brianmiller
commented
1 year ago We're punting on RBAC. I don't have time to build something too elaborate.
Commit https://github.com/brianmiller/phvalheim-server/commit/47b55942aee90822e62f676278f0f0a2d65a5f5c isolates the /admin/ pages to a dedicated port.
You can review the README changes here: https://github.com/brianmiller/phvalheim-server#container-ports https://github.com/brianmiller/phvalheim-server#docker-command-line
A note regarding Unraid:
The Unraid docker template for phvalheim-server has been updated to include an additional variable:
Oddly, Unraid doesn't update the container edit screen if the docker template has been updated. The only way I can see to get Unraid to render the new template is to:
- Stop the container
- Delete the container (do not delete your stateful directory)
- Deploy a new container, targeting the same stateful directory destination
Note: This release also includes preparatory database update logic for future schema changes. You may see "Upgrading schema to version xyz..." in the engine logs. These database changes are not being used yet.
We currently depend on a reverse proxy to control access to the admin interfaces. We're removing the need for a reverse proxy to reduce as much complexity as possible. While a reverse proxy will still be optional, it will no longer be required. Therefore, we need to implement an RBAC system.
We will store admin SteamIDs in the PhValheim MariaDB and only render admin interfaces if a match is detected.