test!UPalGameSystemInitManagerComponent::StartNextSequence() [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalGameSystemInitManagerComponent.cpp:101]
PalServer-Linux-Test!UPalGameSystemInitManagerComponent::StartNextSequence() [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalGameSystemInitManagerComponent.cpp:115]
PalServer-Linux-Test!UPalGameSystemInitManagerComponent::StartNextSequence() [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalGameSystemInitManagerComponent.cpp:115]
PalServer-Linux-Test!UPalGameSystemInitManagerComponent::OnChangeProcessState(UPalGameSystemInitProcessHandle*) [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalGameSystemInitManagerComponent.cpp:167]
PalServer-Linux-Test!TBaseUObjectMethodDelegateInstance<false, UPalGameSystemInitManagerComponent, void (UPalGameSystemInitProcessHandle*), FDefaultDelegateUserPolicy>::ExecuteIfSafe(UPalGameSystemInitProcessHandle*) const [D:/works/repos/Pal_SVN/Pal-UE-EngineBinary/Engine/Source/Runtime/Core/Public/Delegates/DelegateInstancesImpl.h:616]
PalServer-Linux-Test!UPalWorldSubsystem::OnWorldBeginPlay(UWorld&) [G:/works/repos/Pal_SVN/Pal-UE-App/Source/Pal/PalWorldSubsystem.cpp:57]
PalServer-Linux-Test!UWorld::BeginPlay() [C:/works/Pal-UE-EngineSource/Engine/Source/./Runtime/Engine/Private/World.cpp:4875]
PalServer-Linux-Test!UEngine::LoadMap(FWorldContext&, FURL, UPendingNetGame*, FString&) [C:/works/Pal-UE-EngineSource/Engine/Source/./Runtime/Engine/Private/UnrealEngine.cpp:14880]
PalServer-Linux-Test!UEngine::Browse(FWorldContext&, FURL, FString&) [C:/works/Pal-UE-EngineSource/Engine/Source/./Runtime/Engine/Private/UnrealEngine.cpp:14037]
PalServer-Linux-Test!UGameInstance::StartGameInstance() [C:/works/Pal-UE-EngineSource/Engine/Source/./Runtime/Engine/Private/GameInstance.cpp:634]
PalServer-Linux-Test!FEngineLoop::Init() [C:/works/Pal-UE-EngineSource/Engine/Source/./Runtime/Launch/Private/LaunchEngineLoop.cpp:4372]
PalServer-Linux-Test!GuardedMain(char16_t const*) [C:/works/Pal-UE-EngineSource/Engine/Source/./Runtime/Launch/Private/Launch.cpp:180]
PalServer-Linux-Test!CommonUnixMain(int, char**, int (*)(char16_t const*), void (*)()) [C:/works/Pal-UE-EngineSource/Engine/Source/Runtime/Unix/UnixCommonStartup/Private/UnixCommonStartup.cpp:269]
libc.so.6!UnknownFunction(0x271c9)
libc.so.6!__libc_start_main(+0x84)
PalServer-Linux-Test!_start()

<CALLSTACK END>

0 loaded modules

Report end!

 

Diagnostics.txt

  • Author
1 hour ago, RPeters3607 said:

This leads me to believe it's a Palworld issue, but from all of my searching it seems to be limited to Linux users.

Delete the container, delete everything in the palworld directory except for the „Pal“ folder and pull a fresh copy from the CA App.

 

If that doesn't help then it is maybe a faulty savegame.

On what hardware do you run the container (CPU, RAM)?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.