From 76027bc9c72dcf039dcd755daf847449cafdbdb4 Mon Sep 17 00:00:00 2001
From: Jack Jenkins <jack.jenkins2@yahoo.com>
Date: Mon, 15 May 2017 20:04:03 +0100
Subject: [PATCH 01/12] Limit login box width

---
 public/themes/pterodactyl/css/pterodactyl.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/themes/pterodactyl/css/pterodactyl.css b/public/themes/pterodactyl/css/pterodactyl.css
index c275c3d2..05960001 100644
--- a/public/themes/pterodactyl/css/pterodactyl.css
+++ b/public/themes/pterodactyl/css/pterodactyl.css
@@ -28,6 +28,7 @@
 
 .login-box, .register-box {
     width: 40%;
+    max-width: 500px;
     margin: 7% auto;
 }
 

From 3877aba3731c30f6d3e08b838d1fd2ba7e575204 Mon Sep 17 00:00:00 2001
From: Jakob Schrettenbrunner <dev@schrej.net>
Date: Tue, 16 May 2017 12:09:29 +0200
Subject: [PATCH 02/12] fix google recaptcha badge

---
 public/themes/pterodactyl/css/pterodactyl.css | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/public/themes/pterodactyl/css/pterodactyl.css b/public/themes/pterodactyl/css/pterodactyl.css
index 05960001..afc0377c 100644
--- a/public/themes/pterodactyl/css/pterodactyl.css
+++ b/public/themes/pterodactyl/css/pterodactyl.css
@@ -304,3 +304,10 @@ input.form-autocomplete-stop[readonly] {
     background: inherit;
     cursor: text;
 }
+
+/* fix Google Recaptcha badge */
+.grecaptcha-badge {
+    bottom: 54px !important;
+    background: white;
+    box-shadow: none !important;
+}

From 999411da293d3d35ff31709a9d63587f28bae8cb Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Mon, 22 May 2017 18:43:49 -0500
Subject: [PATCH 03/12] Fix inability to assign services with no variables,
 closes #447

---
 CHANGELOG.md                          | 4 ++++
 app/Repositories/ServerRepository.php | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8d9108b8..8586931f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@ This file is a running track of new features and fixes to each version of the pa
 
 This project follows [Semantic Versioning](http://semver.org) guidelines.
 
+## v0.6.1 (Courageous Carniadactylus)
+### Fixed
+* Fixes a bug preventing the use of services that have no variables attached to them.
+
 ## v0.6.0 (Courageous Carniadactylus)
 ### Fixed
 * Bug causing error logs to be spammed if someone timed out on an ajax based page.
diff --git a/app/Repositories/ServerRepository.php b/app/Repositories/ServerRepository.php
index 46e30b5d..e75b31ba 100644
--- a/app/Repositories/ServerRepository.php
+++ b/app/Repositories/ServerRepository.php
@@ -733,6 +733,10 @@ class ServerRepository
             $i++;
         }
 
+        if ($parsed->count() === 0) {
+            return collect($merge);
+        }
+
         return $parsed->merge($merge);
     }
 

From 72c03304863b086829603fcff7476f3beed88c19 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Mon, 22 May 2017 19:09:42 -0500
Subject: [PATCH 04/12] Fixes 2FA not honoring 'Remember Me' checkbox, closes
 #439

---
 CHANGELOG.md                                  |  5 +++++
 app/Http/Controllers/Auth/LoginController.php |  6 ++++--
 config/session.php                            |  4 ++--
 .../themes/pterodactyl/auth/totp.blade.php    | 19 ++++++++++++++-----
 4 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8586931f..196b6fc8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,11 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 ## v0.6.1 (Courageous Carniadactylus)
 ### Fixed
 * Fixes a bug preventing the use of services that have no variables attached to them.
+* Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
+
+### Changed
+* Renamed session cookies from `laravel_session` to `pterodactyl_session`.
+* Sessions are now encrypted before being stored as an additional layer of security.
 
