diff --git a/docker/README.md b/.github/docker/README.md similarity index 100% rename from docker/README.md rename to .github/docker/README.md diff --git a/docker/default.conf b/.github/docker/default.conf similarity index 100% rename from docker/default.conf rename to .github/docker/default.conf diff --git a/docker/default_ssl.conf b/.github/docker/default_ssl.conf similarity index 100% rename from docker/default_ssl.conf rename to .github/docker/default_ssl.conf diff --git a/docker/entrypoint.sh b/.github/docker/entrypoint.sh similarity index 81% rename from docker/entrypoint.sh rename to .github/docker/entrypoint.sh index f4e1971b4..6486b2c12 100644 --- a/docker/entrypoint.sh +++ b/.github/docker/entrypoint.sh @@ -1,18 +1,14 @@ #!/bin/ash -## Ensure we are in /app - cd /app mkdir -p /var/log/panel/logs/ /var/log/supervisord/ /var/log/nginx/ /var/log/php7/ \ -&& rm -rf /app/storage/logs/ \ -&& chmod 777 /var/log/panel/logs/ \ -&& ln -s /var/log/panel/logs/ /app/storage/ + && chmod 777 /var/log/panel/logs/ \ + && ln -s /var/log/panel/logs/ /app/storage/logs/ ## check for .env file and generate app keys if missing if [ -f /app/var/.env ]; then echo "external vars exist." rm -rf /app/.env - ln -s /app/var/.env /app/ else echo "external vars don't exist." @@ -46,10 +42,10 @@ else echo "Checking if letsencrypt email is set." if [ -z $LE_EMAIL ]; then echo "No letsencrypt email is set using http config." - cp docker/default.conf /etc/nginx/conf.d/default.conf + cp .github/docker/default.conf /etc/nginx/conf.d/default.conf else echo "writing ssl config" - cp docker/default_ssl.conf /etc/nginx/conf.d/default.conf + cp .github/docker/default_ssl.conf /etc/nginx/conf.d/default.conf echo "updating ssl config for domain" sed -i "s||$(echo $APP_URL | sed 's~http[s]*://~~g')|g" /etc/nginx/conf.d/default.conf echo "generating certs" @@ -60,26 +56,19 @@ fi ## check for DB up before starting the panel echo "Checking database status." until nc -z -v -w30 $DB_HOST 3306 - do echo "Waiting for database connection..." - # wait for 5 seconds before check again - sleep 5 + # wait for 1 seconds before check again + sleep 1 done ## make sure the db is set up echo -e "Migrating and Seeding D.B" -php artisan migrate --force -php artisan db:seed --force +php artisan migrate --seed --force ## start cronjobs for the queue echo -e "Starting cron jobs." crond -L /var/log/crond -l 5 -## install yarn stuff -yarn install --production -yarn add cross-env -yarn run build:production - echo -e "Starting supervisord." exec "$@" diff --git a/docker/supervisord.conf b/.github/docker/supervisord.conf similarity index 100% rename from docker/supervisord.conf rename to .github/docker/supervisord.conf diff --git a/docker/www.conf b/.github/docker/www.conf similarity index 100% rename from docker/www.conf rename to .github/docker/www.conf diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 000000000..f5e4a4f2e --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,41 @@ +name: Publish Docker Image +on: + push: + branches: + - 'develop' + tags: + - 'v*' +jobs: + push_to_registry: + name: Push Image to GitHub Packages + runs-on: ubuntu-latest + # Always run against a tag, even if the commit into the tag has [docker skip] + # within the commit message. + if: "!contains(github.ref, 'develop') || (!contains(github.event.head_commit.message, 'skip docker') && !contains(github.event.head_commit.message, 'docker skip'))" + steps: + - uses: actions/checkout@v2 + - uses: crazy-max/ghaction-docker-meta@v1 + id: docker_meta + with: + images: ghcr.io/pterodactyl/panel + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Release Production Build + uses: docker/build-push-action@v2 + if: "!contains(github.ref, 'develop')" + with: + push: true + tags: ${{ steps.docker_meta.outputs.tags }} + labels: ${{ steps.docker_meta.outputs.labels }} + - name: Release Development Build + uses: docker/build-push-action@v2 + if: "contains(github.ref, 'develop')" + with: + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.docker_meta.outputs.tags }} + labels: ${{ steps.docker_meta.outputs.labels }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 06582c0e6..91e39431f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,10 +1,8 @@ -name: "Release" - +name: Create Release on: push: tags: - 'v*' - jobs: release: runs-on: ubuntu-20.04 @@ -13,7 +11,7 @@ jobs: - uses: actions/setup-node@v1 