Pterodactyl® is a free, open-source game server management panel built with PHP, React, and Go. Designed with security in mind, Pterodactyl runs all game servers in isolated Docker containers while exposing a beautiful and intuitive UI to end users.
OTHER License
Bot releases are hidden (Show)
Published by DaneEveritt over 6 years ago
view-allocations
the ability to actually see the sidebar link.1
) to store session database to avoid logging users out when flushing the cache.a904dc978e00bbec026d3c53d7bedefbc77ad722ddcdbfbb9cf4a51dc28e685a panel.tar.gz
Published by DaneEveritt over 6 years ago
9f68be8b1c26c0ce1dfe1a471d1de112c06740532afb53a8a659a83edff931e5 panel.tar.gz
Published by DaneEveritt over 6 years ago
c05e8ebdb2657347340ae6de2438fdd7a535f6a582475091bb21f07b9439760e panel.tar.gz
Published by DaneEveritt over 6 years ago
PATCH /api/servers/<id>/startup
endpoint which was preventing enditing any start variables./api/client/servers/<identifier>
3cfd1dc93f78abc4dadb9c780151155570534dc865eaf610e9f3d70175733289 panel.tar.gz
Published by DaneEveritt over 6 years ago
external_id
to the creation service.80ca9af0a0b7f621cbb60b09bd665a471ec699d3f7689690f8aa006c891fa62e panel.tar.gz
Published by DaneEveritt over 6 years ago
/nests/:id/eggs/:id
API endpoint.external_id
column to servers that allows for easier linking with external services such as WHMCS.f8255e8328bbf63333480070184ef3dd9ce5e79facb6ae942f44be7ca3b177ff panel.tar.gz
Published by DaneEveritt over 6 years ago
d###_
rather than s###_
when creating server databases.518490710221001cc8ad83650339bfb3dce113c435da5caf4bde8c2332e4b144 panel.tar.gz
Published by DaneEveritt over 6 years ago
[rc.2]
— Fixes bad API behavior on /user
routes.[rc.2]
— Fixes Admin CP user editing resetting a password on users unintentionally.[rc.2]
— Fixes bug with server creation API endpoint that would fail to validate allocation.default
correctly.[rc.2]
— Fix data integrity exception occuring due to invalid data being passed to server creation service on the API.[rc.2]
— Fix data integrity exception that could occur when an email containing non-username characters was passed.[rc.2]
— Fix data integrity exception occurring when no default value is provided for an egg variable.[rc.2]
— Fixes a bug that would cause non-editable variables on the front-end to throw a validation error.[rc.2]
— Fixes a data integrity exception occurring when saving egg variables with no value./api/application/users/external/<id>
or by passing it as the search term when listing all users./api/application
. Includes new Admin CP interface for managing keys and an easier permissions system.EXECUTE
privilege.AWS_KEY -> AWS_ACCESS_KEY_ID
, AWS_SECRET -> AWS_SECRET_ACCESS_KEY
, AWS_REGION -> AWS_DEFAULT_REGION
p:
namespace.127.0.0.1
is allowed.APP_LOCALE
rather than having to edit core files.1b542ea735b89e8b9817b8f2d0ea4c351fc8db908d58236ecf50490d9377dc1d panel.tar.gz
Published by DaneEveritt over 6 years ago
[rc.1]
— Fixes exception thrown when revoking user sessions.[rc.1]
— Fixes exception that would occur when trying to delete allocations from a node.[rc.1]
— Fixes exception thown when attempting to adjust mail settings as well as a validation error thrown afterwards.[rc.1]
— Fixes bug preventing modification of the default value for an Egg variable.[rc.1]
— Fixed a bug that would occur when attempting to reset the daemon secret for a node.[rc.1]
— Fix exception thrown when attempting to modify an existing database host.62ecaa71544ca88f13cd51c067ac7ea50c90133eb751a804b466f2c0d55cfb5f panel.tar.gz
Published by DaneEveritt over 6 years ago
[beta.4]
— Fixes some bad search and replace action that happened previously and was throwing errors when validating user permissions.[beta.4]
— Fixes behavior of variable validation to not break the page when no rules are provided.[beta.4]
— Fix bug preventing the editing of files in the file manager./api/application
. Includes new Admin CP interface for managing keys and an easier permissions system.4147f8121ed16869a8aa3f490794b68b1d4b98e6add78eb848170c5116e9b739 panel.tar.gz
Published by DaneEveritt almost 7 years ago
[beta.3]
— Fixes a bug with the default environment file that was causing an inability to perform a fresh install when running package discovery.[beta.3]