 ## v0.6.0 (Courageous Carniadactylus)
 ### Fixed
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index cca63264..e4ca0d2c 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -134,7 +134,9 @@ class LoginController extends Controller
                 ])),
             ], 5);
 
-            return redirect()->route('auth.totp')->with('authentication_token', $token);
+            return redirect()->route('auth.totp')
+                ->with('authentication_token', $token)
+                ->with('remember', $request->has('remember'));
         }
 
         $attempt = Auth::attempt([
@@ -167,7 +169,7 @@ class LoginController extends Controller
 
         return view('auth.totp', [
             'verify_key' => $token,
-            'remember' => $request->has('remember'),
+            'remember' => $request->session()->get('remember'),
         ]);
     }
 
diff --git a/config/session.php b/config/session.php
index 246fc934..97b622fc 100644
--- a/config/session.php
+++ b/config/session.php
@@ -44,7 +44,7 @@ return [
     |
     */
 
-    'encrypt' => false,
+    'encrypt' => true,
 
     /*
     |--------------------------------------------------------------------------
@@ -122,7 +122,7 @@ return [
     |
     */
 
-    'cookie' => 'laravel_session',
+    'cookie' => 'pterodactyl_session',
 
     /*
     |--------------------------------------------------------------------------
diff --git a/resources/themes/pterodactyl/auth/totp.blade.php b/resources/themes/pterodactyl/auth/totp.blade.php
index 4a021603..ebf62aa2 100644
--- a/resources/themes/pterodactyl/auth/totp.blade.php
+++ b/resources/themes/pterodactyl/auth/totp.blade.php
@@ -23,20 +23,29 @@
     2FA Checkpoint
 @endsection
 
+@section('scripts')
+    @parent
+    <style>
+        input::-webkit-outer-spin-button, input::-webkit-inner-spin-button {
+            -webkit-appearance: none;
+            margin: 0;
+        }
+    </style>
+@endsection
+
 @section('content')
 <div class="login-box-body">
-    <p class="login-box-msg">@lang('auth.2fa_required')</p>
     <form action="{{ route('auth.totp') }}" method="POST">
-        <div class="form-group">
-            <input type="text" name="2fa_token" class="form-control" placeholder="@lang('strings.2fa_token')">
-            <span class="fa fa-lock form-control-feedback"></span>
+        <div class="form-group has-feedback">
+            <input type="number" name="2fa_token" class="form-control input-lg text-center" placeholder="@lang('strings.2fa_token')" autofocus>
+            <span class="fa fa-shield form-control-feedback"></span>
         </div>
         <div class="row">
             <div class="col-xs-12">
                 {!! csrf_field() !!}
                 <input type="hidden" name="verify_token" value="{{ $verify_key }}" />
                 @if($remember)
-                    <input type="hidden" name="remember" value="true" />
+                    <input type="checkbox" name="remember" checked style="display:none;"/>
                 @endif
                 <button type="submit" class="btn btn-primary btn-block btn-flat">@lang('strings.submit')</button>
             </div>

From cce27dfff19567498a366bfd86d634c02713a7d9 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Mon, 22 May 2017 19:25:26 -0500
Subject: [PATCH 05/12] Fix API response to show correct error.

---
 CHANGELOG.md               |  1 +
 app/Exceptions/Handler.php | 14 +++++++-------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 196b6fc8..14086eb3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 ### Fixed
 * Fixes a bug preventing the use of services that have no variables attached to them.
 * Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
+* API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
 
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
index 71d66cdc..a801cdce 100644
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -48,16 +48,16 @@ class Handler extends ExceptionHandler
         if ($request->expectsJson() || $request->isJson() || $request->is(...config('pterodactyl.json_routes'))) {
             $exception = $this->prepareException($exception);
 
-            if (config('app.debug')) {
-                $report = [
-                    'code' => (! $this->isHttpException($exception)) ?: $exception->getStatusCode(),
-                    'message' => class_basename($exception) . ' in ' . $exception->getFile() . ' on line ' . $exception->getLine(),
-                ];
+            if (config('app.debug') || $this->isHttpException($exception)) {
+                $displayError = $exception->getMessage();
+            } else {
+                $displayError = 'An unhandled exception was encountered with this request.';
             }
 
             $response = response()->json([
-                'error' => (config('app.debug')) ? $exception->getMessage() : 'An unhandled exception was encountered with this request.',
-                'exception' => ! isset($report) ?: $report,
+                'error' => $displayError,
+                'http_code' => (! $this->isHttpException($exception)) ?: $exception->getStatusCode(),
+                'trace' => (! config('app.debug')) ? null : class_basename($exception) . ' in ' . $exception->getFile() . ' on line ' . $exception->getLine(),
             ], ($this->isHttpException($exception)) ? $exception->getStatusCode() : 500, [], JSON_UNESCAPED_SLASHES);
 
             parent::report($exception);

From 7460b5fdd2af716fd2ab21cd59aaefad182edb81 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 21:43:28 -0500
Subject: [PATCH 06/12] fix broken file creation due to missing dependency,
 closes #453

---
 CHANGELOG.md                                            | 1 +
 resources/themes/pterodactyl/server/files/add.blade.php | 1 +
 2 files changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 14086eb3..0219522e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * Fixes a bug preventing the use of services that have no variables attached to them.
 * Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
 * API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
+* Fixes bug preventing the creation of new files in the file manager due to a missing JS dependency on page load.
 
