Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- output() {
- echo -e '\e[36m'$1'\e[0m';
- }
- copyright(){
- output "Pterodactyl Installation script v15.2."
- output "Copyright © 2018 Thien Tran <contact@thientran.io>."
- output "Please report any issues to https://discord.gg/baJK6ZD"
- output ""
- }
- server_options() {
- output "Thank you for your purchase. Please note that this script is meant to be installed on a fresh OS. Installing it on a non-fresh OS may cause problems."
- output "Please select what you would like to install:\n[1] Install the panel.\n[2] Install the daemon.\n[3] Install the panel and daemon."
- read choice
- case $choice in
- 1 ) installoption=1
- output "You have selected panel installation only."
- ;;
- 2 ) installoption=2
- output "You have selected daemon installation only."
- ;;
- 3 ) installoption=3
- output "You have selected panel and daemon installation."
- ;;
- * ) output "You did not enter a a valid selection."
- server_options
- esac
- }
- get_distribution() {
- output "Automatic Operating System Detection initialized."
- if [ -r /etc/os-release ]; then
- lsb_dist="$(. /etc/os-release && echo "$ID")"
- dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
- fi
- output "OS: $lsb_dist $dist_version detected."
- output ""
- }
- os_options() {
- if [ "$lsb_dist" = "ubuntu" ]; then
- if [ "$dist_version" = "18.04" ]; then
- osoption=1
- elif [ "$dist_version" == "16.04" ]; then
- osoption=2
- elif [ "$dist_version" = "14.04" ]; then
- osoption=3
- else
- output "Unsupported Ubuntu version. Only Ubuntu 18.04, 16.04, and 14.04 are supported."
- fi
- elif [ "$lsb_dist" = "debian" ]; then
- if [ "$dist_version" = "9" ]; then
- osoption=4
- elif [ "$dist_version" = "8" ]; then
- osoption=5
- else
- output "Unsupported Debian version. Only Debian 9 and 8 are supported.."
- fi
- elif [ "$lsb_dist" = "fedora" ]; then
- if [ "$dist_version" = "28" ]; then
- osoption=6
- elif [ "$dist_version" = "27" ]; then
- osoption=7
- else
- output "Unsupported Fedora version. Only Fedora 28 and 27 are supported."
- fi
- elif [ "$lsb_dist" = "centos" ]; then
- if [ "$dist_version" = "7" ]; then
- osoption=8
- else
- output "Unsupported CentOS version. Only CentOS 7 is supported."
- fi
- else
- output "Unsupported Operating System."
- output "Supported OS:"
- output "Ubuntu: 18.04, 16.04 14.04"
- output "Debian: 9, 8"
- output "Fedora: 28, 27"
- output "CentOS 7"
- fi
- }
- webserver_options() {
- output "Please select which web server you would like to use:\n[1] Nginx (Recommended).\n[2] Apache2/Httpd."
- read choice
- case $choice in
- 1 ) webserver=1
- output "You have selected Nginx."
- ;;
- 2 ) webserver=2
- output "You have selected Apache2 / Httpd."
- ;;
- * ) output "You did not enter a valid selection."
- webserver_options
- esac
- }
- fonix_options() {
- output "Would you like to install Fonix's themes? :\n[1] No.\n[2] Graphite theme.\n[3] Midnight theme."
- output "You can find out about Fonix's themes here: https://github.com/TheFonix/Pterodactyl-Themes"
- read choice
- case $choice in
- 1 ) fonixoption=1
- output "You have selected to install vanilla Pterodactyl theme."
- ;;
- 2 ) fonixoption=2
- output "You have selected to install Fonix's Graphite theme."
- ;;
- 3 ) fonixoption=3
- output "You have selected panel and Fonix's Midnight theme."
- ;;
- * ) output "You did not enter a a valid selection"
- fonix_options
- esac
- }
- fonix_graphite() {
- output "Installing Graphite Theme"
- cd /var/www/pterodactyl
- curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/Pterodactyl-7/Graphite/build.sh | sh
- }
- fonix_midnight(){
- output "Installing Midnight Theme"
- cd /var/www/pterodactyl
- curl https://raw.githubusercontent.com/TheFonix/Pterodactyl-Themes/master/Pterodactyl-7/Midnight/build.sh | sh
- }
- required_infos() {
- output "Please enter your FQDN (panel.yourdomain.com):"
- read FQDN
- output "Please enter the desired user email address:"
- read email
- }
- daemon_option(){
- output "Please select your preferred Daemon installation mode:\n[1] Systemd (Recommended).\n[2] Forever."
- read choice
- case $choice in
- 1 ) daemonoption=1
- output "You have selected to install the Daemon using Systemd."
- ;;
- 2 ) daemonoption=2
- output "You have selected to install the Daemon using Forever."
- ;;
- * ) output "You did not enter a a valid selection"
- daemon_option
- esac
- }
- server_u18() {
- output "Forcing IPv4 on apt."
- echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
- output "Adding repositories and PPAs."
- apt-get -y update
- apt-get -y install software-properties-common
- add-apt-repository -y universe
- LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
- add-apt-repository -y ppa:chris-lea/redis-server
- add-apt-repository -y ppa:nginx/stable
- apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
- add-apt-repository -y 'deb [arch=amd64,arm64,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu bionic main'
- add-apt-repository -y ppa:certbot/certbot
- output "Updating all server packages."
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- }
- server_u16() {
- output "Forcing IPv4 on apt."
- echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
- output "Adding repositories and PPAs."
- apt-get -y update
- apt-get -y install software-properties-common
- add-apt-repository -y universe
- LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
- add-apt-repository -y ppa:chris-lea/redis-server
- add-apt-repository -y ppa:nginx/stable
- apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
- add-apt-repository 'deb [arch=amd64,arm64,i386,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu xenial main'
- add-apt-repository -y ppa:certbot/certbot
- output "Updating all server packages."
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- }
- server_u14() {
- output "Forcing IPv4 on apt."
- echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
- output "Adding repositories and PPAs."
- apt-get -y update
- apt-get -y install software-properties-common
- add-apt-repository -y universe
- LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
- add-apt-repository -y ppa:ondrej/nginx
- add-apt-repository -y ppa:chris-lea/redis-server
- sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db
- sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu trusty main'
- add-apt-repository -y ppa:certbot/certbot
- output "Updating all server packages."
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- }
- server_d9(){
- output "Forcing IPv4 on apt."
- echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
- output "Adding repositories."
- apt-get -y update
- apt-get -y install ca-certificates apt-transport-https
- apt-get -y install software-properties-common dirmngr
- wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
- sudo echo "deb https://packages.sury.org/php/ stretch main" | sudo tee /etc/apt/sources.list.d/php.list
- sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
- sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.3/debian stretch main'
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- }
- server_d8(){
- output "Forcing IPv4 on apt."
- echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4
- output "Adding repositories."
- apt-get -y update
- apt-get -y install ca-certificates apt-transport-https
- apt-get -y install software-properties-common
- wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
- sudo echo "deb https://packages.sury.org/php/ jessie main" | sudo tee /etc/apt/sources.list.d/php.list
- sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
- sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.3/debian jessie main'
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- }
- server_f28(){
- output "Adding repositories."
- echo '
- # MariaDB 10.3 Fedora repository list - created 2018-10-05 23:47 UTC
- # http://downloads.mariadb.org/mariadb/repositories/
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.3/fedora28-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
- ' | sudo -E tee /etc/yum.repos.d/mariadb.repo >/dev/null 2>&1
- echo '
- [heffer-nginx-mainline]
- name=Copr repo for nginx-mainline owned by heffer
- baseurl=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/fedora-$releasever-$basearch/
- type=rpm-md
- skip_if_unavailable=True
- gpgcheck=1
- gpgkey=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/pubkey.gpg
- repo_gpgcheck=0
- enabled=1
- enabled_metadata=1
- ' | sudo -E tee /etc/yum.repos.d/nginx.repo >/dev/null 2>&1
- dnf -y upgrade
- dnf -y autoremove
- dnf -y clean packages
- }
- server_f27(){
- output "Adding repositories."
- echo '
- # MariaDB 10.3 Fedora repository list - created 2018-10-08 09:49 UTC
- # http://downloads.mariadb.org/mariadb/repositories/
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.3/fedora27-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
- ' | sudo -E tee /etc/yum.repos.d/mariadb.repo >/dev/null 2>&1
- echo '
- [heffer-nginx-mainline]
- name=Copr repo for nginx-mainline owned by heffer
- baseurl=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/fedora-$releasever-$basearch/
- type=rpm-md
- skip_if_unavailable=True
- gpgcheck=1
- gpgkey=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/pubkey.gpg
- repo_gpgcheck=0
- enabled=1
- enabled_metadata=1
- ' | sudo -E tee /etc/yum.repos.d/nginx.repo >/dev/null 2>&1
- dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
- dnf -y install https://rpms.remirepo.net/fedora/remi-release-27.rpm
- dnf -y upgrade
- dnf -y autoremove
- dnf -y clean packages
- }
- server_c7(){
- echo '
- # MariaDB 10.3 CentOS repository list - created 2018-10-08 09:23 UTC
- # http://downloads.mariadb.org/mariadb/repositories/
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.3/centos7-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
- ' | sudo -E tee /etc/yum.repos.d/mariadb.repo >/dev/null 2>&1
- echo '
- [heffer-nginx-mainline]
- name=Copr repo for nginx-mainline owned by heffer
- baseurl=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/epel-7-$basearch/
- type=rpm-md
- skip_if_unavailable=True
- gpgcheck=1
- gpgkey=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/pubkey.gpg
- repo_gpgcheck=0
- enabled=1
- enabled_metadata=1
- ' | sudo -E tee /etc/yum.repos.d/nginx.repo >/dev/null 2>&1
- yum -y install epel-release
- yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
- yum -y install yum-utils
- yum-config-manager --enable remi-php72
- yum -y upgrade
- yum -y autoremove
- yum -y clean packages
- }
- erver_f27(){
- output "Adding repositories."
- echo '
- # MariaDB 10.3 Fedora repository list - created 2018-10-08 09:49 UTC
- # http://downloads.mariadb.org/mariadb/repositories/
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.3/fedora27-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
- ' | sudo -E tee /etc/yum.repos.d/mariadb.repo >/dev/null 2>&1
- echo '
- [heffer-nginx-mainline]
- name=Copr repo for nginx-mainline owned by heffer
- baseurl=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/fedora-$releasever-$basearch/
- type=rpm-md
- skip_if_unavailable=True
- gpgcheck=1
- gpgkey=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/pubkey.gpg
- repo_gpgcheck=0
- enabled=1
- enabled_metadata=1
- ' | sudo -E tee /etc/yum.repos.d/nginx.repo >/dev/null 2>&1
- dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
- dnf -y install https://rpms.remirepo.net/fedora/remi-release-27.rpm
- dnf -y upgrade
- dnf -y autoremove
- dnf -y clean packages
- }
- server_c7(){
- echo '
- # MariaDB 10.3 CentOS repository list - created 2018-10-08 09:23 UTC
- # http://downloads.mariadb.org/mariadb/repositories/
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.3/centos7-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
- ' | sudo -E tee /etc/yum.repos.d/mariadb.repo >/dev/null 2>&1
- echo '
- [heffer-nginx-mainline]
- name=Copr repo for nginx-mainline owned by heffer
- baseurl=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/epel-7-$basearch/
- type=rpm-md
- skip_if_unavailable=True
- gpgcheck=1
- gpgkey=https://copr-be.cloud.fedoraproject.org/results/heffer/nginx-mainline/pubkey.gpg
- repo_gpgcheck=0
- enabled=1
- enabled_metadata=1
- ' | sudo -E tee /etc/yum.repos.d/nginx.repo >/dev/null 2>&1
- yum -y install epel-release
- yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
- yum -y install yum-utils
- yum-config-manager --enable remi-php72
- yum -y upgrade
- yum -y autoremove
- yum -y clean packages
- }
- install_nginx_dependencies() {
- output "Installing Nginx, PHP, and Dependencies."
- apt-get -y install php7.2 php7.2-cli php7.2-gd php7.2-mysql php7.2-pdo php7.2-mbstring php7.2-tokenizer php7.2-bcmath php7.2-xml php7.2-fpm php7.2-curl php7.2-zip curl tar unzip git redis-server nginx git
- }
- install_apache_dependencies() {
- output "Installing Apache, PHP and Dependencies."
- apt-get -y install php7.2 php7.2-cli php7.2-gd php7.2-mysql php7.2-pdo php7.2-mbstring php7.2-tokenizer php7.2-bcmath php7.2-xml php7.2-fpm php7.2-curl php7.2-zip curl tar unzip git redis-server apache2 libapache2-mod-php7.2 redis-server git
- }
- install_nginx_dependencies_f28(){
- output "Installing Nginx, PHP, and Dependencies."
