Settings and keys
This page covers the panel settings screen: connection health, authentication reference, the theme, save sync controls, and Integration API keys.
Connections
Section titled “Connections”The connections card shows the live status of each data channel: the game REST API, RCON, the mounted save volume, and the Compose file. It confirms at a glance that the panel can reach everything it needs.
Authentication
Section titled “Authentication”The authentication card is a reference, not an editor. The admin password and the optional viewer password are set through environment variables when you run the container, and the card confirms what is configured without showing the values. Sessions last 7 days. The game server’s admin password is never sent to the browser.
The appearance card sets the theme to system, dark, or light. System follows your operating system preference. The choice takes effect immediately and is remembered in the browser.
Save sync
Section titled “Save sync”The save sync card shows when the save was last parsed, how long the parse took, and how many guilds and players it found, along with a count of skipped properties. The sync interval is set through an environment variable and shown here for reference. An admin can select “Parse now” to force an immediate re-parse.
Integration API keys
Section titled “Integration API keys”The Integration API is a separate read-only, bearer-token API for bots, dashboards, and scripts. This card manages its keys. It is admin-only. A viewer never sees it, and the underlying API refuses viewer requests.
To create a key, select “New key” and give it a label, for example discord-bot. The label identifies the key in the list and is never sent to the bot. The plaintext key is shown exactly once, right after creation. Copy it then. The panel stores only a hash and can never show the key again. A key looks like this:
phk_a1b2c3d4_<43 more characters, shown once>To stop a key from working, select “Revoke”. Revocation takes effect on the very next request, with no restart. Revoked keys stay in the list for the audit trail and cannot be un-revoked. To replace a key, issue a new one. Up to 100 active keys are allowed.
Data sources
Section titled “Data sources”This screen reads GET /api/v1/server, GET /api/v1/server/health, GET /api/v1/config, and GET /api/v1/world. A forced parse uses POST /api/v1/world/parse. Keys are managed with GET, POST, and DELETE /api/v1/integration-keys.