# CentOS 7
In this guide we will install Pterodactyl v1.X — including all of it's dependencies — and configure our webserver to serve it using SSL.
TIP
This guide is based off the official installation documentation but is tailored specifically for CentOS 7.
# Install Requirements and Additional Utilities
We will install all of Pterodactyl's required dependencies and a few aditional utilities.
TIP
If you run sestatus and it shows SELinux status: enabled you should install the following packages for later
# SELinux tools
yum install -y policycoreutils policycoreutils-python selinux-policy selinux-policy-targeted libselinux-utils setroubleshoot-server setools setools-console mcstrans
# MariaDB
## Install Repos
cat <<EOF > /etc/yum.repos.d/mariadb.repo
# MariaDB 10.5 CentOS repository list - created 2017-07-14 12:40 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOF
## Get yum updates
yum update -y
## Install MariaDB 10.5
yum install -y MariaDB-common MariaDB-server
## Start maraidb
systemctl start mariadb
systemctl enable mariadb
# PHP 8.0
We recommend the remi repo to get the latest php packages.
## Install Repos
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum install -y yum-utils
yum-config-manager --disable 'remi-php*'
yum-config-manager --enable remi-php80
## Get yum updates
yum update -y
## Install PHP 8.0
yum install -y php php-{common,fpm,cli,json,mysqlnd,mcrypt,gd,mbstring,pdo,zip,bcmath,dom,opcache}
# Composer
yum install -y zip unzip # Required for Composer
curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Install Utility Packages
# Nginx
yum install -y nginx
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --reload
# Redis
yum install -y --enablerepo=remi redis
systemctl start redis
systemctl enable redis
# SELinux commands
The following command will allow nginx to work with redis and
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_execmem 1
setsebool -P httpd_unified 1
# Server Configuration
This following section covers the configuration of parts of the server to run the panel.
# Configuring MariaDB
The fastest way to set up mariadb is to use the mysql_secure_installation command and follow prompts
mysql_secure_installation
The following are safe defaults.
Change to your own secure password
Set root password? [Y/n] Y
Get rid of users that could access the db by default
Remove anonymous users? [Y/n] Y
Keep root off the external interfaces
Disallow root login remotely? [Y/n] Y
Extra databases that aren't needed
Remove test database and access to it? [Y/n] Y
Clears and sets all the changes made
Reload privilege tables now? [Y/n] Y
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
# Adding MariaDB user
To add your first user to the database, see our tutorial on setting up MySQL.
# Setup PHP
Place the contents below in a file inside the /etc/php-fpm.d folder. The file can be named anything, but a good standard is www-pterodactyl.conf. This config will match the nginx config later in the guide.
[pterodactyl]
user = nginx
group = nginx
listen = /var/run/php-fpm/pterodactyl.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0750
pm = ondemand
pm.max_children = 9
pm.process_idle_timeout = 10s
pm.max_requests = 200Start and enable php-fpm on the system.
systemctl enable php-fpm
systemctl start php-fpm
# Nginx
Please check our tutorial on generating SSL certificates for more information.
# SSL Configuration
server_tokens off;
server {
listen 80;
server_name <domain>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name <domain>;
root /var/www/pterodactyl/public;
index index.php;
access_log /var/log/nginx/pterodactyl.app-access.log;
error_log /var/log/nginx/pterodactyl.app-error.log error;
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 120s;
sendfile off;
# SSL Configuration
ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
ssl_prefer_server_ciphers on;
# See https://hstspreload.org/ before uncommenting the line below.
# add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm/pterodactyl.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
include /etc/nginx/fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}# Redis Setup
The default Redis install is perfectly fine for the panel. If you have Redis already in use you may want to look into running another Redis instance (opens new window).
# Installing the Panel
Excellent, we now have all of the required dependencies installed and configured. From here, follow the official Panel installation documentation.