Merge branch 'develop' of https://github.com/pterodactyl/wings into develop

Safety logic check, don't try to stop a stopped server when suspending; closes #2318
Couldn't actually reproduce this, but a good sanity check I guess.
2020-09-10 20:17:16 -07:00 · 2020-09-10 20:16:16 -07:00 · 2020-09-10 21:08:00 -06:00 · 2020-09-10 20:05:01 -07:00 · 2020-09-09 21:12:06 -07:00 · 2020-09-09 20:27:41 -07:00
91 changed files with 6917 additions and 2743 deletions
--- a/.github/workflows/build-test.yml
+++ b/.github/workflows/build-test.yml
@@ -0,0 +1,33 @@
+name: "Build & Test"
+
+on:
+  push:
+    branches-ignore:
+      - 'master'
+      - 'release/**'
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: '^1.15'
+      
+      - name: Build
+        run: GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -ldflags "-X github.com/pterodactyl/wings/system.Version=dev-${GIT_COMMIT:0:7}" -o build/wings_linux_amd64 -v wings.go
+      
+      - name: Test
+        run: go test ./...
+      
+      - name: Compress binary and make it executable
+        if: ${{ github.ref == 'refs/heads/develop' || github.event_name == 'pull_request' }}
+        run: upx build/wings_linux_amd64 && chmod +x build/wings_linux_amd64
+      
+      - uses: actions/upload-artifact@v2
+        if: ${{ github.ref == 'refs/heads/develop' || github.event_name == 'pull_request' }}
+        with:
+          name: wings_linux_amd64
+          path: build/wings_linux_amd64
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,35 @@
+name: "Code scanning - action"
+
+on:
+  push:
+  pull_request:
+  schedule:
+    - cron: '0 21 * * 6'
+
+jobs:
+  CodeQL-Build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+      
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      # Override language selection by uncommenting this and choosing your languages
+      with:
+        languages: go
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,87 @@
+name: "Release"
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  release:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: '^1.15'
+      
+      - name: Build
+        env:
+          REF: ${{ github.ref }}
+        run: GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -ldflags "-X github.com/pterodactyl/wings/system.Version=${REF:11}" -o build/wings_linux_amd64 -v wings.go
+      
+      - name: Test
+        run: go test ./...
+      
+      - name: Compress binary and make it executable
+        run: upx --brute build/wings_linux_amd64 && chmod +x build/wings_linux_amd64
+
+      - name: Extract changelog
+        env:
+          REF: ${{ github.ref }}
+        run: |
+          sed -n "/^## ${REF:10}/,/^## /{/^## /b;p}" CHANGELOG.md > ./RELEASE_CHANGELOG
+          echo ::set-output name=version_name::`sed -nr "s/^## (${REF:10} .*)$/\1/p" CHANGELOG.md`
+
+      - name: Create checksum and add to changelog
+        run: |
+          SUM=`cd build && sha256sum wings_linux_amd64`
+          echo -e "\n#### SHA256 Checksum\n\n\`\`\`\n$SUM\n\`\`\`\n" >> ./RELEASE_CHANGELOG
+          echo $SUM > checksum.txt
+
+      - name: Create release branch
+        env:
+          REF: ${{ github.ref }}
+        run: |
+          BRANCH=release/${REF:10}
+          git config --local user.email "ci@pterodactyl.io"
+          git config --local user.name "Pterodactyl CI"
+          git checkout -b $BRANCH
+          git push -u origin $BRANCH
+          sed -i "s/	Version = \".*\"/	Version = \"${REF:11}\"/" system/const.go
+          git add system/const.go
+          git commit -m "bump version for release"
+          git push
+
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ steps.extract_changelog.outputs.version_name }}
+          body_path: ./RELEASE_CHANGELOG
+          draft: true
+          prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }}
+      
+      - name: Upload binary
+        id: upload-release-binary 
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }} 
+          asset_path: build/wings_linux_amd64
+          asset_name: wings_linux_amd64
+          asset_content_type: application/octet-stream
+      
+      - name: Upload checksum
+        id: upload-release-checksum 
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }} 
+          asset_path: ./checksum.txt
+          asset_name: checksum.txt
+          asset_content_type: text/plain
--- a/32
+++ b/32
@@ -1,28 +1,12 @@
-BINARY = "build/wings"
-OSARCHLIST = "darwin/386 darwin/amd64 linux/386 linux/amd64 linux/arm linux/arm64 windows/386 windows/amd64"
+build:
+	GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -gcflags "all=-trimpath=$(PWD)" -o build/wings_linux_amd64 -v wings.go

-all: $(BINARY)
+compress:
+	upx --brute build/wings_*

-$(BINARY):
-	go build -o $(BINARY)
+cross-build: clean build compress

-cross-build:
-	gox -osarch $(OSARCHLIST) -output "build/{{.Dir}}_{{.OS}}_{{.Arch}}"
+clean:
+	rm -rf build/wings_*

-.PHONY: install
-install:
-	go install
-
-test:
-	go test `go list ./... | grep -v "/vendor/"`
-
-coverage:
-	goverage -coverprofile=coverage.out ./...
-	go tool cover -html=coverage.out
-
-dependencies:
-	glide install
-
-install-tools:
-	go get -u github.com/mitchellh/gox
-	go get -u github.com/haya14busa/goverage
+.PHONY: all build compress clean
--- a/README.md
+++ b/README.md
@@ -1,16 +1,35 @@
-# Alpha Project
-Please refrain from opening PRs or Issues at this time. This project is still under heavy development, and until we have a solid foundation and plan for how everything will connect, we will not be accepting PRs or feature suggestions.
+[![Logo Image](https://cdn.pterodactyl.io/logos/new/pterodactyl_logo.png)](https://pterodactyl.io)

-# Pterodactyl wings [![travis](https://img.shields.io/travis/pterodactyl/wings.svg?style=flat-square)](https://travis-ci.org/pterodactyl/wings) [![codacy quality](https://img.shields.io/codacy/grade/27a1576bda86450f853b1052b12fa570.svg?style=flat-square)](https://www.codacy.com/app/schrej/wings/dashboard) [![codacy coverage](https://img.shields.io/codacy/coverage/27a1576bda86450f853b1052b12fa570.svg?style=flat-square)](https://www.codacy.com/app/schrej/wings/files)
+[![Discord](https://img.shields.io/discord/122900397965705216.svg?style=flat-square&label=Discord)](https://pterodactyl.io/discord)

-```
-                     ____
-__ Pterodactyl _____/___/_______ _______ ______
-\_____\    \/\/    /   /       /  __   /   ___/
-   \___\          /   /   /   /  /_/  /___   /
-        \___/\___/___/___/___/___    /______/
-                            /_______/ alpha
-```
+# Pterodactyl Wings
+Wings is Pterodactyl's server control plane, built for the rapidly changing gaming industry and designed to be
+highly performant and secure. Wings provides an HTTP API allowing you to interface directly with running server
+instances, fetch server logs, generate backups, and control all aspects of the server lifecycle.

-A new generation of the Pterodactyl daemon, written in go.
+In addition, Wings ships with a built-in SFTP server allowing your system to remain free of Pterodactyl specific
+dependencies, and allowing users to authenticate with the same credentials they would normally use to access the Panel.

+## Sponsors
+I would like to extend my sincere thanks to the following sponsors for helping find Pterodactyl's developement.
+[Interested in becoming a sponsor?](https://github.com/sponsors/DaneEveritt)
+
+| Company | About |
+| ------- | ----- |
+| [**BloomVPS**](https://bloomvps.com) | BloomVPS offers dedicated core VPS and Minecraft hosting with Ryzen 9 processors. With owned-hardware, we offer truly unbeatable prices on high-performance hosting. |
+| [**VersatileNode**](https://versatilenode.com/) | Looking to host a minecraft server, vps, or a website? VersatileNode is one of the most affordable hosting providers to provide quality yet cheap services with incredible support. |
+| [**MineStrator**](https://minestrator.com/) | Looking for a French highend hosting company for you minecraft server? More than 14,000 members on our discord, trust us. |
+| [**DedicatedMC**](https://dedicatedmc.io/) | DedicatedMC provides Raw Power hosting at affordable pricing, making sure to never compromise on your performance and giving you the best performance money can buy. |
+| [**Skynode**](https://www.skynode.pro/) | Skynode provides blazing fast game servers along with a top-notch user experience. Whatever our clients are looking for, we're able to provide it! |
+| [**XCORE-SERVER.de**](https://xcore-server.de/) | XCORE-SERVER.de offers High-End Servers for hosting and gaming since 2012. Fast, excellent and well-known for eSports Gaming. |
+
+## Documentation
+* [Panel Documentation](https://pterodactyl.io/panel/1.0/getting_started.html)
+* [Wings Documentation](https://pterodactyl.io/wings/1.0/installing.html)
+* [Community Guides](https://pterodactyl.io/community/about.html)
+* Or, get additional help [via Discord](https://discord.gg/pterodactyl)
+
+## Reporting Issues
+Please use the [pterodactyl/panel](https://github.com/pterodactyl/panel) repository to report any issues or make
+feature requests for Wings. In addition, the [security policy](https://github.com/pterodactyl/panel/security/policy) listed
+within that repository also applies to Wings.
--- a/api/api.go
+++ b/api/api.go
@@ -4,9 +4,9 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"github.com/apex/log"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
 	"io/ioutil"
 	"net/http"
 	"strings"
@@ -45,6 +45,26 @@ func (r *PanelRequest) GetEndpoint(endpoint string) string {
 	)
 }

+// Logs the request into the debug log with all of the important request bits.
+// The authorization key will be cleaned up before being output.
+func (r *PanelRequest) logDebug(req *http.Request) {
+	headers := make(map[string][]string)
+	for k, v := range req.Header {
+		if k != "Authorization" || len(v) == 0 {
+			headers[k] = v
+			continue
+		}
+
+		headers[k] = []string{v[0][0:15] + "(redacted)"}
+	}
+
+	log.WithFields(log.Fields{
+		"method":   req.Method,
+		"endpoint": req.URL.String(),
+		"headers":  headers,
+	}).Debug("making request to external HTTP endpoint")
+}
+
 func (r *PanelRequest) Get(url string) (*http.Response, error) {
 	c := r.GetClient()

@@ -55,7 +75,7 @@ func (r *PanelRequest) Get(url string) (*http.Response, error) {
 		return nil, err
 	}

-	zap.S().Debugw("GET request to endpoint", zap.String("endpoint", r.GetEndpoint(url)), zap.Any("headers", req.Header))
+	r.logDebug(req)

 	return c.Do(req)
 }
@@ -70,7 +90,7 @@ func (r *PanelRequest) Post(url string, data []byte) (*http.Response, error) {
 		return nil, err
 	}

-	zap.S().Debugw("POST request to endpoint", zap.String("endpoint", r.GetEndpoint(url)), zap.Any("headers", req.Header))
+	r.logDebug(req)

 	return c.Do(req)
 }
@@ -110,6 +130,12 @@ func (r *PanelRequest) HttpResponseCode() int {
 	return r.Response.StatusCode
 }

+func IsRequestError(err error) bool {
+	_, ok := err.(*RequestError)
+
+	return ok
+}
+
 type RequestError struct {
 	Code   string `json:"code"`
 	Status string `json:"status"`
@@ -117,8 +143,12 @@ type RequestError struct {
 }

 // Returns the error response in a string form that can be more easily consumed.
+func (re *RequestError) Error() string {
+	return fmt.Sprintf("Error response from Panel: %s: %s (HTTP/%s)", re.Code, re.Detail, re.Status)
+}
+
 func (re *RequestError) String() string {
-	return fmt.Sprintf("%s: %s (HTTP/%s)", re.Code, re.Detail, re.Status)
+	return re.Error()
 }

 type RequestErrorBag struct {
--- a/api/backup_endpoints.go
+++ b/api/backup_endpoints.go
@@ -7,9 +7,10 @@ import (
 )

 type BackupRequest struct {
-	Checksum string `json:"checksum"`
-	Size     int64  `json:"size"`
-	Successful bool `json:"successful"`
+	Checksum     string `json:"checksum"`
+	ChecksumType string `json:"checksum_type"`
+	Size         int64  `json:"size"`
+	Successful   bool   `json:"successful"`
 }

 // Notifies the panel that a specific backup has been completed and is now
--- a/api/process_configuration.go
+++ b/api/process_configuration.go
@@ -0,0 +1,68 @@
+package api
+
+import (
+	"encoding/json"
+	"github.com/apex/log"
+	"github.com/pterodactyl/wings/parser"
+	"regexp"
+	"strings"
+)
+
+type OutputLineMatcher struct {
+	// The raw string to match against. This may or may not be prefixed with
+	// regex: which indicates we want to match against the regex expression.
+	raw string
+	reg *regexp.Regexp
+}
+
+// Determine if a given string "s" matches the given line.
+func (olm *OutputLineMatcher) Matches(s string) bool {
+	if olm.reg == nil {
+		return strings.Contains(s, olm.raw)
+	}
+
+	return olm.reg.MatchString(s)
+}
+
+// Return the matcher's raw comparison string.
+func (olm *OutputLineMatcher) String() string {
+	return olm.raw
+}
+
+// Unmarshal the startup lines into individual structs for easier matching abilities.
+func (olm *OutputLineMatcher) UnmarshalJSON(data []byte) error {
+	if err := json.Unmarshal(data, &olm.raw); err != nil {
+		return err
+	}
+
+	if strings.HasPrefix(olm.raw, "regex:") && len(olm.raw) > 6 {
+		r, err := regexp.Compile(strings.TrimPrefix(olm.raw, "regex:"))
+		if err != nil {
+			log.WithField("error", err).WithField("raw", olm.raw).Warn("failed to compile output line marked as being regex")
+		}
+
+		olm.reg = r
+	}
+
+	return nil
+}
+
+type ProcessStopConfiguration struct {
+	Type  string `json:"type"`
+	Value string `json:"value"`
+}
+
+// Defines the process configuration for a given server instance. This sets what the
+// daemon is looking for to mark a server as done starting, what to do when stopping,
+// and what changes to make to the configuration file for a server.
+type ProcessConfiguration struct {
+	Startup struct {
+		Done            []*OutputLineMatcher `json:"done"`
+		UserInteraction []string             `json:"user_interaction"`
+		StripAnsi       bool                 `json:"strip_ansi"`
+	} `json:"startup"`
+
+	Stop ProcessStopConfiguration `json:"stop"`
+
+	ConfigurationFiles []parser.ConfigurationFile `json:"configs"`
+}
--- a/api/server_endpoints.go
+++ b/api/server_endpoints.go
@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"github.com/pkg/errors"
-	"github.com/pterodactyl/wings/parser"
 )

 const (
@@ -26,21 +25,6 @@ type ServerConfigurationResponse struct {
 	ProcessConfiguration *ProcessConfiguration `json:"process_configuration"`
 }

-// Defines the process configuration for a given server instance. This sets what the
-// daemon is looking for to mark a server as done starting, what to do when stopping,
-// and what changes to make to the configuration file for a server.
-type ProcessConfiguration struct {
-	Startup struct {
-		Done            string   `json:"done"`
-		UserInteraction []string `json:"userInteraction"`
-	} `json:"startup"`
-	Stop struct {
-		Type  string `json:"type"`
-		Value string `json:"value"`
-	} `json:"stop"`
-	ConfigurationFiles []parser.ConfigurationFile `json:"configs"`
-}
-
 // Defines installation script information for a server process. This is used when
 // a server is installed for the first time, and when a server is marked for re-installation.
 type InstallationScript struct {
@@ -202,4 +186,4 @@ func (r *PanelRequest) SendTransferSuccess(uuid string) (*RequestError, error) {
 	}

 	return nil, nil
-}
+}
--- a/api/sftp_endpoints.go
+++ b/api/sftp_endpoints.go
@@ -2,12 +2,57 @@ package api

 import (
 	"encoding/json"
+	"github.com/apex/log"
 	"github.com/pkg/errors"
-	"github.com/pterodactyl/sftp-server"
-	"go.uber.org/zap"
+	"regexp"
 )

-func (r *PanelRequest) ValidateSftpCredentials(request sftp_server.AuthenticationRequest) (*sftp_server.AuthenticationResponse, error) {
+type SftpAuthRequest struct {
+	User          string `json:"username"`
+	Pass          string `json:"password"`
+	IP            string `json:"ip"`
+	SessionID     []byte `json:"session_id"`
+	ClientVersion []byte `json:"client_version"`
+}
+
+type SftpAuthResponse struct {
+	Server      string   `json:"server"`
+	Token       string   `json:"token"`
+	Permissions []string `json:"permissions"`
+}
+
+type sftpInvalidCredentialsError struct {
+}
+
+func (ice sftpInvalidCredentialsError) Error() string {
+	return "the credentials provided were invalid"
+}
+
+func IsInvalidCredentialsError(err error) bool {
+	_, ok := err.(*sftpInvalidCredentialsError)
+
+	return ok
+}
+
+// Usernames all follow the same format, so don't even bother hitting the API if the username is not
+// at least in the expected format. This is very basic protection against random bots finding the SFTP
+// server and sending a flood of usernames.
+var validUsernameRegexp = regexp.MustCompile(`^(?i)(.+)\.([a-z0-9]{8})$`)
+
+func (r *PanelRequest) ValidateSftpCredentials(request SftpAuthRequest) (*SftpAuthResponse, error) {
+	// If the username doesn't meet the expected format that the Panel would even recognize just go ahead
+	// and bail out of the process here to avoid accidentally brute forcing the panel if a bot decides
+	// to connect to spam username attempts.
+	if !validUsernameRegexp.MatchString(request.User) {
+		log.WithFields(log.Fields{
+			"subsystem": "sftp",
+			"username":  request.User,
+			"ip":        request.IP,
+		}).Warn("failed to validate user credentials (invalid format)")
+
+		return nil, new(sftpInvalidCredentialsError)
+	}
+
 	b, err := json.Marshal(request)
 	if err != nil {
 		return nil, err
@@ -23,18 +68,15 @@ func (r *PanelRequest) ValidateSftpCredentials(request sftp_server.Authenticatio

 	if r.HasError() {
 		if r.HttpResponseCode() >= 400 && r.HttpResponseCode() < 500 {
-			zap.S().Debugw("failed to validate server credentials for SFTP", zap.String("error", r.Error().String()))
-
-			return nil, new(sftp_server.InvalidCredentialsError)
+			return nil, new(sftpInvalidCredentialsError)
 		}

 		rerr := errors.New(r.Error().String())
-		zap.S().Warnw("error validating SFTP credentials", zap.Error(rerr))

 		return nil, rerr
 	}

-	response := new(sftp_server.AuthenticationResponse)
+	response := new(SftpAuthResponse)
 	body, _ := r.ReadBody()

 	if err := json.Unmarshal(body, response); err != nil {
@@ -42,4 +84,4 @@ func (r *PanelRequest) ValidateSftpCredentials(request sftp_server.Authenticatio
 	}

 	return response, nil
-}
+}
--- a/cmd/config_finder.go
+++ b/cmd/config_finder.go
@@ -0,0 +1,60 @@
+package cmd
+
+import (
+	"github.com/pterodactyl/wings/config"
+	"os"
+	"path/filepath"
+)
+
+// We've gone through a couple of iterations of where the configuration is stored. This
+// helpful little function will look through the three areas it might have ended up, and
+// return it.
+//
+// We only run this if the configuration flag for the instance is not actually passed in
+// via the command line. Once found, the configuration is moved into the expected default
+// location. Only errors are returned from this function, you can safely assume that after
+// running this the configuration can be found in the correct default location.
+func RelocateConfiguration() error {
+	var match string
+	check := []string{
+		config.DefaultLocation,
+		"/var/lib/pterodactyl/config.yml",
+		"/etc/wings/config.yml",
+	}
+
+	// Loop over all of the configuration paths, and return which one we found, if
+	// any.
+	for _, p := range check {
+		if s, err := os.Stat(p); err != nil {
+			if !os.IsNotExist(err) {
+				return err
+			}
+		} else if !s.IsDir() {
+			match = p
+			break
+		}
+	}
+
+	// Just return a generic not exist error at this point if we didn't have a match, this
+	// will allow the caller to handle displaying a more friendly error to the user. If we
+	// did match in the default location, go ahead and return successfully.
+	if match == "" {
+		return os.ErrNotExist
+	} else if match == config.DefaultLocation {
+		return nil
+	}
+
+	// The rest of this function simply creates the new default location and moves the
+	// old configuration file over to the new location, then sets the permissions on the
+	// file correctly so that only the user running this process can read it.
+	p, _ := filepath.Split(config.DefaultLocation)
+	if err := os.MkdirAll(p, 0755); err != nil {
+		return err
+	}
+
+	if err := os.Rename(match, config.DefaultLocation); err != nil {
+		return err
+	}
+
+	return os.Chmod(config.DefaultLocation, 0600)
+}
--- a/cmd/configure.go
+++ b/cmd/configure.go
@@ -6,7 +6,6 @@ import (
 	"fmt"
 	"github.com/AlecAivazis/survey/v2"
 	"github.com/AlecAivazis/survey/v2/terminal"
-	"github.com/creasty/defaults"
 	"github.com/pterodactyl/wings/config"
 	"github.com/spf13/cobra"
 	"io/ioutil"
@@ -147,8 +146,8 @@ func configureCmdRun(cmd *cobra.Command, args []string) {

 	b, err := ioutil.ReadAll(res.Body)

-	cfg := new(config.Configuration)
-	if err := defaults.Set(cfg); err != nil {
+	cfg, err := config.NewFromPath(configPath)
+	if err != nil {
 		panic(err)
 	}

--- a/cmd/diagnostics.go
+++ b/cmd/diagnostics.go
@@ -0,0 +1,226 @@
+package cmd
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"os/exec"
+	"path"
+	"strings"
+
+	"github.com/AlecAivazis/survey/v2"
+	"github.com/AlecAivazis/survey/v2/terminal"
+	"github.com/docker/cli/components/engine/pkg/parsers/operatingsystem"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/client"
+	"github.com/docker/docker/pkg/parsers/kernel"
+	"github.com/pterodactyl/wings/config"
+	"github.com/pterodactyl/wings/system"
+	"github.com/spf13/cobra"
+)
+
+const DefaultHastebinUrl = "https://hastebin.com"
+
+var (
+	diagnosticsArgs struct {
+		IncludeEndpoints   bool
+		IncludeLogs        bool
+		ReviewBeforeUpload bool
+		HastebinURL        string
+	}
+)
+
+var diagnosticsCmd = &cobra.Command{
+	Use:   "diagnostics",
+	Short: "Collect diagnostics information.",
+	Run:   diagnosticsCmdRun,
+}
+
+func init() {
+	diagnosticsCmd.PersistentFlags().StringVar(&diagnosticsArgs.HastebinURL, "hastebin-url", DefaultHastebinUrl, "The url of the hastebin instance to use.")
+}
+
+// diagnosticsCmdRun collects diagnostics about wings, it's configuration and the node.
+// We collect:
+// - wings and docker versions
+// - relevant parts of daemon configuration
+// - the docker debug output
+// - running docker containers
+// - logs
+func diagnosticsCmdRun(cmd *cobra.Command, args []string) {
+	questions := []*survey.Question{
+		{
+			Name:   "IncludeEndpoints",
+			Prompt: &survey.Confirm{Message: "Do you want to include endpoints (i.e. the FQDN/IP of your panel)?", Default: false},
+		},
+		{
+			Name:   "IncludeLogs",
+			Prompt: &survey.Confirm{Message: "Do you want to include the latest logs?", Default: true},
+		},
+		{
+			Name: "ReviewBeforeUpload",
+			Prompt: &survey.Confirm{
+				Message: "Do you want to review the collected data before uploading to hastebin.com?",
+				Help:    "The data, especially the logs, might contain sensitive information, so you should review it. You will be asked again if you want to upload.",
+				Default: true,
+			},
+		},
+	}
+	if err := survey.Ask(questions, &diagnosticsArgs); err != nil {
+		if err == terminal.InterruptErr {
+			return
+		}
+		panic(err)
+	}
+
+	dockerVersion, dockerInfo, dockerErr := getDockerInfo()
+	_ = dockerInfo
+
+	output := &strings.Builder{}
+	fmt.Fprintln(output, "Pterodactyl Wings - Diagnostics Report")
+	printHeader(output, "Versions")
+	fmt.Fprintln(output, "wings:", system.Version)
+	if dockerErr == nil {
+		fmt.Fprintln(output, "Docker", dockerVersion.Version)
+	}
+	if v, err := kernel.GetKernelVersion(); err == nil {
+		fmt.Fprintln(output, "Kernel:", v)
+	}
+	if os, err := operatingsystem.GetOperatingSystem(); err == nil {
+		fmt.Fprintln(output, "OS:", os)
+	}
+
+	printHeader(output, "Wings Configuration")
+	if cfg, err := config.ReadConfiguration(config.DefaultLocation); cfg != nil {
+		fmt.Fprintln(output, "Panel Location:", redact(cfg.PanelLocation))
+		fmt.Fprintln(output, "Api Host:", redact(cfg.Api.Host))
+		fmt.Fprintln(output, "Api Port:", cfg.Api.Port)
+		fmt.Fprintln(output, "Api Ssl Enabled:", cfg.Api.Ssl.Enabled)
+		fmt.Fprintln(output, "Api Ssl Certificate:", redact(cfg.Api.Ssl.CertificateFile))
+		fmt.Fprintln(output, "Api Ssl Key:", redact(cfg.Api.Ssl.KeyFile))
+		fmt.Fprintln(output, "Sftp Address:", redact(cfg.System.Sftp.Address))
+		fmt.Fprintln(output, "Sftp Port:", cfg.System.Sftp.Port)
+		fmt.Fprintln(output, "Sftp Read Only:", cfg.System.Sftp.ReadOnly)
+		fmt.Fprintln(output, "Sftp Diskchecking Disabled:", cfg.System.Sftp.DisableDiskChecking)
+		fmt.Fprintln(output, "System Root Directory:", cfg.System.RootDirectory)
+		fmt.Fprintln(output, "System Logs Directory:", cfg.System.LogDirectory)
+		fmt.Fprintln(output, "System Data Directory:", cfg.System.Data)
+		fmt.Fprintln(output, "System Archive Directory:", cfg.System.ArchiveDirectory)
+		fmt.Fprintln(output, "System Backup Directory:", cfg.System.BackupDirectory)
+		fmt.Fprintln(output, "System Username:", cfg.System.Username)
+		fmt.Fprintln(output, "Debug Enabled:", cfg.Debug)
+	} else {
+		fmt.Println("Failed to load configuration.", err)
+	}
+
+	printHeader(output, "Docker: Info")
+	fmt.Fprintln(output, "Server Version:", dockerInfo.ServerVersion)
+	fmt.Fprintln(output, "Storage Driver:", dockerInfo.Driver)
+	if dockerInfo.DriverStatus != nil {
+		for _, pair := range dockerInfo.DriverStatus {
+			fmt.Fprintf(output, "  %s: %s\n", pair[0], pair[1])
+		}
+	}
+	if dockerInfo.SystemStatus != nil {
+		for _, pair := range dockerInfo.SystemStatus {
+			fmt.Fprintf(output, " %s: %s\n", pair[0], pair[1])
+		}
+	}
+	fmt.Fprintln(output, "LoggingDriver:", dockerInfo.LoggingDriver)
+	fmt.Fprintln(output, "CgroupDriver:", dockerInfo.CgroupDriver)
+	if len(dockerInfo.Warnings) > 0 {
+		for _, w := range dockerInfo.Warnings {
+			fmt.Fprintln(output, w)
+		}
+	}
+
+	printHeader(output, "Docker: Running Containers")
+	c := exec.Command("docker", "ps")
+	if co, err := c.Output(); err == nil {
+		output.Write(co)
+	} else {
+		fmt.Fprint(output, "Couldn't list containers: ", err)
+	}
+
+	printHeader(output, "Latest Wings Logs")
+	if diagnosticsArgs.IncludeLogs {
+		fmt.Fprintln(output, "No logs found. Probably because nobody implemented logging to files yet :(")
+	} else {
+		fmt.Fprintln(output, "Logs redacted.")
+	}
+
+	fmt.Println("\n---------------  generated report  ---------------")
+	fmt.Println(output.String())
+	fmt.Print("---------------   end of report    ---------------\n\n")
+
+	upload := !diagnosticsArgs.ReviewBeforeUpload
+	if !upload {
+		survey.AskOne(&survey.Confirm{Message: "Upload to " + diagnosticsArgs.HastebinURL + "?", Default: false}, &upload)
+	}
+	if upload {
+		url, err := uploadToHastebin(diagnosticsArgs.HastebinURL, output.String())
+		if err == nil {
+			fmt.Println("Your report is available here: ", url)
+		}
+	}
+}
+
+func getDockerInfo() (types.Version, types.Info, error) {
+	cli, err := client.NewClientWithOpts(client.FromEnv)
+	if err != nil {
+		return types.Version{}, types.Info{}, err
+	}
+	dockerVersion, err := cli.ServerVersion(context.Background())
+	if err != nil {
+		return types.Version{}, types.Info{}, err
+	}
+	dockerInfo, err := cli.Info(context.Background())
+	if err != nil {
+		return types.Version{}, types.Info{}, err
+	}
+	return dockerVersion, dockerInfo, nil
+}
+
+func uploadToHastebin(hbUrl, content string) (string, error) {
+	r := strings.NewReader(content)
+	u, err := url.Parse(hbUrl)
+	if err != nil {
+		return "", err
+	}
+	u.Path = path.Join(u.Path, "documents")
+	res, err := http.Post(u.String(), "plain/text", r)
+	if err != nil || res.StatusCode != 200 {
+		fmt.Println("Failed to upload report to ", u.String(), err)
+		return "", err
+	}
+	pres := make(map[string]interface{})
+	body, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		fmt.Println("Failed to parse response.", err)
+		return "", err
+	}
+	json.Unmarshal(body, &pres)
+	if key, ok := pres["key"].(string); ok {
+		u, _ := url.Parse(hbUrl)
+		u.Path = path.Join(u.Path, key)
+		return u.String(), nil
+	}
+	return "", errors.New("failed to find key in response")
+}
+
+func redact(s string) string {
+	if !diagnosticsArgs.IncludeEndpoints {
+		return "{redacted}"
+	}
+	return s
+}
+
+func printHeader(w io.Writer, title string) {
+	fmt.Fprintln(w, "\n|\n|", title)
+	fmt.Fprintln(w, "| ------------------------------")
+}
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -3,11 +3,21 @@ package cmd
 import (
 	"crypto/tls"
 	"fmt"
+	"github.com/NYTimes/logrotate"
+	"github.com/apex/log/handlers/multi"
+	"github.com/gammazero/workerpool"
+	"golang.org/x/crypto/acme"
 	"net/http"
 	"os"
 	"path"
+	"path/filepath"
 	"strings"

