Web Admin Interface
Password-protected admin UI for runtime bot and policy management.
- Default bind:
WEB_BIND_HOST=127.0.0.1,WEB_PORT=8080 - Built-in HTTPS bind:
WEB_HTTPS_PORT=8081 - Typical container bind:
WEB_BIND_HOST=0.0.0.0with host/proxy controls - If no TLS files exist, the bot generates a self-signed certificate under
${DATA_DIR}/ssl/. - Replace
${DATA_DIR}/ssl/tls.crtand${DATA_DIR}/ssl/tls.keywith your own files if you want a browser-trusted HTTPS listener. - Login uses email + password (web-only account model)
- Optional "Keep me signed in" extends session to 5 days on device
- Inactivity timeout is configurable:
5,10,15,20,30,45,60,90, or120minutes - Theme options in header:
LightandBlack
Security controls include:
- Login rate limiting
- CSRF enforcement
- Same-origin POST checks
- Strict cookie settings and browser hardening headers
Each web user includes:
- Email (login identifier)
- Password hash
- First name
- Last name
- Display name (shown in GUI)
- Role (
Admin,Read-only,Glinet-Read-Only, orGlinet-RW) - Password age metadata (90-day rotation enforcement)
User self-service capabilities:
- Change password
- Change email
- Update first/last/display names
Admin-only user management capabilities:
- Create users
- Delete users
- Promote/demote admin users
- Reset user credentials as needed
Read-only capabilities:
- Can sign in and navigate all admin pages
- Can view all settings/options/data exposed by the web GUI
- Cannot apply management/configuration changes (save/update/delete/restart actions are blocked server-side)
Glinet-Read-Only capabilities:
- Can sign in
- Is automatically pinned to the primary Discord server (intended for the GL.iNet Community Discord)
- Can view the guild-scoped GL.iNet pages for that primary server, including dashboard, command permissions, actions, feeds, bot profile, guild settings, tag responses, bulk role CSV, and member activity
- Can export member-activity ZIP archives from
/admin/member-activity/export - Can manage their own
/admin/accountpage - Cannot access global settings, logs, documentation, user management, or other non-guild/global admin pages
Glinet-RW capabilities:
- Includes all
Glinet-Read-Onlyviewing access - Is pinned to the same primary Discord server only
- Can save guild-scoped settings/pages for that server:
- command permissions
- guild settings
- Reddit/YouTube/LinkedIn/Beta subscriptions
- tag responses
- bot nickname on the selected server
- Cannot access global settings, user management, container restart, or cross-guild selection
No Discord /login or !login flow exists for web-user creation.
All web passwords must satisfy:
- Minimum 6 characters
- Maximum 16 characters
- At least 2 numbers
- At least 1 uppercase letter
- At least 1 symbol
UI forms include show/hide password toggles and validation feedback.
- Main page lists the Discord servers the bot is currently in.
- Select a server first, then open the server dashboard for guild-scoped admin actions.
- Top menu uses dropdown-based section navigation.
- Direct
Logoutaction is available from the top header on desktop and mobile layouts. - Mobile layout uses a compact quickbar plus collapsible menu drawer for server jump, account access, theme switching, and primary page links.
- Dedicated dashboard link is shown beside the dropdown.
- Dashboard includes direct action buttons/cards for major admin workflows.
- Mobile layout is responsive for smaller screens and touch interaction.
-
/admin/command-permissionsmanages command access per selected guild. - Available modes:
-
Default rule: follow the bot's built-in default access policy for that command -
Public: allow any guild member -
Disabled: turn the command off for that guild -
Custom roles: restrict the command to one or more selected roles
-
- Custom-role mode requires at least one role ID or selected role.
- Reddit feed management page lets admins map subreddits to Discord text channels and set the polling interval from a dropdown.
- LinkedIn profile management page lets admins map public LinkedIn profiles to Discord text channels for new-post notifications.
- GL.iNet beta program page lets admins map the public GL.iNet beta-testing page to Discord text channels for added/removed program notifications.
- Tag responses and guild settings pages now follow the selected server context instead of using one global mapping.
- Member activity page shows top-20 member activity windows for the selected server.
- Member activity exports are generated for the selected server only and match the currently retained 90-day dataset.
- Guild settings also control per-server welcome messages, optional join DMs, and optional uploaded welcome images.
