1
0
mirror of https://github.com/tommytran732/Pterodactyl-Script synced 2024-11-14 07:01:33 -05:00
Pterodactyl-Script/install.sh

2148 lines
88 KiB
Bash
Raw Permalink Normal View History

2020-06-25 05:31:54 -04:00
#!/bin/bash
output(){
echo -e '\e[36m'$1'\e[0m';
}
warn(){
echo -e '\e[31m'$1'\e[0m';
}
2021-01-20 01:17:57 -05:00
PANEL=v1.2.2
2021-01-11 11:22:42 -05:00
WINGS=v1.2.3
PANEL_LEGACY=v0.7.19
DAEMON_LEGACY=v0.6.13
PHPMYADMIN=5.0.4
2020-06-25 05:31:54 -04:00
preflight(){
output "Pterodactyl Installation & Upgrade Script"
2020-06-25 05:31:54 -04:00
output "Copyright © 2020 Thien Tran <contact@thientran.io>."
output "Please join my Telegram for community support: https://t.me/revenact"
2020-06-25 05:31:54 -04:00
output ""
output "Please note that this script is meant to be installed on a fresh OS. Installing it on a non-fresh OS may cause problems."
output "Automatic operating system detection initialized..."
2020-06-25 05:31:54 -04:00
os_check
if [ "$EUID" -ne 0 ]; then
output "Please run as root."
exit 3
fi
output "Automatic architecture detection initialized..."
2020-06-25 05:31:54 -04:00
MACHINE_TYPE=`uname -m`
if [ ${MACHINE_TYPE} == 'x86_64' ]; then
output "64-bit server detected! Good to go."
output ""
else
output "Unsupported architecture detected! Please switch to 64-bit (x86_64)."
exit 4
fi
output "Automatic virtualization detection initialized..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ]; then
apt-get update --fix-missing
apt-get -y install software-properties-common
add-apt-repository -y universe
apt-get -y install virt-what curl
elif [ "$lsb_dist" = "debian" ]; then
apt update --fix-missing
2020-10-11 23:26:58 -04:00
apt-get -y install software-properties-common virt-what wget curl dnsutils
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
2020-10-11 23:26:58 -04:00
yum -y install virt-what wget bind-utils
2020-06-25 05:31:54 -04:00
fi
virt_serv=$(echo $(virt-what))
if [ "$virt_serv" = "" ]; then
output "Virtualization: Bare Metal detected."
elif [ "$virt_serv" = "openvz lxc" ]; then
output "Virtualization: OpenVZ 7 detected."
elif [ "$virt_serv" = "xen xen-hvm" ]; then
output "Virtualization: Xen-HVM detected."
elif [ "$virt_serv" = "xen xen-hvm aws" ]; then
output "Virtualization: Xen-HVM on AWS detected."
warn "When creating allocations for this node, please use the internal IP as Google Cloud uses NAT routing."
warn "Resuming in 10 seconds..."
2020-06-25 05:31:54 -04:00
sleep 10
else
output "Virtualization: $virt_serv detected."
fi
output ""
if [ "$virt_serv" != "" ] && [ "$virt_serv" != "kvm" ] && [ "$virt_serv" != "vmware" ] && [ "$virt_serv" != "hyperv" ] && [ "$virt_serv" != "openvz lxc" ] && [ "$virt_serv" != "xen xen-hvm" ] && [ "$virt_serv" != "xen xen-hvm aws" ]; then
warn "Unsupported type of virtualization detected. Please consult with your hosting provider whether your server can run Docker or not. Proceed at your own risk."
2020-06-25 05:31:54 -04:00
warn "No support would be given if your server breaks at any point in the future."
warn "Proceed?\n[1] Yes.\n[2] No."
read choice
case $choice in
1) output "Proceeding..."
;;
2) output "Cancelling installation..."
exit 5
;;
esac
output ""
fi
2020-06-25 10:33:12 -04:00
output "Kernel detection initialized..."
2020-06-25 05:31:54 -04:00
if echo $(uname -r) | grep -q xxxx; then
2020-06-25 10:33:12 -04:00
output "OVH kernel detected. This script will not work. Please reinstall your server using a generic/distribution kernel."
2020-06-25 05:31:54 -04:00
output "When you are reinstalling your server, click on 'custom installation' and click on 'use distribution' kernel after that."
2020-06-25 10:33:12 -04:00
output "You might also want to do custom partitioning, remove the /home partition and give / all the remaining space."
2020-06-25 05:31:54 -04:00
output "Please do not hesitate to contact us if you need help regarding this issue."
exit 6
elif echo $(uname -r) | grep -q pve; then
output "Proxmox LXE kernel detected. You have chosen to continue in the last step, therefore we are proceeding at your own risk."
2020-06-25 05:31:54 -04:00
output "Proceeding with a risky operation..."
elif echo $(uname -r) | grep -q stab; then
if echo $(uname -r) | grep -q 2.6; then
output "OpenVZ 6 detected. This server will definitely not work with Docker, regardless of what your provider might say. Exiting to avoid further damages."
exit 6
fi
elif echo $(uname -r) | grep -q gcp; then
output "Google Cloud Platform detected."
warn "Please make sure you have a static IP setup, otherwise the system will not work after a reboot."
warn "Please also make sure the GCP firewall allows the ports needed for the server to function normally."
warn "When creating allocations for this node, please use the internal IP as Google Cloud uses NAT routing."
warn "Resuming in 10 seconds..."
2020-06-25 05:31:54 -04:00
sleep 10
else
output "Did not detect any bad kernel. Moving forward..."
2020-06-25 05:31:54 -04:00
output ""
fi
}
os_check(){
if [ -r /etc/os-release ]; then
lsb_dist="$(. /etc/os-release && echo "$ID")"
dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
if [ $lsb_dist = "rhel" ]; then
dist_version="$(echo $dist_version | awk -F. '{print $1}')"
fi
else
exit 1
fi
if [ "$lsb_dist" = "ubuntu" ]; then
2020-12-08 15:07:30 -05:00
if [ "$dist_version" != "20.04" ] && [ "$dist_version" != "18.04" ]; then
output "Unsupported Ubuntu version. Only Ubuntu 20.04 and 18.04 are supported."
2020-06-25 05:31:54 -04:00
exit 2
fi
elif [ "$lsb_dist" = "debian" ]; then
2020-12-08 15:14:27 -05:00
if [ "$dist_version" != "10" ]; then
output "Unsupported Debian version. Only Debian 10 is supported."
2020-06-25 05:31:54 -04:00
exit 2
fi
elif [ "$lsb_dist" = "fedora" ]; then
if [ "$dist_version" != "33" ] && [ "$dist_version" != "32" ]; then
output "Unsupported Fedora version. Only Fedora 33 and 32 are supported."
2020-06-25 05:31:54 -04:00
exit 2
fi
elif [ "$lsb_dist" = "centos" ]; then
if [ "$dist_version" != "8" ]; then
output "Unsupported CentOS version. Only CentOS Stream and 8 are supported."
2020-06-25 05:31:54 -04:00
exit 2
fi
elif [ "$lsb_dist" = "rhel" ]; then
if [ $dist_version != "8" ]; then
output "Unsupported RHEL version. Only RHEL 8 is supported."
exit 2
fi
elif [ "$lsb_dist" != "ubuntu" ] && [ "$lsb_dist" != "debian" ] && [ "$lsb_dist" != "centos" ]; then
output "Unsupported operating system."
2020-06-25 05:31:54 -04:00
output ""
output "Supported OS:"
2020-12-08 15:07:30 -05:00
output "Ubuntu: 20.04, 18.04"
2020-12-08 15:14:27 -05:00
output "Debian: 10"
output "Fedora: 33, 32"
2020-06-25 05:31:54 -04:00
output "CentOS: 8, 7"
output "RHEL: 8"
exit 2
fi
}
install_options(){
output "Please select your installation option:"
output "[1] Install the panel ${PANEL}."
2020-11-17 14:56:38 -05:00
output "[2] Install the panel ${PANEL_LEGACY}."
output "[3] Install the wings ${WINGS}."
output "[4] Install the daemon ${DAEMON_LEGACY}."
output "[5] Install the panel ${PANEL} and wings ${WINGS}."
output "[6] Install the panel ${PANEL_LEGACY} and daemon ${DAEMON_LEGACY}."
2020-10-11 22:11:37 -04:00
output "[7] Install the standalone SFTP server."
output "[8] Upgrade (1.x) panel to ${PANEL}."
output "[9] Upgrade (0.7.x) panel to ${PANEL}."
output "[10] Upgrade (0.7.x) panel to ${PANEL_LEGACY}."
output "[11] Upgrade (0.6.x) daemon to ${DAEMON_LEGACY}."
2020-10-13 00:37:35 -04:00
output "[12] Migrating daemon to wings."
output "[13] Upgrade the panel to ${PANEL} and Migrate to wings"
output "[14] Upgrade the panel to ${PANEL_LEGACY} and daemon to ${DAEMON_LEGACY}"
2020-10-13 00:37:35 -04:00
output "[15] Upgrade the standalone SFTP server to (1.0.5)."
output "[16] Make Pterodactyl compatible with the mobile app (only use this after you have installed the panel - check out https://pterodactyl.cloud for more information)."
output "[17] Update mobile compatibility."
output "[18] Install or update to phpMyAdmin (${PHPMYADMIN}) (only use this after you have installed the panel)."
2020-10-13 00:37:35 -04:00
output "[19] Install a standalone database host (only for use on daemon-only installations)."
output "[20] Change Pterodactyl theme (${PANEL_LEGACY} Only)."
2020-10-13 00:37:35 -04:00
output "[21] Emergency MariaDB root password reset."
output "[22] Emergency database host information reset."