- dnf -y install php php-common php-fpm php-cli php-json php-mysqlnd php-mcrypt php-gd php-mbstring php-pdo php-zip php-bcmath php-dom php-opcache mariadb-server redis cronie nginx git policycoreutils-python-utils libsemanage-devel unzip
- }
- install_apache_dependencies_f28(){
- output "Installing Apache, PHP and Dependencies."
- dnf -y install php php-common php-fpm php-cli php-json php-mysqlnd php-mcrypt php-gd php-mbstring php-pdo php-zip php-bcmath php-dom php-opcache mariadb-server redis cronie httpd git policycoreutils-python-utils libsemanage-devel mod_ssl unzip
- }
- install_nginx_dependencies_f27(){
- output "Installing Nginx, PHP, and Dependencies."
- dnf -y install php php-common php-fpm php-cli php-json php-mysqlnd php-mcrypt php-gd php-mbstring php-pdo php-zip php-bcmath php-dom php-opcache mariadb-server redis cronie nginx git policycoreutils-python-utils libsemanage-devel unzip
- }
- install_apache_dependencies_f27(){
- output "Installing Apache, PHP and Dependecies."
- dnf -y install php php-common php-fpm php-cli php-json php-mysqlnd php-mcrypt php-gd php-mbstring php-pdo php-zip php-bcmath php-dom php-opcache mariadb-server redis cronie httpd git policycoreutils-python-utils libsemanage-devel mod_ssl unzip
- }
- install_nginx_dependencies_c7(){
- output "Installing Nginx, PHP, and Dependencies."
- yum -y install php php-common php-fpm php-cli php-json php-mysqlnd php-mcrypt php-gd php-mbstring php-pdo php-zip php-bcmath php-dom php-opcache mariadb-server redis cronie nginx git libsemanage-devel unzip
- }
- install_apache_dependencies_c7(){
- output "Installing Apache, PHP and Dependencies."
- yum -y install php php-common php-fpm php-cli php-json php-mysqlnd php-mcrypt php-gd php-mbstring php-pdo php-zip php-bcmath php-dom php-opcache mariadb-server redis cronie httpd git libsemanage-devel mod_ssl unzip
- }
- install_mariadb() {
- output "Installing MariaDB Server."
- sh -c "DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server"
- }
- activate_services(){
- systemctl enable php-fpm
- systemctl enable nginx
- systemctl enable httpd
- systemctl enable redis
- systemctl enable mariadb
- systemctl enable cron
- systemctl start php-fpm
- systemctl start nginx
- systemctl start httpd
- systemctl start redis
- systemctl start mariadb
- systemctl start cron
- }
- pterodactyl_queue(){
- cat > /etc/systemd/system/pteroq.service <<- 'EOF'
- [Unit]
- Description=Pterodactyl Queue Worker
- After=redis-server.service
- [Service]
- User=www-data
- Group=www-data
- Restart=always
- ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
- [Install]
- WantedBy=multi-user.target
- EOF
- sudo systemctl daemon-reload
- systemctl enable pteroq.service
- systemctl start pteroq
- }
- pterodactyl_queue_nginx(){
- cat > /etc/systemd/system/pteroq.service <<- 'EOF'
- [Unit]
- Description=Pterodactyl Queue Worker
- After=redis-server.service
- [Service]
- User=nginx
- Group=nginx
- Restart=always
- ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
- [Install]
- WantedBy=multi-user.target
- EOF
- sudo systemctl daemon-reload
- systemctl enable pteroq.service
- systemctl start pteroq
- }
- pterodactyl_queue_apache(){
- cat > /etc/systemd/system/pteroq.service <<- 'EOF'
- [Unit]
- Description=Pterodactyl Queue Worker
- After=redis-server.service
- [Service]
- User=apache
- Group=apache
- Restart=always
- ExecStart=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
- [Install]
- WantedBy=multi-user.target
- EOF
- sudo systemctl daemon-reload
- systemctl enable pteroq.service
- systemctl start pteroq
- }
- pterodactyl_supervisor(){
- apt -y install supervisor
- service supervisor start
- sudo bash -c 'cat > /etc/supervisor/conf.d/pterodactyl-worker.conf' <<-'EOF'
- [program:pterodactyl-worker]
- process_name=%(program_name)s_%(process_num)02d
- command=/usr/bin/php /var/www/pterodactyl/artisan queue:work --queue=high,standard,low --sleep=3 --tries=3
- autostart=true
- autorestart=true
- user=www-data
- numprocs=2
- redirect_stderr=true
- stdout_logfile=/var/www/pterodactyl/storage/logs/queue-worker.log
- EOF
- output "Updating Supervisor"
- sudo supervisorctl reread
- sudo supervisorctl update
- sudo supervisorctl start pterodactyl-worker:*
- sed -i -e '$i \service supervisor start\n' /etc/rc.local
- }
- install_pterodactyl() {
- output "Creating the databases and setting root password"
- password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
- rootpassword=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
- Q1="CREATE DATABASE IF NOT EXISTS panel;"
- Q2="GRANT ALL ON panel.* TO 'pterodactyl'@'127.0.0.1' IDENTIFIED BY '$password';"
- Q3="SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$rootpassword');"
- Q4="SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('$rootpassword');"
- Q5="SET PASSWORD FOR 'root'@'::1' = PASSWORD('$rootpassword');"
- Q6="DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
- Q7="DELETE FROM mysql.user WHERE User='';"
- Q8="DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
- Q9="FLUSH PRIVILEGES;"
- SQL="${Q1}${Q2}${Q3}${Q4}${Q5}${Q6}${Q7}${Q8}${Q9}"
- mysql -u root -e "$SQL"
- output "Downloading Pterodactyl."
- mkdir -p /var/www/pterodactyl
- cd /var/www/pterodactyl
- curl -Lo panel.tar.gz https://github.com/pterodactyl/panel/releases/download/v0.7.10/panel.tar.gz
- tar --strip-components=1 -xzvf panel.tar.gz
- chmod -R 755 storage/* bootstrap/cache/
- output "Installing Pterodactyl."
- curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
- cp .env.example .env
- composer install --no-dev --optimize-autoloader
- php artisan key:generate --force
- php artisan p:environment:setup --author=$email --url=https://$FQDN --timezone=America/New_York --cache=redis --session=redis --queue=redis --disable-settings-ui --redis-host=127.0.0.1 --redis-pass= --redis-port=6379
- php artisan p:environment:database --host=127.0.0.1 --port=3306 --database=panel --username=pterodactyl --password=$password
- output "To use PHP's internal mail sending, select [mail]. To use a custom SMTP server, select [smtp]. TLS Encryption is recommended."
- php artisan p:environment:mail
- php artisan migrate --seed --force
- php artisan p:user:make --email=$email --admin=1
- chown -R www-data:www-data *
- chown -R nginx:nginx *
- chown -R apache:apache *
- chown -R apache:apache .*
- output "Creating panel queue listeners"
- (crontab -l ; echo "* * * * * php /var/www/pterodactyl/artisan schedule:run >> /dev/null 2>&1")| crontab -
- service cron restart
- }
- nginx_config() {
- output "Disabling default configuration"
- rm -rf /etc/nginx/sites-enabled/default
- output "Configuring Nginx Webserver"
- echo '
- server_tokens off;
- server {
- listen 80;
- server_name '"$FQDN"';
- return 301 https://$server_name$request_uri;
- }
- server {
- listen 443 ssl http2;
- server_name '"$FQDN"';
- root /var/www/pterodactyl/public;
- index index.php;
- access_log /var/log/nginx/pterodactyl.app-access.log;
- error_log /var/log/nginx/pterodactyl.app-error.log error;
- # allow larger file uploads and longer script runtimes
- client_max_body_size 100m;
- client_body_timeout 120s;
- sendfile off;
- # SSL Configuration
- ssl_certificate /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/'"$FQDN"'/privkey.pem;
- ssl_session_cache shared:SSL:10m;
- ssl_protocols TLSv1.2;
- ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
- ssl_prefer_server_ciphers on;
- # See https://hstspreload.org/ before uncommenting the line below.
- # add_header Strict-Transport-Security "max-age=15768000; preload;";
- add_header X-Content-Type-Options nosniff;
- add_header X-XSS-Protection "1; mode=block";
- add_header X-Robots-Tag none;
- add_header Content-Security-Policy "frame-ancestors 'self'";
- add_header X-Frame-Options DENY;
- add_header Referrer-Policy same-origin;
- location / {
- try_files $uri $uri/ /index.php?$query_string;
- }
- location ~ \.php$ {
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
- fastcgi_index index.php;
- include fastcgi_params;
- fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param HTTP_PROXY "";
- fastcgi_intercept_errors off;
- fastcgi_buffer_size 16k;
- fastcgi_buffers 4 16k;
- fastcgi_connect_timeout 300;
- fastcgi_send_timeout 300;
- fastcgi_read_timeout 300;
- include /etc/nginx/fastcgi_params;
- }
- location ~ /\.ht {
- deny all;
- }
- }
- ' | sudo -E tee /etc/nginx/sites-available/pterodactyl.conf >/dev/null 2>&1
- ln -s /etc/nginx/sites-available/pterodactyl.conf /etc/nginx/sites-enabled/pterodactyl.conf
- service nginx restart
- }
- apache_config() {
- output "Disabling default configuration"
- rm -rf /etc/nginx/sites-enabled/default
- output "Configuring Apache2"
- echo '
- <VirtualHost *:80>
- ServerName '"$FQDN"'
- RewriteEngine On
- RewriteCond %{HTTPS} !=on
- RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
- </VirtualHost>
- <VirtualHost *:443>
- DocumentRoot "/var/www/pterodactyl/public"
- AllowEncodedSlashes On
- php_value upload_max_filesize 100M
- php_value post_max_size 100M
- <Directory "/var/www/pterodactyl/public">
- AllowOverride all
- </Directory>
- SSLEngine on
- SSLCertificateFile /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/'"$FQDN"'/privkey.pem
- ServerName '"$FQDN"'
- </VirtualHost>
- ' | sudo -E tee /etc/apache2/sites-available/pterodactyl.conf >/dev/null 2>&1
- ln -s /etc/apache2/sites-available/pterodactyl.conf /etc/apache2/sites-enabled/pterodactyl.conf
- a2enmod ssl
- a2enmod rewrite
- service apache2 restart
- }
- nginx_config_f28(){
- output "Configuring Nginx Webserver"
- echo '
- server {
- listen 80;
- server_name '"$FQDN"';
- return 301 https://$server_name$request_uri;
- }
- server {
- listen 443 ssl http2;
- server_name '"$FQDN"';
- root /var/www/pterodactyl/public;
- index index.php;
- access_log /var/log/nginx/pterodactyl.app-access.log;
- error_log /var/log/nginx/pterodactyl.app-error.log error;
- # allow larger file uploads and longer script runtimes
- client_max_body_size 100m;
- client_body_timeout 120s;
- sendfile off;
- # strengthen ssl security
- ssl_certificate /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/'"$FQDN"'/privkey.pem;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_prefer_server_ciphers on;
- ssl_session_cache shared:SSL:10m;
- ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
- # See the link below for more SSL information:
- # https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
- #
- # ssl_dhparam /etc/ssl/certs/dhparam.pem;
- # Add headers to serve security related headers
- add_header Strict-Transport-Security "max-age=15768000; preload;";
- add_header X-Content-Type-Options nosniff;
- add_header X-XSS-Protection "1; mode=block";
- add_header X-Robots-Tag none;
- add_header Content-Security-Policy "frame-ancestors 'self'";
- location / {
- try_files $uri $uri/ /index.php?$query_string;
- }
- location ~ \.php$ {
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/var/run/php-fpm/pterodactyl.sock;
- fastcgi_index index.php;
- include fastcgi_params;
- fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param HTTP_PROXY "";
- fastcgi_intercept_errors off;
- fastcgi_buffer_size 16k;
- fastcgi_buffers 4 16k;
- fastcgi_connect_timeout 300;
- fastcgi_send_timeout 300;
- fastcgi_read_timeout 300;
- include /etc/nginx/fastcgi_params;
- }
- location ~ /\.ht {
- deny all;
- }
- }
- ' | sudo -E tee /etc/nginx/conf.d/pterodactyl.conf >/dev/null 2>&1
- service nginx restart
- chown -R nginx:nginx $(pwd)
- semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/pterodactyl/storage(/.*)?"