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
diff --git a/resources/themes/pterodactyl/server/files/add.blade.php b/resources/themes/pterodactyl/server/files/add.blade.php
index 7c4322c2..cbf468a2 100644
--- a/resources/themes/pterodactyl/server/files/add.blade.php
+++ b/resources/themes/pterodactyl/server/files/add.blade.php
@@ -101,6 +101,7 @@
     {!! Theme::js('js/frontend/server.socket.js') !!}
     {!! Theme::js('vendor/ace/ace.js') !!}
     {!! Theme::js('vendor/ace/ext-modelist.js') !!}
+    {!! Theme::js('vendor/ace/ext-whitespace.js') !!}
     {!! Theme::js('vendor/lodash/lodash.js') !!}
     {!! Theme::js('js/frontend/files/editor.js') !!}
     <script>

From 8144535b82ea68250edc8f61b92c7bc806699325 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 21:59:47 -0500
Subject: [PATCH 07/12] Prevent invalid service tag names, ref #443

---
 CHANGELOG.md                                                    | 1 +
 app/Repositories/OptionRepository.php                           | 2 +-
 .../themes/pterodactyl/admin/services/options/new.blade.php     | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0219522e..c5859e1b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
 * API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
 * Fixes bug preventing the creation of new files in the file manager due to a missing JS dependency on page load.
+* Prevent using a service option tag that contains special chaacters that are not valid. Now only allows alpha-numeric, no spaces or underscores.
 
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
diff --git a/app/Repositories/OptionRepository.php b/app/Repositories/OptionRepository.php
index fc887dd5..1a0ce450 100644
--- a/app/Repositories/OptionRepository.php
+++ b/app/Repositories/OptionRepository.php
@@ -47,7 +47,7 @@ class OptionRepository
             'service_id' => 'required|numeric|exists:services,id',
             'name' => 'required|string|max:255',
             'description' => 'required|string',
-            'tag' => 'required|string|max:255|unique:service_options,tag',
+            'tag' => 'required|alpha_num|max:60|unique:service_options,tag',
             'docker_image' => 'sometimes|string|max:255',
             'startup' => 'sometimes|nullable|string',
             'config_from' => 'sometimes|required|numeric|exists:service_options,id',
diff --git a/resources/themes/pterodactyl/admin/services/options/new.blade.php b/resources/themes/pterodactyl/admin/services/options/new.blade.php
index 7c4da15e..b69f539b 100644
--- a/resources/themes/pterodactyl/admin/services/options/new.blade.php
+++ b/resources/themes/pterodactyl/admin/services/options/new.blade.php
@@ -66,7 +66,7 @@
                             <div class="form-group">
                                 <label for="pTag" class="form-label">Option Tag</label>
                                 <input type="text" id="pTag" name="tag" value="{{ old('tag') }}" class="form-control" />
-                                <p class="text-muted small">This should be a unique identifer for this service option that is not used for any other service options.</p>
+                                <p class="text-muted small">This should be a unique identifer for this service option that is not used for any other service options. Must be alpha-numeric and no more than 60 characters in length.</p>
                             </div>
                             <div class="form-group">
                                 <label for="pDockerImage" class="form-label">Docker Image</label>

From 0bb0d5df45b791f4485647aaf0cf08b8cb5916c7 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 22:08:00 -0500
Subject: [PATCH 08/12] make clear that daemon must be rebooted after editing

---
 .../themes/pterodactyl/admin/services/options/view.blade.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/resources/themes/pterodactyl/admin/services/options/view.blade.php b/resources/themes/pterodactyl/admin/services/options/view.blade.php
index b61f79f9..3d302580 100644
--- a/resources/themes/pterodactyl/admin/services/options/view.blade.php
+++ b/resources/themes/pterodactyl/admin/services/options/view.blade.php
@@ -47,6 +47,11 @@
 </div>
 <form action="{{ route('admin.services.option.view', $option->id) }}" method="POST">
     <div class="row">
+        <div class="col-xs-12">
+            <div class="callout callout-info">
+                <strong>Notice:</strong> Editing the Option Tag or any of the Process Management fields <em>requires</em> that each daemon be rebooted to apply the changes.
+            </div>
+        </div>
         <div class="col-xs-12">
             <div class="box">
                 <div class="box-header with-border">

From f0fca2a681cfa340b0a0d59c6a0e4e03a9fda62c Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 22:56:54 -0500
Subject: [PATCH 09/12] Fix missing log class on API calls with errors.

---
 CHANGELOG.md                                        | 1 +
 app/Http/Controllers/API/Admin/NodeController.php   | 1 +
 app/Http/Controllers/API/Admin/ServerController.php | 1 +
 app/Http/Controllers/API/Admin/UserController.php   | 1 +
 4 files changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c5859e1b..9fbfd37a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
 * Fixes bug preventing the creation of new files in the file manager due to a missing JS dependency on page load.
 * Prevent using a service option tag that contains special chaacters that are not valid. Now only allows alpha-numeric, no spaces or underscores.
+* Fix unhandled excpetion due to missing `Log` class when using the API and causing an error.
 
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
diff --git a/app/Http/Controllers/API/Admin/NodeController.php b/app/Http/Controllers/API/Admin/NodeController.php
index d70e8996..74784fdb 100644
--- a/app/Http/Controllers/API/Admin/NodeController.php
+++ b/app/Http/Controllers/API/Admin/NodeController.php
@@ -24,6 +24,7 @@
 
 namespace Pterodactyl\Http\Controllers\API\Admin;
 
+use Log;
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Node;
diff --git a/app/Http/Controllers/API/Admin/ServerController.php b/app/Http/Controllers/API/Admin/ServerController.php
index 75bcdc10..28cb4064 100644
--- a/app/Http/Controllers/API/Admin/ServerController.php
+++ b/app/Http/Controllers/API/Admin/ServerController.php
@@ -24,6 +24,7 @@
 
 namespace Pterodactyl\Http\Controllers\API\Admin;
 
+use Log;
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Server;
diff --git a/app/Http/Controllers/API/Admin/UserController.php b/app/Http/Controllers/API/Admin/UserController.php
index 150ca4f8..c94fe809 100644
--- a/app/Http/Controllers/API/Admin/UserController.php
+++ b/app/Http/Controllers/API/Admin/UserController.php
@@ -24,6 +24,7 @@
 
 namespace Pterodactyl\Http\Controllers\API\Admin;
 
+use Log;
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\User;

From 0e48c94918e6af2f0fea9290950e51d56c647494 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 22:57:09 -0500
Subject: [PATCH 10/12] Don't allow reinstall if server install failed

---
 .../pterodactyl/admin/servers/view/manage.blade.php  | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/resources/themes/pterodactyl/admin/servers/view/manage.blade.php b/resources/themes/pterodactyl/admin/servers/view/manage.blade.php
index 0566a8a1..06918287 100644
--- a/resources/themes/pterodactyl/admin/servers/view/manage.blade.php
+++ b/resources/themes/pterodactyl/admin/servers/view/manage.blade.php
@@ -62,10 +62,14 @@
                 <p>This will reinstall the server with the assigned pack and service scripts. <strong>Danger!</strong> This could overwrite server data.</p>
             </div>
             <div class="box-footer">
-                <form action="{{ route('admin.servers.view.manage.reinstall', $server->id) }}" method="POST">
-                    {!! csrf_field() !!}
-                    <button type="submit" class="btn btn-danger">Reinstall Server</button>
-                </form>
+                @if($server->installed)
+                    <form action="{{ route('admin.servers.view.manage.reinstall', $server->id) }}" method="POST">
+                        {!! csrf_field() !!}
+                        <button type="submit" class="btn btn-danger">Reinstall Server</button>
+                    </form>
+                @else
+                    <button class="btn btn-danger disabled">Reinstall Server</button>
+                @endif
             </div>
         </div>
     </div>

From 9116547e98a52c21e2f30adae220c43eafc40d99 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 23:00:31 -0500
Subject: [PATCH 11/12] allow emptying server description, closes #442

---
 CHANGELOG.md                                     | 1 +
 app/Http/Controllers/Admin/ServersController.php | 9 ++++++---
 app/Repositories/ServerRepository.php            | 2 +-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9fbfd37a..47ee976e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
 * Sessions are now encrypted before being stored as an additional layer of security.
+* It is now possible to clear out a server description and have it be blank, rather than throwing an error about the field being required.
 