2020-06-25 05:31:54 -04:00
read choice
case $choice in
1 ) installoption=1
output "You have selected ${PANEL} panel installation only."
2020-06-25 05:31:54 -04:00
;;
2 ) installoption=2
output "You have selected ${PANEL_LEGACY} panel installation only."
2020-06-25 05:31:54 -04:00
;;
3 ) installoption=3
2020-11-17 14:56:38 -05:00
output "You have selected wings ${WINGS} installation only."
2020-06-25 05:31:54 -04:00
;;
4 ) installoption=4
2020-11-17 14:56:38 -05:00
output "You have selected daemon ${DAEMON_LEGACY} installation only."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
5 ) installoption=5
2020-11-17 14:56:38 -05:00
output "You have selected ${PANEL} panel and wings ${WINGS} installation."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
6 ) installoption=6
output "You have selected ${PANEL_LEGACY} panel and daemon installation."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
7 ) installoption=7
2020-10-11 22:11:37 -04:00
output "You have selected to install the standalone SFTP server."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
8 ) installoption=8
output "You have selected to upgrade the panel to ${PANEL}."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
9 ) installoption=9
output "You have selected to upgrade the panel to ${PANEL}."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
10 ) installoption=10
output "You have selected to upgrade the panel to ${PANEL_LEGACY}."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
11 ) installoption=11
output "You have selected to upgrade the daemon to ${DAEMON_LEGACY}."
2020-06-25 05:31:54 -04:00
;;
2020-09-13 01:01:26 -04:00
12 ) installoption=12
2020-11-17 14:56:38 -05:00
output "You have selected to migrate daemon ${DAEMON_LEGACY} to wings ${WINGS}."
2020-10-03 01:24:14 -04:00
;;
13 ) installoption=13
2020-11-17 14:56:38 -05:00
output "You have selected to upgrade both the panel to ${PANEL} and migrating to wings ${WINGS}."
2020-10-03 01:24:14 -04:00
;;
14 ) installoption=14
output "You have selected to upgrade both the panel to ${PANEL} and daemon to ${DAEMON_LEGACY}."
2020-10-03 01:24:14 -04:00
;;
15 ) installoption=15
2020-10-13 00:37:35 -04:00
output "You have selected to upgrade the standalone SFTP."
2020-10-11 22:11:37 -04:00
;;
16 ) installoption=16
2020-10-13 00:37:35 -04:00
output "You have activated mobile app compatibility."
2020-10-11 22:11:37 -04:00
;;
17 ) installoption=17
2020-10-13 00:37:35 -04:00
output "You have selected to update the mobile app compatibility."
2020-10-11 22:11:37 -04:00
;;
18 ) installoption=18
2020-11-17 14:56:38 -05:00
output "You have selected to install or update phpMyAdmin ${PHPMYADMIN}."
2020-10-11 22:11:37 -04:00
;;
19 ) installoption=19
2020-10-13 00:37:35 -04:00
output "You have selected to install a Database host."
2020-10-11 22:11:37 -04:00
;;
20 ) installoption=20
output "You have selected to change Pterodactyl ${PANEL_LEGACY} only."
2020-10-11 22:11:37 -04:00
;;
21 ) installoption=21
2020-10-13 00:37:35 -04:00
output "You have selected MariaDB root password reset."
;;
22 ) installoption=22
2020-06-25 05:31:54 -04:00
output "You have selected Database Host information reset."
;;
* ) output "You did not enter a valid selection."
install_options
esac
}
webserver_options() {
output "Please select which web server you would like to use:\n[1] Nginx (recommended).\n[2] Apache2/httpd."
2020-06-25 05:31:54 -04:00
read choice
case $choice in
1 ) webserver=1
output "You have selected Nginx."
output ""
;;
2 ) webserver=2
output "You have selected Apache2/httpd."
2020-06-25 05:31:54 -04:00
output ""
;;
* ) output "You did not enter a valid selection."
webserver_options
esac
2020-10-03 01:24:14 -04:00
}
theme_options() {
output "Would you like to install one of Fonix's themes?"
warn "AS OF NOW, FONIX HAS NOT UPDATED HIS THEME TO 0.7.19 TO FIX THE XSS EXPLOIT IN PTERODACTYL <=0.7.18 YET. DO NOT USE THESE IN PRODUCTION. I HIGHLY RECOMMEND THAT YOU SELECT [1]."
2020-10-03 01:24:14 -04:00
output "[1] No."
output "[2] Super Pink and Fluffy."
output "[3] Tango Twist."
output "[4] Blue Brick."
output "[5] Minecraft Madness."
output "[6] Lime Stitch."
output "[7] Red Ape."
output "[8] BlackEnd Space."
output "[9] Nothing But Graphite."
output ""
output "You can find out about Fonix's themes here: https://github.com/TheFonix/Pterodactyl-Themes"
read choice
case $choice in
1 ) themeoption=1
output "You have selected to install the vanilla Pterodactyl theme."
output ""
;;
2 ) themeoption=2
output "You have selected to install Fonix's Super Pink and Fluffy theme."
output ""
;;
3 ) themeoption=3
output "You have selected to install Fonix's Tango Twist theme."
output ""
;;
4 ) themeoption=4
output "You have selected to install Fonix's Blue Brick theme."
output ""
;;
5 ) themeoption=5
output "You have selected to install Fonix's Minecraft Madness theme."
output ""
;;
6 ) themeoption=6
output "You have selected to install Fonix's Lime Stitch theme."
output ""
;;
7 ) themeoption=7
output "You have selected to install Fonix's Red Ape theme."
output ""
;;
8 ) themeoption=8
output "You have selected to install Fonix's BlackEnd Space theme."
output ""
2020-10-11 22:11:37 -04:00
;;
2020-10-03 01:24:14 -04:00
9 ) themeoption=9
output "You have selected to install Fonix's Nothing But Graphite theme."
output ""
2020-10-11 22:11:37 -04:00
;;
2020-10-03 01:24:14 -04:00
* ) output "You did not enter a valid selection."
theme_options
esac
2020-10-11 22:11:37 -04:00
}
2020-06-25 05:31:54 -04:00
required_infos() {
output "Please enter the desired user email address:"
read email
dns_check
}
dns_check(){
output "Please enter your FQDN (panel.domain.tld):"
2020-06-25 05:31:54 -04:00
read FQDN
2020-06-25 10:33:12 -04:00
output "Resolving DNS..."
2020-06-25 05:31:54 -04:00
SERVER_IP=$(curl -s http://checkip.amazonaws.com)
DOMAIN_RECORD=$(dig +short ${FQDN})
if [ "${SERVER_IP}" != "${DOMAIN_RECORD}" ]; then
output ""
output "The entered domain does not resolve to the primary public IP of this server."
output "Please make an A record pointing to your server's IP. For example, if you make an A record called 'panel' pointing to your server's IP, your FQDN is panel.domain.tld"
2020-06-25 06:27:15 -04:00
output "If you are using Cloudflare, please disable the orange cloud."
output "If you do not have a domain, you can get a free one at https://freenom.com"
2020-06-25 05:31:54 -04:00
dns_check
else
output "Domain resolved correctly. Good to go..."
2020-06-25 05:31:54 -04:00
fi
}
2020-10-03 01:24:14 -04:00
theme() {
output "Theme installation initialized..."
cd /var/www/pterodactyl
if [ "$themeoption" = "1" ]; then
output "Keeping Pterodactyl's vanilla theme."
elif [ "$themeoption" = "2" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/PinkAnFluffy/build.sh | sh
elif [ "$themeoption" = "3" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/TangoTwist/build.sh | sh
elif [ "$themeoption" = "4" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/BlueBrick/build.sh | sh
elif [ "$themeoption" = "5" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/MinecraftMadness/build.sh | sh
elif [ "$themeoption" = "6" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/LimeStitch/build.sh | sh
elif [ "$themeoption" = "7" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/RedApe/build.sh | sh
elif [ "$themeoption" = "8" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/BlackEndSpace/build.sh | sh
elif [ "$themeoption" = "9" ]; then
curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/MasterThemes/NothingButGraphite/build.sh | sh
fi
php artisan view:clear
php artisan cache:clear
}
2020-06-25 05:31:54 -04:00
repositories_setup(){
2020-10-11 22:11:37 -04:00
output "Configuring your repositories..."