with: node-version: '12' - + - name: Create release branch and bump version env: REF: ${{ github.ref }} @@ -32,7 +30,7 @@ jobs: run: | yarn install yarn run build:production - + - name: Create release archive run: | rm -rf node_modules/ test/ codecov.yml CODE_OF_CONDUCT.md CONTRIBUTING.md phpunit.dusk.xml phpunit.xml Vagrantfile @@ -63,25 +61,25 @@ jobs: body_path: ./RELEASE_CHANGELOG draft: true prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }} - + - name: Upload binary id: upload-release-archive uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - upload_url: ${{ steps.create_release.outputs.upload_url }} + upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: panel.tar.gz asset_name: panel.tar.gz asset_content_type: application/gzip - + - name: Upload checksum - id: upload-release-checksum + id: upload-release-checksum uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - upload_url: ${{ steps.create_release.outputs.upload_url }} + upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./checksum.txt asset_name: checksum.txt asset_content_type: text/plain diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 00c37cc59..73d56ad72 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,4 +1,4 @@ -name: tests +name: Run Test Suite on: push: branch-ignore: @@ -7,8 +7,8 @@ on: pull_request: jobs: integration_tests: - if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[ci skip]')" runs-on: ubuntu-latest + if: "!contains(github.event.head_commit.message, 'skip ci') && !contains(github.event.head_commit.message, 'ci skip')" services: mysql: image: mysql:5.7 diff --git a/CHANGELOG.md b/CHANGELOG.md index 90c9c853c..936c2b6a0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,12 @@ This file is a running track of new features and fixes to each version of the pa This project follows [Semantic Versioning](http://semver.org) guidelines. +## v1.1.2 +### Fixed +* Fixes an exception thrown while trying to validate IP access for the client API. +* Fixes command history scrolling not putting the cursor at the end of the line. +* Fixes file manager rows triggering a 404 when middle-clicked to open in a new tab. + ## v1.1.1 ### Fixed * Fixes allocation permissions checking on the frontend checking the wrong permission therefore leading to the item never showing up. diff --git a/Dockerfile b/Dockerfile index f00d54d5e..02da51054 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,36 +1,39 @@ -FROM php:7.4-fpm-alpine - +# Stage 0: +# Build the assets that are needed for the frontend. This build stage is then discarded +# since we won't need NodeJS anymore in the future. This Docker image ships a final production +# level distribution of Pterodactyl. +FROM mhart/alpine-node:14 WORKDIR /app - -RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev certbot yarn; \ - docker-php-ext-install bcmath; \ - docker-php-ext-install gd; \ - docker-php-ext-install mbstring; \ - docker-php-ext-install pdo; \ - docker-php-ext-install pdo_mysql; \ - docker-php-ext-install tokenizer; \ - docker-php-ext-install xml; \ - docker-php-ext-configure zip --with-libzip=/usr/include; \ - docker-php-ext-install zip; \ - curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer - COPY . ./ +RUN yarn install --frozen-lockfile \ + && yarn run build:production -RUN cp .env.example .env \ - && composer install --no-dev --optimize-autoloader \ - && rm .env \ - && chown -R nginx:nginx . && chmod -R 777 storage/* bootstrap/cache +# Stage 1: +# Build the actual container with all of the needed PHP dependencies that will run the application. +FROM php:7.4-fpm-alpine +WORKDIR /app +COPY . ./ +COPY --from=0 /app/public/assets ./public/assets +RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev certbot \ + && docker-php-ext-configure zip \ + && docker-php-ext-install bcmath gd pdo_mysql zip \ + && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \ + && cp .env.example .env \ + && mkdir -p bootstrap/cache/ storage/logs storage/framework/sessions storage/framework/views storage/framework/cache \ + && chmod 777 -R bootstrap storage \ + && composer install --no-dev --optimize-autoloader \ + && rm -rf .env bootstrap/cache/*.php \ + && chown -R nginx:nginx . -RUN cp docker/default.conf /etc/nginx/conf.d/default.conf \ - && cat docker/www.conf > /usr/local/etc/php-fpm.d/www.conf \ - && rm /usr/local/etc/php-fpm.d/www.conf.default \ - && cat docker/supervisord.conf > /etc/supervisord.conf \ - && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ - && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ - && mkdir -p /var/run/php /var/run/nginx +RUN rm /usr/local/etc/php-fpm.d/www.conf.default \ + && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ + && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ + && mkdir -p /var/run/php /var/run/nginx + +COPY .github/docker/default.conf /etc/nginx/conf.d/default.conf +COPY .github/docker/www.conf /usr/local/etc/php-fpm.d/www.conf +COPY .github/docker/supervisord.conf /etc/supervisord.conf EXPOSE 80 443 - -ENTRYPOINT ["/bin/ash", "docker/entrypoint.sh"] - +ENTRYPOINT ["/bin/ash", ".github/docker/entrypoint.sh"] CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ] diff --git a/docker-compose.example.yml b/docker-compose.example.yml index c69cce565..deaf6cade 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -1,24 +1,53 @@ -version: '2' +version: '3.8' +x-common: + database: + &db-environment + # Do not remove the "&db-password" from the end of the line below, it is important + # for Panel functionality. + MYSQL_PASSWORD: &db-password "CHANGE_ME" + MYSQL_ROOT_PASSWORD: "CHANGE_ME_TOO" + panel: + &panel-environment + APP_URL: "https://example.com" + # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php + APP_TIMEZONE: "UTC" + APP_SERVICE_AUTHOR: "noreply@example.com" + # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt + # to generate an SSL certificate for the Panel. + # LE_EMAIL: "" + mail: + &mail-environment + MAIL_FROM: "noreply@example.com" + MAIL_DRIVER: "smtp" + MAIL_HOST: "mail" + MAIL_PORT: "1025" + MAIL_USERNAME: "" + MAIL_PASSWORD: "" + MAIL_ENCRYPTION: "true" + +# +# ------------------------------------------------------------------------------------------ +# DANGER ZONE BELOW +# +# The remainder of this file likely does not need to be changed. Please only make modifications +# below if you understand what you are doing. +# services: database: - image: mariadb:10.4 + image: library/mysql:8.0 restart: always + command: --default-authentication-plugin=mysql_native_password volumes: - "/srv/pterodactyl/database:/var/lib/mysql" environment: - ## Database settings - ## change if you want it to be more secure. - - "MYSQL_ROOT_PASSWORD=apassword" - - "MYSQL_DATABASE=pterodb" - - "MYSQL_USER=ptero" - - "MYSQL_PASSWORD=pterodbpass" - + <<: *db-environment + MYSQL_DATABASE: "panel" + MYSQL_USER: "pterodactyl" cache: image: redis:alpine restart: always - panel: - image: quay.io/pterodactyl/panel:latest + image: ghcr.io/pterodactyl/panel:latest restart: always ports: - "80:80" @@ -32,47 +61,16 @@ services: - "/srv/pterodactyl/certs/:/etc/letsencrypt/" - "/srv/pterodactyl/logs/:/var/log/" environment: - ## These are defaults and should be left alone - - "APP_ENV=production" - - "APP_DEBUG=false" - - "APP_THEME=pterodactyl" - - "APP_CLEAR_TASKLOG=720" - - "APP_DELETE_MINUTES=10" - - "APP_ENVIRONMENT_ONLY=false" - - "QUEUE_HIGH=high" - - "QUEUE_STANDARD=standard" - - "QUEUE_LOW=low" - ## Cache settings - - "CACHE_DRIVER=redis" - - "SESSION_DRIVER=redis" - - "QUEUE_DRIVER=redis" - - "REDIS_HOST=cache" - - "REDIS_PASSWORD=null" - - "REDIS_PORT=6379" - ## Domain settings - - "APP_URL=https://your.domain.here" ## if you are running this behind a reverse proxy with ssl app_url needs to be https still. - ## Timezone settings - - "APP_TIMEZONE=UTC" ## http://php.net/manual/en/timezones.php - ## Service egg settings - - "APP_SERVICE_AUTHOR=noreply@your.domain.here" ## this is the email that gets put on eggs you create - ## Database settings - ## These can be left alone. Only change if you know what you are doing. - - "DB_HOST=database" - - "DB_PORT=3306" - - "DB_DATABASE=pterodb" - - "DB_USERNAME=ptero" - - "DB_PASSWORD=pterodbpass" - ## Email settings - - "MAIL_FROM=noreply@your.domain.here" - - "MAIL_DRIVER=smtp" - - "MAIL_HOST=mail" - - "MAIL_PORT=1025" - - "MAIL_USERNAME=''" - - "MAIL_PASSWORD=''" - - "MAIL_ENCRYPTION=true" - ## certbot settings - Used to automatically generate ssl certs and - # - "LE_EMAIL=" ## uncomment if you are using ssl - + <<: *panel-environment + <<: *mail-environment + DB_PASSWORD: *db-password + APP_ENV: "production" + APP_ENVIRONMENT_ONLY: "false" + CACHE_DRIVER: "redis" + SESSION_DRIVER: "redis" + QUEUE_DRIVER: "redis" + REDIS_HOST: "cache" + DB_HOST: "database" networks: default: ipam: