From bf303e2b3906342912524ced8b0d11ecaa95e1a7 Mon Sep 17 00:00:00 2001
From: ChatDisabled <44729807+ChatDisabled@users.noreply.github.com>
Date: Tue, 29 Oct 2024 06:00:11 +0100
Subject: [PATCH 1/3] feat: misc.cfg

---
 misc.cfg         | 85 ++++++++++++++++++++++++++++++++++++++++++++++++
 qbox-lean.yaml   |  4 +++
 qbox-stable.yaml |  4 +++
 qbox.yaml        |  4 +++
 server.cfg       |  3 ++
 5 files changed, 100 insertions(+)
 create mode 100644 misc.cfg

diff --git a/misc.cfg b/misc.cfg
new file mode 100644
index 0000000..d46d5f9
--- /dev/null
+++ b/misc.cfg
@@ -0,0 +1,85 @@
+# This is an aggregated list of possible helpful convars for server owners.
+# The required artifacts version may vary so please check if said convar applies to you.
+
+# A string variable that can be used to set the server as "private", making it not possible to join by using the server browser UI (the server connect button will be disabled).
+# Default: "https://servers-ingress-live.fivem.net/ingress"
+# Type: string
+# set sv_master1 ""
+
+# Variance is how likely the user's id will change for a given provider (i.e. 'steam', 'ip', or 'license'). As an integer from 1-5 (default 5); from least to most likely to change.
+# Default: 5
+# Type: int
+# set sv_authMaxVariance 5
+
+# Trust is how unlikely it is for the user's identity to be spoofed by a malicious client. As an integer from 1-5 (default 1); from least to most trustworthy.
+# (5 being a method such as external three-way authentication).
+# Default: 1
+# Type: int
+# set sv_authMinTrust 1
+
+# This helps counter proxy-based HTTP floods. Find more info here: https://docs.fivem.net/docs/server-manual/server-commands/#sv_requestparanoia-newvalue
+# If set to level 2 greater, all requests made to info.json, dynamic.json and players.json related endpoints will return "Nope."
+# Default: 0
+# Type: int
+# set sv_requestParanoia 0
+
+# Used to block REQUEST_CONTROL_EVENT routing based on a configurable policy. Find more info here: https://docs.fivem.net/docs/server-manual/server-commands/#sv_filterrequestcontrol-mode
+# Default: 0
+# Type: int
+# set sv_filterRequestControl 0
+
+# Used if sv_filterRequestControl is set to 1 or 3. Allows you to set after how long (based on entity creation time in milliseconds) an entity should be blocked from a REQUEST_CONTROL_EVENT
+# Default: 30000
+# Type: int
+# set sv_filterRequestControlSettleTimer 30000
+
+# Used to prevent users from using modified client files. See: https://docs.fivem.net/docs/server-manual/server-commands/#sv_purelevel-level
+# Default: 0
+# Type: int
+# set sv_pureLevel 0
+
+# Used to prevent users from routing NETWORK_PLAY_SOUND_EVENT through the server, which is commonly used by malicious actors. This is set to true by default (allow routing)
+# Default: true
+# Type: boolean
+# set sv_enableNetworkedSounds true
+
+# Enabling it (by setting it to true), will allow users to route REQUEST_PHONE_EXPLOSION_EVENT through the server. The main drawback behind enabling this, is that it can also be used by malicious actors.
+# Default: false
+# Type: boolean
+# set sv_enablePhoneExplosions false
+
+# A boolean console variable introduced in server version 8540 that can be used to prevent users from routing SCRIPT_ENTITY_STATE_CHANGE_EVENT through the server, which is commonly used by malicious actors.
+# Default: true
+# Type: boolean
+# set sv_enableNetworkedScriptEntityStates true
+
+# Any profile settings can be enforced by the server by using setr to replicate it to the client.
+# All possible settings can be found in your own FiveM installation at "C:\Users\user\AppData\Roaming\CitizenFX\fivem.cfg"
+# The following are a few examples, but the possibilities are not limited to what is shown here.
+# setr profile_fpsCombatroll 0 # Forces the player to go in third person when combat rolling while in first person
+# setr profile_fpsFieldOfView 30 # Puts the FOV to 30 when in first person
+# setr profile_skfx 0 # Disables kill screen effects
+
+# This will set the HTTP protocol version to 2.0 instead of 1.1. As of writing this is still experimental and may causes crashes.
+# https://www.cloudflare.com/learning/performance/http2-vs-http1.1/ & https://github.com/citizenfx/fivem/blob/2632c6dd1a417d29cbf1e228513be15017fa29b5/code/components/citizen-server-net/src/HttpServerManager.cpp#L95
+# Default: false
+# Type: boolean
+# set sv_netHttp2 false
+
+# The following convars all have something to do with the *_LATENT_* natives. These natives were never recommended to be used and were flawed under the hood. These convars should fix that.
+# Default: false
+# Type: boolean
+# setr sv_enableNetEventReassembly false
+# If the above is set to true, you can use one of these 2 convars to set the amount of pending events to be reassembled.
+# Default: 100
+# Type: int
+# setr sv_netEventReassemblyMaxPendingEvents 100 # This can be anything from 0 to 254
+# Default: false
+# Type: boolean
+# setr sv_netEventReassemblyUnlimitedPendingEvents false # Allows for unlimited pending events. Disable the above convar if you want to use this one.
+
+# Turns on certain restrictions regarding entity creation. This will apply to the whole server. (click on the native link below to see the possible options)
+# See the native alternative to apply rules to specific buckets. https://docs.fivem.net/natives/?_0xA0F2201F, also see qbx:bucketlockdownmode
+# Default: "inactive"
+# Type: string
+# set sv_entityLockdown "inactive"
\ No newline at end of file
diff --git a/qbox-lean.yaml b/qbox-lean.yaml
index 7ffe9ce..6938e6a 100644
--- a/qbox-lean.yaml
+++ b/qbox-lean.yaml
@@ -28,6 +28,10 @@ tasks:
     src: ./tmp/qbox/voice.cfg
     dest: ./voice.cfg
 