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install sudo
apt-get -y install software-properties-common curl apt-transport-https ca-certificates gnupg
dpkg --remove-architecture i386
echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
apt-get -y update
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
2020-10-11 22:11:37 -04:00
if [ "$lsb_dist" = "ubuntu" ]; then
LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
add-apt-repository -y ppa:chris-lea/redis-server
if [ "$dist_version" != "20.04" ]; then
add-apt-repository -y ppa:certbot/certbot
add-apt-repository -y ppa:nginx/development
fi
apt -y install tuned dnsutils
tuned-adm profile latency-performance
elif [ "$lsb_dist" = "debian" ]; then
apt-get -y install ca-certificates apt-transport-https
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list
if [ "$dist_version" = "10" ]; then
apt -y install dirmngr
wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
apt -y install tuned
tuned-adm profile latency-performance
fi
apt-get -y update
apt-get -y upgrade
apt-get -y autoremove
apt-get -y autoclean
apt-get -y install curl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ]; then
if [ "$lsb_dist" = "fedora" ] ; then
if [ "$dist_version" = "33" ]; then
dnf -y install http://rpms.remirepo.net/fedora/remi-release-33.rpm
elif [ "$dist_version" = "32" ]; then
2020-10-11 22:11:37 -04:00
dnf -y install http://rpms.remirepo.net/fedora/remi-release-32.rpm
fi
dnf -y install dnf-plugins-core python2 libsemanage-devel
dnf config-manager --set-enabled remi
dnf -y module enable php:remi-7.4
dnf -y module enable nginx:mainline/common
dnf -y module enable mariadb:14/server
elif [ "$lsb_dist" = "centos" ] && [ "$dist_version" = "8" ]; then
dnf -y install epel-release boost-program-options
dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf config-manager --set-enabled remi
dnf -y module enable php:remi-7.4
dnf -y module enable nginx:mainline/common
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
dnf config-manager --set-enabled mariadb
fi
2020-10-11 22:11:37 -04:00
bash -c 'cat > /etc/yum.repos.d/nginx.repo' <<-'EOF'
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF
bash -c 'cat > /etc/yum.repos.d/mariadb.repo' <<-'EOF'
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOF
yum -y install epel-release
yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install policycoreutils-python yum-utils libsemanage-devel
yum-config-manager --enable remi
yum-config-manager --enable remi-php74
yum-config-manager --enable nginx-mainline
yum-config-manager --enable mariadb
elif [ "$lsb_dist" = "rhel" ] && [ "$dist_version" = "8" ]; then
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf -y install boost-program-options
dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf config-manager --set-enabled remi
dnf -y module enable php:remi-7.4
dnf -y module enable nginx:mainline/common
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
dnf config-manager --set-enabled mariadb
fi
yum -y install yum-utils tuned
tuned-adm profile latency-performance
yum -y upgrade
yum -y autoremove
yum -y clean packages
yum -y install curl bind-utils cronie
fi
}
repositories_setup_0.7.19(){
2020-06-25 10:33:12 -04:00
output "Configuring your repositories..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install sudo
apt-get -y install software-properties-common dnsutils gpg-agent
dpkg --remove-architecture i386
echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
apt-get -y update
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ]; then
LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
add-apt-repository -y ppa:chris-lea/redis-server
if [ "$dist_version" != "20.04" ]; then
add-apt-repository -y ppa:certbot/certbot
add-apt-repository -y ppa:nginx/development
fi
apt -y install tuned dnsutils
tuned-adm profile latency-performance
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "debian" ]; then
apt-get -y install ca-certificates apt-transport-https
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list
if [ "$dist_version" = "10" ]; then
apt -y install dirmngr
wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
apt -y install tuned
tuned-adm profile latency-performance
fi
apt-get -y update
2020-06-25 05:31:54 -04:00
apt-get -y upgrade
apt-get -y autoremove
apt-get -y autoclean
apt-get -y install curl
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ]; then
if [ "$lsb_dist" = "fedora" ] ; then
if [ "$dist_version" = "33" ]; then
dnf -y install http://rpms.remirepo.net/fedora/remi-release-33.rpm
elif [ "$dist_version" = "32" ]; then
2020-06-25 05:31:54 -04:00
dnf -y install http://rpms.remirepo.net/fedora/remi-release-32.rpm
fi
dnf -y install dnf-plugins-core python2 libsemanage-devel
dnf config-manager --set-enabled remi
2020-10-03 01:24:14 -04:00
dnf -y module enable php:remi-7.3
2020-06-25 05:31:54 -04:00
dnf -y module enable nginx:mainline/common
dnf -y module enable mariadb:14/server
elif [ "$lsb_dist" = "centos" ] && [ "$dist_version" = "8" ]; then
dnf -y install epel-release boost-program-options
dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf config-manager --set-enabled remi
2020-10-03 01:24:14 -04:00
dnf -y module enable php:remi-7.3
2020-06-25 05:31:54 -04:00
dnf -y module enable nginx:mainline/common
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
dnf config-manager --set-enabled mariadb
fi
2020-06-25 05:31:54 -04:00
bash -c 'cat > /etc/yum.repos.d/nginx.repo' <<-'EOF'
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF
bash -c 'cat > /etc/yum.repos.d/mariadb.repo' <<-'EOF'
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos7-amd64
2020-06-25 05:31:54 -04:00
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOF
yum -y install epel-release
yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install policycoreutils-python yum-utils libsemanage-devel
yum-config-manager --enable remi
yum-config-manager --enable remi-php73
yum-config-manager --enable nginx-mainline
yum-config-manager --enable mariadb
elif [ "$lsb_dist" = "rhel" ] && [ "$dist_version" = "8" ]; then
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf -y install boost-program-options
dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf config-manager --set-enabled remi
2020-10-03 01:24:14 -04:00
dnf -y module enable php:remi-7.3
2020-06-25 05:31:54 -04:00
dnf -y module enable nginx:mainline/common
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
dnf config-manager --set-enabled mariadb
fi
yum -y install yum-utils tuned
tuned-adm profile latency-performance
yum -y upgrade
yum -y autoremove
yum -y clean packages
yum -y install curl bind-utils cronie
fi
}
install_dependencies(){
2020-10-11 22:11:37 -04:00
output "Installing dependencies..."
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
if [ "$webserver" = "1" ]; then
apt -y install php7.4 php7.4-{cli,gd,mysql,pdo,mbstring,tokenizer,bcmath,xml,fpm,curl,zip} nginx tar unzip git redis-server nginx git wget expect
elif [ "$webserver" = "2" ]; then
apt -y install php7.4 php7.4-{cli,gd,mysql,pdo,mbstring,tokenizer,bcmath,xml,fpm,curl,zip} curl tar unzip git redis-server apache2 libapache2-mod-php7.4 redis-server git wget expect
fi
sh -c "DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated mariadb-server"
else
if [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$dist_version" = "8" ]; then
dnf -y install MariaDB-server MariaDB-client --disablerepo=AppStream
fi
else
dnf -y install MariaDB-server
fi
dnf -y module install php:remi-7.4
if [ "$webserver" = "1" ]; then
dnf -y install redis nginx git policycoreutils-python-utils unzip wget expect jq php-mysql php-zip php-bcmath tar
elif [ "$webserver" = "2" ]; then
dnf -y install redis httpd git policycoreutils-python-utils mod_ssl unzip wget expect jq php-mysql php-zip php-mcmath tar
fi
fi
output "Enabling Services..."
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
systemctl enable redis-server
service redis-server start
systemctl enable php7.4-fpm
service php7.4-fpm start
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
systemctl enable redis
service redis start
systemctl enable php-fpm
service php-fpm start
fi
systemctl enable cron
systemctl enable mariadb
if [ "$webserver" = "1" ]; then
systemctl enable nginx
service nginx start
elif [ "$webserver" = "2" ]; then
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
systemctl enable apache2
service apache2 start
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
systemctl enable httpd
service httpd start
fi
fi
service mysql start
}
install_dependencies_0.7.19(){
2020-06-25 10:33:12 -04:00
output "Installing dependencies..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
if [ "$webserver" = "1" ]; then
2020-10-03 01:24:14 -04:00
apt-get -y install php7.3 php7.3-cli php7.3-gd php7.3-mysql php7.3-pdo php7.3-mbstring php7.3-tokenizer php7.3-bcmath php7.3-xml php7.3-fpm php7.3-curl php7.3-zip curl tar unzip git redis-server nginx git wget expect
2020-06-25 05:31:54 -04:00
elif [ "$webserver" = "2" ]; then
2020-10-03 01:24:14 -04:00
apt-get -y install php7.3 php7.3-cli php7.3-gd php7.3-mysql php7.3-pdo php7.3-mbstring php7.3-tokenizer php7.3-bcmath php7.3-xml php7.3-fpm php7.3-curl php7.3-zip curl tar unzip git redis-server apache2 libapache2-mod-php7.3 redis-server git wget expect
2020-06-25 05:31:54 -04:00
fi
sh -c "DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated mariadb-server"
else
if [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$dist_version" = "8" ]; then
dnf -y install MariaDB-server MariaDB-client --disablerepo=AppStream
fi
else
2020-06-25 05:31:54 -04:00
dnf -y install MariaDB-server
fi
2020-10-03 01:24:14 -04:00
dnf -y module install php:remi-7.3
2020-06-25 05:31:54 -04:00
if [ "$webserver" = "1" ]; then
dnf -y install redis nginx git policycoreutils-python-utils unzip wget expect jq php-mysql php-zip php-bcmath tar
elif [ "$webserver" = "2" ]; then
dnf -y install redis httpd git policycoreutils-python-utils mod_ssl unzip wget expect jq php-mysql php-zip php-mcmath tar
fi
2020-06-25 05:31:54 -04:00
fi
2020-06-25 10:33:12 -04:00
output "Enabling Services..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
systemctl enable redis-server
service redis-server start
2020-10-03 01:24:14 -04:00
systemctl enable php7.3-fpm
service php7.3-fpm start
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
systemctl enable redis
service redis start
systemctl enable php-fpm
service php-fpm start
fi
2020-06-25 05:31:54 -04:00
systemctl enable cron
systemctl enable mariadb
if [ "$webserver" = "1" ]; then
systemctl enable nginx
service nginx start
elif [ "$webserver" = "2" ]; then
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
systemctl enable apache2
service apache2 start
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
systemctl enable httpd
service httpd start
fi
fi
service mysql start
}
install_pterodactyl() {
output "Creating the databases and setting root password..."
2020-06-25 05:31:54 -04:00
password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
adminpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
rootpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
Q0="DROP DATABASE IF EXISTS test;"
Q1="CREATE DATABASE IF NOT EXISTS panel;"
Q2="SET old_passwords=0;"
Q3="GRANT ALL ON panel.* TO 'pterodactyl'@'127.0.0.1' IDENTIFIED BY '$password';"
Q4="GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX, DROP, EXECUTE, PROCESS, RELOAD, LOCK TABLES, CREATE USER ON *.* TO 'admin'@'$SERVER_IP' IDENTIFIED BY '$adminpassword' WITH GRANT OPTION;"
Q5="SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$rootpassword');"
Q6="DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
Q7="DELETE FROM mysql.user WHERE User='';"
Q8="DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
Q9="FLUSH PRIVILEGES;"
SQL="${Q0}${Q1}${Q2}${Q3}${Q4}${Q5}${Q6}${Q7}${Q8}${Q9}"
mysql -u root -e "$SQL"
2020-10-11 22:11:37 -04:00
output "Binding MariaDB/MySQL to 0.0.0.0."
if grep -Fqs "bind-address" /etc/mysql/mariadb.conf.d/50-server.cnf ; then
sed -i -- '/bind-address/s/#//g' /etc/mysql/mariadb.conf.d/50-server.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/mysql/mariadb.conf.d/50-server.cnf
output 'Restarting MySQL process...'
service mysql restart
elif grep -Fqs "bind-address" /etc/mysql/my.cnf ; then
sed -i -- '/bind-address/s/#//g' /etc/mysql/my.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
output 'Restarting MySQL process...'
service mysql restart
elif grep -Fqs "bind-address" /etc/my.cnf ; then
sed -i -- '/bind-address/s/#//g' /etc/my.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/my.cnf
output 'Restarting MySQL process...'
service mysql restart
elif grep -Fqs "bind-address" /etc/mysql/my.conf.d/mysqld.cnf ; then
sed -i -- '/bind-address/s/#//g' /etc/mysql/my.conf.d/mysqld.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/mysql/my.conf.d/mysqld.cnf
output 'Restarting MySQL process...'
service mysql restart
else
output 'A MySQL configuration file could not be detected! Please contact support.'
fi
output "Downloading Pterodactyl..."
mkdir -p /var/www/pterodactyl
cd /var/www/pterodactyl
curl -Lo panel.tar.gz https://github.com/pterodactyl/panel/releases/download/${PANEL}/panel.tar.gz
2020-10-12 00:33:42 -04:00
tar -xzvf panel.tar.gz
2020-10-11 22:11:37 -04:00
chmod -R 755 storage/* bootstrap/cache/
output "Installing Pterodactyl..."
if [ "$installoption" = "2" ] || [ "$installoption" = "6" ]; then
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer --version=1.10.16
else
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer
fi
2020-10-11 22:11:37 -04:00
cp .env.example .env
/usr/local/bin/composer install --no-dev --optimize-autoloader
php artisan key:generate --force
php artisan p:environment:setup -n --author=$email --url=https://$FQDN --timezone=America/New_York --cache=redis --session=database --queue=redis --redis-host=127.0.0.1 --redis-pass= --redis-port=6379
php artisan p:environment:database --host=127.0.0.1 --port=3306 --database=panel --username=pterodactyl --password=$password
output "To use PHP's internal mail sending, select [mail]. To use a custom SMTP server, select [smtp]. TLS Encryption is recommended."
php artisan p:environment:mail
php artisan migrate --seed --force
php artisan p:user:make --email=$email --admin=1
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
chown -R www-data:www-data * /var/www/pterodactyl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$webserver" = "1" ]; then
chown -R nginx:nginx * /var/www/pterodactyl
elif [ "$webserver" = "2" ]; then
chown -R apache:apache * /var/www/pterodactyl
fi
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
fi
output "Creating panel queue listeners..."
(crontab -l ; echo "* * * * * php /var/www/pterodactyl/artisan schedule:run >> /dev/null 2>&1")| crontab -
service cron restart
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
cat > /etc/systemd/system/pteroq.service <<- 'EOF'
[Unit]
Description=Pterodactyl Queue Worker
After=redis-server.service
[Service]
User=www-data
Group=www-data
Restart=always
ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
[Install]
WantedBy=multi-user.target
EOF
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$webserver" = "1" ]; then
cat > /etc/systemd/system/pteroq.service <<- 'EOF'
Description=Pterodactyl Queue Worker
After=redis-server.service
[Service]
User=nginx
Group=nginx
Restart=always
ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
[Install]
WantedBy=multi-user.target
EOF
elif [ "$webserver" = "2" ]; then
cat > /etc/systemd/system/pteroq.service <<- 'EOF'
[Unit]
Description=Pterodactyl Queue Worker
After=redis-server.service
[Service]
User=apache
Group=apache
Restart=always
ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
[Install]
WantedBy=multi-user.target
EOF
fi
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_execmem 1
setsebool -P httpd_unified 1
fi
sudo systemctl daemon-reload
systemctl enable pteroq.service
systemctl start pteroq
}
install_pterodactyl_0.7.19() {
output "Creating the databases and setting root password..."
password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
adminpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
rootpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
Q0="DROP DATABASE IF EXISTS test;"
Q1="CREATE DATABASE IF NOT EXISTS panel;"
Q2="SET old_passwords=0;"
Q3="GRANT ALL ON panel.* TO 'pterodactyl'@'127.0.0.1' IDENTIFIED BY '$password';"
Q4="GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX, DROP, EXECUTE, PROCESS, RELOAD, LOCK TABLES, CREATE USER ON *.* TO 'admin'@'$SERVER_IP' IDENTIFIED BY '$adminpassword' WITH GRANT OPTION;"
Q5="SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$rootpassword');"
Q6="DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
Q7="DELETE FROM mysql.user WHERE User='';"
Q8="DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
Q9="FLUSH PRIVILEGES;"
SQL="${Q0}${Q1}${Q2}${Q3}${Q4}${Q5}${Q6}${Q7}${Q8}${Q9}"
mysql -u root -e "$SQL"
2020-06-25 05:31:54 -04:00
output "Binding MariaDB/MySQL to 0.0.0.0."
2020-09-11 19:41:25 -04:00
if grep -Fqs "bind-address" /etc/mysql/mariadb.conf.d/50-server.cnf ; then
2020-09-11 19:23:17 -04:00
sed -i -- '/bind-address/s/#//g' /etc/mysql/mariadb.conf.d/50-server.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/mysql/mariadb.conf.d/50-server.cnf
output 'Restarting MySQL process...'
service mysql restart
2020-09-11 19:41:25 -04:00
elif grep -Fqs "bind-address" /etc/mysql/my.cnf ; then
2020-09-11 19:23:17 -04:00
sed -i -- '/bind-address/s/#//g' /etc/mysql/my.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
2020-06-25 05:31:54 -04:00
output 'Restarting MySQL process...'
service mysql restart
2020-09-11 19:41:25 -04:00
elif grep -Fqs "bind-address" /etc/my.cnf ; then
2020-09-11 19:23:17 -04:00
sed -i -- '/bind-address/s/#//g' /etc/my.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/my.cnf
2020-06-25 05:31:54 -04:00
output 'Restarting MySQL process...'
service mysql restart
2020-09-11 19:41:25 -04:00
elif grep -Fqs "bind-address" /etc/mysql/my.conf.d/mysqld.cnf ; then
2020-09-11 19:23:17 -04:00
sed -i -- '/bind-address/s/#//g' /etc/mysql/my.conf.d/mysqld.cnf
sed -i -- '/bind-address/s/127.0.0.1/0.0.0.0/g' /etc/mysql/my.conf.d/mysqld.cnf
output 'Restarting MySQL process...'
service mysql restart
else
output 'A MySQL configuration file could not be detected! Please contact support.'
2020-06-25 05:31:54 -04:00
fi
2020-06-25 10:33:12 -04:00
output "Downloading Pterodactyl..."
2020-06-25 05:31:54 -04:00
mkdir -p /var/www/pterodactyl
cd /var/www/pterodactyl
curl -Lo panel.tar.gz https://github.com/pterodactyl/panel/releases/download/${PANEL_LEGACY}/panel.tar.gz
2020-06-25 05:31:54 -04:00
tar --strip-components=1 -xzvf panel.tar.gz
chmod -R 755 storage/* bootstrap/cache/
output "Installing Pterodactyl..."
2020-06-25 05:31:54 -04:00
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer
cp .env.example .env
/usr/local/bin/composer install --no-dev --optimize-autoloader
php artisan key:generate --force
php artisan p:environment:setup -n --author=$email --url=https://$FQDN --timezone=America/New_York --cache=redis --session=database --queue=redis --redis-host=127.0.0.1 --redis-pass= --redis-port=6379
php artisan p:environment:database --host=127.0.0.1 --port=3306 --database=panel --username=pterodactyl --password=$password
output "To use PHP's internal mail sending, select [mail]. To use a custom SMTP server, select [smtp]. TLS Encryption is recommended."
php artisan p:environment:mail
php artisan migrate --seed --force
php artisan p:user:make --email=$email --admin=1
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
chown -R www-data:www-data * /var/www/pterodactyl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$webserver" = "1" ]; then
chown -R nginx:nginx * /var/www/pterodactyl
elif [ "$webserver" = "2" ]; then
chown -R apache:apache * /var/www/pterodactyl
fi
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
fi
output "Creating panel queue listeners..."