- Server selector / entry page
- Lists every Discord server the bot can currently access
- Sets the active server context used by guild-scoped admin pages
- Admin users can remove the bot from a server directly from this page using the per-server
Remove Botaction -
Glinet-Read-OnlyandGlinet-RWusers do not stay here; they are redirected to/admin/dashboardusing the primary guild
- Server dashboard overview
- Quick links to settings, users, moderation tooling, and logs-related actions for the selected server
- Includes a
Command Statustable for the selected server - Lists each command with:
- effective access level (
Public,Mod Only,Named Roles,Custom Roles, orDisabled) - current enabled/disabled state
- effective access level (
- Uses the same guild-scoped command-permissions data the bot enforces at runtime
- Scoped to the selected server
- Per-guild overrides for:
- bot log channel
- moderation log channel
- firmware notify channel
- self-assign access role
- welcome channel
- welcome channel message
- welcome DM enable/disable
- welcome DM message
- uploaded welcome image
- image attachment enable/disable for channel and DM
- Blank values fall back to the global runtime environment settings
Welcome-message placeholders:
{member_mention}{member_name}{display_name}{guild_name}{member_count}{account_created_at}
How to configure welcome automation:
- Open
/admin/guild-settings - Select the target guild
- Set
Welcome Channelif you want a public join post - Enter
Welcome Channel Message, or leave it blank to use the default - Enable
Send Welcome DMif you want a DM on join - Enter
Welcome DM Message, or leave it blank to use the default - Upload a welcome image if desired
- Enable image attachment for channel, DM, or both
- Save the guild settings
Notes:
- If no welcome channel is selected, the bot will not post a public welcome message
- If the member blocks DMs, the DM send is skipped and the join flow continues normally
- Supported image formats:
PNG,JPG,JPEG,WEBP,GIF - Upload size follows the configured web avatar upload limit (
WEB_AVATAR_MAX_UPLOAD_BYTES; default2097152bytes /2048 KiB) - Welcome images must be between
64x64and4096x4096 - The page shows current uploaded image metadata:
- filename
- media type
- size in bytes / KiB
- width x height
- Recommended welcome image layout is landscape artwork around
1200x675for clearer preview sizing inside Discord
- Global environment-backed settings editor
- Live dropdowns for known channel and role fields load from the currently selected server
- Managed-guild allowlist and utility integration settings
- Web-session/security settings
- Auto-logout selection (
5,10,15,20,30,45,60,90,120minutes) - Writes to
WEB_ENV_FILE, which should point to a writable path such as${DATA_DIR}/web-settings.env
- Runtime observability view in web GUI
- CPU, memory, I/O, network, and uptime snapshot cards
- 24-hour rolling metrics summary (min/avg/max) retained in-memory
- Manual refresh plus auto-refresh interval dropdown (
1,5,10,30,60,120seconds) - Public and read-only (no login required)
-
/admin/observabilityredirects to/status/everything
- Log viewer with dropdown selection (
bot.log,bot_log.log,container_errors.log,web_gui_audit.log,web_probe.log) - Refresh button plus auto-refresh interval dropdown (
1,5,10,30,60,120seconds) - Requires web GUI login
- Scoped to the selected server
- Read-only activity history for moderation actions and server-event log writes
- Useful for reviewing what the bot did without reading raw log files
- Self-service account page for the current web GUI user
- Change password
- Change email
- Update first name, last name, and display name
- Scoped to the selected server
- Read-only top 20 member activity tables for:
- last 90 days
- last 30 days
- last 7 days
- last 24 hours
- Each table shows:
- message count
- active day count
- last seen timestamp
- Export option at the bottom of the page downloads a compressed ZIP archive for the selected server
- Export respects the selected server context; there is no cross-guild combined export
- Export includes:
- per-window leaderboard CSV files
- raw member activity summary CSV
- raw hourly activity CSV
- JSON summary manifest
- Per-command access policy editor for the selected server
- Modes:
default,public,disabled,custom_roles - Multi-select role dropdown by role name
- Manual role-ID entry fallback if catalog is incomplete
- Scoped to the selected server
- Add a subreddit feed using a subreddit name or Reddit
/r/URL - Pick the target Discord text channel from a live dropdown
- Global Reddit polling interval dropdown (default every 30 minutes)
- Feed list shows enabled state, last checked time, last posted time, and last error
- New subscriptions baseline existing posts first, then only publish newer Reddit submissions
- Scoped to the selected server
- Add a YouTube channel URL and target Discord text channel
- Stores last seen video metadata so only newer uploads are posted
- Per-subscription enable/disable and delete controls
- Scoped to the selected server
- Add a public LinkedIn profile URL and target Discord text channel
- Uses the public profile page to detect newer visible posts
- Stores last seen post metadata so only newer posts are announced
- Best-effort public-profile monitoring: private or login-gated activity will not be detected
- Scoped to the selected server
- Add the public GL.iNet beta-testing page monitor and target Discord text channel
- Detects when beta programs are added to or removed from the page
- Stores the last seen program snapshot per guild/channel so only changes are announced
- Best-effort public-page monitoring: if GL.iNet changes the page structure, the watcher may need adjustment
- Built-in documentation page inside the web GUI
- Presents operator guidance and shortcuts for bot administration topics
- Embedded wiki/documentation viewer in the web GUI
- Useful when the operator wants docs without leaving the admin interface
- JSON tag editor scoped to the selected server
- Save + runtime reload
- Dynamic slash refresh trigger (restart not required)
- Scoped to the selected server
- CSV upload and target-role selection
- Assignment execution with timeout protections
- Structured results with unmatched/ambiguous/failure sections
- User and role management (
Admin/Read-only/Glinet-Read-Only/Glinet-RW) - User creation with password policy enforcement
- Admins can edit another web user's:
- first name
- last name
- display name
- Admins can reset another web user's password from the same page
- Password visibility toggle in create/reset forms
- Read bot identity
- Update server nickname/listing label for the selected server using a guild-scoped form
- Rename bot username using a separate dedicated global form/action
- Upload avatar image
Rename/profile updates are admin-only and web-GUI-only (read-only users can view this page but cannot apply changes).
