Sourcemod Plugin
This covers functionality available through the gbans plugin as well as some recommended configuration options.
In-Game Commands
| Command | Perms | Description |
|---|---|---|
| gb_mod | Sends a notification to discord (if its enabled) to the users belonging to the group configured in the "mod ping role id" discord setting. | |
| gb_ban | ADMFLAG_BAN | Ban a user using in-game menu. |
| gb_reload | ADMFLAG_ROOT | Reinitializes some parts of the plugin such as authentication password. |
| gb_version | Shows the current plugin version. | |
| report | Report a user. |
Convars
| convar | default value | Description |
|---|---|---|
| gb_core_host | localhost | Address gbans is listening on |
| gb_core_port | 6006 | Port gbans is listening on |
| gb_core_server_key | '' | Password generated by gbans to authenticate the server. |
| gb_disable_autoteam | 1 | Disallow the use of the autoteam command |
| gb_hide_connections | 1 | Dont show the connect/disconnect message to users |
| gb_stv_enable | 1 | Enable SourceTV |
| gb_auto_record | 1 | Enable automatic recording |
| gb_stv_minplayers | 1 | Minimum players on server to start recording |
| gb_stv_ignorebots | 1 | Ignore bots in the player count |
| gb_stv_timestart | -1 | Hour in the day to start recording (0-23, -1 disables) |
| gb_stv_timestop | -1 | Hour in the day to stop recording (0-23, -1 disables) |
| gb_stv_finishmap | 1 | If 1, continue recording until the map ends |
| gb_stv_path | stv_demos/active | Path to store currently recording demos |
| gb_stv_path_complete | stv_demos/complete | Path to store complete demos |
Creating a sourcemod database user for clientprefs
It's recommended, but not required, to create a secondary less-privileged user, especially when using servers remote to the gbans instance. Below is an example of creating a restricted user that only has access to the tables, and functions, required for operation.
If you are using the official docker images, you must ensure that you enable the md5 authentication method when creating
the image. This can be achieved by defining the env var POSTGRES_HOST_AUTH_METHOD=md5 when building your image. This
will automatically apply the following values under your pg_hba.conf.
host all all all md5
If you are not using docker, you can of course just manually edit this file. Its usually located at /var/lib/postgresql/data/pg_hba.conf.
Note that this is only the default method and you should consider a more restrictive set of parameters, such as limiting the database, role and hosts that are allowed to connect. For example, we could restrict access like so:
host gbans sourcemod 10.20.30.0/24 md5
See the postgres docs on pg_hba.conf for more details.
With md5 auth setup, you can now create a role for sourcemod:
CREATE ROLE sourcemod WITH LOGIN PASSWORD '<your-password>';
GRANT CONNECT ON DATABASE gbans TO sourcemod;
GRANT USAGE ON SCHEMA public TO sourcemod;
GRANT SELECT ON
sm_config, sm_overrides, sm_group_overrides, sm_group_immunity, sm_groups,
sm_admins_groups, sm_admins,
cidr_block_whitelist, cidr_block_entries,
person_whitelist,
ban, ban_asn, ban_net, ban_group,
steam_friends, steam_group_members,
net_asn TO sourcemod;
GRANT SELECT, INSERT, UPDATE, DELETE ON sm_cookie_cache, sm_cookies TO sourcemod;
GRANT CREATE ON SCHEMA public TO sourcemod; -- extension will bail if not set it seems :(.
GRANT USAGE, SELECT ON SEQUENCE sm_cookies_id_seq TO sourcemod;
GRANT EXECUTE ON FUNCTION check_ban TO sourcemod;
Next you can setup your sourcemod databases.cfg with this user.
"Databases"
{
"default"
{
"driver" "pgsql"
"host" "localhost"
"database" "gbans"
"user" "sourcemod"
"pass" "<your-password>"
"timeout" "60"
"port" "5432"
}
}