2020-06-25 05:31:54 -04:00
(crontab -l ; echo "* * * * * php /var/www/pterodactyl/artisan schedule:run >> /dev/null 2>&1")| crontab -
service cron restart
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
cat > /etc/systemd/system/pteroq.service <<- 'EOF'
[Unit]
Description=Pterodactyl Queue Worker
After=redis-server.service
[Service]
User=www-data
Group=www-data
Restart=always
ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
[Install]
WantedBy=multi-user.target
EOF
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$webserver" = "1" ]; then
cat > /etc/systemd/system/pteroq.service <<- 'EOF'
Description=Pterodactyl Queue Worker
After=redis-server.service
[Service]
User=nginx
Group=nginx
Restart=always
ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
[Install]
WantedBy=multi-user.target
EOF
elif [ "$webserver" = "2" ]; then
cat > /etc/systemd/system/pteroq.service <<- 'EOF'
[Unit]
Description=Pterodactyl Queue Worker
After=redis-server.service
[Service]
User=apache
Group=apache
Restart=always
ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
[Install]
WantedBy=multi-user.target
EOF
fi
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_execmem 1
setsebool -P httpd_unified 1
fi
sudo systemctl daemon-reload
systemctl enable pteroq.service
systemctl start pteroq
}
upgrade_pterodactyl(){
2020-10-11 22:11:37 -04:00
cd /var/www/pterodactyl
php artisan down
curl -L https://github.com/pterodactyl/panel/releases/download/${PANEL}/panel.tar.gz | tar --strip-components=1 -xzv
2020-10-11 22:11:37 -04:00
chmod -R 755 storage/* bootstrap/cache
composer install --no-dev --optimize-autoloader
php artisan view:clear
php artisan config:clear
php artisan migrate --force
php artisan db:seed --force
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
chown -R www-data:www-data * /var/www/pterodactyl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
chown -R apache:apache * /var/www/pterodactyl
chown -R nginx:nginx * /var/www/pterodactyl
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
fi
2020-12-07 13:02:09 -05:00
output "Your panel has successfully been updated to version ${PANEL}"
2020-10-13 00:37:35 -04:00
php artisan up
php artisan queue:restart
}
upgrade_pterodactyl_1.0(){
cd /var/www/pterodactyl
php artisan down
curl -L https://github.com/pterodactyl/panel/releases/download/${PANEL}/panel.tar.gz | tar --strip-components=1 -xzv
2020-10-13 00:50:31 -04:00
rm -rf $(find app public resources -depth | head -n -1 | grep -Fv "$(tar -tf panel.tar.gz)")
tar -xzvf panel.tar.gz && rm -f panel.tar.gz
2020-10-13 00:37:35 -04:00
chmod -R 755 storage/* bootstrap/cache
composer install --no-dev --optimize-autoloader
php artisan view:clear
php artisan config:clear
php artisan migrate --force
php artisan db:seed --force
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
chown -R www-data:www-data * /var/www/pterodactyl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
chown -R apache:apache * /var/www/pterodactyl
chown -R nginx:nginx * /var/www/pterodactyl
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
fi
2020-12-07 13:02:09 -05:00
output "Your panel has successfully been updated to version ${PANEL}"
2020-10-11 22:11:37 -04:00
php artisan up
php artisan queue:restart
}
upgrade_pterodactyl_0.7.19(){
2020-06-25 05:31:54 -04:00
cd /var/www/pterodactyl
php artisan down
curl -L https://github.com/pterodactyl/panel/releases/download/${PANEL_LEGACY}/panel.tar.gz | tar --strip-components=1 -xzv
2020-06-25 05:31:54 -04:00
chmod -R 755 storage/* bootstrap/cache
composer install --no-dev --optimize-autoloader
php artisan view:clear
php artisan config:clear
php artisan migrate --force
php artisan db:seed --force
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
chown -R www-data:www-data * /var/www/pterodactyl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
chown -R apache:apache * /var/www/pterodactyl
chown -R nginx:nginx * /var/www/pterodactyl
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
fi
2020-12-07 13:02:09 -05:00
output "Your panel has successfully been updated to version ${PANEL_LEGACY}."
2020-06-25 05:31:54 -04:00
php artisan up
php artisan queue:restart
}
nginx_config() {
output "Disabling default configuration..."
2020-06-25 05:31:54 -04:00
rm -rf /etc/nginx/sites-enabled/default
output "Configuring Nginx Webserver..."
2020-10-12 02:16:08 -04:00
echo '
2020-10-15 11:04:38 -04:00
server_tokens off;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
real_ip_header X-Forwarded-For;
server {
listen 80 default_server;
server_name '"$FQDN"';
return 301 https://$server_name$request_uri;
}
2020-10-12 02:16:08 -04:00
server {
2020-10-15 11:04:38 -04:00
listen 443 ssl http2 default_server;
2020-10-12 02:16:08 -04:00
server_name '"$FQDN"';
root /var/www/pterodactyl/public;
2020-10-15 11:04:38 -04:00
index index.php;
access_log /var/log/nginx/pterodactyl.app-access.log;
2020-10-12 02:16:08 -04:00
error_log /var/log/nginx/pterodactyl.app-error.log error;
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 120s;
sendfile off;
2020-10-15 11:04:38 -04:00
# SSL Configuration
2020-10-15 11:52:59 -04:00
ssl_certificate /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem;
2020-10-15 11:04:38 -04:00
ssl_certificate_key /etc/letsencrypt/live/'"$FQDN"'/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# See https://hstspreload.org/ before uncommenting the line below.
# add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
2020-10-12 02:16:08 -04:00
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
2020-10-15 11:04:38 -04:00
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
2020-10-12 02:16:08 -04:00
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
2020-10-15 11:04:38 -04:00
include /etc/nginx/fastcgi_params;
2020-10-12 02:16:08 -04:00
}
location ~ /\.ht {
deny all;
}
2020-10-15 11:04:38 -04:00
}
2020-10-12 02:16:08 -04:00
' | sudo -E tee /etc/nginx/sites-available/pterodactyl.conf >/dev/null 2>&1
if [ "$lsb_dist" = "debian" ] && [ "$dist_version" = "8" ]; then
sed -i 's/http2//g' /etc/nginx/sites-available/pterodactyl.conf
fi
ln -s /etc/nginx/sites-available/pterodactyl.conf /etc/nginx/sites-enabled/pterodactyl.conf
service nginx restart
}
nginx_config_0.7.19() {
output "Disabling default configuration..."
rm -rf /etc/nginx/sites-enabled/default
output "Configuring Nginx Webserver..."
2020-06-25 05:31:54 -04:00
echo '
server_tokens off;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
real_ip_header X-Forwarded-For;
server {
listen 80 default_server;
server_name '"$FQDN"';
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
server_name '"$FQDN"';
root /var/www/pterodactyl/public;
index index.php;
access_log /var/log/nginx/pterodactyl.app-access.log;
error_log /var/log/nginx/pterodactyl.app-error.log error;
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 120s;
sendfile off;
# SSL Configuration
2020-10-17 19:55:12 -04:00
ssl_certificate /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem;
2020-06-25 05:31:54 -04:00
ssl_certificate_key /etc/letsencrypt/live/'"$FQDN"'/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# See https://hstspreload.org/ before uncommenting the line below.
# add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
2020-10-03 01:24:14 -04:00
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
2020-06-25 05:31:54 -04:00
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
include /etc/nginx/fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
' | sudo -E tee /etc/nginx/sites-available/pterodactyl.conf >/dev/null 2>&1
if [ "$lsb_dist" = "debian" ] && [ "$dist_version" = "8" ]; then
sed -i 's/http2//g' /etc/nginx/sites-available/pterodactyl.conf
fi
ln -s /etc/nginx/sites-available/pterodactyl.conf /etc/nginx/sites-enabled/pterodactyl.conf
service nginx restart
}
apache_config() {
output "Disabling default configuration..."
2020-06-25 05:31:54 -04:00
rm -rf /etc/nginx/sites-enabled/default
output "Configuring Apache2 web server..."
2020-06-25 05:31:54 -04:00
echo '
<VirtualHost *:80>
ServerName '"$FQDN"'
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
2020-06-25 05:31:54 -04:00
</VirtualHost>
<VirtualHost *:443>
ServerName '"$FQDN"'
DocumentRoot "/var/www/pterodactyl/public"
AllowEncodedSlashes On
php_value upload_max_filesize 100M
php_value post_max_size 100M
<Directory "/var/www/pterodactyl/public">
AllowOverride all
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/'"$FQDN"'/privkey.pem
</VirtualHost>
2020-06-25 05:31:54 -04:00
' | sudo -E tee /etc/apache2/sites-available/pterodactyl.conf >/dev/null 2>&1
2020-06-25 05:31:54 -04:00
ln -s /etc/apache2/sites-available/pterodactyl.conf /etc/apache2/sites-enabled/pterodactyl.conf
a2enmod ssl
a2enmod rewrite
service apache2 restart
}
nginx_config_redhat(){
output "Configuring Nginx web server..."
2020-06-25 05:31:54 -04:00
echo '
server_tokens off;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
real_ip_header X-Forwarded-For;
server {
listen 80 default_server;
server_name '"$FQDN"';
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
server_name '"$FQDN"';
root /var/www/pterodactyl/public;
index index.php;
access_log /var/log/nginx/pterodactyl.app-access.log;
error_log /var/log/nginx/pterodactyl.app-error.log error;
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 120s;
2020-06-25 05:31:54 -04:00
sendfile off;
# strengthen ssl security
ssl_certificate /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/'"$FQDN"'/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
2020-06-25 05:31:54 -04:00
# See the link below for more SSL information:
# https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
#
# ssl_dhparam /etc/ssl/certs/dhparam.pem;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm/pterodactyl.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
include /etc/nginx/fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
' | sudo -E tee /etc/nginx/conf.d/pterodactyl.conf >/dev/null 2>&1
service nginx restart
chown -R nginx:nginx $(pwd)
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
}
apache_config_redhat() {
output "Configuring Apache2 web server..."
2020-06-25 05:31:54 -04:00
echo '
<VirtualHost *:80>
ServerName '"$FQDN"'
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
2020-06-25 05:31:54 -04:00
</VirtualHost>
<VirtualHost *:443>
ServerName '"$FQDN"'
DocumentRoot "/var/www/pterodactyl/public"
AllowEncodedSlashes On
<Directory "/var/www/pterodactyl/public">
AllowOverride all
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/'"$FQDN"'/privkey.pem
</VirtualHost>
2020-06-25 05:31:54 -04:00
' | sudo -E tee /etc/httpd/conf.d/pterodactyl.conf >/dev/null 2>&1
service httpd restart
}
php_config(){
output "Configuring PHP socket..."
2020-06-25 05:31:54 -04:00
bash -c 'cat > /etc/php-fpm.d/www-pterodactyl.conf' <<-'EOF'
[pterodactyl]
user = nginx
group = nginx
listen = /var/run/php-fpm/pterodactyl.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0750
pm = ondemand
pm.max_children = 9
pm.process_idle_timeout = 10s
pm.max_requests = 200
EOF
systemctl restart php-fpm
}
webserver_config(){
2020-10-12 02:16:08 -04:00
if [ "$lsb_dist" = "debian" ] || [ "$lsb_dist" = "ubuntu" ]; then
if [ "$installoption" = "1" ]; then
if [ "$webserver" = "1" ]; then
nginx_config
elif [ "$webserver" = "2" ]; then
apache_config
fi
elif [ "$installoption" = "2" ]; then
if [ "$webserver" = "1" ]; then
nginx_config_0.7.19
elif [ "$webserver" = "2" ]; then
apache_config
fi
elif [ "$installoption" = "3" ]; then
if [ "$webserver" = "1" ]; then
nginx_config
elif [ "$webserver" = "2" ]; then
apache_config
fi
2020-10-12 02:28:02 -04:00
elif [ "$installoption" = "4" ]; then
2020-10-12 02:16:08 -04:00
if [ "$webserver" = "1" ]; then
nginx_config_0.7.19
elif [ "$webserver" = "2" ]; then
apache_config
fi
elif [ "$installoption" = "5" ]; then
if [ "$webserver" = "1" ]; then
nginx_config
elif [ "$webserver" = "2" ]; then
apache_config
fi
elif [ "$installoption" = "6" ]; then
if [ "$webserver" = "1" ]; then
nginx_config_0.7.19
elif [ "$webserver" = "2" ]; then
apache_config
fi
2020-06-25 05:31:54 -04:00
fi
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$webserver" = "1" ]; then
php_config
nginx_config_redhat
chown -R nginx:nginx /var/lib/php/session
2020-06-25 05:31:54 -04:00
elif [ "$webserver" = "2" ]; then
apache_config_redhat
fi
fi
}
setup_pterodactyl(){
install_dependencies
install_pterodactyl
2020-10-15 11:04:38 -04:00
ssl_certs
2020-06-25 05:31:54 -04:00
webserver_config
2020-10-11 22:11:37 -04:00
}
setup_pterodactyl_0.7.19(){
install_dependencies_0.7.19
install_pterodactyl_0.7.19
ssl_certs
webserver_config
2020-10-03 01:24:14 -04:00
theme
2020-06-25 05:31:54 -04:00
}
2020-10-11 22:11:37 -04:00
install_wings() {
cd /root
output "Installing Pterodactyl Wings dependencies..."
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install curl tar unzip
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
yum -y install curl tar unzip
fi
output "Installing Docker"
curl -sSL https://get.docker.com/ | CHANNEL=stable bash
2020-10-11 22:11:37 -04:00
service docker start
systemctl enable docker
2020-10-11 23:26:58 -04:00
output "Enabling SWAP support for Docker."
2020-10-11 22:11:37 -04:00
sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
2020-10-11 23:26:58 -04:00
output "Installing the Pterodactyl wings..."
mkdir -p /etc/pterodactyl /srv/daemon-data
cd /etc/pterodactyl
curl -L -o /usr/local/bin/wings https://github.com/pterodactyl/wings/releases/download/${WINGS}/wings_linux_amd64
2020-10-11 22:11:37 -04:00
chmod u+x /usr/local/bin/wings
bash -c 'cat > /etc/systemd/system/wings.service' <<-'EOF'
[Unit]
Description=Pterodactyl Wings Daemon
After=docker.service
[Service]
User=root
WorkingDirectory=/etc/pterodactyl
LimitNOFILE=4096
PIDFile=/var/run/wings/daemon.pid
ExecStart=/usr/local/bin/wings
Restart=on-failure
StartLimitInterval=600
[Install]
WantedBy=multi-user.target
EOF
2020-10-16 02:00:32 -04:00
systemctl enable wings
systemctl start wings
2020-12-07 13:04:29 -05:00
output "Wings ${WINGS} has now been installed on your system."
2020-10-11 22:11:37 -04:00
}
2020-06-25 05:31:54 -04:00
install_daemon() {
cd /root
output "Installing Pterodactyl Daemon dependencies..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install curl tar unzip
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
yum -y install curl tar unzip
fi
output "Installing Docker"
curl -sSL https://get.docker.com/ | CHANNEL=stable bash
2020-06-25 05:31:54 -04:00
service docker start
systemctl enable docker
output "Enabling SWAP support for Docker & installing NodeJS..."
2020-06-25 05:31:54 -04:00
sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
2020-10-03 01:24:14 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
update-grub
curl -sL https://deb.nodesource.com/setup_12.x | sudo bash -
if [ "$lsb_dist" = "ubuntu" ] && [ "$dist_version" = "20.04" ]; then
apt -y install nodejs make gcc g++
npm install node-gyp
elif [ "$lsb_dist" = "debian" ] && [ "$dist_version" = "10" ]; then
apt -y install nodejs make gcc g++
else
apt -y install nodejs make gcc g++ node-gyp
fi
apt-get -y update
2020-10-03 01:24:14 -04:00
apt-get -y upgrade
apt-get -y autoremove
apt-get -y autoclean
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ]; then
grub2-mkconfig -o "$(readlink /etc/grub2.conf)"
if [ "$lsb_dist" = "fedora" ]; then
dnf -y module install nodejs:12/minimal
dnf install -y tar unzip make gcc gcc-c++ python2
fi
elif [ "$lsb_dist" = "centos" ] && [ "$dist_version" = "8" ]; then
dnf -y module install nodejs:12/minimal
dnf install -y tar unzip make gcc gcc-c++ python2
2020-10-03 01:24:14 -04:00
yum -y upgrade
yum -y autoremove
yum -y clean packages
fi
output "Installing the Pterodactyl daemon..."
2020-10-03 01:24:14 -04:00
mkdir -p /srv/daemon /srv/daemon-data
cd /srv/daemon
curl -L https://github.com/pterodactyl/daemon/releases/download/${DAEMON_LEGACY}/daemon.tar.gz | tar --strip-components=1 -xzv
2020-10-03 01:24:14 -04:00
npm install --only=production --no-audit --unsafe-perm
2020-06-25 05:31:54 -04:00
bash -c 'cat > /etc/systemd/system/wings.service' <<-'EOF'
[Unit]
Description=Pterodactyl Wings Daemon
After=docker.service
[Service]
User=root
2020-10-03 01:24:14 -04:00
#Group=some_group
WorkingDirectory=/srv/daemon
2020-06-25 05:31:54 -04:00
LimitNOFILE=4096
PIDFile=/var/run/wings/daemon.pid
2020-10-03 01:24:14 -04:00
ExecStart=/usr/bin/node /srv/daemon/src/index.js
2020-06-25 05:31:54 -04:00
Restart=on-failure
StartLimitInterval=600
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable wings
output "Daemon installation is nearly complete, please go to the panel and get your 'Auto Deploy' command in the node configuration tab."
2020-06-25 05:31:54 -04:00
output "Paste your auto deploy command below: "
read AUTODEPLOY
${AUTODEPLOY}
service wings start
2020-12-07 13:04:29 -05:00
output "Daemon ${DAEMON_LEGACY} has now been installed on your system."
2020-06-25 05:31:54 -04:00
}
2020-10-11 22:11:37 -04:00
migrate_wings(){
mkdir -p /etc/pterodactyl
curl -L -o /usr/local/bin/wings https://github.com/pterodactyl/wings/releases/download/${WINGS}/wings_linux_amd64
2020-10-11 22:11:37 -04:00
chmod u+x /usr/local/bin/wings
systemctl stop wings
rm -rf /srv/daemon
systemctl disable --now pterosftp
rm /etc/systemd/system/pterosftp.service
bash -c 'cat > /etc/systemd/system/wings.service' <<-'EOF'
[Unit]
Description=Pterodactyl Wings Daemon
After=docker.service
[Service]
User=root
WorkingDirectory=/etc/pterodactyl
LimitNOFILE=4096
PIDFile=/var/run/wings/daemon.pid
ExecStart=/usr/local/bin/wings
Restart=on-failure
StartLimitInterval=600
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable --now wings
output "Your daemon has been migrated to wings."
}
2020-06-25 05:31:54 -04:00
upgrade_daemon(){
2020-10-03 01:24:14 -04:00
cd /srv/daemon
service wings stop
curl -L https://github.com/pterodactyl/daemon/releases/download/${DAEMON_LEGACY}/daemon.tar.gz | tar --strip-components=1 -xzv
2020-10-03 01:24:14 -04:00
npm install -g npm
npm install --only=production --no-audit --unsafe-perm
2020-06-25 05:31:54 -04:00
service wings restart
2020-12-07 13:02:09 -05:00
output "Your daemon has been updated to version ${DAEMON_LEGACY}."
2020-06-25 05:31:54 -04:00
output "npm has been updated to the latest version."
}
2020-10-03 01:24:14 -04:00
install_standalone_sftp(){
os_check
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install jq
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ]; then
yum -y install jq
fi
if [ ! -f /srv/daemon/config/core.json ]; then
warn "YOU MUST CONFIGURE YOUR DAEMON PROPERLY BEFORE INSTALLING THE STANDALONE SFTP SERVER!"
exit 11
fi
cd /srv/daemon
if [ $(cat /srv/daemon/config/core.json | jq -r '.sftp.enabled') == "null" ]; then
output "Updating config to enable sftp-server..."
cat /srv/daemon/config/core.json | jq '.sftp.enabled |= false' > /tmp/core
cat /tmp/core > /srv/daemon/config/core.json
rm -rf /tmp/core
elif [ $(cat /srv/daemon/config/core.json | jq -r '.sftp.enabled') == "false" ]; then
output "Config already set up for Golang SFTP server."
else
output "You may have purposely set the SFTP to true which will cause this to fail."
fi
service wings restart
output "Installing standalone SFTP server..."
curl -Lo sftp-server https://github.com/pterodactyl/sftp-server/releases/download/v1.0.5/sftp-server
chmod +x sftp-server
bash -c 'cat > /etc/systemd/system/pterosftp.service' <<-'EOF'
[Unit]
Description=Pterodactyl Standalone SFTP Server
After=wings.service
[Service]
User=root
WorkingDirectory=/srv/daemon
LimitNOFILE=4096
PIDFile=/var/run/wings/sftp.pid
ExecStart=/srv/daemon/sftp-server
Restart=on-failure
StartLimitInterval=600
[Install]
WantedBy=multi-user.target
EOF
systemctl enable pterosftp
service pterosftp restart
}
upgrade_standalone_sftp(){
output "Turning off the standalone SFTP server..."
service pterosftp stop
curl -Lo sftp-server https://github.com/pterodactyl/sftp-server/releases/download/v1.0.5/sftp-server
chmod +x sftp-server
service pterosftp start
output "Your standalone SFTP server has successfully been updated to v1.0.5."
}
2020-06-25 05:31:54 -04:00
install_mobile(){
cd /var/www/pterodactyl
composer config repositories.cloud composer https://packages.pterodactyl.cloud
composer require pterodactyl/mobile-addon --update-no-dev --optimize-autoloader
php artisan migrate --force
}
2020-08-09 23:14:18 -04:00
upgrade_mobile(){
cd /var/www/pterodactyl
composer update pterodactyl/mobile-addon
php artisan migrate --force
}
2020-06-25 05:31:54 -04:00
install_phpmyadmin(){
output "Installing phpMyAdmin..."
2020-06-25 05:31:54 -04:00
cd /var/www/pterodactyl/public
rm -rf phpmyadmin
wget https://files.phpmyadmin.net/phpMyAdmin/${PHPMYADMIN}/phpMyAdmin-${PHPMYADMIN}-all-languages.zip
unzip phpMyAdmin-${PHPMYADMIN}-all-languages.zip
mv phpMyAdmin-${PHPMYADMIN}-all-languages phpmyadmin
rm -rf phpMyAdmin-${PHPMYADMIN}-all-languages.zip
2020-06-25 05:31:54 -04:00
cd /var/www/pterodactyl/public/phpmyadmin
SERVER_IP=$(curl -s http://checkip.amazonaws.com)
BOWFISH=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 34 | head -n 1`
bash -c 'cat > /var/www/pterodactyl/public/phpmyadmin/config.inc.php' <<EOF
<?php
/* Servers configuration */
\$i = 0;
/* Server: MariaDB [1] */
\$i++;
\$cfg['Servers'][\$i]['verbose'] = 'MariaDB';
\$cfg['Servers'][\$i]['host'] = '${SERVER_IP}';
\$cfg['Servers'][\$i]['port'] = '';
\$cfg['Servers'][\$i]['socket'] = '';
\$cfg['Servers'][\$i]['auth_type'] = 'cookie';
\$cfg['Servers'][\$i]['user'] = 'root';
\$cfg['Servers'][\$i]['password'] = '';
/* End of servers configuration */
\$cfg['blowfish_secret'] = '${BOWFISH}';
\$cfg['DefaultLang'] = 'en';
\$cfg['ServerDefault'] = 1;
\$cfg['UploadDir'] = '';
\$cfg['SaveDir'] = '';
\$cfg['CaptchaLoginPublicKey'] = '6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn';
\$cfg['CaptchaLoginPrivateKey'] = '6LcJcjwUAAAAALOcDJqAEYKTDhwELCkzUkNDQ0J5'
?>
EOF
output "Installation completed."
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
chown -R www-data:www-data * /var/www/pterodactyl
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
chown -R apache:apache * /var/www/pterodactyl
chown -R nginx:nginx * /var/www/pterodactyl
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
restorecon -R /var/www/pterodactyl
fi
}
ssl_certs(){
output "Installing Let's Encrypt and creating an SSL certificate..."
2020-06-25 05:31:54 -04:00
cd /root
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install certbot
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
yum -y install certbot
fi
if [ "$webserver" = "1" ]; then
service nginx stop
elif [ "$webserver" = "2" ]; then
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
service apache2 stop
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
service httpd stop
fi
fi
certbot certonly --standalone --email "$email" --agree-tos -d "$FQDN" --non-interactive
2020-06-25 05:31:54 -04:00
if [ "$installoption" = "2" ]; then
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
ufw deny 80
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
firewall-cmd --permanent --remove-port=80/tcp
firewall-cmd --reload
fi
else
if [ "$webserver" = "1" ]; then
service nginx restart
elif [ "$webserver" = "2" ]; then
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
service apache2 restart
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
service httpd restart
fi
fi
fi
2020-10-15 11:23:52 -04:00
if [ "$lsb_dist" = "debian" ] || [ "$lsb_dist" = "ubuntu" ]; then
2020-06-25 05:31:54 -04:00
if [ "$installoption" = "1" ]; then
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --post-hook "service nginx restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service apache2 stop" --post-hook "service apache2 restart" >> /dev/null 2>&1')| crontab -
fi
elif [ "$installoption" = "2" ]; then
2020-10-12 01:49:55 -04:00
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --post-hook "service nginx restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service apache2 stop" --post-hook "service apache2 restart" >> /dev/null 2>&1')| crontab -
fi
elif [ "$installoption" = "3" ]; then
2020-10-15 11:23:52 -04:00
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "ufw allow 80" --pre-hook "service wings stop" --post-hook "ufw deny 80" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$installoption" = "4" ]; then
2020-10-15 11:23:52 -04:00
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "ufw allow 80" --pre-hook "service wings stop" --post-hook "ufw deny 80" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
2020-10-12 01:49:55 -04:00
elif [ "$installoption" = "5" ]; then
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --pre-hook "service wings stop" --post-hook "service nginx restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service apache2 stop" --pre-hook "service wings stop" --post-hook "service apache2 restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
fi
elif [ "$installoption" = "6" ]; then
2020-06-25 05:31:54 -04:00
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --pre-hook "service wings stop" --post-hook "service nginx restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service apache2 stop" --pre-hook "service wings stop" --post-hook "service apache2 restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
fi
2020-10-15 11:23:52 -04:00
fi
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$installoption" = "1" ]; then
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --post-hook "service nginx restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service httpd stop" --post-hook "service httpd restart" >> /dev/null 2>&1')| crontab -
fi
elif [ "$installoption" = "2" ]; then
2020-10-12 01:49:55 -04:00
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --post-hook "service nginx restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service httpd stop" --post-hook "service httpd restart" >> /dev/null 2>&1')| crontab -
fi
2020-06-25 05:31:54 -04:00
elif [ "$installoption" = "3" ]; then
2020-10-12 01:49:55 -04:00
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "firewall-cmd --add-port=80/tcp && firewall-cmd --reload" --pre-hook "service wings stop" --post-hook "firewall-cmd --remove-port=80/tcp && firewall-cmd --reload" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$installoption" = "4" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "firewall-cmd --add-port=80/tcp && firewall-cmd --reload" --pre-hook "service wings stop" --post-hook "firewall-cmd --remove-port=80/tcp && firewall-cmd --reload" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$installoption" = "5" ]; then
2020-06-25 05:31:54 -04:00
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --pre-hook "service wings stop" --post-hook "service nginx restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service httpd stop" --pre-hook "service wings stop" --post-hook "service httpd restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
fi
2020-10-15 11:23:52 -04:00
elif [ "$installoption" = "5" ]; then
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --pre-hook "service wings stop" --post-hook "service nginx restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service httpd stop" --pre-hook "service wings stop" --post-hook "service httpd restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
fi
elif [ "$installoption" = "6" ]; then
2020-10-12 01:49:55 -04:00
if [ "$webserver" = "1" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service nginx stop" --pre-hook "service wings stop" --post-hook "service nginx restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
elif [ "$webserver" = "2" ]; then
(crontab -l ; echo '0 0,12 * * * certbot renew --pre-hook "service httpd stop" --pre-hook "service wings stop" --post-hook "service httpd restart" --post-hook "service wings restart" >> /dev/null 2>&1')| crontab -
fi
fi
2020-06-25 05:31:54 -04:00
fi
}
firewall(){
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt -y install iptables
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ] || [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "cloudlinux" ]; then
yum -y install iptables
fi
curl -sSL https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/iptables-no-prompt.sh | sudo bash
block_icmp
javapipe_kernel
2020-06-25 10:33:12 -04:00
output "Setting up Fail2Ban..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt -y install fail2ban
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ]; then
yum -y install fail2ban
fi
systemctl enable fail2ban
bash -c 'cat > /etc/fail2ban/jail.local' <<-'EOF'
[DEFAULT]
# Ban hosts for ten hours:
bantime = 36000
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
EOF
service fail2ban restart
output "Configuring your firewall..."