+  - action: move_path
+    src: ./tmp/qbox/misc.cfg
+    dest: ./misc.cfg
+
   - action: move_path
     src: ./tmp/qbox/myLogo.png
     dest: ./myLogo.png
diff --git a/qbox-stable.yaml b/qbox-stable.yaml
index 358f63a..3d3cc57 100644
--- a/qbox-stable.yaml
+++ b/qbox-stable.yaml
@@ -28,6 +28,10 @@ tasks:
     src: ./tmp/qbox/voice.cfg
     dest: ./voice.cfg
 
+  - action: move_path
+    src: ./tmp/qbox/misc.cfg
+    dest: ./misc.cfg
+
   - action: move_path
     src: ./tmp/qbox/myLogo.png
     dest: ./myLogo.png
diff --git a/qbox.yaml b/qbox.yaml
index 97b31ca..67a9804 100644
--- a/qbox.yaml
+++ b/qbox.yaml
@@ -28,6 +28,10 @@ tasks:
     src: ./tmp/qbox/voice.cfg
     dest: ./voice.cfg
 
+  - action: move_path
+    src: ./tmp/qbox/misc.cfg
+    dest: ./misc.cfg
+
   - action: move_path
     src: ./tmp/qbox/myLogo.png
     dest: ./myLogo.png
diff --git a/server.cfg b/server.cfg
index 599001a..24edc4e 100644
--- a/server.cfg
+++ b/server.cfg
@@ -80,3 +80,6 @@ ensure npwd
 ## Permissions ##
 {{addPrincipalsMaster}}
 exec permissions.cfg
+
+# Miscellaneous settings
+exec misc.cfg
\ No newline at end of file

From 344836ae5a94ad37492a1c808eb297ce60f95961 Mon Sep 17 00:00:00 2001
From: ChatDisabled <44729807+ChatDisabled@users.noreply.github.com>
Date: Tue, 29 Oct 2024 09:09:45 +0100
Subject: [PATCH 2/3] chore: move contents inside of server.cfg