- restorecon -R /var/www/pterodactyl
- }
- apache_config_f28() {
- output "Configuring Apache2"
- echo '
- <VirtualHost *:80>
- ServerName '"$FQDN"'
- RewriteEngine On
- RewriteCond %{HTTPS} !=on
- RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
- </VirtualHost>
- <VirtualHost *:443>
- DocumentRoot "/var/www/pterodactyl/public"
- AllowEncodedSlashes On
- <Directory "/var/www/pterodactyl/public">
- AllowOverride all
- </Directory>
- SSLEngine on
- SSLCertificateFile /etc/letsencrypt/live/'"$FQDN"'/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/'"$FQDN"'/privkey.pem
- ServerName '"$FQDN"'
- </VirtualHost>
- ' | sudo -E tee /etc/httpd/conf.d/pterodactyl.conf >/dev/null 2>&1
- service httpd restart
- }
- php_config(){
- output "Configuring PHP socket."
- echo '
- [pterodactyl]
- user = nginx
- group = nginx
- listen = /var/run/php-fpm/pterodactyl.sock
- listen.owner = nginx
- listen.group = nginx
- listen.mode = 0750
- pm = ondemand
- pm.max_children = 9
- pm.process_idle_timeout = 10s
- pm.max_requests = 200
- ' | sudo -E tee /etc/php-fpm.d/www-pterodactyl.conf >/dev/null 2>&1
- systemctl restart php-fpm
- }
- install_daemon() {
- cd /root
- output "Installing Pterodactyl Daemon dependencies."
- apt-get -y install curl tar unzip
- output "Installing Docker"
- curl -sSL https://get.docker.com/ | CHANNEL=stable bash
- systemctl enable docker
- systemctl start docker
- output "Enabling Swap support for Docker."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
- sudo update-grub
- output "Installing Nodejs."
- curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
- apt -y install nodejs make gcc g++ node-gyp
- output "Updating server packages."
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- output "Installing the Pterodactyl Daemon."
- mkdir -p /srv/daemon /srv/daemon-data
- cd /srv/daemon
- curl -L https://github.com/pterodactyl/daemon/releases/download/v0.6.7/daemon.tar.gz | tar --strip-components=1 -xzv
- npm install --only=production
- bash -c 'cat > /etc/systemd/system/wings.service' <<-'EOF'
- [Unit]
- Description=Pterodactyl Wings Daemon
- After=docker.service
- [Service]
- User=root
- #Group=some_group
- WorkingDirectory=/srv/daemon
- LimitNOFILE=4096
- PIDFile=/var/run/wings/daemon.pid
- ExecStart=/usr/bin/node /srv/daemon/src/index.js
- Restart=on-failure
- StartLimitInterval=600
- [Install]
- WantedBy=multi-user.target
- EOF
- systemctl daemon-reload
- systemctl enable wings
- }
- install_daemon_forever() {
- cd /root
- output "Installing Pterodactyl Daemon dependencies."
- apt-get -y install curl tar unzip
- output "Installing Docker"
- curl -sSL https://get.docker.com/ | CHANNEL=stable bash
- systemctl enable docker
- systemctl start docker
- output "Enabling Swap support for Docker."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
- sudo update-grub
- output "Installing Nodejs."
- curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
- apt -y install nodejs make gcc g++ node-gyp
- output "Updating server packages."
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- output "Installing the Pterodactyl Daemon."
- mkdir -p /srv/daemon /srv/daemon-data
- cd /srv/daemon
- curl -L https://github.com/pterodactyl/daemon/releases/download/v0.6.7/daemon.tar.gz | tar --strip-components=1 -xzv
- npm install --only=production
- npm install -g forever
- }
- install_daemon_f28() {
- cd /root
- output "Installing Pterodactyl Daemon dependencies."
- dnf -y install curl tar unzip
- output "Installing Docker"
- curl -sSL https://get.docker.com/ | CHANNEL=stable bash
- systemctl enable docker
- systemctl start docker
- output "Enabling Swap support for Docker."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
- grub2-mkconfig -o /boot/grub2/grub.cfg
- output "Installing Nodejs."
- curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
- dnf -y install nodejs make gcc-c++
- output "Updating server packages."
- dnf -y upgrade
- dnf -y autoremove
- dnf -y clean packages
- output "Installing the Pterodactyl Daemon."
- mkdir -p /srv/daemon /srv/daemon-data
- cd /srv/daemon
- wget https://thientran.io/daemon-0.6.7.zip
- unzip daemon-0.6.7
- npm install --only=production
- bash -c 'cat > /etc/systemd/system/wings.service' <<-'EOF'
- [Unit]
- Description=Pterodactyl Wings Daemon
- After=docker.service
- [Service]
- User=root
- #Group=some_group
- WorkingDirectory=/srv/daemon
- LimitNOFILE=4096
- PIDFile=/var/run/wings/daemon.pid
- ExecStart=/usr/bin/node /srv/daemon/src/index.js
- Restart=on-failure
- StartLimitInterval=600
- [Install]
- WantedBy=multi-user.target
- EOF
- systemctl daemon-reload
- systemctl enable wings
- }
- install_daemon_forever_f28() {
- cd /root
- output "Installing Pterodactyl Daemon dependencies."
- dnf -y install curl tar unzip
- output "Installing Docker"
- curl -sSL https://get.docker.com/ | CHANNEL=stable bash
- systemctl enable docker
- systemctl start docker
- output "Enabling Swap support for Docker."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
- grub2-mkconfig -o /boot/grub2/grub.cfg
- output "Installing Nodejs."
- curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
- dnf -y install nodejs make gcc-c++ make
- output "Updating server packages."
- dnf -y upgrade
- dnf -y autoremove
- dnf -y clean packages
- output "Installing the Pterodactyl Daemon."
- mkdir -p /srv/daemon /srv/daemon-data
- cd /srv/daemon
- wget https://thientran.io/daemon-0.6.7.zip
- unzip daemon-0.6.7
- npm install --only=production
- npm install -g forever
- }
- install_daemon_c7() {
- cd /root
- output "Installing Pterodactyl Daemon dependencies."
- yum -y install curl tar unzip
- output "Installing Docker"
- curl -sSL https://get.docker.com/ | CHANNEL=stable bash
- systemctl enable docker
- systemctl start docker
- output "Enabling Swap support for Docker."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
- grub2-mkconfig -o /boot/grub2/grub.cfg
- output "Installing Nodejs."
- curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
- yum -y install nodejs make gcc-c++
- output "Updating server packages."
- yum -y upgrade
- yum -y autoremove
- yum -y clean packages
- output "Installing the Pterodactyl Daemon."
- mkdir -p /srv/daemon /srv/daemon-data
- cd /srv/daemon
- curl -L https://github.com/pterodactyl/daemon/releases/download/v0.6.7/daemon.tar.gz | tar --strip-components=1 -xzv
- npm install --only=production
- bash -c 'cat > /etc/systemd/system/wings.service' <<-'EOF'
- [Unit]
- Description=Pterodactyl Wings Daemon
- After=docker.service
- [Service]
- User=root
- #Group=some_group
- WorkingDirectory=/srv/daemon
- LimitNOFILE=4096
- PIDFile=/var/run/wings/daemon.pid
- ExecStart=/usr/bin/node /srv/daemon/src/index.js
- Restart=on-failure
- StartLimitInterval=600
- [Install]
- WantedBy=multi-user.target
- EOF
- systemctl daemon-reload
- systemctl enable wings
- }
- install_daemon_forever_c7() {
- cd /root
- output "Installing Pterodactyl Daemon dependencies."
- yum -y install curl tar unzip
- output "Installing Docker"
- curl -sSL https://get.docker.com/ | CHANNEL=stable bash
- systemctl enable docker
- systemctl start docker
- output "Enabling Swap support for Docker."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& swapaccount=1/' /etc/default/grub
- grub2-mkconfig -o /boot/grub2/grub.cfg
- output "Installing Nodejs."
- curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
- yum -y install nodejs make gcc-c++ make
- output "Updating server packages."
- yum -y upgrade
- yum -y autoremove
- yum -y clean packages
- output "Installing the Pterodactyl Daemon."
- mkdir -p /srv/daemon /srv/daemon-data
- cd /srv/daemon
- curl -L https://github.com/pterodactyl/daemon/releases/download/v0.6.7/daemon.tar.gz | tar --strip-components=1 -xzv
- npm install --only=production
- npm install -g forever
- }
- kernel_modifications_d8(){
- output "Modifying Grub."
- sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="[^"]*/& cgroup_enable=memory/' /etc/default/grub
- output "Adding backport repositories."
- echo deb http://http.debian.net/debian jessie-backports main > /etc/apt/sources.list.d/jessie-backports.list
- echo deb http://http.debian.net/debian jessie-backports main contrib non-free > /etc/apt/sources.list.d/jessie-backports.list
- output "Updating Server Packages."
- apt-get -y update
- apt-get -y upgrade
- apt-get -y autoremove
- apt-get -y autoclean
- output"Installing new kernel"
- apt install -t jessie-backports linux-image-4.9.0-0.bpo.7-amd64
- output "Modifying Docker."
- sed -i 's,/usr/bin/dockerd,/usr/bin/dockerd --storage-driver=overlay2,g' /lib/systemd/system/docker.service
- systemctl daemon-reload
- service docker start
- }
- ssl_certs(){
- output "Installing LetsEncrypt and creating an SSL certificate."
- apt-get -y install certbot
- service nginx stop
- service apache2 stop
- apt-get update && apt-get upgrade -y
- certbot certonly --standalone --email "$email" --agree-tos -d "$FQDN" --non-interactive
- service nginx restart
- service apache2 restart
- }
- ssl_certs_d8(){
- output "Installing LetsEncrypt and creating an SSL certificate."
- sudo apt-get -y install certbot -t jessie-backports
- service nginx stop
- service apache2 stop
- apt-get update && apt-get upgrade -y
- certbot certonly --standalone --email "$email" --agree-tos -d "$FQDN" --non-interactive
- service nginx restart
- service apache2 restart
- }
- ssl_certs_f28(){
- output "Installing LetsEncrypt and creating an SSL certificate."
- dnf -y install certbot
- service nginx stop
- service httpd stop
- certbot certonly --standalone --email "$email" --agree-tos -d "$FQDN" --non-interactive
- service nginx restart
- service httpd restart
- }
- ssl_certs_c7(){
- output "Installing LetsEncrypt and creating an SSL certificate."
- yum -y install certbot
- service nginx stop
- service httpd stop
- certbot certonly --standalone --email "$email" --agree-tos -d "$FQDN" --non-interactive
- service nginx restart
- service httpd restart
- }
- firewall(){
- apt-get -y install ufw
- ufw allow 22
- ufw allow 80
- ufw allow 443
- ufw --force enable
- }
- firewall_daemon(){
- apt-get -y install ufw
- ufw allow 22
- ufw allow 8080
- ufw allow 2022
- ufw --force enable
- }
- firewall_f28(){
- dnf -y install firewalld
- systemctl enable firewalld
- systemctl start firewalld
- firewall-cmd --add-service=http --permanent
- firewall-cmd --add-service=https --permanent
- firewall-cmd --add-service=http
- firewall-cmd --add-service=https
- firewall-cmd --reload
- }
- firewall_daemon_f28(){
- dnf -y install firewalld
- systemctl enable firewalld
- systemctl start firewalld
- firewall-cmd --permanent --add-port=2022/tcp
- firewall-cmd --permanent --add-port=8080/tcp
- firewall-cmd --reload
- }
- firewall_c7(){
- yum -y install firewalld
- systemctl enable firewalld
- systemctl start firewalld
- firewall-cmd --add-service=http --permanent
- firewall-cmd --add-service=https --permanent
- firewall-cmd --add-service=http
- firewall-cmd --add-service=https
- firewall-cmd --reload
- }
- firewall_daemon_c7(){
- yum -y install firewalld
- systemctl enable firewalld
- systemctl start firewalld
- firewall-cmd --permanent --add-port=2022/tcp
- firewall-cmd --permanent --add-port=8080/tcp
- firewall-cmd --reload
- }
- create_rclocal(){
- printf '%s\n' '#!/bin/bash' 'exit 0' | sudo tee -a /etc/rc.local
- chmod +x /etc/rc.local
- }
- iptables_rules(){
- iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
- iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP
- iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,ACK FIN -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ACK,URG URG -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ACK,FIN FIN -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ACK,PSH PSH -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL ALL -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL SYN,FIN,PSH,URG -j DROP
- iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
- iptables -t mangle -A PREROUTING -p icmp -j DROP
- iptables -A INPUT -p tcp -m connlimit --connlimit-above 80 --connlimit-mask 32 --connlimit-saddr -j REJECT --reject-with tcp-reset
- iptables -t mangle -A PREROUTING -f -j DROP
- /sbin/iptables -A INPUT -p tcp --dport ssh -m conntrack --ctstate NEW -m recent --set
- /sbin/iptables -A INPUT -p tcp --dport ssh -m conntrack --ctstate NEW -m recent --update --seconds 60 --hitcount 10 -j DROP
- /sbin/iptables -N port-scanning
- /sbin/iptables -A port-scanning -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s --limit-burst 2 -j RETURN
- /sbin/iptables -A port-scanning -j DROP
- sh -c "iptables-save > /etc/iptables.conf"
- sed -i -e '$i \iptables-restore < /etc/iptables.conf\n' /etc/rc.local
- }
- broadcast(){
- output "Your MariaDB root password is $rootpassword"
- }
- broadcast_daemon(){
- output "Installation completed. Please configure the daemon. Remember to do 'cd /srv/daemon.'"