 ## v0.6.0 (Courageous Carniadactylus)
 ### Fixed
diff --git a/app/Http/Controllers/Admin/ServersController.php b/app/Http/Controllers/Admin/ServersController.php
index 28115227..76715c84 100644
--- a/app/Http/Controllers/Admin/ServersController.php
+++ b/app/Http/Controllers/Admin/ServersController.php
@@ -273,9 +273,12 @@ class ServersController extends Controller
     {
         $repo = new ServerRepository;
         try {
-            $repo->updateDetails($id, $request->intersect([
-                'owner_id', 'name', 'description', 'reset_token',
-            ]));
+            $repo->updateDetails($id, array_merge(
+                $request->only('description'),
+                $request->intersect([
+                    'owner_id', 'name', 'reset_token',
+                ])
+            ));
 
             Alert::success('Server details were successfully updated.')->flash();
         } catch (DisplayValidationException $ex) {
diff --git a/app/Repositories/ServerRepository.php b/app/Repositories/ServerRepository.php
index e75b31ba..fa0a678f 100644
--- a/app/Repositories/ServerRepository.php
+++ b/app/Repositories/ServerRepository.php
@@ -370,7 +370,7 @@ class ServerRepository
         $validator = Validator::make($data, [
             'owner_id' => 'sometimes|required|integer|exists:users,id',
             'name' => 'sometimes|required|regex:([\w .-]{1,200})',
-            'description' => 'sometimes|required|string',
+            'description' => 'sometimes|nullable|string',
             'reset_token' => 'sometimes|required|accepted',
         ]);
 

From 8b762cbaf56616d54b4213da5a91182339102bdb Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Wed, 24 May 2017 20:42:31 -0500
Subject: [PATCH 12/12] Also update service listing to accommodate no
 variables.

---
 CHANGELOG.md                                   |  2 +-
 .../Controllers/Daemon/OptionController.php    | 18 ++++++++++++------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 47ee976e..21da5ef8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,7 +9,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
 * API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
 * Fixes bug preventing the creation of new files in the file manager due to a missing JS dependency on page load.
-* Prevent using a service option tag that contains special chaacters that are not valid. Now only allows alpha-numeric, no spaces or underscores.
+* Prevent using a service option tag that contains special characters that are not valid. Now only allows alpha-numeric, no spaces or underscores.
 * Fix unhandled excpetion due to missing `Log` class when using the API and causing an error.
 
 ### Changed
diff --git a/app/Http/Controllers/Daemon/OptionController.php b/app/Http/Controllers/Daemon/OptionController.php
index e7aac2fe..9eb1806d 100644
--- a/app/Http/Controllers/Daemon/OptionController.php
+++ b/app/Http/Controllers/Daemon/OptionController.php
@@ -38,6 +38,17 @@ class OptionController extends Controller
             return sprintf('%s=%s', $item->variable->env_variable, $item->variable_value);
         });
 
+        $mergeInto = [
+            'STARTUP=' . $server->startup,
+            'SERVER_MEMORY=' . $server->memory,
+            'SERVER_IP=' . $server->allocation->ip,
+            'SERVER_PORT=' . $server->allocation->port,
+        ];
+
+        if ($environment->count() === 0) {
+            $environment = collect($mergeInto);
+        }
+
         return response()->json([
             'scripts' => [
                 'install' => (! $server->option->copy_script_install) ? null : str_replace(["\r\n", "\n", "\r"], "\n", $server->option->copy_script_install),
@@ -47,12 +58,7 @@ class OptionController extends Controller
                 'container' => $server->option->copy_script_container,
                 'entry' => $server->option->copy_script_entry,
             ],
-            'env' => $environment->merge([
-                'STARTUP=' . $server->startup,
-                'SERVER_MEMORY=' . $server->memory,
-                'SERVER_IP=' . $server->allocation->ip,
-                'SERVER_PORT=' . $server->allocation->port,
-            ])->toArray(),
+            'env' => $environment->toArray(),
         ]);
     }
 }