---
 misc.cfg         | 85 ----------------------------------------------
 qbox-lean.yaml   |  4 ---
 qbox-stable.yaml |  4 ---
 qbox.yaml        |  4 ---
 server.cfg       | 87 ++++++++++++++++++++++++++++++++++++++++++++++--
 5 files changed, 85 insertions(+), 99 deletions(-)
 delete mode 100644 misc.cfg

diff --git a/misc.cfg b/misc.cfg
deleted file mode 100644
index d46d5f9..0000000
--- a/misc.cfg
+++ /dev/null
@@ -1,85 +0,0 @@
-# This is an aggregated list of possible helpful convars for server owners.
-# The required artifacts version may vary so please check if said convar applies to you.
-
-# A string variable that can be used to set the server as "private", making it not possible to join by using the server browser UI (the server connect button will be disabled).
-# Default: "https://servers-ingress-live.fivem.net/ingress"
-# Type: string
-# set sv_master1 ""
-
-# Variance is how likely the user's id will change for a given provider (i.e. 'steam', 'ip', or 'license'). As an integer from 1-5 (default 5); from least to most likely to change.
-# Default: 5
-# Type: int
-# set sv_authMaxVariance 5
-
-# Trust is how unlikely it is for the user's identity to be spoofed by a malicious client. As an integer from 1-5 (default 1); from least to most trustworthy.
-# (5 being a method such as external three-way authentication).
-# Default: 1
-# Type: int
-# set sv_authMinTrust 1
-
-# This helps counter proxy-based HTTP floods. Find more info here: https://docs.fivem.net/docs/server-manual/server-commands/#sv_requestparanoia-newvalue
-# If set to level 2 greater, all requests made to info.json, dynamic.json and players.json related endpoints will return "Nope."
-# Default: 0
-# Type: int
-# set sv_requestParanoia 0
-
-# Used to block REQUEST_CONTROL_EVENT routing based on a configurable policy. Find more info here: https://docs.fivem.net/docs/server-manual/server-commands/#sv_filterrequestcontrol-mode
-# Default: 0
-# Type: int
-# set sv_filterRequestControl 0
-
-# Used if sv_filterRequestControl is set to 1 or 3. Allows you to set after how long (based on entity creation time in milliseconds) an entity should be blocked from a REQUEST_CONTROL_EVENT
-# Default: 30000
-# Type: int
-# set sv_filterRequestControlSettleTimer 30000
-
-# Used to prevent users from using modified client files. See: https://docs.fivem.net/docs/server-manual/server-commands/#sv_purelevel-level
-# Default: 0
-# Type: int
-# set sv_pureLevel 0
-
-# Used to prevent users from routing NETWORK_PLAY_SOUND_EVENT through the server, which is commonly used by malicious actors. This is set to true by default (allow routing)
-# Default: true
-# Type: boolean
-# set sv_enableNetworkedSounds true
-
-# Enabling it (by setting it to true), will allow users to route REQUEST_PHONE_EXPLOSION_EVENT through the server. The main drawback behind enabling this, is that it can also be used by malicious actors.
-# Default: false
-# Type: boolean
-# set sv_enablePhoneExplosions false
-
-# A boolean console variable introduced in server version 8540 that can be used to prevent users from routing SCRIPT_ENTITY_STATE_CHANGE_EVENT through the server, which is commonly used by malicious actors.
-# Default: true
-# Type: boolean
-# set sv_enableNetworkedScriptEntityStates true
-
-# Any profile settings can be enforced by the server by using setr to replicate it to the client.
-# All possible settings can be found in your own FiveM installation at "C:\Users\user\AppData\Roaming\CitizenFX\fivem.cfg"
-# The following are a few examples, but the possibilities are not limited to what is shown here.
-# setr profile_fpsCombatroll 0 # Forces the player to go in third person when combat rolling while in first person
-# setr profile_fpsFieldOfView 30 # Puts the FOV to 30 when in first person
-# setr profile_skfx 0 # Disables kill screen effects
-
-# This will set the HTTP protocol version to 2.0 instead of 1.1. As of writing this is still experimental and may causes crashes.
-# https://www.cloudflare.com/learning/performance/http2-vs-http1.1/ & https://github.com/citizenfx/fivem/blob/2632c6dd1a417d29cbf1e228513be15017fa29b5/code/components/citizen-server-net/src/HttpServerManager.cpp#L95
-# Default: false
-# Type: boolean
-# set sv_netHttp2 false
-
-# The following convars all have something to do with the *_LATENT_* natives. These natives were never recommended to be used and were flawed under the hood. These convars should fix that.
-# Default: false
-# Type: boolean
-# setr sv_enableNetEventReassembly false
-# If the above is set to true, you can use one of these 2 convars to set the amount of pending events to be reassembled.
-# Default: 100
-# Type: int
-# setr sv_netEventReassemblyMaxPendingEvents 100 # This can be anything from 0 to 254
-# Default: false
-# Type: boolean
-# setr sv_netEventReassemblyUnlimitedPendingEvents false # Allows for unlimited pending events. Disable the above convar if you want to use this one.
-
-# Turns on certain restrictions regarding entity creation. This will apply to the whole server. (click on the native link below to see the possible options)
-# See the native alternative to apply rules to specific buckets. https://docs.fivem.net/natives/?_0xA0F2201F, also see qbx:bucketlockdownmode
-# Default: "inactive"
-# Type: string
-# set sv_entityLockdown "inactive"
\ No newline at end of file
diff --git a/qbox-lean.yaml b/qbox-lean.yaml
index 6938e6a..7ffe9ce 100644
--- a/qbox-lean.yaml
+++ b/qbox-lean.yaml
@@ -28,10 +28,6 @@ tasks:
     src: ./tmp/qbox/voice.cfg
     dest: ./voice.cfg
 
-  - action: move_path
-    src: ./tmp/qbox/misc.cfg
-    dest: ./misc.cfg
-
   - action: move_path
     src: ./tmp/qbox/myLogo.png
     dest: ./myLogo.png
diff --git a/qbox-stable.yaml b/qbox-stable.yaml
index 3d3cc57..358f63a 100644
--- a/qbox-stable.yaml
+++ b/qbox-stable.yaml
@@ -28,10 +28,6 @@ tasks:
     src: ./tmp/qbox/voice.cfg
     dest: ./voice.cfg
 
-  - action: move_path
-    src: ./tmp/qbox/misc.cfg
-    dest: ./misc.cfg
-
   - action: move_path
     src: ./tmp/qbox/myLogo.png
     dest: ./myLogo.png
diff --git a/qbox.yaml b/qbox.yaml
index 67a9804..97b31ca 100644
--- a/qbox.yaml
+++ b/qbox.yaml
@@ -28,10 +28,6 @@ tasks:
     src: ./tmp/qbox/voice.cfg
     dest: ./voice.cfg
 
-  - action: move_path
-    src: ./tmp/qbox/misc.cfg
-    dest: ./misc.cfg
-
   - action: move_path
     src: ./tmp/qbox/myLogo.png
     dest: ./myLogo.png
diff --git a/server.cfg b/server.cfg
index 24edc4e..9d24a91 100644
--- a/server.cfg
+++ b/server.cfg
@@ -81,5 +81,88 @@ ensure npwd
 {{addPrincipalsMaster}}
 exec permissions.cfg
 
-# Miscellaneous settings
-exec misc.cfg
\ No newline at end of file
+# This is an aggregated list of possible helpful convars for server owners.
+# The required artifacts version may vary so please check if said convar applies to you.
+
+# A string variable that can be used to set the server as "private", making it not possible to join by using the server browser UI (the server connect button will be disabled).
+# Default: "https://servers-ingress-live.fivem.net/ingress"
+# Type: string
+set sv_master1 "https://servers-ingress-live.fivem.net/ingress" # Set to "" to mark the server as private
+
+# Variance is how likely the user's id will change for a given provider (i.e. 'steam', 'ip', or 'license'). As an integer from 1-5 (default 5); from least to most likely to change.
+# Default: 5
+# Type: int
+set sv_authMaxVariance 5
+
+# Trust is how unlikely it is for the user's identity to be spoofed by a malicious client. As an integer from 1-5 (default 1); from least to most trustworthy.
+# (5 being a method such as external three-way authentication).
+# Default: 1
+# Type: int
+set sv_authMinTrust 1
+
+# This helps counter proxy-based HTTP floods. Find more info here: https://docs.fivem.net/docs/server-manual/server-commands/#sv_requestparanoia-newvalue
+# If set to level 2 greater, all requests made to info.json, dynamic.json and players.json related endpoints will return "Nope."
+# Default: 0
+# Type: int
+set sv_requestParanoia 0
+
+# Used to block REQUEST_CONTROL_EVENT routing based on a configurable policy. Find more info here: https://docs.fivem.net/docs/server-manual/server-commands/#sv_filterrequestcontrol-mode
+# Default: 0
+# Type: int
+set sv_filterRequestControl 0
+
+# Used if sv_filterRequestControl is set to 1 or 3. Allows you to set after how long (based on entity creation time in milliseconds) an entity should be blocked from a REQUEST_CONTROL_EVENT
+# Default: 30000
+# Type: int
+set sv_filterRequestControlSettleTimer 30000
+
+# Used to prevent users from using modified client files. See: https://docs.fivem.net/docs/server-manual/server-commands/#sv_purelevel-level
+# Default: 0
+# Type: int
+set sv_pureLevel 0
+
+# Used to prevent users from routing NETWORK_PLAY_SOUND_EVENT through the server, which is commonly used by malicious actors. This is set to true by default (allow routing)
+# Default: true
+# Type: boolean
+set sv_enableNetworkedSounds true
+
+# Enabling it (by setting it to true), will allow users to route REQUEST_PHONE_EXPLOSION_EVENT through the server. The main drawback behind enabling this, is that it can also be used by malicious actors.
+# Default: false
+# Type: boolean
+set sv_enablePhoneExplosions false
+
+# A boolean console variable introduced in server version 8540 that can be used to prevent users from routing SCRIPT_ENTITY_STATE_CHANGE_EVENT through the server, which is commonly used by malicious actors.
+# Default: true
+# Type: boolean
+set sv_enableNetworkedScriptEntityStates true
+
+# Any profile settings can be enforced by the server by using setr to replicate it to the client.
+# All possible settings can be found in your own FiveM installation at "C:\Users\user\AppData\Roaming\CitizenFX\fivem.cfg"
+# The following are a few examples, but the possibilities are not limited to what is shown here.
+setr profile_fpsCombatroll 0 # 0: Forces the player to go in third person when combat rolling while in first person 1: leaves them in first person
+setr profile_fpsFieldOfView 30 # Puts the FOV to 30 when in first person
+setr profile_skfx 1 # 0: disables kill screen effects 1: enables them
+
+# This will set the HTTP protocol version to 2.0 instead of 1.1. As of writing this is still experimental and may causes crashes.
+# https://www.cloudflare.com/learning/performance/http2-vs-http1.1/ & https://github.com/citizenfx/fivem/blob/2632c6dd1a417d29cbf1e228513be15017fa29b5/code/components/citizen-server-net/src/HttpServerManager.cpp#L95
+# Default: false
+# Type: boolean
+set sv_netHttp2 false
+
+# The following convars all have something to do with the *_LATENT_* natives. These natives were never recommended to be used and were flawed under the hood. These convars should fix that.
+# Default: false
+# Type: boolean
+setr sv_enableNetEventReassembly false
+# If the above is set to true, you can use one of these 2 convars to set the amount of pending events to be reassembled.
+# Default: 100
+# Type: int
+setr sv_netEventReassemblyMaxPendingEvents 100 # This can be anything from 0 to 254
+# Default: false
+# Type: boolean
+# setr sv_netEventReassemblyUnlimitedPendingEvents false # Allows for unlimited pending events. Disable the above convar if you want to use this one.
+
+# Turns on certain restrictions regarding entity creation. This will apply to the whole server. (click on the native link below to see the possible options)
+# See the native alternative to apply rules to specific buckets. https://docs.fivem.net/natives/?_0xA0F2201F, also see qbx:bucketlockdownmode
+# Default: "inactive"
+# Type: string
+set sv_entityLockdown "inactive"
\ No newline at end of file

From b4cd2af9869629cbf8a5c66654cdde7f64baa5dc Mon Sep 17 00:00:00 2001
From: ChatDisabled <44729807+ChatDisabled@users.noreply.github.com>
Date: Tue, 29 Oct 2024 09:34:31 +0100
Subject: [PATCH 3/3] tweak: comment out sv_master

Just in case, seemed to not like it when set to its default value from limited testing. Can't confirm.
---
 server.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server.cfg b/server.cfg
index 9d24a91..81c1a40 100644
--- a/server.cfg
+++ b/server.cfg
@@ -87,7 +87,7 @@ exec permissions.cfg
 # A string variable that can be used to set the server as "private", making it not possible to join by using the server browser UI (the server connect button will be disabled).
 # Default: "https://servers-ingress-live.fivem.net/ingress"
 # Type: string
-set sv_master1 "https://servers-ingress-live.fivem.net/ingress" # Set to "" to mark the server as private
+# set sv_master1 "" # Uncomment to mark the server as private
 
 # Variance is how likely the user's id will change for a given provider (i.e. 'steam', 'ip', or 'license'). As an integer from 1-5 (default 5); from least to most likely to change.
 # Default: 5