Scope notes:
- Guild-scoped:
/admin/dashboard/admin/guild-settings/admin/actions/admin/member-activity/admin/command-permissions/admin/reddit-feeds/admin/youtube/admin/linkedin/admin/tag-responses/admin/bulk-role-csv- server nickname in
/admin/bot-profile
- Global:
-
.envsettings in/admin/settings - bot username/avatar in
/admin/bot-profile - web users
- logs and observability
-
Recommended for production:
- Put web UI behind HTTPS reverse proxy
- Set
WEB_PUBLIC_BASE_URLto exact external origin - Keep
WEB_TRUST_PROXY_HEADERS=trueonly for trusted proxy - Keep CSRF and same-origin checks enabled
If behind proxy, ensure forwarded headers include:
HostX-Forwarded-HostX-Forwarded-ProtoX-Forwarded-For
-
Blocked request due to origin policy.-
WEB_PUBLIC_BASE_URLmismatch with browser origin - missing/incorrect forwarded host headers
-
- Login loops back to login page
- session secret/cookie settings issue
- HTTPS mismatch when secure cookies enabled
- Proxy-only login failure
- check trusted proxy header forwarding and origin alignment
- Password field uses
autocomplete="current-password" - Labels are explicitly associated with form controls (
for+id) - Inputs are styled to consistent size/shape for usability
WEB_ENABLEDWEB_BIND_HOSTWEB_PORTWEB_HTTP_PUBLISHWEB_HTTPS_PUBLISHLOG_HARDEN_FILE_PERMISSIONSWEB_SESSION_TIMEOUT_MINUTESWEB_PUBLIC_BASE_URLWEB_ENV_FILEWEB_RESTART_ENABLEDWEB_GITHUB_WIKI_URLWEB_ADMIN_DEFAULT_USERNAMEWEB_ADMIN_DEFAULT_PASSWORDWEB_ADMIN_SESSION_SECRETWEB_SESSION_COOKIE_SECUREWEB_TRUST_PROXY_HEADERSWEB_ENFORCE_CSRFWEB_ENFORCE_SAME_ORIGIN_POSTSWEB_HARDEN_FILE_PERMISSIONSWEB_DISCORD_CATALOG_TTL_SECONDSWEB_DISCORD_CATALOG_FETCH_TIMEOUT_SECONDSWEB_BULK_ASSIGN_TIMEOUT_SECONDSWEB_BULK_ASSIGN_MAX_UPLOAD_BYTESWEB_BULK_ASSIGN_REPORT_LIST_LIMITWEB_BOT_PROFILE_TIMEOUT_SECONDSWEB_AVATAR_MAX_UPLOAD_BYTESMANAGED_GUILD_IDSENABLE_MEMBERS_INTENTCOMMAND_RESPONSES_EPHEMERALPUPPY_IMAGE_API_URLPUPPY_IMAGE_TIMEOUT_SECONDSSHORTENER_ENABLEDSHORTENER_BASE_URLSHORTENER_TIMEOUT_SECONDSYOUTUBE_NOTIFY_ENABLEDYOUTUBE_POLL_INTERVAL_SECONDSYOUTUBE_REQUEST_TIMEOUT_SECONDSUPTIME_STATUS_ENABLEDUPTIME_STATUS_PAGE_URLUPTIME_STATUS_TIMEOUT_SECONDS