RoxiReports Configuration
Most server owners only need to edit two files: config/config.lua for public behavior and config/servercfg.lua for permissions, database names, webhooks, uploads, and other server-only values.
Shared config
config/config.lua is safe to read on the client, so do not put secrets here. Use it for commands, language, report categories, limits, cooldowns, and UI behavior.
Config.Locale = 'en'
Config.Commands = {
Report = 'report',
Reports = 'reports',
StaffReports = 'staffreports',
ReportBans = 'reportsbans',
ToggleNotify = 'reporttoggle',
UserView = 'reportsuserview'
}
Config.Theme = {
MainAccent = '#8B5CF6',
SecondAccent = '#A855F7'
}
Config.Reports = {
MaxOpen = 2,
TitleMax = 80,
DescMax = 1200,
CommentMax = 700
}
Config.AllowStaffCreateReports = false
Config.Theme controls the main NUI accent colors. It belongs in the shared config because the browser UI needs to read it. Keep secrets, webhook URLs, and upload keys in servercfg.lua.
Config.Theme = {
MainAccent = '#EF4444',
SecondAccent = '#F97316'
}
Keep subject and details limits reasonable. This prevents broken layouts and stops players from sending huge payloads through NUI.
Server config
config/servercfg.lua is server-only. Put webhook URLs, upload headers, staff permissions, table names, purge timing, and role tags here.
ServerConfig.Permissions = {
Ace = { 'group.admin', 'group.mod' },
Discord = { '1515992647557189652', '1515992840738701322' },
Qb = { admin = true, mod = true },
Esx = { admin = true, mod = true }
}
ServerConfig.Webhooks = {
Enabled = false,
NewReport = '',
Claimed = '',
Closed = ''
}
ServerConfig.Screenshot = {
Enabled = false,
Provider = 'screencapture',
UploadURL = '',
Field = 'file',
Headers = {}
}
Permissions
RoxiReports can accept staff access from ACE, Discord roles, QBCore/Qbox groups, and ESX groups. You can use one method or mix them. The server checks ACE first, then Discord roles, then the active framework group.
Ace- server permissions such asgroup.adminor any custom ACE you create.Discord- Discord role IDs checked through the optional Discord bot bridge.Qb- QBCore/Qbox permission names such asadmin,mod, orgod.Esx- ESX group names such asadmin,mod, orsuperadmin.
add_ace group.admin group.admin allow
Screenshots and evidence
- Enable screenshot upload only after configuring a provider.
- Use
screencapturefor player-view captures. - Use a Discord webhook, FiveManage endpoint, or another configured upload target.
- Evidence URLs are validated server-side before being saved.
Staff tags and templates
Staff tags can come from Discord roles, ACE permissions, QB/Qbox groups, or ESX groups.
ServerConfig.StaffTags = {
{ type = 'discord', value = '1515992647557189652', position = 0, label = 'Management', color = '#a855f7' },
{ type = 'discord', value = '1515992840738701322', position = 1, label = 'Admin', color = '#ef4444' },
{ type = 'ace', value = 'group.admin', position = 5, label = 'Admin', color = '#ef4444' },
{ type = 'qb', value = 'mod', position = 10, label = 'Moderator', color = '#22c55e' },
{ type = 'esx', value = 'admin', position = 10, label = 'Admin', color = '#ef4444' }
}
Lower position wins. If someone has QB admin and Discord Management, set the Management tag with a lower position so it appears first.
Staff player view
Use /reportsuserview when an admin wants to test the player center without removing staff permissions. While it is enabled, reports opened in-game use the player view and messages written from the game are saved as user messages. Discord replies still use the real Discord staff role and tag.
Chat avatars
RoxiReports stores the Discord avatar when a staff member links with /reportsconnect. If the Discord avatar is not available, you can enable the optional Steam fallback with a Steam Web API key.
ServerConfig.Avatars = {
Discord = true,
Steam = {
Enabled = false,
ApiKey = '',
CacheSeconds = 86400
}
}
Replacing the ROXI image
Release builds already include the NUI inside nui/dist. If a customer does not have the React source, they can still replace the public ROXI image by swapping the built image file.
- Open
RoxiReports/nui/dist/assets. - Find the built ROXI logo image, usually named like
roxi-r-xxxxx.png. - Replace that file with your own transparent PNG while keeping the exact same filename.
- Restart the resource and clear the client cache if the old image is still shown.
Keep the image square and transparent for the cleanest chat/avatar fallback result.
Report cleanup
Archived reports can be purged automatically after the configured number of hours. Staff can also force delete reports when needed.