— Fixes an edge case caused by the Laravel 5.5 upgrade that would try to perform an in_array check aganist a null value.[beta.3]
— Fixes a bug that would cause an error when attempting to create a new user on the Panel.[beta.3]
— Fixes error handling of the settings service provider when no migrations have been run.[beta.3]
— Fixes validation error when trying to use 'None' as the 'Copy Script From' option for an egg script.b96b63ff58529f9dfe31961ad547341c2eee445c50d379ea12d4abf7bb364f95 panel.tar.gz
Published by DaneEveritt almost 7 years ago
[beta.2]
— Fixes a bug that would cause an endless exception message stream in the console when attemping to setup environment settings in certain instances.[beta.2]
— Fixes a bug causing the dropdown menu for a server's egg to display the wrong selected value.[beta.2]
— Fixes a bug that would throw a red page of death when submitting an invalid egg variable value for a server in the Admin CP.[beta.2]
— Someone found a @todo
that I never @todid
and thus database hosts could not be created without being linked to a node. This is fixed...[beta.2]
— Fixes bug that caused incorrect rendering of CPU usage on server graphs due to missing variable.[beta.2]
— Fixes bug causing schedules to be un-deletable.[beta.2]
— Fixes bug that prevented the deletion of nodes due to an allocation deletion cascade issue with the SQL schema.[beta.2]
— Fixes a bug causing eggs not extending other eggs to fail validation.AWS_KEY -> AWS_ACCESS_KEY_ID
, AWS_SECRET -> AWS_SECRET_ACCESS_KEY
, AWS_REGION -> AWS_DEFAULT_REGION
aca122403939b9412d6b3ff7638a700be3ddae3b1e74a4ab8d7b717a5a3900d8 panel.tar.gz
Published by DaneEveritt almost 7 years ago
[beta.1]
— Fixes a CORS header issue due to a wrong API endpoint being provided in the administrative node listing.[beta.1]
— Fixes bug that would prevent root admins from accessing servers they were not set as the owner of.[beta.1]
— Fixes wrong URL redirect being provided when creating a subuser.[beta.1]
— Fixes missing check in environment setup that would leave the Hashids salt empty.[beta.1]
— Fixes bug preventing loading of allocations when trying to create a new server.[beta.1]
— Fixes bug causing inability to create new servers on the Panel.[beta.1]
— Fixes bug causing inability to delete an allocation due to misconfigured JS.[beta.1]
— Fixes bug causing inability to set the IP alias for an allocation to an empty value.[beta.1]
— Fixes bug that caused startup changes to not propigate to the server correctly on the first save.[beta.1]
— Fixes bug that prevented subusers from accessing anything over socketio due to a missing permission.d7478cedeebc4404b0e92efef4de447e1e70796511b17ec9c5fdb3bb7afa2f92 panel.tar.gz
Published by DaneEveritt almost 7 years ago
This is pre-release software. Do not use this on a mission critical server where you cannot handle bugs or potential downtime or data loss!
EXECUTE
privilege.p:
namespace.127.0.0.1
is allowed.APP_LOCALE
rather than having to edit core files.6204c8cebd490ef6ee3f582c72ed6b121e30a98a6c8576722f74483b8d42aa66 panel.tar.gz
Published by DaneEveritt over 7 years ago
HTTP/401 Unauthorized
error when unable to locate a node with a given authentication token, rather than a HTTP/404 Not Found
response.83f1d542d94c97aedb24dce41aad14421db333ac07901dd6fb9e9d6ec147845f v0.6.4.tar.gz
Published by DaneEveritt over 7 years ago
This is a critical security release. All users should update immediately.
Attn: Critical Pterodactyl Security Disclosure
On June 26th, 2017 at approximately 15:00 U.S. Central Time we were alerted to a critical vulnerability in the display of server output in the panel by Trixter#0125
on Discord. An investigation was launched at 18:00 and subsequent fix was pushed to the develop
branch at 22:36.
This vulnerability allowed malicious users to execute a specifically crafted command on a running game server and execute arbitrary code as a console user. This exploit did not require any access to the panel, or advanced knowledge of the system setup. At no time was any private user information or data accessible via this exploit, and it did not allow access to the host system.