2020-06-25 05:31:54 -04:00
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt-get -y install ufw
ufw allow 22
if [ "$installoption" = "1" ]; then
ufw allow 80
ufw allow 443
ufw allow 3306
elif [ "$installoption" = "2" ]; then
2020-10-15 10:41:34 -04:00
ufw allow 80
ufw allow 443
ufw allow 3306
elif [ "$installoption" = "3" ]; then
2020-06-25 05:31:54 -04:00
ufw allow 80
ufw allow 8080
ufw allow 2022
2020-10-15 10:41:34 -04:00
elif [ "$installoption" = "4" ]; then
ufw allow 80
ufw allow 8080
ufw allow 2022
elif [ "$installoption" = "5" ]; then
ufw allow 80
ufw allow 443
ufw allow 8080
ufw allow 2022
ufw allow 3306
elif [ "$installoption" = "6" ]; then
2020-06-25 05:31:54 -04:00
ufw allow 80
ufw allow 443
ufw allow 8080
ufw allow 2022
ufw allow 3306
fi
yes |ufw enable
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ]; then
yum -y install firewalld
systemctl enable firewalld
systemctl start firewalld
if [ "$installoption" = "1" ]; then
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
2020-10-15 10:41:34 -04:00
firewall-cmd --add-service=mysql --permanent
2020-06-25 05:31:54 -04:00
elif [ "$installoption" = "2" ]; then
2020-10-15 10:41:34 -04:00
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --add-service=mysql --permanent
elif [ "$installoption" = "3" ]; then
2020-06-25 05:31:54 -04:00
firewall-cmd --permanent --add-service=80/tcp
firewall-cmd --permanent --add-port=2022/tcp
firewall-cmd --permanent --add-port=8080/tcp
2020-10-15 10:41:34 -04:00
elif [ "$installoption" = "4" ]; then
firewall-cmd --permanent --add-service=80/tcp
firewall-cmd --permanent --add-port=2022/tcp
firewall-cmd --permanent --add-port=8080/tcp
elif [ "$installoption" = "5" ]; then
2020-06-25 05:31:54 -04:00
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --permanent --add-port=2022/tcp
firewall-cmd --permanent --add-port=8080/tcp
2020-10-15 10:41:34 -04:00
firewall-cmd --permanent --add-service=mysql
elif [ "$installoption" = "6" ]; then
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --permanent --add-port=2022/tcp
firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --permanent --add-service=mysql
2020-06-25 05:31:54 -04:00
fi
fi
}
block_icmp(){
output "Block ICMP (Ping) Packets?"
output "You should choose [1] if you are not using a monitoring system and [2] otherwise."
output "[1] Yes."
output "[2] No."
read icmp
case $icmp in
1 ) /sbin/iptables -t mangle -A PREROUTING -p icmp -j DROP
(crontab -l ; echo "@reboot /sbin/iptables -t mangle -A PREROUTING -p icmp -j DROP >> /dev/null 2>&1")| crontab -
;;
2 ) output "Skipping rule..."
;;
* ) output "You did not enter a valid selection."
block_icmp
esac
}
javapipe_kernel(){
output "Apply JavaPipe's kernel configurations (https://javapipe.com/blog/iptables-ddos-protection)?"
2020-06-25 05:31:54 -04:00
output "[1] Yes."
output "[2] No."
read javapipe
case $javapipe in
1) sh -c "$(curl -sSL https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/javapipe_kernel.sh)"
;;
2) output "JavaPipe kernel modifications not applied."
2020-06-25 05:31:54 -04:00
;;
* ) output "You did not enter a valid selection."
javapipe_kernel
esac
}
install_database() {
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
apt -y install mariadb-server
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "rhel" ]; then
if [ "$dist_version" = "8" ]; then
dnf -y install MariaDB-server MariaDB-client --disablerepo=AppStream
fi
else
dnf -y install MariaDB-server
fi
output "Creating the databases and setting root password..."
2020-06-25 05:31:54 -04:00
password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
adminpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
rootpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
Q0="DROP DATABASE IF EXISTS test;"
Q1="CREATE DATABASE IF NOT EXISTS panel;"
Q2="SET old_passwords=0;"
Q3="GRANT ALL ON panel.* TO 'pterodactyl'@'127.0.0.1' IDENTIFIED BY '$password';"
Q4="GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX, DROP, EXECUTE, PROCESS, RELOAD, LOCK TABLES, CREATE USER ON *.* TO 'admin'@'$SERVER_IP' IDENTIFIED BY '$adminpassword' WITH GRANT OPTION;"
Q5="SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$rootpassword');"
Q6="DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
Q7="DELETE FROM mysql.user WHERE User='';"
Q8="DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
Q9="FLUSH PRIVILEGES;"
SQL="${Q0}${Q1}${Q2}${Q3}${Q4}${Q5}${Q6}${Q7}${Q8}${Q9}"
mysql -u root -e "$SQL"
output "Binding MariaDB/MySQL to 0.0.0.0."
if [ -f /etc/mysql/my.cnf ] ; then
sed -i -- 's/bind-address/# bind-address/g' /etc/mysql/my.cnf
sed -i '/\[mysqld\]/a bind-address = 0.0.0.0' /etc/mysql/my.cnf
output 'Restarting MySQL process...'
service mysql restart
elif [ -f /etc/my.cnf ] ; then
sed -i -- 's/bind-address/# bind-address/g' /etc/my.cnf
sed -i '/\[mysqld\]/a bind-address = 0.0.0.0' /etc/my.cnf
output 'Restarting MySQL process...'
service mysql restart
elif [ -f /etc/mysql/my.conf.d/mysqld.cnf ] ; then
sed -i -- 's/bind-address/# bind-address/g' /etc/my.cnf
sed -i '/\[mysqld\]/a bind-address = 0.0.0.0' /etc/my.cnf
output 'Restarting MySQL process...'
service mysql restart
else
output 'File my.cnf was not found! Please contact support.'
fi
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
yes | ufw allow 3306
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ]; then
firewall-cmd --permanent --add-service=mysql
firewall-cmd --reload
fi
broadcast_database
}
database_host_reset(){
SERVER_IP=$(curl -s http://checkip.amazonaws.com)
adminpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
Q0="SET old_passwords=0;"
Q1="SET PASSWORD FOR 'admin'@'$SERVER_IP' = PASSWORD('$adminpassword');"
Q2="FLUSH PRIVILEGES;"
SQL="${Q0}${Q1}${Q2}"
mysql mysql -e "$SQL"
output "New database host information:"
output "Host: $SERVER_IP"
output "Port: 3306"
output "User: admin"
output "Password: $adminpassword"
}
broadcast(){
if [ "$installoption" = "1" ] || [ "$installoption" = "3" ]; then
broadcast_database
fi
output "###############################################################"
output "FIREWALL INFORMATION"
output ""
output "All unnecessary ports are blocked by default."
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
2020-06-25 10:33:12 -04:00
output "Use 'ufw allow <port>' to enable your desired ports."
2020-06-25 05:31:54 -04:00
elif [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "centos" ] && [ "$dist_version" != "8" ]; then
output "Use 'firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports."
fi
output "###############################################################"
output ""
}
broadcast_database(){
output "###############################################################"
output "MARIADB/MySQL INFORMATION"
output ""
output "Your MariaDB/MySQL root password is $rootpassword"
output ""
output "Create your MariaDB/MySQL host with the following information:"
output "Host: $SERVER_IP"
output "Port: 3306"
output "User: admin"
output "Password: $adminpassword"
output "###############################################################"
output ""
}
#Execution
preflight
install_options
case $installoption in
2020-10-11 22:33:14 -04:00
1) webserver_options
repositories_setup
required_infos
firewall
setup_pterodactyl
broadcast
broadcast_database
;;
2020-10-11 22:33:14 -04:00
2) webserver_options
theme_options
repositories_setup_0.7.19
required_infos
firewall
setup_pterodactyl_0.7.19
broadcast
;;
2020-10-11 22:33:14 -04:00
3) repositories_setup
required_infos
firewall
ssl_certs
install_wings
broadcast
broadcast_database
;;
2020-10-11 22:33:14 -04:00
4) repositories_setup_0.7.19
required_infos
firewall
ssl_certs
install_daemon
broadcast
;;
2020-10-11 22:33:14 -04:00
5) webserver_options
repositories_setup
required_infos
firewall
2020-10-15 11:04:38 -04:00
ssl_certs
2020-10-11 22:33:14 -04:00
setup_pterodactyl
install_wings
broadcast
;;
2020-10-11 22:33:14 -04:00
6) webserver_options
theme_options
repositories_setup_0.7.19
required_infos
firewall
setup_pterodactyl_0.7.19
install_daemon
broadcast
;;
7) install_standalone_sftp
;;
2020-10-11 22:11:37 -04:00
8) upgrade_pterodactyl
;;
2020-10-13 00:37:35 -04:00
9) upgrade_pterodactyl_1.0
;;
10) theme_options
2020-10-11 22:11:37 -04:00
upgrade_pterodactyl_0.7.19
theme
;;
11) upgrade_daemon
;;
2020-10-13 00:37:35 -04:00
12) migrate_wings
;;
13) upgrade_pterodactyl_1.0
2020-10-11 22:11:37 -04:00
migrate_wings
;;
2020-10-13 00:37:35 -04:00
14) theme_options
upgrade_pterodactyl_0.7.19
2020-10-11 22:33:14 -04:00
theme
upgrade_daemon
;;
2020-10-13 00:37:35 -04:00
15) upgrade_standalone_sftp
;;
2020-10-13 00:37:35 -04:00
16) install_mobile
;;
2020-10-13 00:37:35 -04:00
17) upgrade_mobile
;;
2020-10-13 00:37:35 -04:00
18) install_phpmyadmin
;;
2020-10-13 00:37:35 -04:00
19) repositories_setup
2020-10-11 22:11:37 -04:00
install_database
;;
2020-10-13 00:37:35 -04:00
20) theme_options
if [ "$themeoption" = "1" ]; then
upgrade_pterodactyl_0.7.19
fi
theme
2020-10-11 22:11:37 -04:00
;;
21) curl -sSL https://raw.githubusercontent.com/tommytran732/MariaDB-Root-Password-Reset/master/mariadb-104.sh | sudo bash
2020-10-11 22:11:37 -04:00
;;
22) database_host_reset
2020-10-11 22:11:37 -04:00
;;
2020-12-31 06:34:36 -05:00
esac