+	"github.com/apex/log"
+	"github.com/mitchellh/colorstring"
+	"github.com/pterodactyl/wings/loggers/cli"
+	"golang.org/x/crypto/acme/autocert"
+
 	"github.com/pkg/errors"
 	"github.com/pkg/profile"
 	"github.com/pterodactyl/wings/config"
@@ -16,28 +26,39 @@ import (
 	"github.com/pterodactyl/wings/server"
 	"github.com/pterodactyl/wings/sftp"
 	"github.com/pterodactyl/wings/system"
-	"github.com/remeh/sizedwaitgroup"
 	"github.com/spf13/cobra"
-	"go.uber.org/zap"
 )

 var configPath = config.DefaultLocation
 var debug = false
 var shouldRunProfiler = false
+var useAutomaticTls = false
+var tlsHostname = ""
+var showVersion = false

 var root = &cobra.Command{
 	Use:   "wings",
 	Short: "The wings of the pterodactyl game management panel",
 	Long:  ``,
-	Run:   rootCmdRun,
+	PreRun: func(cmd *cobra.Command, args []string) {
+		if useAutomaticTls && len(tlsHostname) == 0 {
+			fmt.Println("A TLS hostname must be provided when running wings with automatic TLS, e.g.:\n\n    ./wings --auto-tls --tls-hostname my.example.com")
+			os.Exit(1)
+		}
+	},
+	Run: rootCmdRun,
 }

 func init() {
+	root.PersistentFlags().BoolVar(&showVersion, "version", false, "show the version and exit")
 	root.PersistentFlags().StringVar(&configPath, "config", config.DefaultLocation, "set the location for the configuration file")
 	root.PersistentFlags().BoolVar(&debug, "debug", false, "pass in order to run wings in debug mode")
 	root.PersistentFlags().BoolVar(&shouldRunProfiler, "profile", false, "pass in order to profile wings")
+	root.PersistentFlags().BoolVar(&useAutomaticTls, "auto-tls", false, "pass in order to have wings generate and manage it's own SSL certificates using Let's Encrypt")
+	root.PersistentFlags().StringVar(&tlsHostname, "tls-hostname", "", "required with --auto-tls, the FQDN for the generated SSL certificate")

 	root.AddCommand(configureCmd)
+	root.AddCommand(diagnosticsCmd)
 }

 // Get the configuration path based on the arguments provided.
@@ -62,11 +83,27 @@ func readConfiguration() (*config.Configuration, error) {
 }

 func rootCmdRun(*cobra.Command, []string) {
-	// Profile wings in production!!!!
+	if showVersion {
+		fmt.Println(system.Version)
+		os.Exit(0)
+	}
+
 	if shouldRunProfiler {
 		defer profile.Start().Stop()
 	}

+	// Only attempt configuration file relocation if a custom location has not
+	// been specified in the command startup.
+	if configPath == config.DefaultLocation {
+		if err := RelocateConfiguration(); err != nil {
+			if os.IsNotExist(err) {
+				exitWithConfigurationNotice()
+			}
+
+			panic(err)
+		}
+	}
+
 	c, err := readConfiguration()
 	if err != nil {
 		panic(err)
@@ -77,14 +114,14 @@ func rootCmdRun(*cobra.Command, []string) {
 	}

 	printLogo()
-	if err := configureLogging(c.Debug); err != nil {
+	if err := configureLogging(c.System.LogDirectory, c.Debug); err != nil {
 		panic(err)
 	}

-	zap.S().Infof("using configuration from path: %s", c.GetPath())
+	log.WithField("path", c.GetPath()).Info("loading configuration from path")
 	if c.Debug {
-		zap.S().Debugw("running in debug mode")
-		zap.S().Infow("certificate checking is disabled")
+		log.Debug("running in debug mode")
+		log.Warn("certificate checking is disabled")

 		http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{
 			InsecureSkipVerify: true,
@@ -95,65 +132,65 @@ func rootCmdRun(*cobra.Command, []string) {
 	config.SetDebugViaFlag(debug)

 	if err := c.System.ConfigureDirectories(); err != nil {
-		zap.S().Panicw("failed to configure system directories for pterodactyl", zap.Error(err))
+		log.WithField("error", err).Fatal("failed to configure system directories for pterodactyl")
 		return
 	}

-	zap.S().Infof("checking for pterodactyl system user \"%s\"", c.System.Username)
+	if err := c.System.EnableLogRotation(); err != nil {
+		log.WithField("error", err).Fatal("failed to configure log rotation on the system")
+		return
+	}
+
+	log.WithField("username", c.System.Username).Info("checking for pterodactyl system user")
 	if su, err := c.EnsurePterodactylUser(); err != nil {
-		zap.S().Panicw("failed to create pterodactyl system user", zap.Error(err))
+		log.WithField("error", err).Fatal("failed to create pterodactyl system user")
 		return
 	} else {
-		zap.S().Infow("configured system user", zap.String("username", su.Username), zap.String("uid", su.Uid), zap.String("gid", su.Gid))
-	}
-
-	zap.S().Infow("beginning file permission setting on server data directories")
-	if err := c.EnsureFilePermissions(); err != nil {
-		zap.S().Errorw("failed to properly chown data directories", zap.Error(err))
-	} else {
-		zap.S().Infow("finished ensuring file permissions")
+		log.WithFields(log.Fields{
+			"username": su.Username,
+			"uid":      su.Uid,
+			"gid":      su.Gid,
+		}).Info("configured system user successfully")
 	}

 	if err := server.LoadDirectory(); err != nil {
-		zap.S().Fatalw("failed to load server configurations", zap.Error(errors.WithStack(err)))
+		log.WithField("error", err).Fatal("failed to load server configurations")
 		return
 	}

 	if err := environment.ConfigureDocker(&c.Docker); err != nil {
-		zap.S().Fatalw("failed to configure docker environment", zap.Error(errors.WithStack(err)))
-		os.Exit(1)
+		log.WithField("error", err).Fatal("failed to configure docker environment")
+		return
 	}

 	if err := c.WriteToDisk(); err != nil {
-		zap.S().Errorw("failed to save configuration to disk", zap.Error(errors.WithStack(err)))
+		log.WithField("error", err).Error("failed to save configuration to disk")
 	}

 	// Just for some nice log output.
 	for _, s := range server.GetServers().All() {
-		zap.S().Infow("loaded configuration for server", zap.String("server", s.Uuid))
+		log.WithField("server", s.Id()).Info("loaded configuration for server")
 	}

-	// Create a new WaitGroup that limits us to 4 servers being bootstrapped at a time
+	// Create a new workerpool that limits us to 4 servers being bootstrapped at a time
 	// on Wings. This allows us to ensure the environment exists, write configurations,
 	// and reboot processes without causing a slow-down due to sequential booting.
-	wg := sizedwaitgroup.New(4)
+	pool := workerpool.New(4)

 	for _, serv := range server.GetServers().All() {
-		wg.Add()
-
-		go func(s *server.Server) {
-			defer wg.Done()
+		s := serv

+		pool.Submit(func() {
+			s.Log().Info("ensuring server environment exists")
 			// Create a server environment if none exists currently. This allows us to recover from Docker
 			// being reinstalled on the host system for example.
-			zap.S().Infow("ensuring environment exists", zap.String("server", s.Uuid))
 			if err := s.Environment.Create(); err != nil {
-				zap.S().Errorw("failed to create an environment for server", zap.String("server", s.Uuid), zap.Error(err))
+				s.Log().WithField("error", err).Error("failed to process environment")
 			}

 			r, err := s.Environment.IsRunning()
 			if err != nil {
-				zap.S().Errorw("error checking server environment status", zap.String("server", s.Uuid), zap.Error(err))
+				s.Log().WithField("error", err).Error("error checking server environment status")
 			}

 			// If the server is currently running on Docker, mark the process as being in that state.
@@ -163,13 +200,11 @@ func rootCmdRun(*cobra.Command, []string) {
 			// This will also validate that a server process is running if the last tracked state we have
 			// is that it was running, but we see that the container process is not currently running.
 			if r || (!r && s.IsRunning()) {
-				zap.S().Infow("detected server is running, re-attaching to process", zap.String("server", s.Uuid))
-				if err := s.Environment.Start(); err != nil {
-					zap.S().Warnw(
-						"failed to properly start server detected as already running",
-						zap.String("server", s.Uuid),
-						zap.Error(errors.WithStack(err)),
-					)
+				s.Log().Info("detected server is running, re-attaching to process...")
+
+				s.SetState(environment.ProcessRunningState)
+				if err := s.Environment.Attach(); err != nil {
+					s.Log().WithField("error", errors.WithStack(err)).Warn("failed to attach to running server environment")
 				}

 				return
@@ -177,41 +212,121 @@ func rootCmdRun(*cobra.Command, []string) {

 			// Addresses potentially invalid data in the stored file that can cause Wings to lose
 			// track of what the actual server state is.
-			s.SetState(server.ProcessOfflineState)
-		}(serv)
+			_ = s.SetState(environment.ProcessOfflineState)
+		})
 	}

-	// Wait until all of the servers are ready to go before we fire up the HTTP server.
-	wg.Wait()
+	// Wait until all of the servers are ready to go before we fire up the SFTP and HTTP servers.
+	pool.StopWait()

-	// If the SFTP subsystem should be started, do so now.
-	if c.System.Sftp.UseInternalSystem {
-		sftp.Initialize(c)
+	// Initialize the SFTP server.
+	if err := sftp.Initialize(c.System); err != nil {
+		log.WithError(err).Fatal("failed to initialize the sftp server")
+		return
 	}

 	// Ensure the archive directory exists.
 	if err := os.MkdirAll(c.System.ArchiveDirectory, 0755); err != nil {
-		zap.S().Errorw("failed to create archive directory", zap.Error(err))
+		log.WithField("error", err).Error("failed to create archive directory")
 	}

 	// Ensure the backup directory exists.
 	if err := os.MkdirAll(c.System.BackupDirectory, 0755); err != nil {
-		zap.S().Errorw("failed to create backup directory", zap.Error(err))
+		log.WithField("error", err).Error("failed to create backup directory")
 	}

-	zap.S().Infow("configuring webserver", zap.Bool("ssl", c.Api.Ssl.Enabled), zap.String("host", c.Api.Host), zap.Int("port", c.Api.Port))
+	log.WithFields(log.Fields{
+		"use_ssl":      c.Api.Ssl.Enabled,
+		"use_auto_tls": useAutomaticTls && len(tlsHostname) > 0,
+		"host_address": c.Api.Host,
+		"host_port":    c.Api.Port,
+	}).Info("configuring internal webserver")

+	// Configure the router.
 	r := router.Configure()
-	addr := fmt.Sprintf("%s:%d", c.Api.Host, c.Api.Port)

+	s := &http.Server{
+		Addr:    fmt.Sprintf("%s:%d", c.Api.Host, c.Api.Port),
+		Handler: r,
+
+		TLSConfig: &tls.Config{
+			NextProtos: []string{
+				"h2", // enable HTTP/2
+				"http/1.1",
+			},
+
+			// https://blog.cloudflare.com/exposing-go-on-the-internet
+			CipherSuites: []uint16{
+				tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+
+				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+
+				tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+
+				tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+			},
+
+			PreferServerCipherSuites: true,
+
+			MinVersion: tls.VersionTLS12,
+			MaxVersion: tls.VersionTLS13,
+
+			CurvePreferences: []tls.CurveID{
+				tls.X25519,
+				tls.CurveP256,
+			},
+			// END https://blog.cloudflare.com/exposing-go-on-the-internet
+		},
+	}
+
+	// Check if the server should run with TLS but using autocert.
+	if useAutomaticTls && len(tlsHostname) > 0 {
+		m := autocert.Manager{
+			Prompt:     autocert.AcceptTOS,
+			Cache:      autocert.DirCache(path.Join(c.System.RootDirectory, "/.tls-cache")),
+			HostPolicy: autocert.HostWhitelist(tlsHostname),
+		}
+
+		log.WithField("hostname", tlsHostname).
+			Info("webserver is now listening with auto-TLS enabled; certificates will be automatically generated by Let's Encrypt")
+
+		// Hook autocert into the main http server.
+		s.TLSConfig.GetCertificate = m.GetCertificate
+		s.TLSConfig.NextProtos = append(s.TLSConfig.NextProtos, acme.ALPNProto) // enable tls-alpn ACME challenges
+
+		// Start the autocert server.
+		go func() {
+			if err := http.ListenAndServe(":http", m.HTTPHandler(nil)); err != nil {
+				log.WithError(err).Error("failed to serve autocert http server")
+			}
+		}()
+
+		// Start the main http server with TLS using autocert.
+		if err := s.ListenAndServeTLS("", ""); err != nil {
+			log.WithFields(log.Fields{"auto_tls": true, "tls_hostname": tlsHostname, "error": err}).
+				Fatal("failed to configure HTTP server using auto-tls")
+			os.Exit(1)
+		}
+
+		return
+	}
+
+	// Check if main http server should run with TLS.
 	if c.Api.Ssl.Enabled {
-		if err := r.RunTLS(addr, c.Api.Ssl.CertificateFile, c.Api.Ssl.KeyFile); err != nil {
-			zap.S().Fatalw("failed to configure HTTPS server", zap.Error(err))
-		}
-	} else {
-		if err := r.Run(addr); err != nil {
-			zap.S().Fatalw("failed to configure HTTP server", zap.Error(err))
+		if err := s.ListenAndServeTLS(c.Api.Ssl.CertificateFile, c.Api.Ssl.KeyFile); err != nil {
+			log.WithFields(log.Fields{"auto_tls": false, "error": err}).Fatal("failed to configure HTTPS server")
+			os.Exit(1)
 		}
+		return
+	}
+
+	// Run the main http server without TLS.
+	s.TLSConfig = nil
+	if err := s.ListenAndServe(); err != nil {
+		log.WithField("error", err).Fatal("failed to configure HTTP server")
+		os.Exit(1)
 	}
 }

@@ -222,40 +337,70 @@ func Execute() error {

 // Configures the global logger for Zap so that we can call it from any location
 // in the code without having to pass around a logger instance.
-func configureLogging(debug bool) error {
-	cfg := zap.NewProductionConfig()
-	if debug {
-		cfg = zap.NewDevelopmentConfig()
+func configureLogging(logDir string, debug bool) error {
+	if err := os.MkdirAll(path.Join(logDir, "/install"), 0700); err != nil {
+		return errors.WithStack(err)
 	}

-	cfg.Encoding = "console"
-	cfg.OutputPaths = []string{
-		"stdout",
-	}
-
-	logger, err := cfg.Build()
+	p := filepath.Join(logDir, "/wings.log")
+	w, err := logrotate.NewFile(p)
 	if err != nil {
-		return err
+		panic(errors.Wrap(err, "failed to open process log file"))
 	}

-	zap.ReplaceGlobals(logger)
+	if debug {
+		log.SetLevel(log.DebugLevel)
+	} else {
+		log.SetLevel(log.InfoLevel)
+	}
+
+	log.SetHandler(multi.New(
+		cli.Default,
+		cli.New(w.File, false),
+	))
+
+	log.WithField("path", p).Info("writing log files to disk")

 	return nil
 }

 // Prints the wings logo, nothing special here!
 func printLogo() {
-	fmt.Println()
-	fmt.Println(`                     ____`)
-	fmt.Println(`__ Pterodactyl _____/___/_______ _______ ______`)
-	fmt.Println(`\_____\    \/\/    /   /       /  __   /   ___/`)
-	fmt.Println(`   \___\          /   /   /   /  /_/  /___   /`)
-	fmt.Println(`        \___/\___/___/___/___/___    /______/`)
-	fmt.Println(`                            /_______/ v` + system.Version)
-	fmt.Println()
-	fmt.Println(`Website: https://pterodactyl.io`)
-	fmt.Println(`Source: https://github.com/pterodactyl/wings`)
-	fmt.Println()
-	fmt.Println(`Copyright © 2018 - 2020 Dane Everitt & Contributors`)
-	fmt.Println()
+	fmt.Printf(colorstring.Color(`
+                     ____
+__ [blue][bold]Pterodactyl[reset] _____/___/_______ _______ ______
+\_____\    \/\/    /   /       /  __   /   ___/
+   \___\          /   /   /   /  /_/  /___   /
+        \___/\___/___/___/___/___    /______/
+                            /_______/ [bold]v%s[reset]
+
+Copyright © 2018 - 2020 Dane Everitt & Contributors
+
+Website:  https://pterodactyl.io
+ Source:  https://github.com/pterodactyl/wings
+License:  https://github.com/pterodactyl/wings/blob/develop/LICENSE
+
+This software is made available under the terms of the MIT license.
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.%s`), system.Version, "\n\n")
+}
+
+func exitWithConfigurationNotice() {
+	fmt.Print(colorstring.Color(`
+[_red_][white][bold]Error: Configuration File Not Found[reset]
+
+Wings was not able to locate your configuration file, and therefore is not
+able to complete its boot process.
+
+Please ensure you have copied your instance configuration file into
+the default location, or have provided the --config flag to use a
+custom location.
+
+Default Location: /etc/pterodactyl/config.yml
+
+[yellow]This is not a bug with this software. Please do not make a bug report
+for this issue, it will be closed.[reset]
+
+`))
+	os.Exit(1)
 }
--- a/config/config.go
+++ b/config/config.go
@@ -1,25 +1,22 @@
 package config

 import (
-	"errors"
 	"fmt"
 	"github.com/cobaugh/osrelease"
 	"github.com/creasty/defaults"
 	"github.com/gbrlsnchs/jwt/v3"
-	"go.uber.org/zap"
+	"github.com/pkg/errors"
 	"gopkg.in/yaml.v2"
 	"io/ioutil"
 	"os"
 	"os/exec"
 	"os/user"
-	"path"
-	"regexp"
 	"strconv"
 	"strings"
 	"sync"
 )

-const DefaultLocation = "/var/lib/pterodactyl/config.yml"
+const DefaultLocation = "/etc/pterodactyl/config.yml"

 type Configuration struct {
 	sync.RWMutex `json:"-" yaml:"-"`
@@ -46,9 +43,9 @@ type Configuration struct {
 	// validate against it.
 	AuthenticationToken string `json:"token" yaml:"token"`

-	Api    ApiConfiguration
-	System SystemConfiguration
-	Docker DockerConfiguration
+	Api    ApiConfiguration    `json:"api" yaml:"api"`
+	System SystemConfiguration `json:"system" yaml:"system"`
+	Docker DockerConfiguration `json:"docker" yaml:"docker"`

 	// The amount of time in seconds that should elapse between disk usage checks
 	// run by the daemon. Setting a higher number can result in better IO performance
@@ -58,35 +55,24 @@ type Configuration struct {

 	// Defines internal throttling configurations for server processes to prevent
 	// someone from running an endless loop that spams data to logs.
-	Throttles struct {
-		// The number of data overage warnings (inclusive) that can accumulate
-		// before a process is terminated.
-		KillAtCount int `default:"5" yaml:"kill_at_count"`
-
-		// The number of seconds that must elapse before the internal counter
-		// begins decrementing warnings assigned to a process that is outputting
-		// too much data.
-		DecaySeconds int `default:"10" json:"decay" yaml:"decay"`
-
-		// The total number of bytes allowed to be output by a server process
-		// per interval.
-		BytesPerInterval int `default:"4096" json:"bytes" yaml:"bytes"`
-
-		// The amount of time that should lapse between data output throttle
-		// checks. This should be defined in milliseconds.
-		CheckInterval int `default:"100" yaml:"check_interval"`
-	}
+	Throttles ConsoleThrottles

 	// The location where the panel is running that this daemon should connect to
 	// to collect data and send events.
 	PanelLocation string `json:"remote" yaml:"remote"`
+
+	// AllowedMounts is a list of allowed host-system mount points.
+	// This is required to have the "Server Mounts" feature work properly.
+	AllowedMounts []string `json:"allowed_mounts" yaml:"allowed_mounts"`
+
+	// AllowedOrigins is a list of allowed request origins.
+	// The Panel URL is automatically allowed, this is only needed for adding
+	// additional origins.
+	AllowedOrigins []string `json:"allowed_origins" yaml:"allowed_origins"`
 }

 // Defines the configuration of the internal SFTP server.
 type SftpConfiguration struct {
-	// If set to false, the internal SFTP server will not be booted and you will need
-	// to run the SFTP server independent of this program.
-	UseInternalSystem bool `default:"true" json:"use_internal" yaml:"use_internal"`
 	// If set to true disk checking will not be performed. This will prevent the SFTP
 	// server from checking the total size of a directory when uploading files.
 	DisableDiskChecking bool `default:"false" yaml:"disable_disk_checking"`
@@ -135,7 +121,7 @@ func ReadConfiguration(path string) (*Configuration, error) {
 	}

 	// Track the location where we created this configuration.
-	c.path = path
+	c.unsafeSetPath(path)

 	// Replace environment variables within the configuration file with their
 	// values from the host system.
@@ -148,7 +134,7 @@ func ReadConfiguration(path string) (*Configuration, error) {
 	return c, nil
 }

-var Mutex sync.RWMutex
+var mu sync.RWMutex

 var _config *Configuration
 var _jwtAlgo *jwt.HMACSHA
@@ -158,14 +144,14 @@ var _debugViaFlag bool
 // anything trying to set a different configuration value, or read the configuration
 // will be paused until it is complete.
 func Set(c *Configuration) {
-	Mutex.Lock()
+	mu.Lock()

 	if _config == nil || _config.AuthenticationToken != c.AuthenticationToken {
 		_jwtAlgo = jwt.NewHS256([]byte(c.AuthenticationToken))
 	}

 	_config = c
-	Mutex.Unlock()
+	mu.Unlock()
 }

 func SetDebugViaFlag(d bool) {
@@ -175,22 +161,46 @@ func SetDebugViaFlag(d bool) {
 // Get the global configuration instance. This is a read-safe operation that will block
 // if the configuration is presently being modified.
 func Get() *Configuration {
-	Mutex.RLock()
-	defer Mutex.RUnlock()
+	mu.RLock()
+	defer mu.RUnlock()

 	return _config
 }

 // Returns the in-memory JWT algorithm.
 func GetJwtAlgorithm() *jwt.HMACSHA {
-	Mutex.RLock()
-	defer Mutex.RUnlock()
+	mu.RLock()
+	defer mu.RUnlock()

 	return _jwtAlgo
 }

+// Create a new struct and set the path where it should be stored.
+func NewFromPath(path string) (*Configuration, error) {
+	c := new(Configuration)
+	if err := defaults.Set(c); err != nil {
+		return c, errors.WithStack(err)
+	}
+
+	c.unsafeSetPath(path)
+
+	return c, nil
+}
+
+// Sets the path where the configuration file is located on the server. This function should
+// not be called except by processes that are generating the configuration such as the configuration
+// command shipped with this software.
+func (c *Configuration) unsafeSetPath(path string) {
+	c.Lock()
+	c.path = path
+	c.Unlock()
+}
+
 // Returns the path for this configuration file.
 func (c *Configuration) GetPath() string {
+	c.RLock()
+	defer c.RUnlock()
+
 	return c.path
 }

@@ -207,12 +217,12 @@ func (c *Configuration) EnsurePterodactylUser() (*user.User, error) {
 	if err == nil {
 		return u, c.setSystemUser(u)
 	} else if _, ok := err.(user.UnknownUserError); !ok {
-		return nil, err
+		return nil, errors.WithStack(err)
 	}

 	sysName, err := getSystemName()
 	if err != nil {
-		return nil, err
+		return nil, errors.WithStack(err)
 	}

 	var command = fmt.Sprintf("useradd --system --no-create-home --shell /bin/false %s", c.System.Username)
@@ -225,17 +235,17 @@ func (c *Configuration) EnsurePterodactylUser() (*user.User, error) {
 		// We have to create the group first on Alpine, so do that here before continuing on
 		// to the user creation process.
 		if _, err := exec.Command("addgroup", "-S", c.System.Username).Output(); err != nil {
-			return nil, err
+			return nil, errors.WithStack(err)
 		}
 	}

 	split := strings.Split(command, " ")
 	if _, err := exec.Command(split[0], split[1:]...).Output(); err != nil {
-		return nil, err
+		return nil, errors.WithStack(err)
 	}

 	if u, err := user.Lookup(c.System.Username); err != nil {
-		return nil, err
+		return nil, errors.WithStack(err)
 	} else {
 		return u, c.setSystemUser(u)
 	}
@@ -248,71 +258,22 @@ func (c *Configuration) setSystemUser(u *user.User) error {
 	gid, _ := strconv.Atoi(u.Gid)

 	c.Lock()
-	defer c.Unlock()
-
 	c.System.Username = u.Username
 	c.System.User.Uid = uid
 	c.System.User.Gid = gid
+	c.Unlock()

 	return c.WriteToDisk()
 }

-// Ensures that the configured data directory has the correct permissions assigned to
-// all of the files and folders within.
-func (c *Configuration) EnsureFilePermissions() error {
-	// Don't run this unless it is configured to be run. On large system this can often slow
-	// things down dramatically during the boot process.
-	if !c.System.SetPermissionsOnBoot {
-		return nil
-	}
-
-	r := regexp.MustCompile("^[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12}$")
-
-	files, err := ioutil.ReadDir(c.System.Data)
-	if err != nil {
-		return err
-	}
-
-	su, err := user.Lookup(c.System.Username)
-	if err != nil {
-		return err
-	}
-
-	wg := new(sync.WaitGroup)
-
-	for _, file := range files {
-		wg.Add(1)
-
-		// Asynchronously run through the list of files and folders in the data directory. If
-		// the item is not a folder, or is not a folder that matches the expected UUIDv4 format
-		// skip over it.
-		//
-		// If we do have a positive match, run a chown against the directory.
-		go func(f os.FileInfo) {
-			defer wg.Done()
-
-			if !f.IsDir() || !r.MatchString(f.Name()) {
-				return
-			}
-
-			uid, _ := strconv.Atoi(su.Uid)
-			gid, _ := strconv.Atoi(su.Gid)
-
-			if err := os.Chown(path.Join(c.System.Data, f.Name()), uid, gid); err != nil {
-				zap.S().Warnw("failed to chown server directory", zap.String("directory", f.Name()), zap.Error(err))
-			}
-		}(file)
-	}
-
-	wg.Wait()
-
-	return nil
-}
-
 // Writes the configuration to the disk as a blocking operation by obtaining an exclusive
 // lock on the file. This prevents something else from writing at the exact same time and
 // leading to bad data conditions.
 func (c *Configuration) WriteToDisk() error {
+	// Obtain an exclusive write against the configuration file.
+	c.writeLock.Lock()
+	defer c.writeLock.Unlock()
+
 	ccopy := *c
 	// If debugging is set with the flag, don't save that to the configuration file, otherwise
 	// you'll always end up in debug mode.
@@ -326,15 +287,11 @@ func (c *Configuration) WriteToDisk() error {

 	b, err := yaml.Marshal(&ccopy)
 	if err != nil {
-		return err
+		return errors.WithStack(err)
 	}

-	// Obtain an exclusive write against the configuration file.
-	c.writeLock.Lock()
-	defer c.writeLock.Unlock()
-
 	if err := ioutil.WriteFile(c.GetPath(), b, 0644); err != nil {
-		return err
+		return errors.WithStack(err)
 	}

 	return nil
@@ -344,7 +301,7 @@ func (c *Configuration) WriteToDisk() error {
 func getSystemName() (string, error) {
 	// use osrelease to get release version and ID
 	if release, err := osrelease.Read(); err != nil {
-		return "", err
+		return "", errors.WithStack(err)
 	} else {
 		return release["ID"], nil
 	}
--- a/config/config_docker.go
+++ b/config/config_docker.go
@@ -1,5 +1,12 @@
 package config

+import (
+	"encoding/base64"
+	"encoding/json"
+	"github.com/docker/docker/api/types"
+	"github.com/pkg/errors"
+)
+
 type dockerNetworkInterfaces struct {
 	V4 struct {
 		Subnet  string `default:"172.18.0.0/16"`
@@ -15,7 +22,7 @@ type dockerNetworkInterfaces struct {
 type DockerNetworkConfiguration struct {
 	// The interface that should be used to create the network. Must not conflict
 	// with any other interfaces in use by Docker or on the system.
-	Interface string `default:"172.18.0.1"`
+	Interface string `default:"172.18.0.1" json:"interface" yaml:"interface"`

 	// The DNS settings for containers.
 	Dns []string `default:"[\"1.1.1.1\", \"1.0.0.1\"]"`
@@ -26,6 +33,7 @@ type DockerNetworkConfiguration struct {
 	Name       string                  `default:"pterodactyl_nw"`
 	ISPN       bool                    `default:"false" yaml:"ispn"`
 	Driver     string                  `default:"bridge"`
+	Mode       string                  `default:"pterodactyl_nw" yaml:"network_mode"`
 	IsInternal bool                    `default:"false" yaml:"is_internal"`
 	EnableICC  bool                    `default:"true" yaml:"enable_icc"`
 	Interfaces dockerNetworkInterfaces `yaml:"interfaces"`
@@ -38,15 +46,47 @@ type DockerConfiguration struct {
 	// for containers run through the daemon.
 	Network DockerNetworkConfiguration `json:"network" yaml:"network"`

+	// Domainname is the Docker domainname for all containers.
+	Domainname string `default:"" json:"domainname" yaml:"domainname"`
+
 	// If true, container images will be updated when a server starts if there
 	// is an update available. If false the daemon will not attempt updates and will
 	// defer to the host system to manage image updates.
 	UpdateImages bool `default:"true" json:"update_images" yaml:"update_images"`

 	// The location of the Docker socket.
-	Socket string `default:"/var/run/docker.sock"`
+	Socket string `default:"/var/run/docker.sock" json:"socket" yaml:"socket"`

 	// Defines the location of the timezone file on the host system that should
 	// be mounted into the created containers so that they all use the same time.
 	TimezonePath string `default:"/etc/timezone" json:"timezone_path" yaml:"timezone_path"`
+
+	// Registries .
+	Registries map[string]RegistryConfiguration `json:"registries" yaml:"registries"`
+
+	// The size of the /tmp directory when mounted into a container. Please be aware that Docker
+	// utilizes host memory for this value, and that we do not keep track of the space used here
+	// so avoid allocating too much to a server.
+	TmpfsSize uint `default:"100" json:"tmpfs_size" yaml:"tmpfs_size"`
+}
+
+// RegistryConfiguration .
+type RegistryConfiguration struct {
+	Username string `yaml:"username"`
+	Password string `yaml:"password"`
+}
+
+// Base64 .
+func (c RegistryConfiguration) Base64() (string, error) {
+	authConfig := types.AuthConfig{
+		Username: c.Username,
+		Password: c.Password,
+	}
+
+	b, err := json.Marshal(authConfig)
+	if err != nil {
+		return "", errors.WithStack(err)
+	}
+
+	return base64.URLEncoding.EncodeToString(b), nil
 }
--- a/config/config_system.go
+++ b/config/config_system.go
@@ -1,9 +1,12 @@
 package config

 import (
-	"go.uber.org/zap"
+	"github.com/apex/log"
+	"github.com/pkg/errors"
+	"html/template"
 	"os"
 	"path"
+	"path/filepath"
 )

 // Defines basic system configuration settings.
@@ -33,51 +36,59 @@ type SystemConfiguration struct {
 		Gid int
 	}

-	// Determines if permissions for a server should be set automatically on
-	// daemon boot. This can take a long time on systems with many servers, or on
-	// systems with servers containing thousands of files.
-	//
-	// Setting this to true by default helps us avoid a lot of support requests
-	// from people that keep trying to move files around as a root user leading
-	// to server permission issues.
-	//
-	// In production and heavy use environments where boot speed is essential,
-	// this should be set to false as servers will self-correct permissions on
-	// boot anyways.
-	SetPermissionsOnBoot bool `default:"true" yaml:"set_permissions_on_boot"`
-
 	// Determines if Wings should detect a server that stops with a normal exit code of
 	// "0" as being crashed if the process stopped without any Wings interaction. E.g.
 	// the user did not press the stop button, but the process stopped cleanly.
 	DetectCleanExitAsCrash bool `default:"true" yaml:"detect_clean_exit_as_crash"`

-	Sftp *SftpConfiguration `yaml:"sftp"`
+	// If set to true, file permissions for a server will be checked when the process is
+	// booted. This can cause boot delays if the server has a large amount of files. In most
+	// cases disabling this should not have any major impact unless external processes are
+	// frequently modifying a servers' files.
+	CheckPermissionsOnBoot bool `default:"true" yaml:"check_permissions_on_boot"`
+
+	// If set to false Wings will not attempt to write a log rotate configuration to the disk
+	// when it boots and one is not detected.
+	EnableLogRotate bool `default:"true" yaml:"enable_log_rotate"`
+
+	Sftp SftpConfiguration `yaml:"sftp"`
 }

 // Ensures that all of the system directories exist on the system. These directories are
 // created so that only the owner can read the data, and no other users.
 func (sc *SystemConfiguration) ConfigureDirectories() error {
-	zap.S().Debugw("ensuring root data directory exists", zap.String("path", sc.RootDirectory))
+	log.WithField("path", sc.RootDirectory).Debug("ensuring root data directory exists")
 	if err := os.MkdirAll(sc.RootDirectory, 0700); err != nil {
 		return err
 	}

-	zap.S().Debugw("ensuring log directory exists", zap.String("path", sc.LogDirectory))
-	if err := os.MkdirAll(path.Join(sc.LogDirectory, "/install"), 0700); err != nil {
-		return err
+	// There are a non-trivial number of users out there whose data directories are actually a
+	// symlink to another location on the disk. If we do not resolve that final destination at this
+	// point things will appear to work, but endless errors will be encountered when we try to
+	// verify accessed paths since they will all end up resolving outside the expected data directory.
+	//
+	// For the sake of automating away as much of this as possible, see if the data directory is a
+	// symlink, and if so resolve to its final real path, and then update the configuration to use
+	// that.
+	if d, err := filepath.EvalSymlinks(sc.Data); err != nil {
+		if !os.IsNotExist(err) {
+			return errors.WithStack(err)
+		}
+	} else if d != sc.Data {
+		sc.Data = d
 	}

-	zap.S().Debugw("ensuring server data directory exists", zap.String("path", sc.Data))
+	log.WithField("path", sc.Data).Debug("ensuring server data directory exists")
 	if err := os.MkdirAll(sc.Data, 0700); err != nil {
 		return err
 	}

-	zap.S().Debugw("ensuring archive data directory exists", zap.String("path", sc.ArchiveDirectory))
+	log.WithField("path", sc.ArchiveDirectory).Debug("ensuring archive data directory exists")
 	if err := os.MkdirAll(sc.ArchiveDirectory, 0700); err != nil {
 		return err
 	}

-	zap.S().Debugw("ensuring backup data directory exists", zap.String("path", sc.BackupDirectory))
+	log.WithField("path", sc.BackupDirectory).Debug("ensuring backup data directory exists")
 	if err := os.MkdirAll(sc.BackupDirectory, 0700); err != nil {
 		return err
 	}
@@ -85,6 +96,47 @@ func (sc *SystemConfiguration) ConfigureDirectories() error {
 	return nil
 }

+// Writes a logrotate file for wings to the system logrotate configuration directory if one
+// exists and a logrotate file is not found. This allows us to basically automate away the log
+// rotation for most installs, but also enable users to make modifications on their own.
+func (sc *SystemConfiguration) EnableLogRotation() error {
+	// Do nothing if not enabled.
+	if sc.EnableLogRotate == false {
+		log.Info("skipping log rotate configuration, disabled in wings config file")
+
+		return nil
+	}
+
+	if st, err := os.Stat("/etc/logrotate.d"); err != nil && !os.IsNotExist(err) {
+		return errors.WithStack(err)
+	} else if (err != nil && os.IsNotExist(err)) || !st.IsDir() {
+		return nil
+	}
+
+	if _, err := os.Stat("/etc/logrotate.d/wings"); err != nil && !os.IsNotExist(err) {
+		return errors.WithStack(err)
+	} else if err == nil {
+		return nil
+	}
+
+	log.Info("no log rotation configuration found, system is configured to support it, adding file now")
+	// If we've gotten to this point it means the logrotate directory exists on the system
+	// but there is not a file for wings already. In that case, let us write a new file to
+	// it so files can be rotated easily.
+	f, err := os.Create("/etc/logrotate.d/wings")
+	if err != nil {
+		return errors.WithStack(err)
+	}
+	defer f.Close()
+
+	t, err := template.ParseFiles("templates/logrotate.tpl")
+	if err != nil {
+		return errors.WithStack(err)
+	}
+
+	return errors.Wrap(t.Execute(f, sc), "failed to write logrotate file to disk")
+}
+
 // Returns the location of the JSON file that tracks server states.
 func (sc *SystemConfiguration) GetStatesPath() string {
 	return path.Join(sc.RootDirectory, "states.json")
--- a/config/config_throttles.go
+++ b/config/config_throttles.go
@@ -0,0 +1,23 @@
+package config
+
+type ConsoleThrottles struct {
+	// Whether or not the throttler is enabled for this instance.
+	Enabled bool `json:"enabled" yaml:"enabled" default:"true"`
+
+	// The total number of throttle activations that must accumulate before a server is
+	// forcibly stopped for violating these limits.
+	KillAtCount uint64 `json:"kill_at_count" yaml:"kill_at_count" default:"5"`
+
+	// The amount of time in milliseconds that a server process must go through without
+	// triggering an output warning before the throttle activation count begins decreasing.
+	// This time is measured in milliseconds.
+	Decay uint64 `json:"decay" yaml:"decay" default:"10000"`
+
+	// The total number of lines that can be output in a given CheckInterval period before
+	// a warning is triggered and counted against the server.
+	Lines uint64 `json:"lines" yaml:"lines" default:"1000"`
+
+	// The amount of time that must pass between intervals before the count is reset. This
+	// value is in milliseconds.
+	CheckInterval uint64 `json:"check_interval" yaml:"check_interval" default:"100"`
+}
--- a/environment/allocations.go
+++ b/environment/allocations.go
@@ -0,0 +1,101 @@
+package environment
+
+import (
+	"fmt"
+	"github.com/docker/go-connections/nat"
+	"github.com/pterodactyl/wings/config"
+	"strconv"
+)
+
+// Defines the allocations available for a given server. When using the Docker environment
+// driver these correspond to mappings for the container that allow external connections.
+type Allocations struct {
+	// Defines the default allocation that should be used for this server. This is
+	// what will be used for {SERVER_IP} and {SERVER_PORT} when modifying configuration
+	// files or the startup arguments for a server.
+	DefaultMapping struct {
+		Ip   string `json:"ip"`
+		Port int    `json:"port"`
+	} `json:"default"`
+
+	// Mappings contains all of the ports that should be assigned to a given server
+	// attached to the IP they correspond to.
+	Mappings map[string][]int `json:"mappings"`
+}
+
+// Converts the server allocation mappings into a format that can be understood by Docker. While
+// we do strive to support multiple environments, using Docker's standardized format for the
+// bindings certainly makes life a little easier for managing things.
+//
+// You'll want to use DockerBindings() if you need to re-map 127.0.0.1 to the Docker interface.
+func (a *Allocations) Bindings() nat.PortMap {
+	var out = nat.PortMap{}
+
+	for ip, ports := range a.Mappings {
+		for _, port := range ports {
+			// Skip over invalid ports.
+			if port < 1 || port > 65535 {
+				continue
+			}
+
+			binding := []nat.PortBinding{
+				{
+					HostIP:   ip,
+					HostPort: strconv.Itoa(port),
+				},
+			}
+
+			out[nat.Port(fmt.Sprintf("%d/tcp", port))] = binding
+			out[nat.Port(fmt.Sprintf("%d/udp", port))] = binding
+		}
+	}
+
+	return out
+}
+
+// Returns the bindings for the server in a way that is supported correctly by Docker. This replaces
+// any reference to 127.0.0.1 with the IP of the pterodactyl0 network interface which will allow the
+// server to operate on a local address while still being accessible by other containers.
+func (a *Allocations) DockerBindings() nat.PortMap {
+	iface := config.Get().Docker.Network.Interface
+
+	out := a.Bindings()
+	// Loop over all of the bindings for this container, and convert any that reference 127.0.0.1
+	// to use the pterodactyl0 network interface IP, as that is the true local for what people are
+	// trying to do when creating servers.
+	for p, binds := range out {
+		for i, alloc := range binds {
+			if alloc.HostIP != "127.0.0.1" {
+				continue
+			}
+
+			// If using ISPN just delete the local allocation from the server.
+			if config.Get().Docker.Network.ISPN {
+				out[p] = append(out[p][:i], out[p][i+1:]...)
+			} else {
+				out[p][i] = nat.PortBinding{
+					HostIP:   iface,
+					HostPort: alloc.HostPort,
+				}
+			}
+		}
+	}
+
+	return out
+}
+
+// Converts the server allocation mappings into a PortSet that can be understood
+// by Docker. This formatting is slightly different than "Bindings" as it should
+// return an empty struct rather than a binding.
+//
+// To accomplish this, we'll just get the values from "DockerBindings" and then set them
+// to empty structs. Because why not.
+func (a *Allocations) Exposed() nat.PortSet {
+	var out = nat.PortSet{}
+
+	for port := range a.DockerBindings() {
+		out[port] = struct{}{}
+	}
+
+	return out
+}
--- a/environment/config.go
+++ b/environment/config.go
@@ -0,0 +1,77 @@
+package environment
+
+import (
+	"sync"
+)
+
+type Settings struct {
+	Mounts      []Mount
+	Allocations Allocations
+	Limits      Limits
+}
+
+// Defines the actual configuration struct for the environment with all of the settings
+// defined within it.
+type Configuration struct {
+	mu sync.RWMutex
+
+	environmentVariables []string
+	settings             Settings
+}
+
+// Returns a new environment configuration with the given settings and environment variables
+// defined within it.
+func NewConfiguration(s Settings, envVars []string) *Configuration {
+	return &Configuration{
+		environmentVariables: envVars,
+		settings:             s,
+	}
+}
+
+// Updates the settings struct for this environment on the fly. This allows modified servers to
+// automatically push those changes to the environment.
+func (c *Configuration) SetSettings(s Settings) {
+	c.mu.Lock()
+	c.settings = s
+	c.mu.Unlock()
+}
+
+// Updates the environment variables associated with this environment by replacing the entire
+// array of them with a new one.
+func (c *Configuration) SetEnvironmentVariables(ev []string) {
+	c.mu.Lock()
+	c.environmentVariables = ev
+	c.mu.Unlock()
+}
+
+// Returns the limits assigned to this environment.
+func (c *Configuration) Limits() Limits {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	return c.settings.Limits
+}
+
+// Returns the allocations associated with this environment.
+func (c *Configuration) Allocations() Allocations {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	return c.settings.Allocations
+}
+
+// Returns all of the mounts associated with this environment.
+func (c *Configuration) Mounts() []Mount {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	return c.settings.Mounts
+}
+
+// Returns the environment variables associated with this instance.
+func (c *Configuration) EnvironmentVariables() []string {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	return c.environmentVariables
+}
--- a/environment/docker.go
+++ b/environment/docker.go
@@ -2,12 +2,12 @@ package environment

 import (
 	"context"
+	"github.com/apex/log"

 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/network"
 	"github.com/docker/docker/client"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
 )

 // Configures the required network for the docker environment.
@@ -20,10 +20,10 @@ func ConfigureDocker(c *config.DockerConfiguration) error {

 	resource, err := cli.NetworkInspect(context.Background(), c.Network.Name, types.NetworkInspectOptions{})
 	if err != nil && client.IsErrNotFound(err) {
-		zap.S().Infow("creating missing pterodactyl0 interface, this could take a few seconds...")
+		log.Info("creating missing pterodactyl0 interface, this could take a few seconds...")
 		return createDockerNetwork(cli, c)
 	} else if err != nil {
-		zap.S().Fatalw("failed to create required docker network for containers", zap.Error(err))
+		log.WithField("error", err).Fatal("failed to create required docker network for containers")
 	}

 	switch resource.Driver {
--- a/environment/docker/console.go
+++ b/environment/docker/console.go
@@ -0,0 +1,20 @@
+package docker
+
+import "io"
+
+type Console struct {
+	HandlerFunc *func(string)
+}
+
+var _ io.Writer = Console{}
+
+func (c Console) Write(b []byte) (int, error) {
+	if c.HandlerFunc != nil {
+		l := make([]byte, len(b))
+		copy(l, b)
+
+		(*c.HandlerFunc)(string(l))
+	}
+
+	return len(b), nil
+}
--- a/environment/docker/container.go
+++ b/environment/docker/container.go
@@ -0,0 +1,385 @@
+package docker
+
+import (
+	"bufio"
+	"context"
+	"fmt"
+	"github.com/apex/log"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/api/types/mount"
+	"github.com/docker/docker/client"
+	"github.com/docker/docker/daemon/logger/jsonfilelog"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/config"
+	"github.com/pterodactyl/wings/environment"
+	"io"
+	"strconv"
+	"strings"
+	"time"
+)
+
+// Attaches to the docker container itself and ensures that we can pipe data in and out
+// of the process stream. This should not be used for reading console data as you *will*
+// miss important output at the beginning because of the time delay with attaching to the
+// output.
+func (e *Environment) Attach() error {
+	if e.IsAttached() {
+		return nil
+	}
+
+	if err := e.followOutput(); err != nil {
+		return errors.WithStack(err)
+	}
+
+	opts := types.ContainerAttachOptions{
+		Stdin:  true,
+		Stdout: true,
+		Stderr: true,
+		Stream: true,
+	}
+
+	// Set the stream again with the container.
+	if st, err := e.client.ContainerAttach(context.Background(), e.Id, opts); err != nil {
+		return errors.WithStack(err)
+	} else {
+		e.SetStream(&st)
+	}
+
+	c := new(Console)
+	go func(console *Console) {
+		ctx, cancel := context.WithCancel(context.Background())
+
+		defer cancel()
+		defer e.stream.Close()
+		defer func() {
+			e.setState(environment.ProcessOfflineState)
+			e.SetStream(nil)
+		}()
+
+		// Poll resources in a separate thread since this will block the copy call below
+		// from being reached until it is completed if not run in a separate process. However,
+		// we still want it to be stopped when the copy operation below is finished running which
+		// indicates that the container is no longer running.
+		go func(ctx context.Context) {
+			if err := e.pollResources(ctx); err != nil {
+				log.WithField("environment_id", e.Id).WithField("error", errors.WithStack(err)).Error("error during environment resource polling")
+			}
+		}(ctx)
+
+		// Stream the reader output to the console which will then fire off events and handle console
+		// throttling and sending the output to the user.
+		if _, err := io.Copy(console, e.stream.Reader); err != nil {
+			log.WithField("environment_id", e.Id).WithField("error", errors.WithStack(err)).Error("error while copying environment output to console")
+		}
+	}(c)
+
+	return nil
+}
+
+func (e *Environment) resources() container.Resources {
+	l := e.Configuration.Limits()
+
+	return container.Resources{
+		Memory:            l.BoundedMemoryLimit(),
+		MemoryReservation: l.MemoryLimit * 1_000_000,
+		MemorySwap:        l.ConvertedSwap(),
+		CPUQuota:          l.ConvertedCpuLimit(),
+		CPUPeriod:         100_000,
+		CPUShares:         1024,
+		BlkioWeight:       l.IoWeight,
+		OomKillDisable:    &l.OOMDisabled,
+		CpusetCpus:        l.Threads,
+	}
+}
+
+// Performs an in-place update of the Docker container's resource limits without actually
+// making any changes to the operational state of the container. This allows memory, cpu,
+// and IO limitations to be adjusted on the fly for individual instances.
+func (e *Environment) InSituUpdate() error {
+	if _, err := e.client.ContainerInspect(context.Background(), e.Id); err != nil {
+		// If the container doesn't exist for some reason there really isn't anything
+		// we can do to fix that in this process (it doesn't make sense at least). In those
+		// cases just return without doing anything since we still want to save the configuration
+		// to the disk.
+		//
+		// We'll let a boot process make modifications to the container if needed at this point.
+		if client.IsErrNotFound(err) {
+			return nil
+		}
+
+		return errors.WithStack(err)
+	}
+
+	u := container.UpdateConfig{
+		Resources: e.resources(),
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
+	defer cancel()
+	if _, err := e.client.ContainerUpdate(ctx, e.Id, u); err != nil {
+		return errors.WithStack(err)
+	}
+
+	return nil
+}
+
+// Creates a new container for the server using all of the data that is currently
+// available for it. If the container already exists it will be returnee.
+func (e *Environment) Create() error {
+	// If the container already exists don't hit the user with an error, just return
+	// the current information about it which is what we would do when creating the
+	// container anyways.
+	if _, err := e.client.ContainerInspect(context.Background(), e.Id); err == nil {
+		return nil
+	} else if !client.IsErrNotFound(err) {
+		return errors.WithStack(err)
+	}
+
+	// Try to pull the requested image before creating the container.
+	if err := e.ensureImageExists(e.meta.Image); err != nil {
+		return errors.WithStack(err)
+	}
+
+	a := e.Configuration.Allocations()
+
+	evs := e.Configuration.EnvironmentVariables()
+	for i, v := range evs {
+		// Convert 127.0.0.1 to the pterodactyl0 network interface if the environment is Docker
+		// so that the server operates as expected.
+		if v == "SERVER_IP=127.0.0.1" {
+			evs[i] = "SERVER_IP="+config.Get().Docker.Network.Interface
+		}
+	}
+
+	conf := &container.Config{
+		Hostname:     e.Id,
+		Domainname:   config.Get().Docker.Domainname,
+		User:         strconv.Itoa(config.Get().System.User.Uid),
+		AttachStdin:  true,
+		AttachStdout: true,
+		AttachStderr: true,
+		OpenStdin:    true,
+		Tty:          true,
+		ExposedPorts: a.Exposed(),
+		Image:        e.meta.Image,
+		Env:          e.Configuration.EnvironmentVariables(),
+		Labels: map[string]string{
+			"Service":       "Pterodactyl",
+			"ContainerType": "server_process",
+		},
+	}
+
+	tmpfsSize := strconv.Itoa(int(config.Get().Docker.TmpfsSize))
+
+	hostConf := &container.HostConfig{
+		PortBindings: a.DockerBindings(),
+
+		// Configure the mounts for this container. First mount the server data directory
+		// into the container as a r/w bind.
+		Mounts: e.convertMounts(),
+
+		// Configure the /tmp folder mapping in containers. This is necessary for some
+		// games that need to make use of it for downloads and other installation processes.
+		Tmpfs: map[string]string{
+			"/tmp": "rw,exec,nosuid,size=" + tmpfsSize + "M",
+		},
+
+		// Define resource limits for the container based on the data passed through
+		// from the Panel.
+		Resources: e.resources(),
+
+		DNS: config.Get().Docker.Network.Dns,
+
+		// Configure logging for the container to make it easier on the Daemon to grab
+		// the server output. Ensure that we don't use too much space on the host machine
+		// since we only need it for the last few hundred lines of output and don't care
+		// about anything else in it.
+		LogConfig: container.LogConfig{
+			Type: jsonfilelog.Name,
+			Config: map[string]string{
+				"max-size": "5m",
+				"max-file": "1",
+			},
+		},
+
+		SecurityOpt:    []string{"no-new-privileges"},
+		ReadonlyRootfs: true,
+		CapDrop: []string{
+			"setpcap", "mknod", "audit_write", "net_raw", "dac_override",
+			"fowner", "fsetid", "net_bind_service", "sys_chroot", "setfcap",
+		},
+		NetworkMode: container.NetworkMode(config.Get().Docker.Network.Mode),
+	}
+
+	if _, err := e.client.ContainerCreate(context.Background(), conf, hostConf, nil, e.Id); err != nil {
+		return errors.WithStack(err)
+	}
+
+	return nil
+}
+
+func (e *Environment) convertMounts() []mount.Mount {
+	var out []mount.Mount
+
+	for _, m := range e.Configuration.Mounts() {
+		out = append(out, mount.Mount{
+			Type:     mount.TypeBind,
+			Source:   m.Source,
+			Target:   m.Target,
+			ReadOnly: m.ReadOnly,
+		})
+	}
+
+	return out
+}
+
+// Remove the Docker container from the machine. If the container is currently running
+// it will be forcibly stopped by Docker.
+func (e *Environment) Destroy() error {
+	// We set it to stopping than offline to prevent crash detection from being triggered.
+	e.setState(environment.ProcessStoppingState)
+
+	err := e.client.ContainerRemove(context.Background(), e.Id, types.ContainerRemoveOptions{
+		RemoveVolumes: true,
+		RemoveLinks:   false,
+		Force:         true,
+	})
+
+	// Don't trigger a destroy failure if we try to delete a container that does not
+	// exist on the system. We're just a step ahead of ourselves in that case.
+	//
+	// @see https://github.com/pterodactyl/panel/issues/2001
+	if err != nil && client.IsErrNotFound(err) {
+		return nil
+	}
+
+	e.setState(environment.ProcessOfflineState)
+
+	return err
+}
+
+// Attaches to the log for the container. This avoids us missing crucial output that
+// happens in the split seconds before the code moves from 'Starting' to 'Attaching'
+// on the process.
+func (e *Environment) followOutput() error {
+	if exists, err := e.Exists(); !exists {
+		if err != nil {
+			return errors.WithStack(err)
+		}
+
+		return errors.New(fmt.Sprintf("no such container: %s", e.Id))
+	}
+
+	opts := types.ContainerLogsOptions{
+		ShowStderr: true,
+		ShowStdout: true,
+		Follow:     true,
+		Since:      time.Now().Format(time.RFC3339),
+	}
+
+	reader, err := e.client.ContainerLogs(context.Background(), e.Id, opts)
+
+	go func(r io.ReadCloser) {
+		defer r.Close()
+
+		s := bufio.NewScanner(r)
+		for s.Scan() {
+			e.Events().Publish(environment.ConsoleOutputEvent, s.Text())
+		}
+
+		if err := s.Err(); err != nil {
+			log.WithField("error", err).WithField("container_id", e.Id).Warn("error processing scanner line in console output")
+		}
+	}(reader)
+
+	return errors.WithStack(err)
+}
+
+// Pulls the image from Docker. If there is an error while pulling the image from the source
+// but the image already exists locally, we will report that error to the logger but continue
+// with the process.
+//
+// The reasoning behind this is that Quay has had some serious outages as of late, and we don't
+// need to block all of the servers from booting just because of that. I'd imagine in a lot of
+// cases an outage shouldn't affect users too badly. It'll at least keep existing servers working
+// correctly if anything.
+//
+// TODO: local images
+func (e *Environment) ensureImageExists(image string) error {
+	// Give it up to 15 minutes to pull the image. I think this should cover 99.8% of cases where an
+	// image pull might fail. I can't imagine it will ever take more than 15 minutes to fully pull
+	// an image. Let me know when I am inevitably wrong here...
+	ctx, cancel := context.WithTimeout(context.Background(), time.Minute*15)
+	defer cancel()
+
+	// Get a registry auth configuration from the config.
+	var registryAuth *config.RegistryConfiguration
+	for registry, c := range config.Get().Docker.Registries {
+		if !strings.HasPrefix(image, registry) {
+			continue
+		}
+
+		log.WithField("registry", registry).Debug("using authentication for registry")
+		registryAuth = &c
+		break
+	}
+
+	// Get the ImagePullOptions.
+	imagePullOptions := types.ImagePullOptions{All: false}
+	if registryAuth != nil {
+		b64, err := registryAuth.Base64()
+		if err != nil {
+			log.WithError(err).Error("failed to get registry auth credentials")
+		}
+
+		// b64 is a string so if there is an error it will just be empty, not nil.
+		imagePullOptions.RegistryAuth = b64
+	}
+
+	out, err := e.client.ImagePull(ctx, image, imagePullOptions)
+	if err != nil {
+		images, ierr := e.client.ImageList(ctx, types.ImageListOptions{})
+		if ierr != nil {
+			// Well damn, something has gone really wrong here, just go ahead and abort there
+			// isn't much anything we can do to try and self-recover from this.
+			return ierr
+		}
+
+		for _, img := range images {
+			for _, t := range img.RepoTags {
+				if t != image {
+					continue
+				}
+
+				log.WithFields(log.Fields{
+					"image":        image,
+					"container_id": e.Id,
+					"error":        errors.New(err.Error()),
+				}).Warn("unable to pull requested image from remote source, however the image exists locally")
+
+				// Okay, we found a matching container image, in that case just go ahead and return
+				// from this function, since there is nothing else we need to do here.
+				return nil
+			}
+		}
+
+		return err
+	}
+	defer out.Close()
+
+	log.WithField("image", image).Debug("pulling docker image... this could take a bit of time")
+
+	// I'm not sure what the best approach here is, but this will block execution until the image
+	// is done being pulled, which is what we need.
+	scanner := bufio.NewScanner(out)
+	for scanner.Scan() {
+		continue
+	}
+
+	if err := scanner.Err(); err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/environment/docker/environment.go
+++ b/environment/docker/environment.go
@@ -0,0 +1,178 @@
+package docker
+
+import (
+	"context"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/client"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/api"
+	"github.com/pterodactyl/wings/environment"
+	"github.com/pterodactyl/wings/events"
+	"io"
+	"sync"
+)
+
+type Metadata struct {
+	Image string
+	Stop  *api.ProcessStopConfiguration
+}
+
+// Ensure that the Docker environment is always implementing all of the methods
+// from the base environment interface.
+var _ environment.ProcessEnvironment = (*Environment)(nil)
+
+type Environment struct {
+	mu      sync.RWMutex
+	eventMu sync.Mutex
+
+	// The public identifier for this environment. In this case it is the Docker container
+	// name that will be used for all instances created under it.
+	Id string
+
+	// The environment configuration.
+	Configuration *environment.Configuration
+
+	meta *Metadata
+
+	// The Docker client being used for this instance.
+	client *client.Client
+
+	// Controls the hijacked response stream which exists only when we're attached to
+	// the running container instance.
+	stream *types.HijackedResponse
+
+	// Holds the stats stream used by the polling commands so that we can easily close it out.
+	stats io.ReadCloser
+
+	emitter *events.EventBus
+
+	// Tracks the environment state.
+	st   string
+	stMu sync.RWMutex
+}
+
+// Creates a new base Docker environment. The ID passed through will be the ID that is used to
+// reference the container from here on out. This should be unique per-server (we use the UUID
+// by default). The container does not need to exist at this point.
+func New(id string, m *Metadata, c *environment.Configuration) (*Environment, error) {
+	cli, err := client.NewClientWithOpts(client.FromEnv)
+	if err != nil {
+		return nil, err
+	}
+
+	e := &Environment{
+		Id:            id,
+		Configuration: c,
+		meta:          m,
+		client:        cli,
+	}
+
+	return e, nil
+}
+
+func (e *Environment) Type() string {
+	return "docker"
+}
+
+// Set if this process is currently attached to the process.
+func (e *Environment) SetStream(s *types.HijackedResponse) {
+	e.mu.Lock()
+	e.stream = s
+	e.mu.Unlock()
+}
+
+// Determine if the this process is currently attached to the container.
+func (e *Environment) IsAttached() bool {
+	e.mu.RLock()
+	defer e.mu.RUnlock()
+
+	return e.stream != nil
+}
+
+func (e *Environment) Events() *events.EventBus {
+	e.eventMu.Lock()
+	defer e.eventMu.Unlock()
+
+	if e.emitter == nil {
+		e.emitter = events.New()
+	}
+
+	return e.emitter
+}
+
+// Determines if the container exists in this environment. The ID passed through should be the
+// server UUID since containers are created utilizing the server UUID as the name and docker
+// will work fine when using the container name as the lookup parameter in addition to the longer
+// ID auto-assigned when the container is created.
+func (e *Environment) Exists() (bool, error) {
+	_, err := e.client.ContainerInspect(context.Background(), e.Id)
+
+	if err != nil {
+		// If this error is because the container instance wasn't found via Docker we
+		// can safely ignore the error and just return false.
+		if client.IsErrNotFound(err) {
+			return false, nil
+		}
+
+		return false, err
+	}
+
+	return true, nil
+}
+
+// Determines if the server's docker container is currently running. If there is no container
+// present, an error will be raised (since this shouldn't be a case that ever happens under
+// correctly developed circumstances).
+//
+// You can confirm if the instance wasn't found by using client.IsErrNotFound from the Docker
+// API.
+//
+// @see docker/client/errors.go
+func (e *Environment) IsRunning() (bool, error) {
+	c, err := e.client.ContainerInspect(context.Background(), e.Id)
+	if err != nil {
+		return false, err
+	}
+
+	return c.State.Running, nil
+}
+
+// Determine the container exit state and return the exit code and whether or not
+// the container was killed by the OOM killer.
+func (e *Environment) ExitState() (uint32, bool, error) {
+	c, err := e.client.ContainerInspect(context.Background(), e.Id)
+	if err != nil {
+		// I'm not entirely sure how this can happen to be honest. I tried deleting a
+		// container _while_ a server was running and wings gracefully saw the crash and
+		// created a new container for it.
+		//
+		// However, someone reported an error in Discord about this scenario happening,
+		// so I guess this should prevent it? They didn't tell me how they caused it though
+		// so that's a mystery that will have to go unsolved.
+		//
+		// @see https://github.com/pterodactyl/panel/issues/2003
+		if client.IsErrNotFound(err) {
+			return 1, false, nil
+		}
+
+		return 0, false, errors.WithStack(err)
+	}
+
+	return uint32(c.State.ExitCode), c.State.OOMKilled, nil
+}
+
+// Returns the environment configuration allowing a process to make modifications of the
+// environment on the fly.
+func (e *Environment) Config() *environment.Configuration {
+	e.mu.RLock()
+	defer e.mu.RUnlock()
+
+	return e.Configuration
+}
+
+// Sets the stop configuration for the environment.
+func (e *Environment) SetStopConfiguration(c *api.ProcessStopConfiguration) {
+	e.mu.Lock()
+	e.meta.Stop = c
+	e.mu.Unlock()
+}
--- a/environment/docker/power.go
+++ b/environment/docker/power.go
@@ -0,0 +1,232 @@
+package docker
+
+import (
+	"context"
+	"github.com/apex/log"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/client"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/api"
+	"github.com/pterodactyl/wings/environment"
+	"os"
+	"strings"
+	"time"
+)
+
+// Run before the container starts and get the process configuration from the Panel.
+// This is important since we use this to check configuration files as well as ensure
+// we always have the latest version of an egg available for server processes.
+//
+// This process will also confirm that the server environment exists and is in a bootable
+// state. This ensures that unexpected container deletion while Wings is running does
+// not result in the server becoming unbootable.
+func (e *Environment) OnBeforeStart() error {
+	// Always destroy and re-create the server container to ensure that synced data from
+	// the Panel is usee.
+	if err := e.client.ContainerRemove(context.Background(), e.Id, types.ContainerRemoveOptions{RemoveVolumes: true}); err != nil {
+		if !client.IsErrNotFound(err) {
+			return errors.Wrap(err, "failed to remove server docker container during pre-boot")
+		}
+	}
+
+	// The Create() function will check if the container exists in the first place, and if
+	// so just silently return without an error. Otherwise, it will try to create the necessary
+	// container and data storage directory.
+	//
+	// This won't actually run an installation process however, it is just here to ensure the
+	// environment gets created properly if it is missing and the server is started. We're making
+	// an assumption that all of the files will still exist at this point.
+	if err := e.Create(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Starts the server environment and begins piping output to the event listeners for the
+// console. If a container does not exist, or needs to be rebuilt that will happen in the
+// call to OnBeforeStart().
+func (e *Environment) Start() error {
+	sawError := false
+	// If sawError is set to true there was an error somewhere in the pipeline that
+	// got passed up, but we also want to ensure we set the server to be offline at
+	// that point.
+	defer func() {
+		if sawError {
+			// If we don't set it to stopping first, you'll trigger crash detection which
+			// we don't want to do at this point since it'll just immediately try to do the
+			// exact same action that lead to it crashing in the first place...
+			e.setState(environment.ProcessStoppingState)
+			e.setState(environment.ProcessOfflineState)
+		}
+	}()
+
+	if c, err := e.client.ContainerInspect(context.Background(), e.Id); err != nil {
+		// Do nothing if the container is not found, we just don't want to continue
+		// to the next block of code here. This check was inlined here to guard against
+		// a nil-pointer when checking c.State below.
+		//
+		// @see https://github.com/pterodactyl/panel/issues/2000
+		if !client.IsErrNotFound(err) {
+			return errors.WithStack(err)
+		}
+	} else {
+		// If the server is running update our internal state and continue on with the attach.
+		if c.State.Running {
+			e.setState(environment.ProcessRunningState)
+
+			return e.Attach()
+		}
+
+		// Truncate the log file so we don't end up outputting a bunch of useless log information
+		// to the websocket and whatnot. Check first that the path and file exist before trying
+		// to truncate them.
+		if _, err := os.Stat(c.LogPath); err == nil {
+			if err := os.Truncate(c.LogPath, 0); err != nil {
+				return errors.WithStack(err)
+			}
+		}
+	}
+
+	e.setState(environment.ProcessStartingState)
+
+	// Set this to true for now, we will set it to false once we reach the
+	// end of this chain.
+	sawError = true
+
+	// Run the before start function and wait for it to finish. This will validate that the container
+	// exists on the system, and rebuild the container if that is required for server booting to
+	// occur.
+	if err := e.OnBeforeStart(); err != nil {
+		return errors.WithStack(err)
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
+	defer cancel()
+
+	if err := e.client.ContainerStart(ctx, e.Id, types.ContainerStartOptions{}); err != nil {
+		return errors.WithStack(err)
+	}
+
+	// No errors, good to continue through.
+	sawError = false
+
+	return e.Attach()
+}
+
+// Stops the container that the server is running in. This will allow up to 30 seconds to pass
+// before the container is forcefully terminated if we are trying to stop it without using a command
+// sent into the instance.
+//
+// You most likely want to be using WaitForStop() rather than this function, since this will return
+// as soon as the command is sent, rather than waiting for the process to be completed stopped.
+func (e *Environment) Stop() error {
+	e.mu.RLock()
+	s := e.meta.Stop
+	e.mu.RUnlock()
+
+	if s == nil || s.Type == api.ProcessStopSignal {
+		if s == nil {
+			log.WithField("container_id", e.Id).Warn("no stop configuration detected for environment, using termination procedure")
+		}
+
+		return e.Terminate(os.Kill)
+	}
+
+	// If the process is already offline don't switch it back to stopping. Just leave it how
+	// it is and continue through to the stop handling for the process.
+	if e.State() != environment.ProcessOfflineState {
+		e.setState(environment.ProcessStoppingState)
+	}
+
+	// Only attempt to send the stop command to the instance if we are actually attached to
+	// the instance. If we are not for some reason, just send the container stop event.
+	if e.IsAttached() && s.Type == api.ProcessStopCommand {
+		return e.SendCommand(s.Value)
+	}
+
+	t := time.Second * 30
+	err := e.client.ContainerStop(context.Background(), e.Id, &t)
+	if err != nil {
+		// If the container does not exist just mark the process as stopped and return without
+		// an error.
+		if client.IsErrNotFound(err) {
+			e.SetStream(nil)
+			e.setState(environment.ProcessOfflineState)
+
+			return nil
+		}
+
+		return err
+	}
+
+	return nil
+}
+
+// Attempts to gracefully stop a server using the defined stop command. If the server
+// does not stop after seconds have passed, an error will be returned, or the instance
+// will be terminated forcefully depending on the value of the second argument.
+func (e *Environment) WaitForStop(seconds uint, terminate bool) error {
+	if err := e.Stop(); err != nil {
+		return errors.WithStack(err)
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), time.Duration(seconds)*time.Second)
+	defer cancel()
+
+	// Block the return of this function until the container as been marked as no
+	// longer running. If this wait does not end by the time seconds have passed,
+	// attempt to terminate the container, or return an error.
+	ok, errChan := e.client.ContainerWait(ctx, e.Id, container.WaitConditionNotRunning)
+	select {
+	case <-ctx.Done():
+		if ctxErr := ctx.Err(); ctxErr != nil {
+			if terminate {
+				return e.Terminate(os.Kill)
+			}
+
+			return errors.WithStack(ctxErr)
+		}
+	case err := <-errChan:
+		if err != nil {
+			return errors.WithStack(err)
+		}
+	case <-ok:
+	}
+
+	return nil
+}
+
+// Forcefully terminates the container using the signal passed through.
+func (e *Environment) Terminate(signal os.Signal) error {
+	c, err := e.client.ContainerInspect(context.Background(), e.Id)
+	if err != nil {
+		return errors.WithStack(err)
+	}
+
+	if !c.State.Running {
+		// If the container is not running but we're not already in a stopped state go ahead
+		// and update things to indicate we should be completely stopped now. Set to stopping
+		// first so crash detection is not triggered.
+		if e.State() != environment.ProcessOfflineState {
+			e.setState(environment.ProcessStoppingState)
+			e.setState(environment.ProcessOfflineState)
+		}
+
+		return nil
+	}
+
+	// We set it to stopping than offline to prevent crash detection from being triggered.
+	e.setState(environment.ProcessStoppingState)
+
+	sig := strings.TrimSuffix(strings.TrimPrefix(signal.String(), "signal "), "ed")
+
+	if err := e.client.ContainerKill(context.Background(), e.Id, sig); err != nil {
+		return err
+	}
+
+	e.setState(environment.ProcessOfflineState)
+
+	return nil
+}
--- a/environment/docker/state.go
+++ b/environment/docker/state.go
@@ -0,0 +1,41 @@
+package docker
+
+import (
+	"fmt"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/environment"
+)
+
+// Returns the current environment state.
+func (e *Environment) State() string {
+	e.stMu.RLock()
+	defer e.stMu.RUnlock()
+
+	return e.st
+}
+
+// Sets the state of the environment. This emits an event that server's can hook into to
+// take their own actions and track their own state based on the environment.
+func (e *Environment) setState(state string) error {
+	if state != environment.ProcessOfflineState &&
+		state != environment.ProcessStartingState &&
+		state != environment.ProcessRunningState &&
+		state != environment.ProcessStoppingState {
+		return errors.New(fmt.Sprintf("invalid server state received: %s", state))
+	}
+
+	// Get the current state of the environment before changing it.
+	prevState := e.State()
+
+	// Emit the event to any listeners that are currently registered.
+	if prevState != state {
+		// If the state changed make sure we update the internal tracking to note that.
+		e.stMu.Lock()
+		e.st = state
+		e.stMu.Unlock()
+
+		e.Events().Publish(environment.StateChangeEvent, e.State())
+	}
+
+	return nil
+}
--- a/environment/docker/stats.go
+++ b/environment/docker/stats.go
@@ -0,0 +1,131 @@
+package docker
+
+import (
+	"context"
+	"encoding/json"
+	"github.com/apex/log"
+	"github.com/docker/docker/api/types"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/environment"
+	"io"
+	"math"
+	"sync/atomic"
+)
+
+// Attach to the instance and then automatically emit an event whenever the resource usage for the
+// server process changes.
+func (e *Environment) pollResources(ctx context.Context) error {
+	l := log.WithField("container_id", e.Id)
+
+	l.Debug("starting resource polling for container")
+	defer l.Debug("stopped resource polling for container")
+
+	if e.State() == environment.ProcessOfflineState {
+		return errors.New("cannot enable resource polling on a stopped server")
+	}
+
+	stats, err := e.client.ContainerStats(context.Background(), e.Id, true)
+	if err != nil {
+		return errors.WithStack(err)
+	}
+	defer stats.Body.Close()
+
+	dec := json.NewDecoder(stats.Body)
+
+	for {
+		select {
+		case <-ctx.Done():
+			return ctx.Err()
+		default:
+			var v *types.StatsJSON
+
+			if err := dec.Decode(&v); err != nil {
+				if err != io.EOF {
+					l.WithField("error", errors.WithStack(err)).Warn("error while processing Docker stats output for container")
+				} else {
+					l.Debug("io.EOF encountered during stats decode, stopping polling...")
+				}
+
+				return nil
+			}
+
+			// Disable collection if the server is in an offline state and this process is still running.
+			if e.State() == environment.ProcessOfflineState {
+				l.Debug("process in offline state while resource polling is still active; stopping poll")
+				return nil
+			}
+
+			var rx uint64
+			var tx uint64
+			for _, nw := range v.Networks {
+				atomic.AddUint64(&rx, nw.RxBytes)
+				atomic.AddUint64(&tx, nw.RxBytes)
+			}
+
+			st := &environment.Stats{
+				Memory:      calculateDockerMemory(v.MemoryStats),
+				MemoryLimit: v.MemoryStats.Limit,
+				CpuAbsolute: calculateDockerAbsoluteCpu(&v.PreCPUStats, &v.CPUStats),
+				Network: struct {
+					RxBytes uint64 `json:"rx_bytes"`
+					TxBytes uint64 `json:"tx_bytes"`
+				}{
+					RxBytes: rx,
+					TxBytes: tx,
+				},
+			}
+
+			if b, err := json.Marshal(st); err != nil {
+				l.WithField("error", errors.WithStack(err)).Warn("error while marshaling stats object for environment")
+			} else {
+				e.Events().Publish(environment.ResourceEvent, string(b))
+			}
+		}
+	}
+}
+
+// The "docker stats" CLI call does not return the same value as the types.MemoryStats.Usage
+// value which can be rather confusing to people trying to compare panel usage to
+// their stats output.
+//
+// This math is straight up lifted from their CLI repository in order to show the same
+// values to avoid people bothering me about it. It should also reflect a slightly more
+// correct memory value anyways.
+//
+// @see https://github.com/docker/cli/blob/96e1d1d6/cli/command/container/stats_helpers.go#L227-L249
+func calculateDockerMemory(stats types.MemoryStats) uint64 {
+	if v, ok := stats.Stats["total_inactive_file"]; ok && v < stats.Usage {
+		return stats.Usage - v
+	}
+
+	if v := stats.Stats["inactive_file"]; v < stats.Usage {
+		return stats.Usage - v
+	}
+
+	return stats.Usage
+}
+
+// Calculates the absolute CPU usage used by the server process on the system, not constrained
+// by the defined CPU limits on the container.
+//
+// @see https://github.com/docker/cli/blob/aa097cf1aa19099da70930460250797c8920b709/cli/command/container/stats_helpers.go#L166
+func calculateDockerAbsoluteCpu(pStats *types.CPUStats, stats *types.CPUStats) float64 {
+	// Calculate the change in CPU usage between the current and previous reading.
+	cpuDelta := float64(stats.CPUUsage.TotalUsage) - float64(pStats.CPUUsage.TotalUsage)
+
+	// Calculate the change for the entire system's CPU usage between current and previous reading.
+	systemDelta := float64(stats.SystemUsage) - float64(pStats.SystemUsage)
+
+	// Calculate the total number of CPU cores being used.
+	cpus := float64(stats.OnlineCPUs)
+	if cpus == 0.0 {
+		cpus = float64(len(stats.CPUUsage.PercpuUsage))
+	}
+
+	percent := 0.0
+	if systemDelta > 0.0 && cpuDelta > 0.0 {
+		percent = (cpuDelta / systemDelta) * cpus * 100.0
+	}
+
+	return math.Round(percent*1000) / 1000
+}
--- a/environment/docker/stream.go
+++ b/environment/docker/stream.go
@@ -0,0 +1,99 @@
+package docker
+
+import (
+	"bufio"
+	"bytes"
+	"context"
+	"encoding/json"
+	"github.com/docker/docker/api/types"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/environment"
+	"strconv"
+)
+
+type dockerLogLine struct {
+	Log string `json:"log"`
+}
+
+func (e *Environment) setStream(s *types.HijackedResponse) {
+	e.mu.Lock()
+	e.stream = s
+	e.mu.Unlock()
+}
+
+// Sends the specified command to the stdin of the running container instance. There is no
+// confirmation that this data is sent successfully, only that it gets pushed into the stdin.
+func (e *Environment) SendCommand(c string) error {
+	e.mu.RLock()
+	defer e.mu.RUnlock()
+
+	if !e.IsAttached() {
+		return errors.New("attempting to send command to non-attached instance")
+	}
+
+	if e.meta.Stop != nil {
+		// If the command being processed is the same as the process stop command then we want to mark
+		// the server as entering the stopping state otherwise the process will stop and Wings will think
+		// it has crashed and attempt to restart it.
+		if e.meta.Stop.Type == "command" && c == e.meta.Stop.Value {
+			e.Events().Publish(environment.StateChangeEvent, environment.ProcessStoppingState)
+		}
+	}
+
+	_, err := e.stream.Conn.Write([]byte(c + "\n"))
+
+	return errors.WithStack(err)
+}
+
+// Reads the log file for the server. This does not care if the server is running or not, it will
+// simply try to read the last X bytes of the file and return them.
+func (e *Environment) Readlog(lines int) ([]string, error) {
+	r, err := e.client.ContainerLogs(context.Background(), e.Id, types.ContainerLogsOptions{
+		ShowStdout: true,
+		ShowStderr: true,
+		Tail:       strconv.Itoa(lines),
+	})
+	if err != nil {
+		return nil, errors.WithStack(err)
+	}
+	defer r.Close()
+
+	var out []string
+
+	scanner := bufio.NewScanner(r)
+	for scanner.Scan() {
+		out = append(out, scanner.Text())
+	}
+
+	return out, nil
+}
+
+// Docker stores the logs for server output in a JSON format. This function will iterate over the JSON
+// that was read from the log file and parse it into a more human readable format.
+func (e *Environment) parseLogToStrings(b []byte) ([]string, error) {
+	var hasError = false
+	var out []string
+
+	scanner := bufio.NewScanner(bytes.NewReader(b))
+	for scanner.Scan() {
+		var l dockerLogLine
+
+		// Unmarshal the contents and allow up to a single error before bailing out of the process. We
+		// do this because if you're arbitrarily reading a length of the file you'll likely end up
+		// with the first line in the output being improperly formatted JSON. In those cases we want to
+		// just skip over it. However if we see another error we're going to bail out because that is an
+		// abnormal situation.
+		if err := json.Unmarshal([]byte(scanner.Text()), &l); err != nil {
+			if hasError {
+				return nil, err
+			}
+
+			hasError = true
+			continue
+		}
+
+		out = append(out, l.Log)
+	}
+
+	return out, nil
+}
--- a/environment/environment.go
+++ b/environment/environment.go
@@ -1,15 +1,42 @@
-package server
+package environment

 import (
+	"github.com/pterodactyl/wings/events"
 	"os"
 )

+const (
+	ConsoleOutputEvent = "console output"
+	StateChangeEvent   = "state change"
+	ResourceEvent      = "resources"
+)
+
+const (
+	ProcessOfflineState  = "offline"
+	ProcessStartingState = "starting"
+	ProcessRunningState  = "running"
+	ProcessStoppingState = "stopping"
+)
+
 // Defines the basic interface that all environments need to implement so that
 // a server can be properly controlled.
-type Environment interface {
+type ProcessEnvironment interface {
 	// Returns the name of the environment.
 	Type() string

+	// Returns the environment configuration to the caller.
+	Config() *Configuration
+
+	// Returns an event emitter instance that can be hooked into to listen for different
+	// events that are fired by the environment. This should not allow someone to publish
+	// events, only subscribe to them.
+	Events() *events.EventBus
+
+	// Determines if the server instance exists. For example, in a docker environment
+	// this should confirm that the container is created and in a bootable state. In
+	// a basic CLI environment this can probably just return true right away.
+	Exists() (bool, error)
+
 	// Determines if the environment is currently active and running a server process
 	// for this specific server instance.
 	IsRunning() (bool, error)
@@ -34,12 +61,7 @@ type Environment interface {
 	// Waits for a server instance to stop gracefully. If the server is still detected
 	// as running after seconds, an error will be returned, or the server will be terminated
 	// depending on the value of the second argument.
-	WaitForStop(seconds int, terminate bool) error
-
-	// Determines if the server instance exists. For example, in a docker environment
-	// this should confirm that the container is created and in a bootable state. In
-	// a basic CLI environment this can probably just return true right away.
-	Exists() (bool, error)
+	WaitForStop(seconds uint, terminate bool) error

 	// Terminates a running server instance using the provided signal. If the server
 	// is not running no error should be returned.
@@ -63,22 +85,10 @@ type Environment interface {
 	// send data into the environment's stdin.
 	Attach() error

-	// Follows the output from the server console and will begin piping the output to
-	// the server's emitter.
-	FollowConsoleOutput() error
-
 	// Sends the provided command to the running server instance.
 	SendCommand(string) error

 	// Reads the log file for the process from the end backwards until the provided
-	// number of bytes is met.
-	Readlog(int64) ([]string, error)
-
-	// Polls the given environment for resource usage of the server when the process
-	// is running.
-	EnableResourcePolling() error
-
-	// Disables the polling operation for resource usage and sets the required values
-	// to 0 in the server resource usage struct.
-	DisableResourcePolling() error
+	// number of lines is met.
+	Readlog(int) ([]string, error)
 }
--- a/environment/settings.go
+++ b/environment/settings.go
@@ -0,0 +1,131 @@
+package environment
+
+import (
+	"fmt"
+	"github.com/apex/log"
+	"math"
+	"strconv"
+)
+
+type Mount struct {
+	// In Docker environments this makes no difference, however in a non-Docker environment you
+	// should treat the "Default" mount as the root directory for the server. All other mounts
+	// are just in addition to that one, and generally things like shared maps or timezone data.
+	Default bool `json:"-"`
+
+	// The target path on the system. This is "/home/container" for all server's Default mount
+	// but in non-container environments you can likely ignore the target and just work with the
+	// source.
+	Target string `json:"target"`
+
+	// The directory from which the files will be read. In Docker environments this is the directory
+	// that we're mounting into the container at the Target location.
+	Source string `json:"source"`
+
+	// Whether or not the directory is being mounted as read-only. It is up to the environment to
+	// handle this value correctly and ensure security expectations are met with its usage.
+	ReadOnly bool `json:"read_only"`
+}
+
+// The build settings for a given server that impact docker container creation and
+// resource limits for a server instance.
+type Limits struct {
+	// The total amount of memory in megabytes that this server is allowed to
+	// use on the host system.
+	MemoryLimit int64 `json:"memory_limit"`
+
+	// The amount of additional swap space to be provided to a container instance.
+	Swap int64 `json:"swap"`
+
+	// The relative weight for IO operations in a container. This is relative to other
+	// containers on the system and should be a value between 10 and 1000.
+	IoWeight uint16 `json:"io_weight"`
+
+	// The percentage of CPU that this instance is allowed to consume relative to
+	// the host. A value of 200% represents complete utilization of two cores. This
+	// should be a value between 1 and THREAD_COUNT * 100.
+	CpuLimit int64 `json:"cpu_limit"`
+
+	// The amount of disk space in megabytes that a server is allowed to use.
+	DiskSpace int64 `json:"disk_space"`
+
+	// Sets which CPU threads can be used by the docker instance.
+	Threads string `json:"threads"`
+
+	OOMDisabled bool `json:"oom_disabled"`
+}
+
+// Converts the CPU limit for a server build into a number that can be better understood
+// by the Docker environment. If there is no limit set, return -1 which will indicate to
+// Docker that it has unlimited CPU quota.
+func (r *Limits) ConvertedCpuLimit() int64 {
+	if r.CpuLimit == 0 {
+		return -1
+	}
+
+	return r.CpuLimit * 1000
+}
+
+// Set the hard limit for memory usage to be 5% more than the amount of memory assigned to
+// the server. If the memory limit for the server is < 4G, use 10%, if less than 2G use
+// 15%. This avoids unexpected crashes from processes like Java which run over the limit.
+func (r *Limits) MemoryOverheadMultiplier() float64 {
+	if r.MemoryLimit <= 2048 {
+		return 1.15
+	} else if r.MemoryLimit <= 4096 {
+		return 1.10
+	}
+
+	return 1.05
+}
+
+func (r *Limits) BoundedMemoryLimit() int64 {
+	return int64(math.Round(float64(r.MemoryLimit) * r.MemoryOverheadMultiplier() * 1_000_000))
+}
+
+// Returns the amount of swap available as a total in bytes. This is returned as the amount
+// of memory available to the server initially, PLUS the amount of additional swap to include
+// which is the format used by Docker.
+func (r *Limits) ConvertedSwap() int64 {
+	if r.Swap < 0 {
+		return -1
+	}
+
+	return (r.Swap * 1_000_000) + r.BoundedMemoryLimit()
+}
+
+type Variables map[string]interface{}
+
+// Ugly hacky function to handle environment variables that get passed through as not-a-string
+// from the Panel. Ideally we'd just say only pass strings, but that is a fragile idea and if a
+// string wasn't passed through you'd cause a crash or the server to become unavailable. For now
+// try to handle the most likely values from the JSON and hope for the best.
+func (v Variables) Get(key string) string {
+	val, ok := v[key]
+	if !ok {
+		return ""
+	}
+
+	switch val.(type) {
+	case int:
+		return strconv.Itoa(val.(int))
+	case int32:
+		return strconv.FormatInt(val.(int64), 10)
+	case int64:
+		return strconv.FormatInt(val.(int64), 10)
+	case float32:
+		return fmt.Sprintf("%f", val.(float32))
+	case float64:
+		return fmt.Sprintf("%f", val.(float64))
+	case bool:
+		return strconv.FormatBool(val.(bool))
+	case string:
+		return val.(string)
+	}
+
+	// TODO: I think we can add a check for val == nil and return an empty string for those
+	//  and this warning should theoretically never happen?
+	log.Warn(fmt.Sprintf("failed to marshal environment variable \"%s\" of type %+v into string", key, val))
+
+	return ""
+}
--- a/environment/stats.go
+++ b/environment/stats.go
@@ -0,0 +1,47 @@
+package environment
+
+import "sync"
+
+// Defines the current resource usage for a given server instance. If a server is offline you
+// should obviously expect memory and CPU usage to be 0. However, disk will always be returned
+// since that is not dependent on the server being running to collect that data.
+type Stats struct {
+	mu sync.RWMutex
+
+	// The total amount of memory, in bytes, that this server instance is consuming. This is
+	// calculated slightly differently than just using the raw Memory field that the stats
+	// return from the container, so please check the code setting this value for how that
+	// is calculated.
+	Memory uint64 `json:"memory_bytes"`
+
+	// The total amount of memory this container or resource can use. Inside Docker this is
+	// going to be higher than you'd expect because we're automatically allocating overhead
+	// abilities for the container, so its not going to be a perfect match.
+	MemoryLimit uint64 `json:"memory_limit_bytes"`
+
+	// The absolute CPU usage is the amount of CPU used in relation to the entire system and
+	// does not take into account any limits on the server process itself.
+	CpuAbsolute float64 `json:"cpu_absolute"`
+
+	// The current disk space being used by the server. This is cached to prevent slow lookup
+	// issues on frequent refreshes.
+	// Disk int64 `json:"disk_bytes"`
+
+	// Current network transmit in & out for a container.
+	Network struct {
+		RxBytes uint64 `json:"rx_bytes"`
+		TxBytes uint64 `json:"tx_bytes"`
+	} `json:"network"`
+}
+
+// Resets the usages values to zero, used when a server is stopped to ensure we don't hold
+// onto any values incorrectly.
+func (s *Stats) Empty() {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	s.Memory = 0
+	s.CpuAbsolute = 0
+	s.Network.TxBytes = 0
+	s.Network.RxBytes = 0
+}
--- a/events/events.go
+++ b/events/events.go
@@ -0,0 +1,105 @@
+package events
+
+import (
+	"encoding/json"
+	"strings"
+	"sync"
+)
+
+type Event struct {
+	Data  string
+	Topic string
+}
+
+type EventBus struct {
+	sync.RWMutex
+
+	subscribers map[string]map[chan Event]struct{}
+}
+
+func New() *EventBus {
+	return &EventBus{
+		subscribers: make(map[string]map[chan Event]struct{}),
+	}
+}
+
+// Publish data to a given topic.
+func (e *EventBus) Publish(topic string, data string) {
+	t := topic
+	// Some of our topics for the socket support passing a more specific namespace,
+	// such as "backup completed:1234" to indicate which specific backup was completed.
+	//
+	// In these cases, we still need to the send the event using the standard listener
+	// name of "backup completed".
+	if strings.Contains(topic, ":") {
+		parts := strings.SplitN(topic, ":", 2)
+
+		if len(parts) == 2 {
+			t = parts[0]
+		}
+	}
+
+	// Acquire a read lock and loop over all of the channels registered for the topic. This
+	// avoids a panic crash if the process tries to unregister the channel while this routine
+	// is running.
+	go func() {
+		e.RLock()
+		defer e.RUnlock()
+
+		if ch, ok := e.subscribers[t]; ok {
+			for channel := range ch {
+				channel <- Event{Data: data, Topic: topic}
+			}
+		}
+	}()
+}
+
+func (e *EventBus) PublishJson(topic string, data interface{}) error {
+	b, err := json.Marshal(data)
+	if err != nil {
+		return err
+	}
+
+	e.Publish(topic, string(b))
+
+	return nil
+}
+
+// Subscribe to an emitter topic using a channel.
+func (e *EventBus) Subscribe(topic string, ch chan Event) {
+	e.Lock()
+	defer e.Unlock()
+
+	if _, exists := e.subscribers[topic]; !exists {
+		e.subscribers[topic] = make(map[chan Event]struct{})
+	}
+
+	// Only set the channel if there is not currently a matching one for this topic. This
+	// avoids registering two identical listeners for the same topic and causing pain in
+	// the unsubscribe functionality as well.
+	if _, exists := e.subscribers[topic][ch]; !exists {
+		e.subscribers[topic][ch] = struct{}{}
+	}
+}
+
+// Unsubscribe a channel from a given topic.
+func (e *EventBus) Unsubscribe(topic string, ch chan Event) {
+	e.Lock()
+	defer e.Unlock()
+
+	if _, exists := e.subscribers[topic][ch]; exists {
+		delete(e.subscribers[topic], ch)
+	}
+}
+
+// Removes all of the event listeners for the server. This is used when a server
+// is being deleted to avoid a bunch of de-reference errors cropping up. Obviously
+// should also check elsewhere and handle a server reference going nil, but this
+// won't hurt.
+func (e *EventBus) UnsubscribeAll() {
+	e.Lock()
+	defer e.Unlock()
+
+	// Reset the entire struct into an empty map.
+	e.subscribers = make(map[string]map[chan Event]struct{})
+}
--- a/go.mod
+++ b/go.mod
@@ -1,74 +1,81 @@
 module github.com/pterodactyl/wings

-go 1.12
-
-// Uncomment this in development environments to make changes to the core SFTP
-// server software. This assumes you're using the official Pterodactyl Environment
-// otherwise this path will not work.
-//
-// @see https://github.com/pterodactyl/development
-//
-// replace github.com/pterodactyl/sftp-server => ../sftp-server
+go 1.13

 require (
-	github.com/AlecAivazis/survey/v2 v2.0.7
+	github.com/AlecAivazis/survey/v2 v2.1.0
 	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
-	github.com/Jeffail/gabs/v2 v2.2.0
-	github.com/Microsoft/go-winio v0.4.7 // indirect
-	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
-	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
-	github.com/aws/aws-sdk-go v1.30.14 // indirect
+	github.com/Jeffail/gabs/v2 v2.5.1
+	github.com/Microsoft/go-winio v0.4.14 // indirect
+	github.com/NYTimes/logrotate v1.0.0
+	github.com/andybalholm/brotli v1.0.0 // indirect
+	github.com/apex/log v1.8.0
+	github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535
 	github.com/beevik/etree v1.1.0
-	github.com/buger/jsonparser v0.0.0-20191204142016-1a29609e0929
+	github.com/buger/jsonparser v1.0.0
 	github.com/cobaugh/osrelease v0.0.0-20181218015638-a93a0a55a249
-	github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448 // indirect
-	github.com/creasty/defaults v1.3.0
+	github.com/containerd/containerd v1.3.7 // indirect
+	github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b // indirect
+	github.com/creasty/defaults v1.5.0
+	github.com/docker/cli v17.12.1-ce-rc2+incompatible
 	github.com/docker/distribution v2.7.1+incompatible // indirect
-	github.com/docker/docker v0.0.0-20180422163414-57142e89befe
+	github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible
 	github.com/docker/go-connections v0.4.0
-	github.com/docker/go-units v0.3.3 // indirect
-	github.com/gabriel-vasile/mimetype v0.1.4
-	github.com/gbrlsnchs/jwt/v3 v3.0.0-rc.0
-	github.com/ghodss/yaml v1.0.0
-	github.com/gin-gonic/gin v1.6.2
-	github.com/golang/protobuf v1.3.5 // indirect
+	github.com/docker/go-metrics v0.0.1 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
+	github.com/fatih/color v1.9.0
+	github.com/frankban/quicktest v1.10.2 // indirect
+	github.com/fsnotify/fsnotify v1.4.9 // indirect
+	github.com/gabriel-vasile/mimetype v1.1.1
+	github.com/gammazero/deque v0.0.0-20200721202602-07291166fe33 // indirect
+	github.com/gammazero/workerpool v1.0.0
+	github.com/gbrlsnchs/jwt/v3 v3.0.0-rc.2
+	github.com/gin-gonic/gin v1.6.3
+	github.com/go-playground/validator/v10 v10.3.0 // indirect
+	github.com/gogo/protobuf v1.3.1 // indirect
 	github.com/google/uuid v1.1.1
-	github.com/gorilla/websocket v1.4.0
-	github.com/gotestyourself/gotestyourself v2.2.0+incompatible // indirect
+	github.com/gorilla/mux v1.7.4 // indirect
+	github.com/gorilla/websocket v1.4.2
 	github.com/iancoleman/strcase v0.0.0-20191112232945-16388991a334
+	github.com/icza/dyno v0.0.0-20200205103839-49cb13720835
 	github.com/imdario/mergo v0.3.8
-	github.com/klauspost/pgzip v1.2.3
+	github.com/karrick/godirwalk v1.16.1
+	github.com/klauspost/compress v1.10.10 // indirect
+	github.com/klauspost/pgzip v1.2.4
+	github.com/magefile/mage v1.10.0 // indirect
 	github.com/magiconair/properties v1.8.1
+	github.com/mattn/go-colorable v0.1.7
 	github.com/mattn/go-shellwords v1.0.10 // indirect
+	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/mholt/archiver/v3 v3.3.0
 	github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.1 // indirect
+	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
-	github.com/opencontainers/go-digest v1.0.0-rc1 // indirect
+	github.com/nwaples/rardecode v1.1.0 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.0.1 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible
+	github.com/pierrec/lz4 v2.5.2+incompatible // indirect
 	github.com/pkg/errors v0.9.1
-	github.com/pkg/profile v1.4.0
-	github.com/pkg/sftp v1.10.1 // indirect
-	github.com/pterodactyl/sftp-server v1.1.1
-	github.com/remeh/sizedwaitgroup v0.0.0-20180822144253-5e7302b12cce
+	github.com/pkg/profile v1.5.0
+	github.com/pkg/sftp v1.11.0
+	github.com/prometheus/common v0.11.1 // indirect
+	github.com/remeh/sizedwaitgroup v1.0.0
 	github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94
-	github.com/smartystreets/goconvey v1.6.4 // indirect
-	github.com/spf13/cobra v0.0.7
-	github.com/stretchr/objx v0.2.0 // indirect
-	github.com/yuin/goldmark v1.1.30 // indirect
-	go.uber.org/atomic v1.5.1 // indirect
-	go.uber.org/multierr v1.4.0 // indirect
-	go.uber.org/zap v1.13.0
-	golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5 // indirect
-	golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f // indirect
-	golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 // indirect
-	golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a
-	golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f // indirect
-	golang.org/x/tools v0.0.0-20200426102838-f3a5411a4c3b // indirect
+	github.com/spf13/cobra v1.0.0
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/ulikunitz/xz v0.5.7 // indirect
+	golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de
+	golang.org/x/net v0.0.0-20200707034311-ab3426394381 // indirect
+	golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208
+	golang.org/x/text v0.3.3 // indirect
+	golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e // indirect
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	google.golang.org/genproto v0.0.0-20200806141610-86f49bd18e98 // indirect
+	google.golang.org/grpc v1.31.0 // indirect
+	google.golang.org/protobuf v1.25.0 // indirect
 	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
-	gopkg.in/ini.v1 v1.51.0
-	gopkg.in/yaml.v2 v2.2.8
+	gopkg.in/ini.v1 v1.57.0
+	gopkg.in/yaml.v2 v2.3.0
 	gotest.tools v2.2.0+incompatible // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,79 +1,158 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-github.com/AlecAivazis/survey/v2 v2.0.7 h1:+f825XHLse/hWd2tE/V5df04WFGimk34Eyg/z35w/rc=
-github.com/AlecAivazis/survey/v2 v2.0.7/go.mod h1:mlizQTaPjnR4jcpwRSaSlkbsRfYFEyKgLQvYTzxxiHA=
+cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+github.com/AlecAivazis/survey/v2 v2.1.0 h1:AT4+23hOFopXYZaNGugbk7MWItkz0SfTmH/Hk92KeeE=
+github.com/AlecAivazis/survey/v2 v2.1.0/go.mod h1:9FJRdMdDm8rnT+zHVbvQT2RTSTLq0Ttd6q3Vl2fahjk=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/Jeffail/gabs/v2 v2.2.0 h1:7touC+WzbQ7LO5+mwgxT44miyTqAVCOlIWLA6PiIB5w=
-github.com/Jeffail/gabs/v2 v2.2.0/go.mod h1:xCn81vdHKxFUuWWAaD5jCTQDNPBMh5pPs9IJ+NcziBI=
-github.com/Microsoft/go-winio v0.4.7 h1:vOvDiY/F1avSWlCWiKJjdYKz2jVjTK3pWPHndeG4OAY=
-github.com/Microsoft/go-winio v0.4.7/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
+github.com/Jeffail/gabs/v2 v2.5.1 h1:ANfZYjpMlfTTKebycu4X1AgkVWumFVDYQl7JwOr4mDk=
+github.com/Jeffail/gabs/v2 v2.5.1/go.mod h1:xCn81vdHKxFUuWWAaD5jCTQDNPBMh5pPs9IJ+NcziBI=
+github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
+github.com/Microsoft/go-winio v0.4.14 h1:+hMXMk01us9KgxGb7ftKQt2Xpf5hH/yky+TDA+qxleU=
+github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
+github.com/NYTimes/logrotate v1.0.0 h1:6jFGbon6jOtpy3t3kwZZKS4Gdmf1C/Wv5J4ll4Xn5yk=
+github.com/NYTimes/logrotate v1.0.0/go.mod h1:GxNz1cSw1c6t99PXoZlw+nm90H6cyQyrH66pjVv7x88=
 github.com/Netflix/go-expect v0.0.0-20180615182759-c93bf25de8e8 h1:xzYJEypr/85nBpB11F9br+3HUrpgb+fcm5iADzXXYEw=
 github.com/Netflix/go-expect v0.0.0-20180615182759-c93bf25de8e8/go.mod h1:oX5x61PbNXchhh0oikYAH+4Pcfw5LKv21+Jnpr6r6Pc=
-github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw=
-github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
+github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
+github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
+github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
+github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/andybalholm/brotli v0.0.0-20190621154722-5f990b63d2d6 h1:bZ28Hqta7TFAK3Q08CMvv8y3/8ATaEqv2nGoc6yff6c=
 github.com/andybalholm/brotli v0.0.0-20190621154722-5f990b63d2d6/go.mod h1:+lx6/Aqd1kLJ1GQfkvOnaZ1WGmLpMpbprPuIOOZX30U=
+github.com/andybalholm/brotli v1.0.0 h1:7UCwP93aiSfvWpapti8g88vVVGp2qqtGyePsSuDafo4=
+github.com/andybalholm/brotli v1.0.0/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
+github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
+github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
+github.com/apex/log v1.8.0 h1:+W4j+dttibFvynPLlctdnYFUn1eLKT37BZWWW2iMfEM=
+github.com/apex/log v1.8.0/go.mod h1:m82fZlWIuiWzWP04XCTXmnX0xRkYYbCdYn8jbJeLBEA=
+github.com/apex/logs v1.0.0/go.mod h1:XzxuLZ5myVHDy9SAmYpamKKRNApGj54PfYLcFrXqDwo=
+github.com/aphistic/golf v0.0.0-20180712155816-02c07f170c5a/go.mod h1:3NqKYiepwy8kCu4PNA+aP7WUV72eXWJeP9/r3/K9aLE=
+github.com/aphistic/sweet v0.2.0/go.mod h1:fWDlIh/isSE9n6EPsRmC0det+whmX6dJid3stzu0Xys=
+github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
-github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA=
-github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
-github.com/aws/aws-sdk-go v1.30.14 h1:vZfX2b/fknc9wKcytbLWykM7in5k6dbQ8iHTJDUP1Ng=
-github.com/aws/aws-sdk-go v1.30.14/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
+github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
+github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
+github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A=
+github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 h1:4daAzAu0S6Vi7/lbWECcX0j45yZReDZ56BQsrVBOEEY=
+github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg=
+github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU=
+github.com/aws/aws-sdk-go v1.20.6/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
+github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
+github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
+github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59 h1:WWB576BN5zNSZc/M9d/10pqEx5VHNhaQ/yOVAkmj5Yo=
+github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I=
 github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
 github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
-github.com/buger/jsonparser v0.0.0-20191204142016-1a29609e0929 h1:MW/JDk68Rny52yI0M0N+P8lySNgB+NhpI/uAmhgOhUM=
-github.com/buger/jsonparser v0.0.0-20191204142016-1a29609e0929/go.mod h1:tgcrVJ81GPSF0mz+0nu1Xaz0fazGPrmmJfJtxjbHhUQ=
+github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
+github.com/buger/jsonparser v1.0.0 h1:etJTGF5ESxjI0Ic2UaLQs2LQQpa8G9ykQScukbh4L8A=
+github.com/buger/jsonparser v1.0.0/go.mod h1:tgcrVJ81GPSF0mz+0nu1Xaz0fazGPrmmJfJtxjbHhUQ=
+github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
+github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
+github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
+github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cobaugh/osrelease v0.0.0-20181218015638-a93a0a55a249 h1:R0IDH8daQ3lODvu8YtxnIqqth5qMGCJyADoUQvmLx4o=
 github.com/cobaugh/osrelease v0.0.0-20181218015638-a93a0a55a249/go.mod h1:EHKW9yNEYSBpTKzuu7Y9oOrft/UlzH57rMIB03oev6M=
-github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448 h1:PUD50EuOMkXVcpBIA/R95d56duJR9VxhwncsFbNnxW4=
-github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI=
+github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
+github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
+github.com/containerd/containerd v1.3.7 h1:eFSOChY8TTcxvkzp8g+Ov1RL0MYww7XEeK0y+zqGpVc=
+github.com/containerd/containerd v1.3.7/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
+github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b h1:qUtCegLdOUVfVJOw+KDg6eJyE1TGvLlkGEd1091kSSQ=
+github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0=
 github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/creasty/defaults v1.3.0 h1:uG+RAxYbJgOPCOdKEcec9ZJXeva7Y6mj/8egdzwmLtw=
-github.com/creasty/defaults v1.3.0/go.mod h1:CIEEvs7oIVZm30R8VxtFJs+4k201gReYyuYHJxZc68I=
+github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
+github.com/creasty/defaults v1.5.0 h1:DW6NAGGaKuNSKkntc8BCBrR2KOUAcXVnfcwu/LmJhaQ=
+github.com/creasty/defaults v1.5.0/go.mod h1:FPZ+Y0WNrbqOVw+c6av63eyHUAl6pMHZwqLPvXUZGfY=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
+github.com/docker/cli v17.12.1-ce-rc2+incompatible h1:ESUycEAqvFuLglAHkUW66rCc2djYtd3i1x231svLq9o=
+github.com/docker/cli v17.12.1-ce-rc2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v0.0.0-20180422163414-57142e89befe h1:VW8TnWi0CZgg7oCv0wH6evNwkzcJg/emnw4HrVIWws4=
-github.com/docker/docker v0.0.0-20180422163414-57142e89befe/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible h1:iWPIG7pWIsCwT6ZtHnTUpoVMnete7O/pzd9HFE3+tn8=
+github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
-github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk=
-github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8=
+github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw=
+github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
+github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/dsnet/compress v0.0.1 h1:PlZu0n3Tuv04TzpfPbrnI0HW/YwodEXDS+oPKahKF0Q=
 github.com/dsnet/compress v0.0.1/go.mod h1:Aw8dCMJ7RioblQeTqt88akK31OvO8Dhf5JflhBbQEHo=
 github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdfkVLjJ8T6VcRQv3SXugXy999NBtR9aFY=
+github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
+github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
+github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
+github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
+github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=
+github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
+github.com/fatih/color v1.9.0 h1:8xPHl4/q1VyqGIPif1F+1V3Y3lSmrq01EabUW3CoW5s=
+github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
+github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
+github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
+github.com/frankban/quicktest v1.10.2 h1:19ARM85nVi4xH7xPXuc5eM/udya5ieh7b/Sv+d844Tk=
+github.com/frankban/quicktest v1.10.2/go.mod h1:K+q6oSqb0W0Ininfk863uOk1lMy69l/P6txr3mVT54s=
 github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/gabriel-vasile/mimetype v0.1.4 h1:5mcsq3+DXypREUkW+1juhjeKmE/XnWgs+paHMJn7lf8=
-github.com/gabriel-vasile/mimetype v0.1.4/go.mod h1:kMJbg3SlWZCsj4R73F1WDzbT9AyGCOVmUtIxxwO5pmI=
-github.com/gbrlsnchs/jwt/v3 v3.0.0-rc.0 h1:7KeiSrO5puFH1+vdAdbpiie2TrNnkvFc/eOQzT60Z2k=
-github.com/gbrlsnchs/jwt/v3 v3.0.0-rc.0/go.mod h1:D1+3UtCYAJ1os1PI+zhTVEj6Tb+IHJvXjXKz83OstmM=
+github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
+github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/gabriel-vasile/mimetype v1.1.1 h1:qbN9MPuRf3bstHu9zkI9jDWNfH//9+9kHxr9oRBBBOA=
+github.com/gabriel-vasile/mimetype v1.1.1/go.mod h1:6CDPel/o/3/s4+bp6kIbsWATq8pmgOisOPG40CJa6To=
+github.com/gammazero/deque v0.0.0-20200227231300-1e9af0e52b46 h1:iX4+rD9Fjdx8SkmSO/O5WAIX/j79ll3kuqv5VdYt9J8=
+github.com/gammazero/deque v0.0.0-20200227231300-1e9af0e52b46/go.mod h1:D90+MBHVc9Sk1lJAbEVgws0eYEurY4mv2TDso3Nxh3w=
+github.com/gammazero/deque v0.0.0-20200721202602-07291166fe33 h1:UG4wNrJX9xSKnm/Gck5yTbxnOhpNleuE4MQRdmcGySo=
+github.com/gammazero/deque v0.0.0-20200721202602-07291166fe33/go.mod h1:D90+MBHVc9Sk1lJAbEVgws0eYEurY4mv2TDso3Nxh3w=
+github.com/gammazero/workerpool v1.0.0 h1:MfkJc6KL0tAmjrRDS203AZz3F+84Uod9YbL8KjpcQ00=
+github.com/gammazero/workerpool v1.0.0/go.mod h1:/XWO2YAUUpPi3smDlFBl0vpX0JHwUomDM/oRMwRmnSs=
+github.com/gbrlsnchs/jwt/v3 v3.0.0-rc.2 h1:3t7jvTkeQfk1FdP0noXSNiM6AdBokLz7QmZDmnCHAAA=
+github.com/gbrlsnchs/jwt/v3 v3.0.0-rc.2/go.mod h1:AncDcjXz18xetI3A6STfXq2w+LuTx8pQ8bGEwRN8zVM=
 github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
 github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
-github.com/gin-gonic/gin v1.6.2 h1:88crIK23zO6TqlQBt+f9FrPJNKm9ZEr7qjp9vl/d5TM=
-github.com/gin-gonic/gin v1.6.2/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwvtwp4M=
+github.com/gin-gonic/gin v1.6.3 h1:ahKqKTFpO5KTPHxWZjEdPScmYaGtLo8Y4DMHoEsnp14=
+github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwvtwp4M=
 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
+github.com/go-logfmt/logfmt v0.4.0 h1:MP4Eh7ZCb31lleYCFuwm0oe4/YGak+5l1vA2NOE80nA=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
+github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
 github.com/go-playground/assert/v2 v2.0.1 h1:MsBgLAaY856+nPRTKrp3/OZK38U/wa0CcBYNjji3q3A=
 github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.13.0 h1:HyWk6mgj5qFqCT5fjGBuRArbVDfE4hi8+e8ceBS/t7Q=
@@ -82,79 +161,152 @@ github.com/go-playground/universal-translator v0.17.0 h1:icxd5fm+REJzpZx7ZfpaD87
 github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA=
 github.com/go-playground/validator/v10 v10.2.0 h1:KgJ0snyC2R9VXYN2rneOtQcw5aHQB1Vv0sFl1UcHBOY=
 github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI=
-github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
+github.com/go-playground/validator/v10 v10.3.0 h1:nZU+7q+yJoFmwvNgv/LnPUkwPal62+b2xXj0AU1Es7o=
+github.com/go-playground/validator/v10 v10.3.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI=
+github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE=
 github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
+github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
+github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/golang/gddo v0.0.0-20190419222130-af0f2af80721 h1:KRMr9A3qfbVM7iV/WcLY/rL5LICqwMHLhwRXKu99fXw=
 github.com/golang/gddo v0.0.0-20190419222130-af0f2af80721/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
-github.com/golang/protobuf v1.3.5 h1:F768QJ1E9tib+q5Sc8MkdJi1RxLTbRcTf8LJV56aRls=
-github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
+github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.0 h1:/QaMHBdZ26BB3SSst0Iwl10Epc+xhTquomWX0oZEB6w=
+github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM=
+github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
+github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/mux v1.7.4 h1:VuZ8uybHlWmqV03+zRzdwKL4tUnIp1MAQtp1mIFE1bc=
+github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
+github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
 github.com/gorilla/websocket v1.4.0 h1:WDFjx/TMzVgy9VdMMQi2K2Emtwi2QcUQsztZ/zLaH/Q=
 github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/gotestyourself/gotestyourself v2.2.0+incompatible h1:AQwinXlbQR2HvPjQZOmDhRqsv5mZf+Jb1RnSLxcqZcI=
-github.com/gotestyourself/gotestyourself v2.2.0+incompatible/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY=
+github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc=
+github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
+github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
 github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
+github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
+github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
+github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
+github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
+github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
+github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM=
+github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
+github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
+github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU=
+github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4=
+github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
+github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
+github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
+github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
+github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
+github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
+github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
+github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
+github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
 github.com/hinshun/vt10x v0.0.0-20180616224451-1954e6464174 h1:WlZsjVhE8Af9IcZDGgJGQpNflI3+MJSBhsgT5PCtzBQ=
 github.com/hinshun/vt10x v0.0.0-20180616224451-1954e6464174/go.mod h1:DqJ97dSdRW1W22yXSB90986pcOyQ7r45iio1KN2ez1A=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
 github.com/iancoleman/strcase v0.0.0-20191112232945-16388991a334 h1:VHgatEHNcBFEB7inlalqfNqw65aNkM1lGX2yt3NmbS8=
 github.com/iancoleman/strcase v0.0.0-20191112232945-16388991a334/go.mod h1:SK73tn/9oHe+/Y0h39VT4UCxmurVJkR5NA7kMEAOgSE=
+github.com/icza/dyno v0.0.0-20200205103839-49cb13720835 h1:f1irK5f03uGGj+FjgQfZ5VhdKNVQVJ4skHsedzVohQ4=
+github.com/icza/dyno v0.0.0-20200205103839-49cb13720835/go.mod h1:c1tRKs5Tx7E2+uHGSyyncziFjvGpgv4H2HrqXeUQ/Uk=
 github.com/imdario/mergo v0.3.8 h1:CGgOkSJeqMRmt0D9XLWExdT4m4F1vd3FV3VPt+0VxkQ=
 github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
-github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
-github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
+github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
+github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
+github.com/jpillora/backoff v0.0.0-20180909062703-3050d21c67d7/go.mod h1:2iMrUgbbvHEiQClaW2NsSzMyGHqN+rDFqY705q49KG0=
+github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
+github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
+github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.9 h1:9yzud/Ht36ygwatGx56VwCZtlI/2AD15T1X2sjSuGns=
 github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
+github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0 h1:TDTW5Yz1mjftljbcKqRcrYhd4XeOoI98t+9HbQbYf7g=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
+github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
+github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw=
+github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
+github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/klauspost/compress v1.9.2 h1:LfVyl+ZlLlLDeQ/d2AqfGIIH4qEDu0Ed2S5GyhCWIWY=
 github.com/klauspost/compress v1.9.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
+github.com/klauspost/compress v1.10.10 h1:a/y8CglcM7gLGYmlbP/stPE5sR3hbhFRUjCBfd/0B3I=
+github.com/klauspost/compress v1.10.10/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/klauspost/pgzip v1.2.1 h1:oIPZROsWuPHpOdMVWLuJZXwgjhrW8r1yEX8UqMyeNHM=
 github.com/klauspost/pgzip v1.2.1/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
-github.com/klauspost/pgzip v1.2.3 h1:Ce2to9wvs/cuJ2b86/CKQoTYr9VHfpanYosZ0UBJqdw=
-github.com/klauspost/pgzip v1.2.3/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
+github.com/klauspost/pgzip v1.2.4 h1:TQ7CNpYKovDOmqzRHKxJh0BeaBI7UdQZYc6p7pMQh1A=
+github.com/klauspost/pgzip v1.2.4/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
+github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8=
 github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.4 h1:5Myjjh3JY/NaAi4IsUbHADytDyl1VE1Y9PXDlL+P/VQ=
 github.com/kr/pty v1.1.4/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
@@ -162,26 +314,52 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/leodido/go-urn v1.2.0 h1:hpXL4XnriNwQ/ABnpepYM/1vCLWNDfUNts8dX3xTG6Y=
 github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
+github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
+github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
+github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
 github.com/magefile/mage v1.9.0 h1:t3AU2wNwehMCW97vuqQLtw6puppWXHO+O2MHo5a50XE=
 github.com/magefile/mage v1.9.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
+github.com/magefile/mage v1.10.0 h1:3HiXzCUY12kh9bIuyXShaVe529fJfyqoVM42o/uom2g=
+github.com/magefile/mage v1.10.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4=
 github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
+github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
+github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
 github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
 github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-colorable v0.1.4 h1:snbPLB8fVfU9iwbbo30TPtbLRzwWu6aJS6Xh4eaaviA=
+github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-colorable v0.1.7 h1:bQGKb3vps/j0E9GfJQ03JyhRuxsvdAanXlT9BTw3mdw=
+github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
+github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
+github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
 github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
 github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
 github.com/mattn/go-shellwords v1.0.10 h1:Y7Xqm8piKOO3v10Thp7Z36h4FYFjt5xB//6XvOrs2Gw=
 github.com/mattn/go-shellwords v1.0.10/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y=
+github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4=
 github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
+github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI=
+github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
 github.com/mholt/archiver/v3 v3.3.0 h1:vWjhY8SQp5yzM9P6OJ/eZEkmi3UAbRrxCq48MxjAzig=
 github.com/mholt/archiver/v3 v3.3.0/go.mod h1:YnQtqsp+94Rwd0D/rk5cnLrxusUBUXg+08Ebtr1Mqao=
+github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
+github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
 github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2EmQ4l5rM/4FEfDWcRD+abF5XlKShorW5LRoQ=
 github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw=
+github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
+github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg=
+github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
+github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
@@ -189,82 +367,173 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
+github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
+github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
+github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
+github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k=
+github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w=
+github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
+github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
+github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/nwaples/rardecode v1.0.0 h1:r7vGuS5akxOnR4JQSkko62RJ1ReCMXxQRPtxsiFMBOs=
 github.com/nwaples/rardecode v1.0.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
+github.com/nwaples/rardecode v1.1.0 h1:vSxaY8vQhOcVr4mm5e8XllHWTiM4JF507A0Katqw7MQ=
+github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
+github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
+github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
 github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
-github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ=
-github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
+github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
 github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
+github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis=
+github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74=
+github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
+github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
+github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA=
+github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
+github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
+github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
+github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
+github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
+github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac=
+github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
 github.com/pierrec/lz4 v2.0.5+incompatible h1:2xWsjqPFWcplujydGg4WmhC/6fZqK42wMM8aXeqhl0I=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
+github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI=
+github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/profile v1.4.0 h1:uCmaf4vVbWAOZz36k1hrQD7ijGRzLwaME8Am/7a4jZI=
-github.com/pkg/profile v1.4.0/go.mod h1:NWz/XGvpEW1FyYQ7fCx4dqYBLlfTcE+A9FLAkNKqjFE=
-github.com/pkg/sftp v1.8.3 h1:9jSe2SxTM8/3bXZjtqnkgTBW+lA8db0knZJyns7gpBA=
-github.com/pkg/sftp v1.8.3/go.mod h1:NxmoDg/QLVWluQDUYG7XBZTLUpKeFa8e3aMf1BfjyHk=
-github.com/pkg/sftp v1.10.1 h1:VasscCm72135zRysgrJDKsntdmPN+OuU3+nnHYA9wyc=
-github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
+github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
+github.com/pkg/profile v1.5.0 h1:042Buzk+NhDI+DeSAA62RwJL8VAuZUMQZUjCsRz1Mug=
+github.com/pkg/profile v1.5.0/go.mod h1:qBsxPvzyUincmltOk6iyRVxHYg4adc0OFOv72ZdLa18=
+github.com/pkg/sftp v1.11.0 h1:4Zv0OGbpkg4yNuUtH0s8rvoYxRCNyT29NVUo6pgPmxI=
+github.com/pkg/sftp v1.11.0/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
+github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
 github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
+github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
+github.com/prometheus/client_golang v1.1.0 h1:BQ53HtBmfOitExawJ6LokA4x8ov/z0SYYb0+HxJfRI8=
+github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g=
+github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
+github.com/prometheus/client_golang v1.7.1 h1:NTGy1Ja9pByO+xAeH/qiWnLrKtr3hJPNjaVUwnjpdpA=
+github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 h1:S/YWwWx/RA8rT8tKFRuGUZhuA90OyIBpPCXkcbwU8DE=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
+github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
+github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
+github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
+github.com/prometheus/common v0.6.0 h1:kRhiuYSXR3+uv2IbVbZhUxK5zVD/2pp3Gd2PpvPkpEo=
+github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc=
+github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
+github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
+github.com/prometheus/common v0.11.1 h1:0ZISXCMRuCZcxF77aT1BXY5m74mX2vrGYl1dSwBI0Jo=
+github.com/prometheus/common v0.11.1/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
+github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
+github.com/prometheus/procfs v0.0.3 h1:CTwfnzjQ+8dS6MhHHu4YswVAD99sL2wjPqP+VkURmKE=
+github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
+github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
+github.com/prometheus/procfs v0.1.3 h1:F0+tqvhOksq22sc6iCHF5WGlWjdwj92p0udFh1VFBS8=
+github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
-github.com/pterodactyl/sftp-server v1.1.1 h1:IjuOy21BNZxfejKnXG1RgLxXAYylDqBVpbKZ6+fG5FQ=
-github.com/pterodactyl/sftp-server v1.1.1/go.mod h1:b1VVWYv0RF9rxSZQqaD/rYXriiRMNPsbV//CKMXR4ag=
-github.com/remeh/sizedwaitgroup v0.0.0-20180822144253-5e7302b12cce h1:aP+C+YbHZfOQlutA4p4soHi7rVUqHQdWEVMSkHfDTqY=
-github.com/remeh/sizedwaitgroup v0.0.0-20180822144253-5e7302b12cce/go.mod h1:3j2R4OIe/SeS6YDhICBy22RWjJC5eNCJ1V+9+NVNYlo=
+github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
+github.com/remeh/sizedwaitgroup v1.0.0 h1:VNGGFwNo/R5+MJBf6yrsr110p0m4/OX4S3DCy7Kyl5E=
+github.com/remeh/sizedwaitgroup v1.0.0/go.mod h1:3j2R4OIe/SeS6YDhICBy22RWjJC5eNCJ1V+9+NVNYlo=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
+github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94 h1:G04eS0JkAIVZfaJLjla9dNxkJCPiKIGZlw9AfOhzOD0=
 github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94/go.mod h1:b18R55ulyQ/h3RaWyloPyER7fWQVZvimKKhnI5OfrJQ=
+github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
+github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
+github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/sirupsen/logrus v1.2.0 h1:juTguoYk5qI21pwyTXY3B3Y5cOTH3ZUyZCg1v/mihuo=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
+github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I=
+github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
+github.com/smartystreets/assertions v1.0.0 h1:UVQPSSmc3qtTi+zPPkCXvZX9VvW/xT/NsRvKfwY81a8=
+github.com/smartystreets/assertions v1.0.0/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM=
+github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM=
 github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s=
 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
+github.com/smartystreets/gunit v1.0.0/go.mod h1:qwPWnhz6pn0NnRBP++URONOVyNkPyr4SauJk4cUOwJs=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
+github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
-github.com/spf13/cobra v0.0.7 h1:FfTH+vuMXOas8jmfb5/M7dzEYx7LpcLb7a0LPe34uOU=
-github.com/spf13/cobra v0.0.7/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
+github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
+github.com/spf13/cobra v1.0.0 h1:6m/oheQuQ13N9ks4hubMG6BnvwOeaJrqSPLahSnczz8=
+github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
+github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
+github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
+github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
+github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
 github.com/stretchr/testify v1.2.1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/tj/assert v0.0.0-20171129193455-018094318fb0 h1:Rw8kxzWo1mr6FSaYXjQELRe88y2KdfynXdnK72rdjtA=
+github.com/tj/assert v0.0.0-20171129193455-018094318fb0/go.mod h1:mZ9/Rh9oLWpLLDRpvE+3b7gP/C2YyLFYxNmcLnPTMe0=
+github.com/tj/assert v0.0.3 h1:Df/BlaZ20mq6kuai7f5z2TvPFiwC3xaWJSDQNiIS3Rk=
+github.com/tj/assert v0.0.3/go.mod h1:Ne6X72Q+TB1AteidzQncjw9PabbMp4PBMZ1k+vd1Pvk=
+github.com/tj/go-buffer v1.1.0/go.mod h1:iyiJpfFcR2B9sXu7KvjbT9fpM4mOelRSDTbntVj52Uc=
+github.com/tj/go-elastic v0.0.0-20171221160941-36157cbbebc2/go.mod h1:WjeM0Oo1eNAjXGDx2yma7uG2XoyRZTq1uv3M/o7imD0=
+github.com/tj/go-kinesis v0.0.0-20171128231115-08b17f58cb1b/go.mod h1:/yhzCV0xPfx6jb1bBgRFjl5lytqVqZXEaeqWP8lTEao=
+github.com/tj/go-spin v1.1.0 h1:lhdWZsvImxvZ3q1C5OIB7d72DuOwP4O2NdBg9PyzNds=
+github.com/tj/go-spin v1.1.0/go.mod h1:Mg1mzmePZm4dva8Qz60H2lHwmJ2loum4VIrLgVnKwh4=
+github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/uber-go/zap v1.9.1/go.mod h1:GY+83l3yxBcBw2kmHu/sAWwItnTn+ynxHCRo+WiIQOY=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
 github.com/ugorji/go v1.1.7 h1:/68gy2h+1mWMrwZFeD1kQialdSzAb432dtpeJ42ovdo=
 github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
@@ -272,139 +541,224 @@ github.com/ugorji/go/codec v1.1.7 h1:2SvQaVZ1ouYrrKKwoSk2pzd4A9evlKJb9oTL+OaLUSs
 github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
 github.com/ulikunitz/xz v0.5.6 h1:jGHAfXawEGZQ3blwU5wnWKQJvAraT7Ftq9EXjnXYgt8=
 github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
+github.com/ulikunitz/xz v0.5.7 h1:YvTNdFzX6+W5m9msiYg/zpkSURPPtOlzbqYjrFn7Yt4=
+github.com/ulikunitz/xz v0.5.7/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
+github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
+github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.1.30/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
+go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
+go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
+go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
+go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
+go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4=
 go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
-go.uber.org/atomic v1.5.1 h1:rsqfU5vBkVknbhUGbAUwQKR2H4ItV8tjJ+6kJX4cxHM=
-go.uber.org/atomic v1.5.1/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
-go.uber.org/multierr v1.4.0 h1:f3WCSC2KzAcBXGATIxAB1E2XuCpNU255wNKZ505qi3E=
-go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
 go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee h1:0mgffUl7nfd+FpvXMVz4IDEaUSmT1ysygQC7qYo7sG4=
 go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
-go.uber.org/zap v1.9.1 h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o=
-go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
-go.uber.org/zap v1.13.0 h1:nR6NoDBgAf67s68NhaXbsojM+2gxp3S1hWkHDl27pVU=
 go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20181025213731-e84da0312774/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190530122614-20be4c3c3ed5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190927123631-a832865fa7ad/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200414173820-0848c9571904 h1:bXoxMPcSLOq08zI3/c5dEBT6lE4eh+jOh886GHrn6V8=
-golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5 h1:Q7tZBpemrlsc2I7IyODzhtallWRSm4Q0d09pL6XbQtU=
-golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de h1:ikNHVSjEfnvz6sxdSPCaPt572qowuyMDMJLLm3Db3ig=
+golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNTEKDvWeuc1yieZ8qUzUE=
-golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
-golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7+slrESplyjG25HgL+k=
-golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
-golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 h1:Jcxah/M+oLZ/R4/z5RzfPzGbPXnVDPkEDtf2JnuxN+U=
-golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU=
+golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6ZhfOqbKu7X5eyFl8ZhKvA=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a h1:WXEvlFVvvGxCJLG6REjsT03iWnKLEWinaScsxF2Vm2o=
-golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208 h1:qwRHBd0NqMbJxfbotnDhm2ByMI1Shq4Y6oRJo21SGJA=
+golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190530182044-ad28b68e88f1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200413165638-669c56c373c4 h1:opSr2sbRXk5X5/givKrrKj9HXxFpW2sdCiP8MJSKLQY=
-golang.org/x/sys v0.0.0-20200413165638-669c56c373c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f h1:gWF768j/LaZugp8dyS4UwsslYCYz9XgFxvlgsn0n9H8=
-golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae h1:Ih9Yo4hSPImZOpfGuA4bR/ORKTAbhZo2AbWNRCnevdo=
+golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e h1:EHBhcS0mlXEAVwNyO2dLfjToGsyY4j24pTs2ScHnX7s=
+golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190710153321-831012c29e42/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
+golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5 h1:hKsoRgsbwY1NafxrwTs+k64bikrLBkAgPir1TNCj3Zs=
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20200417140056-c07e33ef3290 h1:NXNmtp0ToD36cui5IqWy95LC4Y6vT/4y3RnPxlQPinU=
-golang.org/x/tools v0.0.0-20200417140056-c07e33ef3290/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200426102838-f3a5411a4c3b/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools/gopls v0.1.3/go.mod h1:vrCQzOKxvuiZLjCKSmbbov04oeBQQOb4VQqwYK2PWIY=
+golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8 h1:Nw54tB0rB7hY/N0NQvRW8DG4Yk3Q6T9cu9RcFQDu1tc=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/genproto v0.0.0-20200806141610-86f49bd18e98 h1:LCO0fg4kb6WwkXQXRQQgUYsFeFb5taTX5WAx5O/Vt28=
+google.golang.org/genproto v0.0.0-20200806141610-86f49bd18e98/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
+google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
+google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
+google.golang.org/grpc v1.21.0 h1:G+97AoqBnmZIT91cLG/EkCoK9NSelj64P8bOHHNmGn0=
 google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
+google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.31.0 h1:T7P4R73V3SSDPhH7WW7ATbfViLtmamH0DKrP3f9AuDI=
+google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA=
+google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
+google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
+google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
-gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno=
-gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
+gopkg.in/ini.v1 v1.57.0 h1:9unxIsFcTt4I55uWluz+UmL95q4kdJ0buvQ1ZIqVQww=
+gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
 gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c h1:grhR+C34yXImVGp7EzNk+DTIk+323eIUWOmEevy6bDo=
+gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
 gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
+honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM=
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
+sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
--- a/installer/installer.go
+++ b/installer/installer.go
@@ -2,13 +2,14 @@ package installer

 import (
 	"encoding/json"
+	"github.com/apex/log"
 	"github.com/asaskevich/govalidator"
 	"github.com/buger/jsonparser"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
 	"github.com/pterodactyl/wings/config"
+	"github.com/pterodactyl/wings/environment"
 	"github.com/pterodactyl/wings/server"
-	"go.uber.org/zap"
 	"os"
 	"path"
 )
@@ -25,17 +26,12 @@ func New(data []byte) (*Installer, error) {
 		return nil, NewValidationError("uuid provided was not in a valid format")
 	}

-	if !govalidator.IsUUIDv4(getString(data, "service", "egg")) {
-		return nil, NewValidationError("service egg provided was not in a valid format")
-	}
-
-	s := &server.Server{
-		Uuid:       getString(data, "uuid"),
-		Suspended:  false,
-		State:      server.ProcessOfflineState,
-		Invocation: getString(data, "invocation"),
-		EnvVars:    make(map[string]string),
-		Build: server.BuildSettings{
+	cfg := &server.Configuration{
+		Uuid:           getString(data, "uuid"),
+		Suspended:      false,
+		Invocation:     getString(data, "invocation"),
+		SkipEggScripts: getBoolean(data, "skip_egg_scripts"),
+		Build: environment.Limits{
 			MemoryLimit: getInt(data, "build", "memory"),
 			Swap:        getInt(data, "build", "swap"),
 			IoWeight:    uint16(getInt(data, "build", "io")),
@@ -43,20 +39,18 @@ func New(data []byte) (*Installer, error) {
 			DiskSpace:   getInt(data, "build", "disk"),
 			Threads:     getString(data, "build", "threads"),
 		},
-		Allocations: server.Allocations{
-			Mappings: make(map[string][]int),
-		},
+		CrashDetectionEnabled: true,
 	}

-	s.Allocations.DefaultMapping.Ip = getString(data, "allocations", "default", "ip")
-	s.Allocations.DefaultMapping.Port = int(getInt(data, "allocations", "default", "port"))
+	cfg.Allocations.DefaultMapping.Ip = getString(data, "allocations", "default", "ip")
+	cfg.Allocations.DefaultMapping.Port = int(getInt(data, "allocations", "default", "port"))

 	// Unmarshal the environment variables from the request into the server struct.
 	if b, _, _, err := jsonparser.Get(data, "environment"); err != nil {
 		return nil, errors.WithStack(err)
 	} else {
-		s.EnvVars = make(map[string]string)
-		if err := json.Unmarshal(b, &s.EnvVars); err != nil {
+		cfg.EnvVars = make(environment.Variables)
+		if err := json.Unmarshal(b, &cfg.EnvVars); err != nil {
 			return nil, errors.WithStack(err)
 		}
 	}
@@ -65,15 +59,15 @@ func New(data []byte) (*Installer, error) {
 	if b, _, _, err := jsonparser.Get(data, "allocations", "mappings"); err != nil {
 		return nil, errors.WithStack(err)
 	} else {
-		s.Allocations.Mappings = make(map[string][]int)
-		if err := json.Unmarshal(b, &s.Allocations.Mappings); err != nil {
+		cfg.Allocations.Mappings = make(map[string][]int)
+		if err := json.Unmarshal(b, &cfg.Allocations.Mappings); err != nil {
 			return nil, errors.WithStack(err)
 		}
 	}

-	s.Container.Image = getString(data, "container", "image")
+	cfg.Container.Image = getString(data, "container", "image")

-	c, rerr, err := api.NewRequester().GetServerConfiguration(s.Uuid)
+	c, rerr, err := api.NewRequester().GetServerConfiguration(cfg.Uuid)
 	if err != nil || rerr != nil {
 		if err != nil {
 			return nil, errors.WithStack(err)
@@ -82,21 +76,18 @@ func New(data []byte) (*Installer, error) {
 		return nil, errors.New(rerr.String())
 	}

-	// Destroy the temporary server instance.
-	s = nil
-
 	// Create a new server instance using the configuration we wrote to the disk
 	// so that everything gets instantiated correctly on the struct.
-	s2, err := server.FromConfiguration(c)
+	s, err := server.FromConfiguration(c)

 	return &Installer{
-		server: s2,
+		server: s,
 	}, err
 }

 // Returns the UUID associated with this installer instance.
 func (i *Installer) Uuid() string {
-	return i.server.Uuid
+	return i.server.Id()
 }

 // Return the server instance.
@@ -108,24 +99,27 @@ func (i *Installer) Server() *server.Server {
 // associated installation process based on the parameters passed through for
 // the server instance.
 func (i *Installer) Execute() {
-	zap.S().Debugw("creating required server data directory", zap.String("server", i.Uuid()))
-	if err := os.MkdirAll(path.Join(config.Get().System.Data, i.Uuid()), 0755); err != nil {
-		zap.S().Errorw("failed to create server data directory", zap.String("server", i.Uuid()), zap.Error(errors.WithStack(err)))
+	p := path.Join(config.Get().System.Data, i.Uuid())
+	l := log.WithFields(log.Fields{"server": i.Uuid(), "process": "installer"})
+
+	l.WithField("path", p).Debug("creating required server data directory")
+	if err := os.MkdirAll(p, 0755); err != nil {
+		l.WithFields(log.Fields{"path": p, "error": errors.WithStack(err)}).Error("failed to create server data directory")
 		return
 	}

-	if err := os.Chown(path.Join(config.Get().System.Data, i.Uuid()), config.Get().System.User.Uid, config.Get().System.User.Gid); err != nil {
-		zap.S().Errorw("failed to chown server data directory", zap.String("server", i.Uuid()), zap.Error(errors.WithStack(err)))
+	if err := os.Chown(p, config.Get().System.User.Uid, config.Get().System.User.Gid); err != nil {
+		l.WithField("error", errors.WithStack(err)).Error("failed to chown server data directory")
 		return
 	}

-	zap.S().Debugw("creating required environment for server instance", zap.String("server", i.Uuid()))
+	l.Debug("creating required environment for server instance")
 	if err := i.server.Environment.Create(); err != nil {
-		zap.S().Errorw("failed to create environment for server", zap.String("server", i.Uuid()), zap.Error(err))
+		l.WithField("error", err).Error("failed to create environment for server")
 		return
 	}

-	zap.S().Debugw("created environment for server during install process", zap.String("server", i.Uuid()))
+	l.Info("successfully created environment for server during install process")
 }

 // Returns a string value from the JSON data provided.
@@ -141,3 +135,9 @@ func getInt(data []byte, key ...string) int64 {

 	return value
 }
+
+func getBoolean(data []byte, key ...string) bool {
+	value, _ := jsonparser.GetBoolean(data, key...)
+
+	return value
+}
--- a/loggers/cli/cli.go
+++ b/loggers/cli/cli.go
@@ -0,0 +1,114 @@
+package cli
+
+import (
+	"fmt"
+	"github.com/apex/log"
+	"github.com/apex/log/handlers/cli"
+	color2 "github.com/fatih/color"
+	"github.com/mattn/go-colorable"
+	"github.com/pkg/errors"
+	"io"
+	"os"
+	"sync"
+	"time"
+)
+
+var Default = New(os.Stderr, true)
+
+var bold = color2.New(color2.Bold)
+
+var Strings = [...]string{
+	log.DebugLevel: "DEBUG",
+	log.InfoLevel:  " INFO",
+	log.WarnLevel:  " WARN",
+	log.ErrorLevel: "ERROR",
+	log.FatalLevel: "FATAL",
+}
+
+type Handler struct {
+	mu      sync.Mutex
+	Writer  io.Writer
+	Padding int
+}
+
+func New(w io.Writer, useColors bool) *Handler {
+	if f, ok := w.(*os.File); ok {
+		if useColors {
+			return &Handler{Writer: colorable.NewColorable(f), Padding: 2}
+		}
+	}
+
+	return &Handler{Writer: colorable.NewNonColorable(w), Padding: 2}
+}
+
+type tracer interface {
+	StackTrace() errors.StackTrace
+}
+
+// HandleLog implements log.Handler.
+func (h *Handler) HandleLog(e *log.Entry) error {
+	color := cli.Colors[e.Level]
+	level := Strings[e.Level]
+	names := e.Fields.Names()
+
+	h.mu.Lock()
+	defer h.mu.Unlock()
+
+	color.Fprintf(h.Writer, "%s: [%s] %-25s", bold.Sprintf("%*s", h.Padding+1, level), time.Now().Format(time.StampMilli), e.Message)
+
+	for _, name := range names {
+		if name == "source" {
+			continue
+		}
+
+		fmt.Fprintf(h.Writer, " %s=%v", color.Sprint(name), e.Fields.Get(name))
+	}
+
+	fmt.Fprintln(h.Writer)
+
+	for _, name := range names {
+		if name != "error" {
+			continue
+		}
+
+		var br = color2.New(color2.Bold, color2.FgRed)
+		if err, ok := e.Fields.Get("error").(error); ok {
+			fmt.Fprintf(h.Writer, "\n%s%+v\n\n", br.Sprintf("Stacktrace:"), getErrorStack(err, false))
+		} else {
+			fmt.Fprintf(h.Writer, "\n%s%+v\n\n", br.Sprintf("Invalid Error:"), err)
+		}
+	}
+
+	return nil
+}
+
+func getErrorStack(err error, i bool) errors.StackTrace {
+	e, ok := err.(tracer)
+	if !ok {
+		if i {
+			// Just abort out of this and return a stacktrace leading up to this point. It isn't perfect
+			// but it'll at least include what function lead to this being called which we can then handle.
+			return errors.Wrap(err, "failed to generate stacktrace for caught error").(tracer).StackTrace()
+		}
+
+		return getErrorStack(errors.Wrap(err, err.Error()), true)
+	}
+
+	st := e.StackTrace()
+
+	l := len(st)
+	// If this was an internal stack generation we're going to skip over the top four items in the stack
+	// trace since they'll point to the error that was generated by this function.
+	f := 0
+	if i {
+		f = 4
+	}
+
+	if i && l > 9 {
+		l = 9
+	} else if !i && l > 5 {
+		l = 5
+	}
+
+	return st[f:l]
+}
--- a/parser/helpers.go
+++ b/parser/helpers.go
@@ -3,13 +3,12 @@ package parser
 import (
 	"bytes"
 	"github.com/Jeffail/gabs/v2"
+	"github.com/apex/log"
 	"github.com/buger/jsonparser"
 	"github.com/iancoleman/strcase"
 	"github.com/pkg/errors"
-	"go.uber.org/zap"
 	"io/ioutil"
 	"os"
-	"reflect"
 	"regexp"
 	"strconv"
 	"strings"
@@ -48,13 +47,14 @@ func readFileBytes(path string) ([]byte, error) {
 }

 // Gets the value of a key based on the value type defined.
-func getKeyValue(value []byte) interface{} {
-	if reflect.ValueOf(value).Kind() == reflect.Bool {
+func (cfr *ConfigurationFileReplacement) getKeyValue(value []byte) interface{} {
+	if cfr.ReplaceWith.Type() == jsonparser.Boolean {
 		v, _ := strconv.ParseBool(string(value))
 		return v
 	}

-	// Try to parse into an int, if this fails just ignore the error and
+	// Try to parse into an int, if this fails just ignore the error and continue
+	// through, returning the string.
 	if v, err := strconv.Atoi(string(value)); err == nil {
 		return v
 	}
@@ -70,17 +70,19 @@ func getKeyValue(value []byte) interface{} {
 // configurations per-world (such as Spigot and Bungeecord) where we'll need to make
 // adjustments to the bind address for the user.
 //
-// This does not currently support nested matches. container.*.foo.*.bar will not work.
+// This does not currently support nested wildcard matches. For example, foo.*.bar
+// will work, however foo.*.bar.*.baz will not, since we'll only be splitting at the
+// first wildcard, and not subsequent ones.
 func (f *ConfigurationFile) IterateOverJson(data []byte) (*gabs.Container, error) {
 	parsed, err := gabs.ParseJSON(data)
 	if err != nil {
-		return nil, err
+		return nil, errors.WithStack(err)
 	}

 	for _, v := range f.Replace {
 		value, err := f.LookupConfigurationValue(v)
 		if err != nil {
-			return nil, err
+			return nil, errors.WithStack(err)
 		}

 		// Check for a wildcard character, and if found split the key on that value to
@@ -94,13 +96,21 @@ func (f *ConfigurationFile) IterateOverJson(data []byte) (*gabs.Container, error
 			// If the child is a null value, nothing will happen. Seems reasonable as of the
 			// time this code is being written.
 			for _, child := range parsed.Path(strings.Trim(parts[0], ".")).Children() {
-				if err := v.SetAtPathway(child, strings.Trim(parts[1], "."), value); err != nil {
-					return nil, err
+				if err := v.SetAtPathway(child, strings.Trim(parts[1], "."), []byte(value)); err != nil {
+					if errors.Is(err, gabs.ErrNotFound) {
+						continue
+					}
+
+					return nil, errors.Wrap(err, "failed to set config value of array child")
 				}
 			}
 		} else {
-			if err = v.SetAtPathway(parsed, v.Match, value); err != nil {
-				return nil, err
+			if err = v.SetAtPathway(parsed, v.Match, []byte(value)); err != nil {
+				if errors.Is(err, gabs.ErrNotFound) {
+					continue
+				}
+
+				return nil, errors.Wrap(err, "unable to set config value at pathway: "+v.Match)
 			}
 		}
 	}
@@ -108,53 +118,122 @@ func (f *ConfigurationFile) IterateOverJson(data []byte) (*gabs.Container, error
 	return parsed, nil
 }

-// Sets the value at a specific pathway, but checks if we were looking for a specific
-// value or not before doing it.
-func (cfr *ConfigurationFileReplacement) SetAtPathway(c *gabs.Container, path string, value []byte) error {
-	if cfr.IfValue != "" {
-		// If this is a regex based matching, we need to get a little more creative since
-		// we're only going to replacing part of the string, and not the whole thing.
-		if c.Exists(path) && strings.HasPrefix(cfr.IfValue, "regex:") {
-			// We're doing some regex here.
-			r, err := regexp.Compile(strings.TrimPrefix(cfr.IfValue, "regex:"))
-			if err != nil {
-				zap.S().Warnw(
-					"configuration if_value using invalid regexp, cannot do replacement",
-					zap.String("if_value", strings.TrimPrefix(cfr.IfValue, "regex:")),
-					zap.Error(err),
-				)
-				return nil
-			}
+// Regex used to check if there is an array element present in the given pathway by looking for something
+// along the lines of "something[1]" or "something[1].nestedvalue" as the path.
+var checkForArrayElement = regexp.MustCompile(`^([^\[\]]+)\[([\d]+)](\..+)?$`)

-			// If the path exists and there is a regex match, go ahead and attempt the replacement
-			// using the value we got from the key. This will only replace the one match.
-			v := strings.Trim(string(c.Path(path).Bytes()), "\"")
-			if r.Match([]byte(v)) {
-				_, err := c.SetP(r.ReplaceAllString(v, string(value)), path)
+// Attempt to set the value of the path depending on if it is an array or not. Gabs cannot handle array
+// values as "something[1]" but can parse them just fine. This is basically just overly complex code
+// to handle that edge case and ensure the value gets set correctly.
+//
+// Bless thee who has to touch these most unholy waters.
+func setValueAtPath(c *gabs.Container, path string, value interface{}) error {
+	var err error

-				return err
-			}
+	matches := checkForArrayElement.FindStringSubmatch(path)
+	if len(matches) < 3 {
+		// Only update the value if the pathway actually exists in the configuration, otherwise
+		// do nothing.
+		if c.ExistsP(path) {
+			_, err = c.SetP(value, path)
+		}

-			return nil
-		} else {
-			if !c.Exists(path) || (c.Exists(path) && !bytes.Equal(c.Bytes(), []byte(cfr.IfValue))) {
-				return nil
-			}
+		return errors.WithStack(err)
+	}
+
+	i, _ := strconv.Atoi(matches[2])
+	// Find the array element "i" or try to create it if "i" is equal to 0 and is not found
+	// at the given path.
+	ct, err := c.ArrayElementP(i, matches[1])
+	if err != nil {
+		if i != 0 || (!errors.Is(err, gabs.ErrNotArray) && !errors.Is(err, gabs.ErrNotFound)) {
+			return errors.Wrap(err, "error while parsing array element at path")
+		}
+
+		var t = make([]interface{}, 1)
+		// If the length of matches is 4 it means we're trying to access an object down in this array
+		// key, so make sure we generate the array as an array of objects, and not just a generic nil
+		// array.
+		if len(matches) == 4 {
+			t = []interface{}{map[string]interface{}{}}
+		}
+
+		// If the error is because this isn't an array or isn't found go ahead and create the array with
+		// an empty object if we have additional things to set on the array, or just an empty array type
+		// if there is not an object structure detected (no matches[3] available).
+		if _, err = c.SetP(t, matches[1]); err != nil {
+			return errors.Wrap(err, "failed to create empty array for missing element")
+		}
+
+		// Set our cursor to be the array element we expect, which in this case is just the first element
+		// since we won't run this code unless the array element is 0. There is too much complexity in trying
+		// to match additional elements. In those cases the server will just have to be rebooted or something.
+		ct, err = c.ArrayElementP(0, matches[1])
+		if err != nil {
+			return errors.Wrap(err, "failed to find array element at path")
 		}
 	}

-	_, err := c.SetP(getKeyValue(value), path)
+	// Try to set the value. If the path does not exist an error will be raised to the caller which will
+	// then check if the error is because the path is missing. In those cases we just ignore the error since
+	// we don't want to do anything specifically when that happens.
+	//
+	// If there are four matches in the regex it means that we managed to also match a trailing pathway
+	// for the key, which should be found in the given array key item and modified further.
+	if len(matches) == 4 {
+		_, err = ct.SetP(value, strings.TrimPrefix(matches[3], "."))
+	} else {
+		_, err = ct.Set(value)
+	}

-	return err
+	if err != nil {
+		return errors.Wrap(err, "failed to set value at config path: "+path)
+	}
+
+	return nil
+}
+
+// Sets the value at a specific pathway, but checks if we were looking for a specific
+// value or not before doing it.
+func (cfr *ConfigurationFileReplacement) SetAtPathway(c *gabs.Container, path string, value []byte) error {
+	if cfr.IfValue == "" {
+		return setValueAtPath(c, path, cfr.getKeyValue(value))
+	}
+
+	// If this is a regex based matching, we need to get a little more creative since
+	// we're only going to replacing part of the string, and not the whole thing.
+	if c.ExistsP(path) && strings.HasPrefix(cfr.IfValue, "regex:") {
+		// We're doing some regex here.
+		r, err := regexp.Compile(strings.TrimPrefix(cfr.IfValue, "regex:"))
+		if err != nil {
+			log.WithFields(log.Fields{"if_value": strings.TrimPrefix(cfr.IfValue, "regex:"), "error": err}).
+				Warn("configuration if_value using invalid regexp, cannot perform replacement")
+
+			return nil
+		}
+
+		// If the path exists and there is a regex match, go ahead and attempt the replacement
+		// using the value we got from the key. This will only replace the one match.
+		v := strings.Trim(string(c.Path(path).Bytes()), "\"")
+		if r.Match([]byte(v)) {
+			return setValueAtPath(c, path, r.ReplaceAllString(v, string(value)))
+		}
+
+		return nil
+	} else if !c.ExistsP(path) || (c.ExistsP(path) && !bytes.Equal(c.Bytes(), []byte(cfr.IfValue))) {
+		return nil
+	}
+
+	return setValueAtPath(c, path, cfr.getKeyValue(value))
 }

 // Looks up a configuration value on the Daemon given a dot-notated syntax.
-func (f *ConfigurationFile) LookupConfigurationValue(cfr ConfigurationFileReplacement) ([]byte, error) {
+func (f *ConfigurationFile) LookupConfigurationValue(cfr ConfigurationFileReplacement) (string, error) {
 	// If this is not something that we can do a regex lookup on then just continue
 	// on our merry way. If the value isn't a string, we're not going to be doing anything
 	// with it anyways.
 	if cfr.ReplaceWith.Type() != jsonparser.String || !configMatchRegex.Match(cfr.ReplaceWith.Value()) {
-		return cfr.ReplaceWith.Value(), nil
+		return cfr.ReplaceWith.String(), nil
 	}

 	// If there is a match, lookup the value in the configuration for the Daemon. If no key
@@ -165,11 +244,8 @@ func (f *ConfigurationFile) LookupConfigurationValue(cfr ConfigurationFileReplac
 	)

 	var path []string
-	// The camel casing is important here, the configuration for the Daemon does not use
-	// JSON, and as such all of the keys will be generated in CamelCase format, rather than
-	// the expected snake_case from the old Daemon.
 	for _, value := range strings.Split(huntPath, ".") {
-		path = append(path, strcase.ToCamel(value))
+		path = append(path, strcase.ToSnake(value))
 	}

 	// Look for the key in the configuration file, and if found return that value to the
@@ -177,21 +253,15 @@ func (f *ConfigurationFile) LookupConfigurationValue(cfr ConfigurationFileReplac
 	match, _, _, err := jsonparser.Get(f.configuration, path...)
 	if err != nil {
 		if err != jsonparser.KeyPathNotFoundError {
-			return match, errors.WithStack(err)
+			return string(match), errors.WithStack(err)
 		}

-		zap.S().Debugw(
-			"attempted to load a configuration value that does not exist",
-			zap.Strings("path", path),
-			zap.String("filename", f.FileName),
-		)
+		log.WithFields(log.Fields{"path": path, "filename": f.FileName}).Debug("attempted to load a configuration value that does not exist")

 		// If there is no key, keep the original value intact, that way it is obvious there
 		// is a replace issue at play.
-		return match, nil
+		return string(match), nil
 	} else {
-		replaced := []byte(configMatchRegex.ReplaceAllString(cfr.ReplaceWith.String(), string(match)))
-
-		return replaced, nil
+		return configMatchRegex.ReplaceAllString(cfr.ReplaceWith.String(), string(match)), nil
 	}
 }
--- a/parser/parser.go
+++ b/parser/parser.go
@@ -3,16 +3,19 @@ package parser
 import (
 	"bufio"
 	"encoding/json"
+	"github.com/apex/log"
 	"github.com/beevik/etree"
 	"github.com/buger/jsonparser"
-	"github.com/ghodss/yaml"
+	"github.com/icza/dyno"
 	"github.com/magiconair/properties"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
 	"gopkg.in/ini.v1"
+	"gopkg.in/yaml.v2"
 	"io/ioutil"
 	"os"
+	"regexp"
+	"strconv"
 	"strings"
 )

@@ -28,6 +31,10 @@ const (

 type ConfigurationParser string

+func (cp ConfigurationParser) String() string {
+	return string(cp)
+}
+
 // Defines a configuration file for the server startup. These will be looped over
 // and modified before the server finishes booting.
 type ConfigurationFile struct {
@@ -40,6 +47,40 @@ type ConfigurationFile struct {
 	configuration []byte
 }

+// Custom unmarshaler for configuration files. If there is an error while parsing out the
+// replacements, don't fail the entire operation, just log a global warning so someone can
+// find the issue, and return an empty array of replacements.
+//
+// I imagine people will notice configuration replacement isn't working correctly and then
+// the logs should help better expose that issue.
+func (f *ConfigurationFile) UnmarshalJSON(data []byte) error {
+	var m map[string]*json.RawMessage
+	if err := json.Unmarshal(data, &m); err != nil {
+		return err
+	}
+
+	if err := json.Unmarshal(*m["file"], &f.FileName); err != nil {
+		return err
+	}
+
+	if err := json.Unmarshal(*m["parser"], &f.Parser); err != nil {
+		return err
+	}
+
+	if err := json.Unmarshal(*m["replace"], &f.Replace); err != nil {
+		log.WithField("file", f.FileName).WithField("error", err).Warn("failed to unmarshal configuration file replacement")
+
+		f.Replace = []ConfigurationFileReplacement{}
+	}
+
+	return nil
+}
+
+// Regex to match paths such as foo[1].bar[2] and convert them into a format that
+// gabs can work with, such as foo.1.bar.2 in this case. This is applied when creating
+// the struct for the configuration file replacements.
+var cfrMatchReplacement = regexp.MustCompile(`\[(\d+)]`)
+
 // Defines a single find/replace instance for a given server configuration file.
 type ConfigurationFileReplacement struct {
 	Match       string       `json:"match"`
@@ -52,22 +93,33 @@ type ConfigurationFileReplacement struct {
 func (cfr *ConfigurationFileReplacement) UnmarshalJSON(data []byte) error {
 	m, err := jsonparser.GetString(data, "match")
 	if err != nil {
-		return errors.WithStack(err)
+		return err
 	}
+
 	cfr.Match = m

 	iv, err := jsonparser.GetString(data, "if_value")
 	// We only check keypath here since match & replace_with should be present on all of
 	// them, however if_value is optional.
 	if err != nil && err != jsonparser.KeyPathNotFoundError {
-		return errors.WithStack(err)
+		return err
 	}
 	cfr.IfValue = iv

 	rw, dt, _, err := jsonparser.Get(data, "replace_with")
 	if err != nil {
-		return errors.WithStack(err)
+		if err != jsonparser.KeyPathNotFoundError {
+			return err
+		}
+
+		// Okay, likely dealing with someone who forgot to upgrade their eggs, so in
+		// that case, fallback to using the old key which was "value".
+		rw, dt, _, err = jsonparser.Get(data, "value")
+		if err != nil {
+			return err
+		}
 	}
+
 	cfr.ReplaceWith = ReplaceValue{
 		value:     rw,
 		valueType: dt,
@@ -79,10 +131,13 @@ func (cfr *ConfigurationFileReplacement) UnmarshalJSON(data []byte) error {
 // Parses a given configuration file and updates all of the values within as defined
 // in the API response from the Panel.
 func (f *ConfigurationFile) Parse(path string, internal bool) error {
-	zap.S().Debugw("parsing configuration file", zap.String("path", path), zap.String("parser", string(f.Parser)))
+	log.WithField("path", path).WithField("parser", f.Parser.String()).Debug("parsing server configuration file")

-	mb, _ := json.Marshal(config.Get())
-	f.configuration = mb
+	if mb, err := json.Marshal(config.Get()); err != nil {
+		return err
+	} else {
+		f.configuration = mb
+	}

 	var err error

@@ -107,7 +162,7 @@ func (f *ConfigurationFile) Parse(path string, internal bool) error {
 		break
 	}

-	if os.IsNotExist(err) {
+	if errors.Is(err, os.ErrNotExist) {
 		// File doesn't exist, we tried creating it, and same error is returned? Pretty
 		// sure this pathway is impossible, but if not, abort here.
 		if internal {
@@ -181,13 +236,13 @@ func (f *ConfigurationFile) parseXmlFile(path string) error {

 		// Iterate over the elements we found and update their values.
 		for _, element := range doc.FindElements(path) {
-			if xmlValueMatchRegex.Match(value) {
-				k := xmlValueMatchRegex.ReplaceAllString(string(value), "$1")
-				v := xmlValueMatchRegex.ReplaceAllString(string(value), "$2")
+			if xmlValueMatchRegex.MatchString(value) {
+				k := xmlValueMatchRegex.ReplaceAllString(value, "$1")
+				v := xmlValueMatchRegex.ReplaceAllString(value, "$2")

 				element.CreateAttr(k, v)
 			} else {
-				element.SetText(string(value))
+				element.SetText(value)
 			}
 		}
 	}
@@ -218,12 +273,13 @@ func (f *ConfigurationFile) parseXmlFile(path string) error {
 // Parses an ini file.
 func (f *ConfigurationFile) parseIniFile(path string) error {
 	// Ini package can't handle a non-existent file, so handle that automatically here
-	// by creating it if not exists.
+	// by creating it if not exists. Then, immediately close the file since we will use
+	// other methods to write the new contents.
 	file, err := os.OpenFile(path, os.O_CREATE|os.O_RDWR, 0644)
 	if err != nil {
 		return err
 	}
-	defer file.Close()
+	file.Close()

 	cfg, err := ini.Load(path)
 	if err != nil {
@@ -258,24 +314,15 @@ func (f *ConfigurationFile) parseIniFile(path string) error {
 		// If the key exists in the file go ahead and set the value, otherwise try to
 		// create it in the section.
 		if s.HasKey(k) {
-			s.Key(k).SetValue(string(value))
+			s.Key(k).SetValue(value)
 		} else {
-			if _, err := s.NewKey(k, string(value)); err != nil {
+			if _, err := s.NewKey(k, value); err != nil {
 				return err
 			}
 		}
 	}

-	// Truncate the file before attempting to write the changes.
-	if err := os.Truncate(path, 0); err != nil {
-		return err
-	}
-
-	if _, err := cfg.WriteTo(file); err != nil {
-		return err
-	}
-
-	return nil
+	return cfg.SaveTo(path)
 }

 // Parses a json file updating any matching key/value pairs. If a match is not found, the
@@ -301,28 +348,33 @@ func (f *ConfigurationFile) parseJsonFile(path string) error {
 func (f *ConfigurationFile) parseYamlFile(path string) error {
 	b, err := readFileBytes(path)
 	if err != nil {
-		return err
+		return errors.WithStack(err)
+	}
+
+	i := make(map[string]interface{})
+	if err := yaml.Unmarshal(b, &i); err != nil {
+		return errors.WithStack(err)
 	}

 	// Unmarshal the yaml data into a JSON interface such that we can work with
 	// any arbitrary data structure. If we don't do this, I can't use gabs which
-	// makes working with unknown JSON signficiantly easier.
-	jsonBytes, err := yaml.YAMLToJSON(b)
+	// makes working with unknown JSON significantly easier.
+	jsonBytes, err := json.Marshal(dyno.ConvertMapI2MapS(i))
 	if err != nil {
-		return err
+		return errors.WithStack(err)
 	}

 	// Now that the data is converted, treat it just like JSON and pass it to the
 	// iterator function to update values as necessary.
 	data, err := f.IterateOverJson(jsonBytes)
 	if err != nil {
-		return err
+		return errors.WithStack(err)
 	}

 	// Remarshal the JSON into YAML format before saving it back to the disk.
-	marshaled, err := yaml.JSONToYAML(data.Bytes())
+	marshaled, err := yaml.Marshal(data.Data())
 	if err != nil {
-		return err
+		return errors.WithStack(err)
 	}

 	return ioutil.WriteFile(path, marshaled, 0644)
@@ -373,15 +425,46 @@ func (f *ConfigurationFile) parseTextFile(path string) error {
 // Parses a properties file and updates the values within it to match those that
 // are passed. Writes the file once completed.
 func (f *ConfigurationFile) parsePropertiesFile(path string) error {
-	p, err := properties.LoadFile(path, properties.UTF8)
+	// Open the file.
+	f2, err := os.Open(path)
 	if err != nil {
-		return err
+		return errors.WithStack(err)
 	}

+	var s strings.Builder
+
+	// Get any header comments from the file.
+	scanner := bufio.NewScanner(f2)
+	for scanner.Scan() {
+		text := scanner.Text()
+
+		if text[0] != '#' {
+			break
+		}
+
+		s.WriteString(text)
+		s.WriteString("\n")
+	}
+
+	// Close the file.
+	_ = f2.Close()
+
+	// Handle any scanner errors.
+	if err := scanner.Err(); err != nil {
+		return errors.WithStack(err)
+	}
+
+	// Decode the properties file.
+	p, err := properties.LoadFile(path, properties.UTF8)
+	if err != nil {
+		return errors.WithStack(err)
+	}
+
+	// Replace any values that need to be replaced.
 	for _, replace := range f.Replace {
 		data, err := f.LookupConfigurationValue(replace)
 		if err != nil {
-			return err
+			return errors.WithStack(err)
 		}

 		v, ok := p.Get(replace.Match)
@@ -392,17 +475,35 @@ func (f *ConfigurationFile) parsePropertiesFile(path string) error {
 			continue
 		}

-		if _, _, err := p.Set(replace.Match, string(data)); err != nil {
-			return err
+		if _, _, err := p.Set(replace.Match, data); err != nil {
+			return errors.WithStack(err)
 		}
 	}

+	// Add the new file content to the string builder.
+	for _, key := range p.Keys() {
+		value, ok := p.Get(key)
+		if !ok {
+			continue
+		}
+
+		s.WriteString(key)
+		s.WriteByte('=')
+		s.WriteString(strings.Trim(strconv.QuoteToASCII(value), `"`))
+		s.WriteString("\n")
+	}
+
+	// Open the file for writing.
 	w, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0644)
 	if err != nil {
+		return errors.WithStack(err)
+	}
+	defer w.Close()
+
+	// Write the data to the file.
+	if _, err := w.Write([]byte(s.String())); err != nil {
 		return err
 	}

-	_, err = p.Write(w, properties.UTF8)
-
-	return err
+	return nil
 }
--- a/parser/value.go
+++ b/parser/value.go
@@ -14,9 +14,11 @@ func (cv *ReplaceValue) Value() []byte {
 }

 func (cv *ReplaceValue) String() string {
-	return string(cv.value)
+	str, _ := jsonparser.ParseString(cv.value)
+
+	return str
 }

 func (cv *ReplaceValue) Type() jsonparser.ValueType {
 	return cv.valueType
-}
+}
--- a/router/error.go
+++ b/router/error.go
@@ -2,11 +2,11 @@ package router

 import (
 	"fmt"
+	"github.com/apex/log"
 	"github.com/gin-gonic/gin"
 	"github.com/google/uuid"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/server"
-	"go.uber.org/zap"
 	"net/http"
 	"os"
 )
@@ -33,13 +33,21 @@ func TrackedError(err error) *RequestError {
 // generated this server for the purposes of logging.
 func TrackedServerError(err error, s *server.Server) *RequestError {
 	return &RequestError{
-		Err:     err,
+		Err:     errors.WithStack(err),
 		Uuid:    uuid.Must(uuid.NewRandom()).String(),
 		Message: "",
 		server:  s,
 	}
 }

+func (e *RequestError) logger() *log.Entry {
+	if e.server != nil {
+		return e.server.Log().WithField("error_id", e.Uuid)
+	}
+
+	return log.WithField("error_id", e.Uuid)
+}
+
 // Sets the output message to display to the user in the error.
 func (e *RequestError) SetMessage(msg string) *RequestError {
 	e.Message = msg
@@ -53,6 +61,8 @@ func (e *RequestError) AbortWithStatus(status int, c *gin.Context) {
 	// If this error is because the resource does not exist, we likely do not need to log
 	// the error anywhere, just return a 404 and move on with our lives.
 	if os.IsNotExist(e.Err) {
+		e.logger().WithField("error", e.Err).Debug("encountered os.IsNotExist error while handling request")
+
 		c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
 			"error": "The requested resource was not found on the system.",
 		})
@@ -61,19 +71,11 @@ func (e *RequestError) AbortWithStatus(status int, c *gin.Context) {

 	// Otherwise, log the error to zap, and then report the error back to the user.
 	if status >= 500 {
-		if e.server != nil {
-			zap.S().Errorw("encountered error while handling HTTP request", zap.String("server", e.server.Uuid), zap.String("error_id", e.Uuid), zap.Error(e.Err))
-		} else {
-			zap.S().Errorw("encountered error while handling HTTP request", zap.String("error_id", e.Uuid), zap.Error(e.Err))
-		}
+		e.logger().WithField("error", e.Err).Error("encountered HTTP/500 error while handling request")

 		c.Error(errors.WithStack(e))
 	} else {
-		if e.server != nil {
-			zap.S().Debugw("encountered error while handling HTTP request", zap.String("server", e.server.Uuid), zap.String("error_id", e.Uuid), zap.Error(e.Err))
-		} else {
-			zap.S().Debugw("encountered error while handling HTTP request", zap.String("error_id", e.Uuid), zap.Error(e.Err))
-		}
+		e.logger().WithField("error", e.Err).Debug("encountered non-HTTP/500 error while handling request")
 	}

 	msg := "An unexpected error was encountered while processing this request."
--- a/router/middleware.go
+++ b/router/middleware.go
@@ -11,8 +11,22 @@ import (

 // Set the access request control headers on all of the requests.
 func SetAccessControlHeaders(c *gin.Context) {
-	c.Header("Access-Control-Allow-Origin", config.Get().PanelLocation)
 	c.Header("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+
+	o := c.GetHeader("Origin")
+	if o != config.Get().PanelLocation {
+		for _, origin := range config.Get().AllowedOrigins {
+			if origin != "*" && o != origin {
+				continue
+			}
+
+			c.Header("Access-Control-Allow-Origin", origin)
+			c.Next()
+			return
+		}
+	}
+
+	c.Header("Access-Control-Allow-Origin", config.Get().PanelLocation)
 	c.Next()
 }

@@ -48,7 +62,7 @@ func AuthorizationMiddleware(c *gin.Context) {
 // Helper function to fetch a server out of the servers collection stored in memory.
 func GetServer(uuid string) *server.Server {
 	return server.GetServers().Find(func(s *server.Server) bool {
-		return uuid == s.Uuid
+		return uuid == s.Id()
 	})
 }

--- a/router/router.go
+++ b/router/router.go
@@ -1,13 +1,32 @@
 package router

 import (
+	"github.com/apex/log"
 	"github.com/gin-gonic/gin"
 )

 // Configures the routing infrastructure for this daemon instance.
 func Configure() *gin.Engine {
-	router := gin.Default()
+	gin.SetMode("release")
+
+	router := gin.New()
+
+	router.Use(gin.Recovery())
 	router.Use(SetAccessControlHeaders)
+	// @todo log this into a different file so you can setup IP blocking for abusive requests and such.
+	// This should still dump requests in debug mode since it does help with understanding the request
+	// lifecycle and quickly seeing what was called leading to the logs. However, it isn't feasible to mix
+	// this output in production and still get meaningful logs from it since they'll likely just be a huge
+	// spamfest.
+	router.Use(gin.LoggerWithFormatter(func(params gin.LogFormatterParams) string {
+		log.WithFields(log.Fields{
+			"client_ip": params.ClientIP,
+			"status":    params.StatusCode,
+			"latency":   params.Latency,
+		}).Debugf("%s %s", params.MethodColor()+params.Method+params.ResetColor(), params.Path)
+
+		return ""
+	}))

 	router.OPTIONS("/api/system", func(c *gin.Context) {
 		c.Status(200)
@@ -16,6 +35,7 @@ func Configure() *gin.Engine {
 	// These routes use signed URLs to validate access to the resource being requested.
 	router.GET("/download/backup", getDownloadBackup)
 	router.GET("/download/file", getDownloadFile)
+	router.POST("/upload/file", postServerUploadFiles)

 	// This route is special it sits above all of the other requests because we are
 	// using a JWT to authorize access to it, therefore it needs to be publicly
@@ -59,11 +79,13 @@ func Configure() *gin.Engine {
 		{
 			files.GET("/contents", getServerFileContents)
 			files.GET("/list-directory", getServerListDirectory)
-			files.PUT("/rename", putServerRenameFile)
+			files.PUT("/rename", putServerRenameFiles)
 			files.POST("/copy", postServerCopyFile)
 			files.POST("/write", postServerWriteFile)
 			files.POST("/create-directory", postServerCreateDirectory)
-			files.POST("/delete", postServerDeleteFile)
+			files.POST("/delete", postServerDeleteFiles)
+			files.POST("/compress", postServerCompressFiles)
+			files.POST("/decompress", postServerDecompressFiles)
 		}

 		backup := server.Group("/backup")
--- a/router/router_download.go
+++ b/router/router_download.go
@@ -2,6 +2,7 @@ package router

 import (
 	"bufio"
+	"errors"
 	"github.com/gin-gonic/gin"
 	"github.com/pterodactyl/wings/router/tokens"
 	"github.com/pterodactyl/wings/server/backup"
@@ -28,7 +29,7 @@ func getDownloadBackup(c *gin.Context) {

 	b, st, err := backup.LocateLocal(token.BackupUuid)
 	if err != nil {
-		if os.IsNotExist(err) {
+		if errors.Is(err, os.ErrNotExist) {
 			c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
 				"error": "The requested backup was not found on this server.",
 			})
@@ -94,4 +95,4 @@ func getDownloadFile(c *gin.Context) {
 	c.Header("Content-Type", "application/octet-stream")

 	bufio.NewReader(f).WriteTo(c.Writer)
-}
+}
--- a/router/router_server.go
+++ b/router/router_server.go
@@ -2,27 +2,40 @@ package router

 import (
 	"bytes"
+	"context"
+	"github.com/apex/log"
 	"github.com/gin-gonic/gin"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/server"
-	"go.uber.org/zap"
 	"net/http"
 	"os"
 	"strconv"
 )

+type serverProcData struct {
+	server.ResourceUsage
+	Suspended bool `json:"suspended"`
+}
+
 // Returns a single server from the collection of servers.
 func getServer(c *gin.Context) {
-	c.JSON(http.StatusOK, GetServer(c.Param("server")))
+	s := GetServer(c.Param("server"))
+
+	c.JSON(http.StatusOK, serverProcData{
+		ResourceUsage: *s.Proc(),
+		Suspended:     s.IsSuspended(),
+	})
 }

 // Returns the logs for a given server instance.
 func getServerLogs(c *gin.Context) {
 	s := GetServer(c.Param("server"))

-	l, _ := strconv.ParseInt(c.DefaultQuery("size", "8192"), 10, 64)
+	l, _ := strconv.Atoi(c.DefaultQuery("size", "100"))
 	if l <= 0 {
-		l = 2048
+		l = 100
+	} else if l > 100 {
+		l = 100
 	}

 	out, err := s.ReadLogfile(l)
@@ -45,10 +58,15 @@ func getServerLogs(c *gin.Context) {
 func postServerPower(c *gin.Context) {
 	s := GetServer(c.Param("server"))

-	var data server.PowerAction
-	c.BindJSON(&data)
+	var data struct {
+		Action server.PowerAction `json:"action"`
+	}

-	if !data.IsValid() {
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}
+
+	if !data.Action.IsValid() {
 		c.AbortWithStatusJSON(http.StatusUnprocessableEntity, gin.H{
 			"error": "The power action provided was not valid, should be one of \"stop\", \"start\", \"restart\", \"kill\"",
 		})
@@ -61,25 +79,27 @@ func postServerPower(c *gin.Context) {
 	//
 	// We don't really care about any of the other actions at this point, they'll all result
 	// in the process being stopped, which should have happened anyways if the server is suspended.
-	if (data.Action == "start" || data.Action == "restart") && s.Suspended {
+	if (data.Action == server.PowerActionStart || data.Action == server.PowerActionRestart) && s.IsSuspended() {
 		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
 			"error": "Cannot start or restart a server that is suspended.",
 		})
 		return
 	}

-	// Pass the actual heavy processing off to a seperate thread to handle so that
+	// Pass the actual heavy processing off to a separate thread to handle so that
 	// we can immediately return a response from the server. Some of these actions
 	// can take quite some time, especially stopping or restarting.
-	go func() {
-		if err := s.HandlePowerAction(data); err != nil {
-			zap.S().Errorw(
-				"encountered an error processing a server power action",
-				zap.String("server", s.Uuid),
-				zap.Error(err),
-			)
+	go func(s *server.Server) {
+		if err := s.HandlePowerAction(data.Action, 30); err != nil {
+			if errors.Is(err, context.DeadlineExceeded) {
+				s.Log().WithField("action", data.Action).
+					Warn("could not acquire a lock while attempting to perform a power action")
+			} else {
+				s.Log().WithFields(log.Fields{"action": data, "error": err}).
+					Error("encountered error processing a server power action in the background")
+			}
 		}
-	}()
+	}(s)

 	c.Status(http.StatusAccepted)
 }
@@ -98,17 +118,17 @@ func postServerCommands(c *gin.Context) {
 		return
 	}

-	var data struct{ Commands []string `json:"commands"` }
-	c.BindJSON(&data)
+	var data struct {
+		Commands []string `json:"commands"`
+	}
+	// BindJSON sends 400 if the request fails, all we need to do is return
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}

 	for _, command := range data.Commands {
 		if err := s.Environment.SendCommand(command); err != nil {
-			zap.S().Warnw(
-				"failed to send command to server",
-				zap.String("server", s.Uuid),
-				zap.String("command", command),
-				zap.Error(err),
-			)
+			s.Log().WithFields(log.Fields{"command": command, "error": err}).Warn("failed to send command to server instance")
 		}
 	}

@@ -122,11 +142,13 @@ func patchServer(c *gin.Context) {
 	buf := bytes.Buffer{}
 	buf.ReadFrom(c.Request.Body)

-	if err := s.UpdateDataStructure(buf.Bytes(), true); err != nil {
+	if err := s.UpdateDataStructure(buf.Bytes()); err != nil {
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}

+	s.SyncWithEnvironment()
+
 	c.Status(http.StatusNoContent)
 }

@@ -135,12 +157,8 @@ func postServerInstall(c *gin.Context) {
 	s := GetServer(c.Param("server"))

 	go func(serv *server.Server) {
-		if err := serv.Install(); err != nil {
-			zap.S().Errorw(
-				"failed to execute server installation process",
-				zap.String("server", serv.Uuid),
-				zap.Error(err),
-			)
+		if err := serv.Install(true); err != nil {
+			serv.Log().WithField("error", err).Error("failed to execute server installation process")
 		}
 	}(s)

@@ -153,29 +171,30 @@ func postServerReinstall(c *gin.Context) {

 	go func(serv *server.Server) {
 		if err := serv.Reinstall(); err != nil {
-			zap.S().Errorw(
-				"failed to complete server reinstall process",
-				zap.String("server", serv.Uuid),
-				zap.Error(err),
-			)
+			serv.Log().WithField("error", err).Error("failed to complete server re-install process")
 		}
 	}(s)

 	c.Status(http.StatusAccepted)
 }

-// Deletes a server from the wings daemon and deassociates its objects.
+// Deletes a server from the wings daemon and dissociate it's objects.
 func deleteServer(c *gin.Context) {
 	s := GetServer(c.Param("server"))

 	// Immediately suspend the server to prevent a user from attempting
 	// to start it while this process is running.
-	s.Suspended = true
+	s.Config().SetSuspended(true)
+
+	// If the server is currently installing, abort it.
+	if s.IsInstalling() {
+		s.AbortInstallation()
+	}