This exploit is present in all versions of the Panel from v0.4.0-beta
to v0.6.2
. You should immediately upgrade your panel to patch this issue. We will not be back-porting a fix to the v0.5.x
branch, anyone who is currently using that version should update to the latest releases.
Due to the severity of this vulnerability we are purposely withholding specifics about this exploit in order to give affected individuals the chance to update. A full, detailed disclosure will be released on July 10th, 2017.
jquery.terminal
and replaced it with an in-house developed terminal with less potential for security issues.865326ff67a091a9830ab50e944cef7f3f41ae4a558e53011bb93f022002bc32 v0.6.3.tar.gz
Published by DaneEveritt over 7 years ago
Vagrantfile
to the repository to help speed up development and testing for those who don't want to do a full dedicated install.Reinstall
button for servers that have failed installation to avoid confusion and bugs causing the daemon to break.aws/aws-sdk-php (3.26.5 => 3.29.7)
laravel/framework (v5.4.21 => v5.4.27)
barryvdh/laravel-debugbar (v2.3.2 => v2.4.0)
fideloper/proxy (3.3.0 => 3.3.3)
igaster/laravel-theme (v1.14 => v1.16)
laravel/tinker (v1.0.0 => v1.0.1)
spatie/laravel-fractal (4.0.0 => 4.0.1)
b25e497145fa1a48285783ba4d44e6089b0ea655546aae7f8af55dcf833f5226 v0.6.2.tar.gz
Published by DaneEveritt over 7 years ago
Log
class when using the API and causing an error.laravel_session
to pterodactyl_session
.94d29c7127aacd1cb46da604aabf6267d7b7ade1cb7c280f04b3713eab4e9e28 Panel-0.6.1.tar.gz
Published by DaneEveritt over 7 years ago
php artisan pterodactyl:mail
to update.192.168.1.1/z
) when adding allocations that could cause over 4 million records to be created at once.[rc.1]
— Server deletion is fixed, caused by removed download table.[rc.1]
— Server status indication on front-end no longer shows Error
when server is marked as installing or suspended.[rc.1]
— Fixes issues with SteamCMD not registering and installing games properly.$fillable
rather than $guarded
.UnhandledException
display errors now include a clearer error that directs admins to the program's logs.Pterodactyl\Models
classes that would flood this changelog if they were all included. All required migrations included to handle database changes.env()
and moved to using config()
throughout non config/*.php
files.Permission::listPermissions()
to make views way cleaner and make adding to views significantly cleaner.Pterodactyl\Events\Auth\FailedPasswordReset
event that can be caught if needed to perform other actions.routes/
folder, and use a significantly cleaner syntax. Controller names and methods have been updated as well to be clearer as well as avoid conflicts with PHP reserved keywords.HTTP/404
missing server error (requires [email protected]
)col-xs-6
usage thoughout the Admin CP where it was intended to be col-md-6
./remote
have been changed to use /daemon
, panel changes now reflect this.ALLOC_#__IP
and ALLOC_#__PORT
to the daemon, as well as the location.pterodactyl:node
as well as locations via pterodactyl:location
.humanReadable
macro on File
facade that accepts a file path and returns a human readable size. (File::humanReadable(path, precision)
).env
variable.Server::create
will fail due to changed data structure.Server::getUserDaemonSecret(Server $server)
was removed and replaced with User::daemonSecret(Server $server)
in order to clean up models.Server::getByUUID()
was replaced with Server::byUuid()
as well as various other functions through-out the Server model.Server::getHeaders()
was removed and replaced with Server::getClient()
which returns a Guzzle Client with the correct headers already assigned.be521acefdf6252f356a66af9c6a46bfc0d00d6e57c152e92375d2d62cc7f5fe Panel-0.6.0.tar.gz
Published by DaneEveritt over 7 years ago
[beta.2.1]
— Fixed a bug preventing the deletion of a server.[beta.2.1]
— Fixes a bug causing login issues and password reset failures when reCAPTCHA is enabled.[beta.2.1]
— Fixes bug requiring docker image field to be filled out when adding a service option.[beta.2.1]
— Fixes inability to mark a user as a non-admin once they were assigned the role.col-xs-6
usage thoughout the Admin CP where it was intended to be col-md-6
./remote
have been changed to use /daemon
, panel changes now reflect this.b2462fd2217ed189b1e59ea93c3b78823f13187068d7ad20fbc5ee81f988e834 Panel-0.6.0-rc.1.tar.gz