- output "The guide for daemon configuration can be founded here: https://pterodactyl.io/daemon/installing.html#configure-daemon"
- output ""
- output "If you chose the Systemd installation, do 'service wings restart' after the configuration process is finished."
- output "If you chose the Forever installation, do 'forever start src/index.js' after the configuration process is finished."
- }
- broadcast_daemon_u4(){
- output "Installation completed. Please configure the daemon. Remember to do 'cd /srv/daemon.'"
- output "The guide for daemon configuration can be founded here: https://pterodactyl.io/daemon/installing.html#configure-daemon"
- output "Please run 'forever start src/index.js' after the configuration process is finished."
- }
- broadcast_d8(){
- output "Please restart the server after you have configured the daemon to apply the necessary kernel changes on Debian 8."
- }
- #Execution
- copyright
- server_options
- get_distribution
- os_options
- case $osoption in
- 1) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- apt-get -y install sudo
- create_rclocal
- iptables_rules
- server_u18
- install_mariadb
- firewall
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- nginx_config
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- apache_config
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- apt-get -y install sudo
- create_rclocal
- iptables_rules
- apt-get -y install software-properties-common
- add-apt-repository -y universe
- add-apt-repository -y ppa:certbot/certbot
- apt-get update && apt-get upgrade -y
- firewall_daemon
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ufw allow 80
- ssl_certs
- ufw delete 8 -y
- ufw delete 4 -y
- broadcast_daemon
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- apt-get -y install sudo
- create_rclocal
- iptables_rules
- server_u18
- install_mariadb
- firewall
- firewall_daemon
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- nginx_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- apache_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- ;;
- esac
- ;;
- 2) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- apt-get -y install sudo
- iptables_rules
- server_u16
- install_mariadb
- firewall
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- nginx_config
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- apache_config
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- apt-get -y install sudo
- iptables_rules
- apt-get -y install software-properties-common
- add-apt-repository -y universe
- add-apt-repository -y ppa:certbot/certbot
- apt-get update && apt-get upgrade -y
- firewall_daemon
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ufw allow 80
- ssl_certs
- ufw delete 8 -y
- ufw delete 4 -y
- broadcast_daemon
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- apt-get -y install sudo
- iptables_rules
- server_u16
- install_mariadb
- firewall
- firewall_daemon
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- nginx_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- apache_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- esac
- ;;
- 3) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- apt-get -y install sudo
- iptables_rules
- server_u14
- install_mariadb
- firewall
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_supervisor
- ssl_certs
- nginx_config
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_supervisor
- ssl_certs
- apache_config
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- apt-get -y install sudo
- iptables_rules
- apt-get -y install software-properties-common
- add-apt-repository -y universe
- add-apt-repository -y ppa:certbot/certbot
- apt-get update && apt-get upgrade -y
- firewall_daemon
- install_daemon_forever
- ufw allow 80
- ssl_certs
- ufw delete 8 -y
- ufw delete 4 -y
- broadcast_daemon
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- apt-get -y install sudo
- iptables_rules
- server_u14
- install_mariadb
- firewall
- firewall_daemon
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_supervisor
- ssl_certs
- nginx_config
- install_daemon_forever
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_supervisor
- ssl_certs
- apache_config
- install_daemon_forever
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- esac
- ;;
- 4) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- apt-get -y install sudo
- iptables_rules
- server_d9
- install_mariadb
- firewall
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- nginx_config
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- apache_config
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- apt-get -y install sudo
- iptables_rules
- firewall_daemon
- apt-get -y install software-properties-common
- apt-get update && apt-get upgrade -y
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ufw allow 80
- ssl_certs
- ufw delete 8 -y
- ufw delete 4 -y
- broadcast_daemon
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- apt-get -y install sudo
- iptables_rules
- server_d9
- install_mariadb
- firewall
- firewall_daemon
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- nginx_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs
- apache_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- esac
- ;;
- 5) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- apt-get -y install sudo
- iptables_rules
- server_d8
- install_mariadb
- firewall
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs_d8
- nginx_config
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs_d8
- apache_config
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- apt-get -y install sudo
- iptables_rules
- firewall_daemon
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- kernel_modifications_d8
- ufw allow 80
- ssl_certs_d8
- ufw delete 8 -y
- ufw delete 4 -y
- broadcast_daemon
- broadcast_d8
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- apt-get -y install sudo
- iptables_rules
- server_d8
- install_mariadb
- firewall
- firewall_daemon
- case $webserver in
- 1) install_nginx_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs_d8
- nginx_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- kernel_modifications_d8
- ;;
- 2) install_apache_dependencies
- install_pterodactyl
- pterodactyl_queue
- ssl_certs_d8
- apache_config
- case $daemonoption in
- 1) install_daemon
- ;;
- 2) install_daemon_forever
- ;;
- esac
- kernel_modifications_d8
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- broadcast_d8
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- broadcast_d8
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- broadcast_d8
- ;;
- esac
- output "Use 'ufw enable <port>' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- esac
- ;;
- 6) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- dnf -y install sudo
- create_rclocal
- iptables_rules
- server_f28
- firewall_f28
- case $webserver in
- 1) install_nginx_dependencies_f28
- activate_services
- install_pterodactyl
- pterodactyl_queue_nginx
- ssl_certs_f28
- php_config
- nginx_config_f28
- ;;
- 2) install_apache_dependencies_f28
- activate_services
- install_pterodactyl
- pterodactyl_queue_apache
- ssl_certs_f28
- apache_config_28
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- semanage permissive -a httpd_t
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- dnf -y install sudo
- create_rclocal
- iptables_rules
- dnf -y upgrade
- firewall_daemon_f28
- case $daemonoption in
- 1) install_daemon_f28
- ;;
- 2) install_daemon_forever_f28
- ;;
- esac
- firewall-cmd --permanent --add-port=80/tcp
- firewall-cmd --reload
- ssl_certs_f28
- firewall-cmd --permanent --remove-port=80/tcp
- firewall-cmd --reload
- broadcast_daemon
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- dnf -y install sudo
- create_rclocal
- iptables_rules
- server_f28
- firewall_f28
- firewall_daemon_f28
- case $webserver in
- 1) install_nginx_dependencies_f28
- activate_services
- install_pterodactyl
- pterodactyl_queue_nginx
- ssl_certs_f28
- php_config
- nginx_config_f28
- case $daemonoption in
- 1) install_daemon_f28
- ;;
- 2) install_daemon_forever_f28
- ;;
- esac
- ;;
- 2) install_apache_dependencies_f28
- activate_services
- install_pterodactyl
- pterodactyl_queue_apache
- ssl_certs_f28
- apache_config_f28
- case $daemonoption in
- 1) install_daemon_f28
- ;;
- 2) install_daemon_forever_f28
- ;;
- esac
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- semanage permissive -a httpd_t
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- ;;
- esac
- ;;
- 7) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- dnf -y install sudo
- create_rclocal
- iptables_rules
- server_f27
- firewall_f28
- case $webserver in
- 1) install_nginx_dependencies_f27
- activate_services
- audit2allow -a -M mysql_t
- semodule -i mysql_t.pp
- systemctl restart mariadb
- install_pterodactyl
- pterodactyl_queue_nginx
- ssl_certs_f28
- php_config
- nginx_config_f28
- ;;
- 2) install_apache_dependencies_f27
- activate_services
- audit2allow -a -M mysql_t
- semodule -i mysql_t.pp
- systemctl restart mariadb
- install_pterodactyl
- pterodactyl_queue_apache
- ssl_certs_f28
- apache_config_28
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- semanage permissive -a httpd_t
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- dnf -y install sudo
- create_rclocal
- iptables_rules
- dnf -y upgrade
- firewall_daemon_f28
- case $daemonoption in
- 1) install_daemon_f28
- ;;
- 2) install_daemon_forever_f28
- ;;
- esac
- firewall-cmd --permanent --add-port=80/tcp
- firewall-cmd --reload
- ssl_certs_f28
- firewall-cmd --permanent --remove-port=80/tcp
- firewall-cmd --reload
- broadcast_daemon
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- dnf -y install sudo
- create_rclocal
- iptables_rules
- server_f27
- firewall_f28
- firewall_daemon_f28
- case $webserver in
- 1) install_nginx_dependencies_f27
- activate_services
- audit2allow -a -M mysql_t
- semodule -i mysql_t.pp
- systemctl restart mariadb
- install_pterodactyl
- pterodactyl_queue_nginx
- ssl_certs_f28
- php_config
- nginx_config_f28
- case $daemonoption in
- 1) install_daemon_f28
- ;;
- 2) install_daemon_forever_f28
- ;;
- esac
- ;;
- 2) install_apache_dependencies_f27
- activate_services
- audit2allow -a -M mysql_t
- semodule -i mysql_t.pp
- systemctl restart mariadb
- install_pterodactyl
- pterodactyl_queue_apache
- ssl_certs_f28
- apache_config_f28
- case $daemonoption in
- 1) install_daemon_f28
- ;;
- 2) install_daemon_forever_f28
- ;;
- esac
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- semanage permissive -a httpd_t
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- ;;
- esac
- ;;
- 8) case $installoption in
- 1) webserver_options
- fonix_options
- required_infos
- yum -y install sudo
- iptables_rules
- server_c7
- firewall_c7
- case $webserver in
- 1) install_nginx_dependencies_c7
- activate_services
- install_pterodactyl
- pterodactyl_queue_nginx
- ssl_certs_c7
- php_config
- nginx_config_f28
- ;;
- 2) install_apache_dependencies_c7
- activate_services
- install_pterodactyl
- pterodactyl_queue_apache
- ssl_certs_c7
- apache_config_28
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- ;;
- 2) fonix_graphite
- broadcast
- ;;
- 3) fonix_midnight
- broadcast
- ;;
- esac
- semanage permissive -a httpd_t
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 80, 443 have been opened by default."
- ;;
- 2) required_infos
- daemon_option
- yum -y install sudo
- iptables_rules
- yum -y upgrade
- firewall_daemon_c7
- case $daemonoption in
- 1) install_daemon_c7
- ;;
- 2) install_daemon_forever_c7
- ;;
- esac
- firewall-cmd --permanent --add-port=80/tcp
- firewall-cmd --reload
- ssl_certs_c7
- firewall-cmd --permanent --remove-port=80/tcp
- firewall-cmd --reload
- broadcast_daemon
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 8080, 2022 have been opened by default."
- ;;
- 3) webserver_options
- fonix_options
- required_infos
- daemon_option
- yum -y install sudo
- iptables_rules
- server_c7
- firewall_c7
- firewall_daemon_c7
- case $webserver in
- 1) install_nginx_dependencies_c7
- activate_services
- install_pterodactyl
- pterodactyl_queue_nginx
- ssl_certs_c7
- php_config
- nginx_config_f28
- case $daemonoption in
- 1) install_daemon_c7
- ;;
- 2) install_daemon_forever_c7
- ;;
- esac
- ;;
- 2) install_apache_dependencies_c7
- activate_services
- install_pterodactyl
- pterodactyl_queue_apache
- ssl_certs_c7
- apache_config_f28
- case $daemonoption in
- 1) install_daemon_c7
- ;;
- 2) install_daemon_forever_c7
- ;;
- esac
- ;;
- esac
- case $fonixoption in
- 1) broadcast
- broadcast_daemon
- ;;
- 2) fonix_graphite
- broadcast
- broadcast_daemon
- ;;
- 3) fonix_midnight
- broadcast
- broadcast_daemon
- ;;
- esac
- semanage permissive -a httpd_t
- output "firewall-cmd --permanent --add-port=<port>/tcp' to enable your desired ports. Port 22, 80, 443, 8080, 2022 have been opened by default."
- ;;
- esac
- ;;
- esac
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement