⚠️ The latest release is unstable. Use preview builds instead
Skip to content

Environment Variables

Environment variables in the .env file control Docker infrastructure, credentials, and networking. They are not used for game settings (use server-settings.json for those).

Required Variables

These must be set for the server to function:

VariableDescription
STEAM_USERNAMESteam account username
STEAM_PASSWORDSteam account password
VNC_PASSWORDPassword for VNC web interface

Runtime Variables

VariableDescriptionDefault
GAME_PORTUDP port for multiplayer connections24642
QUERY_PORTUDP port for Steam query protocol27015
VNC_PORTTCP port for VNC web interface5800
API_PORTPort for the HTTP REST API8080
API_ENABLEDEnable HTTP API for external toolstrue
SERVER_FPSRender rate: 0 = rendering disabled, N > 0 = render at N fps0
VERBOSE_LOGGINGOverride verbose logging setting-

Security Variables

VariableDescriptionDefault
STEAM_REFRESH_TOKENPre-existing refresh token (for CI/automation)-
SERVER_PASSWORDServer password for player authentication(empty = disabled)
MAX_LOGIN_ATTEMPTSFailed login attempts before kick3
AUTH_TIMEOUT_SECONDSSeconds before unauthenticated players are kicked120
API_KEYAPI key for authenticating write requests(empty = disabled)
ALLOW_INSECURE_SETUPAllow startup when VNC_PASSWORD or API_KEY is emptyfalse

Discord Integration

VariableDescriptionDefault
DISCORD_BOT_TOKENDiscord bot token-
DISCORD_BOT_NICKNAMECustom bot nickname(farm name)
DISCORD_CHAT_CHANNEL_IDChannel ID for chat relay-

See Discord Integration for setup instructions.

Example .env File

sh
# ===== Required =====
STEAM_USERNAME=your_steam_username
STEAM_PASSWORD=your_steam_password
VNC_PASSWORD=your_secure_password

# ===== Ports (uncomment to change from defaults) =====
# GAME_PORT=24642
# QUERY_PORT=27015
# VNC_PORT=5800
# API_PORT=8080

# ===== Performance (uncomment to change from defaults) =====
# SERVER_FPS=10

# ===== Security (optional) =====
# SERVER_PASSWORD=your_server_password
# API_KEY=your_api_key

# ===== Discord (optional) =====
# DISCORD_BOT_TOKEN=your_bot_token
# DISCORD_CHAT_CHANNEL_ID=123456789012345678

# ===== CI/Automation (optional) =====
# STEAM_REFRESH_TOKEN=your_refresh_token

Variable Details

SERVER_FPS

Controls the rate at which the server draws graphics to its own display. This does not affect players — they always see the game normally on their own screens.

ValueWhat happens
0 (default)Rendering disabled. The server installs a null display device and suppresses draws; VNC shows a "Rendering Disabled" notice. The server works normally — players connect and play as usual — and it uses less CPU.
N > 0Server draws at up to N frames per second. VNC shows the game display. Useful for debugging visual issues; a low value like 10 keeps CPU cost modest.

Why is 0 the default?

A dedicated server doesn't need to display anything. It just processes game logic and sends updates to players. Skipping the graphics rendering saves significant CPU resources.

Players are not affected

When you connect to the server with your game client, you see the game on your screen rendered by your computer. SERVER_FPS only affects the server's own display (viewed via VNC).

Changing the rate at runtime

You don't have to restart to enable rendering for debugging. Both of these take effect immediately:

  • HTTP: POST /rendering?fps=10 (use fps=0 to disable again).
  • Console: docker compose exec server attach-cli, then rendering 10 (or rendering 0, rendering status).

Driving the game over VNC

While rendering is off (SERVER_FPS=0), VNC input is fully suppressed — there is nothing to see, so input has no meaning. While rendering is on, the VNC view is input-blocked except F9 (toggle host automation) and F10 (toggle visibility). Press F9 to drop automation and gain full keyboard/mouse control; press it again to re-arm the guard.

STEAM_REFRESH_TOKEN

Alternative to username/password for automated environments. Export after initial setup:

sh
docker compose run --rm steam-auth export-token

See Steam Authentication for CI/CD usage.

SERVER_PASSWORD

When set, players must authenticate with !login <password> before they can play. Leave empty to disable password protection.

See Password Protection for full documentation.

API_ENABLED

When true, the REST API is available for external tools and monitoring. See REST API for endpoints.

API_KEY

When set, all API endpoints require an Authorization: Bearer <api-key> header (except /health and /docs).

Generate a secure key:

sh
openssl rand -base64 32

When do I need this?

Currently, only the Discord bot uses the API. If you:

  • Use the Discord bot: Set the same API_KEY for both server and bot
  • Don't use the Discord bot: You can skip API_KEY if the API port (8080) is not exposed externally
  • Build custom integrations (web dashboard, monitoring, etc.): Set API_KEY and include it in your requests

WARNING

Without API_KEY, anyone with network access to port 8080 can read server data and control your server. Always set this if the API is accessible from untrusted networks.

ALLOW_INSECURE_SETUP

By default the server aborts startup when VNC_PASSWORD is empty or (with API_ENABLED=true) API_KEY is empty — leaving the VNC interface or HTTP API exposed without authentication. Set ALLOW_INSECURE_SETUP=true to override the abort on closed networks where the affected ports are not reachable from untrusted clients.

Port Summary

PortProtocolPurposeExpose Externally?
24642UDPGame (Steam SDR)No (relay handles NAT)
27015UDPSteam queryNo (relay handles NAT)
5800TCPVNC web interfaceOnly for remote access
8080TCPREST APIOnly for external tools
3001TCPSteam auth (internal)No

Changing Ports

To avoid port conflicts, you can change the host-side mappings in .env:

sh
VNC_PORT=5801
API_PORT=8081

The internal container ports remain unchanged; only the host mapping changes.

Advanced Variables

These are rarely needed but available for advanced use cases:

VariableDescriptionDefault
HEALTH_CHECK_SECONDSInterval for internal health checks300
ENABLE_MOD_INCOMPATIBLE_OPTIMIZATIONSEnable performance optimizations that may break some modstrue
FORCE_NEW_DEBUG_GAMEForce creation of a new debug game on startupfalse

WARNING

These variables are for advanced users. Changing them may cause unexpected behavior.

Released under the MIT License.