 	// Delete the server's archive if it exists. We intentionally don't return
 	// here, if the archive fails to delete, the server can still be removed.
 	if err := s.Archiver.DeleteIfExists(); err != nil {
-		zap.S().Warnw("failed to delete server archive during deletion process", zap.String("server", s.Uuid), zap.Error(err))
+		s.Log().WithField("error", err).Warn("failed to delete server archive during deletion process")
 	}

 	// Unsubscribe all of the event listeners.
@@ -196,13 +215,16 @@ func deleteServer(c *gin.Context) {
 	// so we don't want to block the HTTP call while waiting on this.
 	go func(p string) {
 		if err := os.RemoveAll(p); err != nil {
-			zap.S().Warnw("failed to remove server files during deletion process", zap.String("path", p), zap.Error(errors.WithStack(err)))
+			log.WithFields(log.Fields{
+				"path":  p,
+				"error": errors.WithStack(err),
+			}).Warn("failed to remove server files during deletion process")
 		}
 	}(s.Filesystem.Path())

-	var uuid = s.Uuid
+	var uuid = s.Id()
 	server.GetServers().Remove(func(s2 *server.Server) bool {
-		return s2.Uuid == uuid
+		return s2.Id() == uuid
 	})

 	// Deallocate the reference to this server.
--- a/router/router_server_backup.go
+++ b/router/router_server_backup.go
@@ -6,8 +6,8 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/pterodactyl/wings/server"
 	"github.com/pterodactyl/wings/server/backup"
-	"go.uber.org/zap"
 	"net/http"
+	"os"
 )

 // Backs up a server.
@@ -15,7 +15,10 @@ func postServerBackup(c *gin.Context) {
 	s := GetServer(c.Param("server"))

 	data := &backup.Request{}
-	c.BindJSON(&data)
+	// BindJSON sends 400 if the request fails, all we need to do is return
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}

 	var adapter backup.BackupInterface
 	var err error
@@ -37,27 +40,41 @@ func postServerBackup(c *gin.Context) {

 	go func(b backup.BackupInterface, serv *server.Server) {
 		if err := serv.Backup(b); err != nil {
-			zap.S().Errorw("failed to generate backup for server", zap.Error(err))
+			serv.Log().WithField("error", err).Error("failed to generate backup for server")
 		}
 	}(adapter, s)

-
 	c.Status(http.StatusAccepted)
 }

-// Deletes a local backup of a server.
+// Deletes a local backup of a server. If the backup is not found on the machine just return
+// a 404 error. The service calling this endpoint can make its own decisions as to how it wants
+// to handle that response.
 func deleteServerBackup(c *gin.Context) {
 	s := GetServer(c.Param("server"))

 	b, _, err := backup.LocateLocal(c.Param("backup"))
 	if err != nil {
+		// Just return from the function at this point if the backup was not located.
+		if errors.Is(err, os.ErrNotExist) {
+			c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
+				"error": "The requested backup was not found on this server.",
+			})
+			return
+		}
+
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}

 	if err := b.Remove(); err != nil {
-		TrackedServerError(err, s).AbortWithServerError(c)
-		return
+		// I'm not entirely sure how likely this is to happen, however if we did manage to locate
+		// the backup previously and it is now missing when we go to delete, just treat it as having
+		// been successful, rather than returning a 404.
+		if !errors.Is(err, os.ErrNotExist) {
+			TrackedServerError(err, s).AbortWithServerError(c)
+			return
+		}
 	}

 	c.Status(http.StatusNoContent)
--- a/router/router_server_files.go
+++ b/router/router_server_files.go
@@ -2,16 +2,34 @@ package router

 import (
 	"bufio"
+	"context"
 	"github.com/gin-gonic/gin"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/router/tokens"
+	"github.com/pterodactyl/wings/server"
+	"golang.org/x/sync/errgroup"
+	"mime/multipart"
 	"net/http"
+	"net/url"
 	"os"
+	"path"
+	"path/filepath"
 	"strconv"
+	"strings"
 )

 // Returns the contents of a file on the server.
 func getServerFileContents(c *gin.Context) {
 	s := GetServer(c.Param("server"))
-	cleaned, err := s.Filesystem.SafePath(c.Query("file"))
+
+	p, err := url.QueryUnescape(c.Query("file"))
+	if err != nil {
+		TrackedServerError(err, s).AbortWithServerError(c)
+		return
+	}
+	p = "/" + strings.TrimLeft(p, "/")
+
+	cleaned, err := s.Filesystem.SafePath(p)
 	if err != nil {
 		c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
 			"error": "The file requested could not be found.",
@@ -56,33 +74,88 @@ func getServerFileContents(c *gin.Context) {
 func getServerListDirectory(c *gin.Context) {
 	s := GetServer(c.Param("server"))

-	stats, err := s.Filesystem.ListDirectory(c.Query("directory"))
+	d, err := url.QueryUnescape(c.Query("directory"))
 	if err != nil {
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}

+	stats, err := s.Filesystem.ListDirectory(d)
+	if err != nil {
+		if err.Error() == "readdirent: not a directory" {
+			c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
+				"error": "The requested directory does not exist.",
+			})
+			return
+		}
+
+		TrackedServerError(err, s).AbortWithServerError(c)
+		return
+	}
+
 	c.JSON(http.StatusOK, stats)
 }

-// Renames (or moves) a file for a server.
-func putServerRenameFile(c *gin.Context) {
+type renameFile struct {
+	To   string `json:"to"`
+	From string `json:"from"`
+}
+
+// Renames (or moves) files for a server.
+func putServerRenameFiles(c *gin.Context) {
 	s := GetServer(c.Param("server"))

-	var data struct{
-		RenameFrom string `json:"rename_from"`
-		RenameTo string `json:"rename_to"`
+	var data struct {
+		Root  string       `json:"root"`
+		Files []renameFile `json:"files"`
+	}
+	// BindJSON sends 400 if the request fails, all we need to do is return
+	if err := c.BindJSON(&data); err != nil {
+		return
 	}
-	c.BindJSON(&data)

-	if data.RenameFrom == "" || data.RenameTo == "" {
+	if len(data.Files) == 0 {
 		c.AbortWithStatusJSON(http.StatusUnprocessableEntity, gin.H{
-			"error": "Invalid paths were provided, did you forget to provide both a new and old path?",
+			"error": "No files to move or rename were provided.",
 		})
 		return
 	}

-	if err := s.Filesystem.Rename(data.RenameFrom, data.RenameTo); err != nil {
+	g, ctx := errgroup.WithContext(context.Background())
+
+	// Loop over the array of files passed in and perform the move or rename action against each.
+	for _, p := range data.Files {
+		pf := path.Join(data.Root, p.From)
+		pt := path.Join(data.Root, p.To)
+
+		g.Go(func() error {
+			select {
+			case <-ctx.Done():
+				return ctx.Err()
+			default:
+				if err := s.Filesystem.Rename(pf, pt); err != nil {
+					// Return nil if the error is an is not exists.
+					// NOTE: os.IsNotExist() does not work if the error is wrapped.
+					if errors.Is(err, os.ErrNotExist) {
+						return nil
+					}
+
+					return err
+				}
+
+				return nil
+			}
+		})
+	}
+
+	if err := g.Wait(); err != nil {
+		if errors.Is(err, os.ErrExist) {
+			c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
+				"error": "Cannot move or rename file, destination already exists.",
+			})
+			return
+		}
+
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}
@@ -97,9 +170,19 @@ func postServerCopyFile(c *gin.Context) {
 	var data struct {
 		Location string `json:"location"`
 	}
-	c.BindJSON(&data)
+	// BindJSON sends 400 if the request fails, all we need to do is return
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}

 	if err := s.Filesystem.Copy(data.Location); err != nil {
+		// Check if the file does not exist.
+		// NOTE: os.IsNotExist() does not work if the error is wrapped.
+		if errors.Is(err, os.ErrNotExist) {
+			c.Status(http.StatusNotFound)
+			return
+		}
+
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}
@@ -107,16 +190,44 @@ func postServerCopyFile(c *gin.Context) {
 	c.Status(http.StatusNoContent)
 }

-// Deletes a server file.
-func postServerDeleteFile(c *gin.Context) {
+// Deletes files from a server.
+func postServerDeleteFiles(c *gin.Context) {
 	s := GetServer(c.Param("server"))

 	var data struct {
-		Location string `json:"location"`
+		Root  string   `json:"root"`
+		Files []string `json:"files"`
 	}
-	c.BindJSON(&data)

-	if err := s.Filesystem.Delete(data.Location); err != nil {
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}
+
+	if len(data.Files) == 0 {
+		c.AbortWithStatusJSON(http.StatusUnprocessableEntity, gin.H{
+			"error": "No files were specified for deletion.",
+		})
+		return
+	}
+
+	g, ctx := errgroup.WithContext(context.Background())
+
+	// Loop over the array of files passed in and delete them. If any of the file deletions
+	// fail just abort the process entirely.
+	for _, p := range data.Files {
+		pi := path.Join(data.Root, p)
+
+		g.Go(func() error {
+			select {
+			case <-ctx.Done():
+				return ctx.Err()
+			default:
+				return s.Filesystem.Delete(pi)
+			}
+		})
+	}
+
+	if err := g.Wait(); err != nil {
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}
@@ -128,7 +239,14 @@ func postServerDeleteFile(c *gin.Context) {
 func postServerWriteFile(c *gin.Context) {
 	s := GetServer(c.Param("server"))

-	if err := s.Filesystem.Writefile(c.Query("file"), c.Request.Body); err != nil {
+	f, err := url.QueryUnescape(c.Query("file"))
+	if err != nil {
+		TrackedServerError(err, s).AbortWithServerError(c)
+		return
+	}
+	f = "/" + strings.TrimLeft(f, "/")
+
+	if err := s.Filesystem.Writefile(f, c.Request.Body); err != nil {
 		TrackedServerError(err, s).AbortWithServerError(c)
 		return
 	}
@@ -144,7 +262,10 @@ func postServerCreateDirectory(c *gin.Context) {
 		Name string `json:"name"`
 		Path string `json:"path"`
 	}
-	c.BindJSON(&data)
+	// BindJSON sends 400 if the request fails, all we need to do is return
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}

 	if err := s.Filesystem.CreateDirectory(data.Name, data.Path); err != nil {
 		TrackedServerError(err, s).AbortWithServerError(c)
@@ -152,4 +273,152 @@ func postServerCreateDirectory(c *gin.Context) {
 	}

 	c.Status(http.StatusNoContent)
-}
+}
+
+func postServerCompressFiles(c *gin.Context) {
+	s := GetServer(c.Param("server"))
+
+	var data struct {
+		RootPath string   `json:"root"`
+		Files    []string `json:"files"`
+	}
+
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}
+
+	if len(data.Files) == 0 {
+		c.AbortWithStatusJSON(http.StatusUnprocessableEntity, gin.H{
+			"error": "No files were passed through to be compressed.",
+		})
+		return
+	}
+
+	if !s.Filesystem.HasSpaceAvailable(true) {
+		c.AbortWithStatusJSON(http.StatusConflict, gin.H{
+			"error": "This server does not have enough available disk space to generate a compressed archive.",
+		})
+		return
+	}
+
+	f, err := s.Filesystem.CompressFiles(data.RootPath, data.Files)
+	if err != nil {
+		TrackedServerError(err, s).AbortWithServerError(c)
+		return
+	}
+
+	c.JSON(http.StatusOK, &server.Stat{
+		Info:     f,
+		Mimetype: "application/tar+gzip",
+	})
+}
+
+func postServerDecompressFiles(c *gin.Context) {
+	s := GetServer(c.Param("server"))
+
+	var data struct {
+		RootPath string `json:"root"`
+		File     string `json:"file"`
+	}
+
+	if err := c.BindJSON(&data); err != nil {
+		return
+	}
+
+	hasSpace, err := s.Filesystem.SpaceAvailableForDecompression(data.RootPath, data.File)
+	if err != nil {
+		TrackedServerError(err, s).AbortWithServerError(c)
+		return
+	}
+
+	if !hasSpace {
+		c.AbortWithStatusJSON(http.StatusConflict, gin.H{
+			"error": "This server does not have enough available disk space to decompress this archive.",
+		})
+		return
+	}
+
+	if err := s.Filesystem.DecompressFile(data.RootPath, data.File); err != nil {
+		// Check if the file does not exist.
+		// NOTE: os.IsNotExist() does not work if the error is wrapped.
+		if errors.Is(err, os.ErrNotExist) {
+			c.Status(http.StatusNotFound)
+			return
+		}
+
+		TrackedServerError(err, s).AbortWithServerError(c)
+		return
+	}
+
+	c.Status(http.StatusNoContent)
+}
+
+func postServerUploadFiles(c *gin.Context) {
+	token := tokens.UploadPayload{}
+	if err := tokens.ParseToken([]byte(c.Query("token")), &token); err != nil {
+		TrackedError(err).AbortWithServerError(c)
+		return
+	}
+
+	s := GetServer(token.ServerUuid)
+	if s == nil || !token.IsUniqueRequest() {
+		c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
+			"error": "The requested resource was not found on this server.",
+		})
+		return
+	}
+
+	if !s.Filesystem.HasSpaceAvailable(true) {
+		c.AbortWithStatusJSON(http.StatusConflict, gin.H{
+			"error": "This server does not have enough available disk space to accept any file uploads.",
+		})
+		return
+	}
+
+	form, err := c.MultipartForm()
+	if err != nil {
+		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
+			"error": "Failed to get multipart form data from request.",
+		})
+		return
+	}
+
+	headers, ok := form.File["files"]
+	if !ok {
+		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
+			"error": "No files were found on the request body.",
+		})
+		return
+	}
+
+	directory := c.Query("directory")
+
+	for _, header := range headers {
+		p, err := s.Filesystem.SafePath(filepath.Join(directory, header.Filename))
+		if err != nil {
+			c.AbortWithError(http.StatusInternalServerError, err)
+			return
+		}
+
+		// We run this in a different method so I can use defer without any of
+		// the consequences caused by calling it in a loop.
+		if err := handleFileUpload(p, s, header); err != nil {
+			c.AbortWithError(http.StatusInternalServerError, err)
+			return
+		}
+	}
+}
+
+func handleFileUpload(p string, s *server.Server, header *multipart.FileHeader) error {
+	file, err := header.Open()
+	if err != nil {
+		return errors.WithStack(err)
+	}
+	defer file.Close()
+
+	if err := s.Filesystem.Writefile(p, file); err != nil {
+		return errors.WithStack(err)
+	}
+
+	return nil
+}
--- a/router/router_server_ws.go
+++ b/router/router_server_ws.go
@@ -6,7 +6,6 @@ import (
 	"github.com/gin-gonic/gin"
 	ws "github.com/gorilla/websocket"
 	"github.com/pterodactyl/wings/router/websocket"
-	"go.uber.org/zap"
 )

 // Upgrades a connection to a websocket and passes events along between.
@@ -40,7 +39,7 @@ func getServerWebsocket(c *gin.Context) {
 				ws.CloseServiceRestart,
 				ws.CloseAbnormalClosure,
 			) {
-				zap.S().Warnw("error handling websocket message", zap.Error(err))
+				s.Log().WithField("error", err).Warn("error handling websocket message for server")
 			}
 			break
 		}
@@ -52,9 +51,10 @@ func getServerWebsocket(c *gin.Context) {
 			continue
 		}

-		if err := handler.HandleInbound(j); err != nil {
-			handler.SendErrorJson(err)
-		}
+		go func(msg websocket.Message) {
+			if err := handler.HandleInbound(msg); err != nil {
+				handler.SendErrorJson(msg, err)
+			}
+		}(j)
 	}
 }
-
--- a/router/router_system.go
+++ b/router/router_system.go
@@ -2,13 +2,14 @@ package router

 import (
 	"bytes"
+	"github.com/apex/log"
 	"github.com/gin-gonic/gin"
 	"github.com/pterodactyl/wings/config"
 	"github.com/pterodactyl/wings/installer"
 	"github.com/pterodactyl/wings/server"
 	"github.com/pterodactyl/wings/system"
-	"go.uber.org/zap"
 	"net/http"
+	"strings"
 )

 // Returns information about the system that wings is running on.
@@ -58,12 +59,8 @@ func postCreateServer(c *gin.Context) {
 	go func(i *installer.Installer) {
 		i.Execute()

-		if err := i.Server().Install(); err != nil {
-			zap.S().Errorw(
-				"failed to run install process for server",
-				zap.String("server", i.Uuid()),
-				zap.Error(err),
-			)
+		if err := i.Server().Install(false); err != nil {
+			log.WithFields(log.Fields{"server": i.Uuid(), "error": err}).Error("failed to run install process for server")
 		}
 	}(install)

@@ -74,10 +71,23 @@ func postCreateServer(c *gin.Context) {
 func postUpdateConfiguration(c *gin.Context) {
 	// A backup of the configuration for error purposes.
 	ccopy := *config.Get()
-	// A copy of the configuration we're using to bind the data recevied into.
+	// A copy of the configuration we're using to bind the data received into.
 	cfg := *config.Get()

-	c.BindJSON(&cfg)
+	// BindJSON sends 400 if the request fails, all we need to do is return
+	if err := c.BindJSON(&cfg); err != nil {
+		return
+	}
+
+	// Keep the SSL certificates the same since the Panel will send through Lets Encrypt
+	// default locations. However, if we picked a different location manually we don't
+	// want to override that.
+	//
+	// If you pass through manual locations in the API call this logic will be skipped.
+	if strings.HasPrefix(cfg.Api.Ssl.KeyFile, "/etc/letsencrypt/live/") {
+		cfg.Api.Ssl.KeyFile = ccopy.Api.Ssl.KeyFile
+		cfg.Api.Ssl.CertificateFile = ccopy.Api.Ssl.CertificateFile
+	}

 	config.Set(&cfg)
 	if err := config.Get().WriteToDisk(); err != nil {
@@ -90,4 +100,4 @@ func postUpdateConfiguration(c *gin.Context) {
 	}

 	c.Status(http.StatusNoContent)
-}
+}
--- a/router/router_transfer.go
+++ b/router/router_transfer.go
@@ -5,16 +5,16 @@ import (
 	"bytes"
 	"crypto/sha256"
 	"encoding/hex"
-	"errors"
+	"github.com/apex/log"
 	"github.com/buger/jsonparser"
 	"github.com/gin-gonic/gin"
 	"github.com/mholt/archiver/v3"
+	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
 	"github.com/pterodactyl/wings/config"
 	"github.com/pterodactyl/wings/installer"
 	"github.com/pterodactyl/wings/router/tokens"
 	"github.com/pterodactyl/wings/server"
-	"go.uber.org/zap"
 	"io"
 	"io/ioutil"
 	"net/http"
@@ -22,7 +22,6 @@ import (
 	"path/filepath"
 	"strconv"
 	"strings"
-	"time"
 )

 func getServerArchive(c *gin.Context) {
@@ -94,45 +93,34 @@ func getServerArchive(c *gin.Context) {
 func postServerArchive(c *gin.Context) {
 	s := GetServer(c.Param("server"))

-	go func(server *server.Server) {
-		start := time.Now()
-
-		if err := server.Archiver.Archive(); err != nil {
-			zap.S().Errorw("failed to get archive for server", zap.String("server", s.Uuid), zap.Error(err))
+	go func(s *server.Server) {
+		if err := s.Archiver.Archive(); err != nil {
+			s.Log().WithField("error", err).Error("failed to get archive for server")
 			return
 		}

-		zap.S().Debugw(
-			"successfully created archive for server",
-			zap.String("server", server.Uuid),
-			zap.Duration("time", time.Now().Sub(start).Round(time.Microsecond)),
-		)
+		s.Log().Debug("successfully created server archive, notifying panel")

 		r := api.NewRequester()
-		rerr, err := r.SendArchiveStatus(server.Uuid, true)
+		rerr, err := r.SendArchiveStatus(s.Id(), true)
 		if rerr != nil || err != nil {
 			if err != nil {
-				zap.S().Errorw("failed to notify panel with archive status", zap.String("server", server.Uuid), zap.Error(err))
+				s.Log().WithField("error", err).Error("failed to notify panel of archive status")
 				return
 			}

-			zap.S().Errorw(
-				"panel returned an error when sending the archive status",
-				zap.String("server", server.Uuid),
-				zap.Error(errors.New(rerr.String())),
-			)
+			s.Log().WithField("error", rerr.String()).Error("panel returned an error when sending the archive status")
+
 			return
 		}

-		zap.S().Debugw("successfully notified panel about archive status", zap.String("server", server.Uuid))
+		s.Log().Debug("successfully notified panel of archive status")
 	}(s)

 	c.Status(http.StatusAccepted)
 }

 func postTransfer(c *gin.Context) {
-	zap.S().Debug("incoming transfer from panel")
-
 	buf := bytes.Buffer{}
 	buf.ReadFrom(c.Request.Body)

@@ -141,6 +129,7 @@ func postTransfer(c *gin.Context) {
 		url, _ := jsonparser.GetString(data, "url")
 		token, _ := jsonparser.GetString(data, "token")

+		l := log.WithField("server", serverID)
 		// Create an http client with no timeout.
 		client := &http.Client{Timeout: 0}

@@ -150,25 +139,25 @@ func postTransfer(c *gin.Context) {
 				return
 			}

-			zap.S().Errorw("server transfer has failed", zap.String("server", serverID))
+			l.Info("server transfer failed, notifying panel")
 			rerr, err := api.NewRequester().SendTransferFailure(serverID)
 			if rerr != nil || err != nil {
 				if err != nil {
-					zap.S().Errorw("failed to notify panel with transfer failure", zap.String("server", serverID), zap.Error(err))
+					l.WithField("error", err).Error("failed to notify panel with transfer failure")
 					return
 				}

-				zap.S().Errorw("panel returned an error when notifying of a transfer failure", zap.String("server", serverID), zap.Error(errors.New(rerr.String())))
+				l.WithField("error", errors.WithStack(rerr)).Error("received error response from panel while notifying of transfer failure")
 				return
 			}

-			zap.S().Debugw("successfully notified panel about transfer failure", zap.String("server", serverID))
+			l.Debug("notified panel of transfer failure")
 		}()

 		// Make a new GET request to the URL the panel gave us.
 		req, err := http.NewRequest("GET", url, nil)
 		if err != nil {
-			zap.S().Errorw("failed to create http request", zap.Error(err))
+			log.WithField("error", errors.WithStack(err)).Error("failed to create http request for archive transfer")
 			return
 		}

@@ -178,36 +167,39 @@ func postTransfer(c *gin.Context) {
 		// Execute the http request.
 		res, err := client.Do(req)
 		if err != nil {
-			zap.S().Errorw("failed to send http request", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to send archive http request")
 			return
 		}
 		defer res.Body.Close()

 		// Handle non-200 status codes.
 		if res.StatusCode != 200 {
-			body, err := ioutil.ReadAll(res.Body)
+			_, err := ioutil.ReadAll(res.Body)
 			if err != nil {
-				zap.S().Errorw("failed to read response body", zap.Int("status", res.StatusCode), zap.Error(err))
+				l.WithField("error", errors.WithStack(err)).WithField("status", res.StatusCode).Error("failed read transfer response body")
+
 				return
 			}

-			zap.S().Errorw("failed to request server archive", zap.Int("status", res.StatusCode), zap.String("body", string(body)))
+			l.WithField("error", errors.WithStack(err)).WithField("status", res.StatusCode).Error("failed to request server archive")
+
 			return
 		}

 		// Get the path to the archive.
-		archivePath := filepath.Join(config.Get().System.ArchiveDirectory, serverID + ".tar.gz")
+		archivePath := filepath.Join(config.Get().System.ArchiveDirectory, serverID+".tar.gz")

 		// Check if the archive already exists and delete it if it does.
 		_, err = os.Stat(archivePath)
 		if err != nil {
 			if !os.IsNotExist(err) {
-				zap.S().Errorw("failed to stat file", zap.Error(err))
+				l.WithField("error", errors.WithStack(err)).Error("failed to stat archive file")
 				return
 			}
 		} else {
 			if err := os.Remove(archivePath); err != nil {
-				zap.S().Errorw("failed to delete old file", zap.Error(err))
+				l.WithField("error", errors.WithStack(err)).Warn("failed to remove old archive file")
+
 				return
 			}
 		}
@@ -215,63 +207,69 @@ func postTransfer(c *gin.Context) {
 		// Create the file.
 		file, err := os.Create(archivePath)
 		if err != nil {
-			zap.S().Errorw("failed to open file on disk", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to open archive on disk")
+
 			return
 		}

 		// Copy the file.
-		_, err = io.Copy(file, res.Body)
+		buf := make([]byte, 1024*4)
+		_, err = io.CopyBuffer(file, res.Body, buf)
 		if err != nil {
-			zap.S().Errorw("failed to copy file to disk", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to copy archive file to disk")
+
 			return
 		}

 		// Close the file so it can be opened to verify the checksum.
 		if err := file.Close(); err != nil {
-			zap.S().Errorw("failed to close archive file", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to close archive file")
+
 			return
 		}
-		zap.S().Debug("server archive has been downloaded, computing checksum..", zap.String("server", serverID))
+
+		l.WithField("server", serverID).Debug("server archive downloaded, computing checksum...")

 		// Open the archive file for computing a checksum.
 		file, err = os.Open(archivePath)
 		if err != nil {
-			zap.S().Errorw("failed to open file on disk", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to open archive on disk")
 			return
 		}

 		// Compute the sha256 checksum of the file.
 		hash := sha256.New()
-		if _, err := io.Copy(hash, file); err != nil {
-			zap.S().Errorw("failed to copy file for checksum verification", zap.Error(err))
+		buf = make([]byte, 1024*4)
+		if _, err := io.CopyBuffer(hash, file, buf); err != nil {
+			l.WithField("error", errors.WithStack(err)).Error("failed to copy archive file for checksum verification")
 			return
 		}

 		// Verify the two checksums.
 		if hex.EncodeToString(hash.Sum(nil)) != res.Header.Get("X-Checksum") {
-			zap.S().Errorw("checksum failed verification")
+			l.Error("checksum verification failed for archive")
 			return
 		}

 		// Close the file.
 		if err := file.Close(); err != nil {
-			zap.S().Errorw("failed to close archive file", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to close archive file after calculating checksum")
 			return
 		}

-		zap.S().Infow("server archive transfer was successful", zap.String("server", serverID))
+		l.Info("server archive transfer was successful")

 		// Get the server data from the request.
 		serverData, t, _, _ := jsonparser.Get(data, "server")
 		if t != jsonparser.Object {
-			zap.S().Errorw("invalid server data passed in request")
+			l.Error("invalid server data passed in request")
 			return
 		}

 		// Create a new server installer (note this does not execute the install script)
 		i, err := installer.New(serverData)
 		if err != nil {
-			zap.S().Warnw("failed to validate the received server data", zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to validate received server data")
 			return
 		}

@@ -283,7 +281,7 @@ func postTransfer(c *gin.Context) {

 		// Un-archive the archive. That sounds weird..
 		if err := archiver.NewTarGz().Unarchive(archivePath, i.Server().Filesystem.Path()); err != nil {
-			zap.S().Errorw("failed to extract archive", zap.String("server", serverID), zap.Error(err))
+			l.WithField("error", errors.WithStack(err)).Error("failed to extract server archive")
 			return
 		}

@@ -298,15 +296,16 @@ func postTransfer(c *gin.Context) {
 		rerr, err := api.NewRequester().SendTransferSuccess(serverID)
 		if rerr != nil || err != nil {
 			if err != nil {
-				zap.S().Errorw("failed to notify panel with transfer success", zap.String("server", serverID), zap.Error(err))
+				l.WithField("error", errors.WithStack(err)).Error("failed to notify panel of transfer success")
 				return
 			}

-			zap.S().Errorw("panel returned an error when notifying of a transfer success", zap.String("server", serverID), zap.Error(errors.New(rerr.String())))
+			l.WithField("error", errors.WithStack(rerr)).Error("panel responded with error after transfer success")
+
 			return
 		}

-		zap.S().Debugw("successfully notified panel about transfer success", zap.String("server", serverID))
+		l.Info("successfully notified panel of transfer success")
 	}(buf.Bytes())

 	c.Status(http.StatusAccepted)
--- a/router/tokens/backup.go
+++ b/router/tokens/backup.go
@@ -6,6 +6,7 @@ import (

 type BackupPayload struct {
 	jwt.Payload
+
 	ServerUuid string `json:"server_uuid"`
 	BackupUuid string `json:"backup_uuid"`
 	UniqueId   string `json:"unique_id"`
@@ -22,4 +23,4 @@ func (p *BackupPayload) GetPayload() *jwt.Payload {
 // validates all of the request.
 func (p *BackupPayload) IsUniqueRequest() bool {
 	return getTokenStore().IsValidToken(p.UniqueId)
-}
+}
--- a/router/tokens/upload.go
+++ b/router/tokens/upload.go
@@ -0,0 +1,25 @@
+package tokens
+
+import (
+	"github.com/gbrlsnchs/jwt/v3"
+)
+
+type UploadPayload struct {
+	jwt.Payload
+
+	ServerUuid string `json:"server_uuid"`
+	UniqueId   string `json:"unique_id"`
+}
+
+// Returns the JWT payload.
+func (p *UploadPayload) GetPayload() *jwt.Payload {
+	return &p.Payload
+}
+
+// Determines if this JWT is valid for the given request cycle. If the
+// unique ID passed in the token has already been seen before this will
+// return false. This allows us to use this JWT as a one-time token that
+// validates all of the request.
+func (p *UploadPayload) IsUniqueRequest() bool {
+	return getTokenStore().IsValidToken(p.UniqueId)
+}
--- a/router/tokens/websocket.go
+++ b/router/tokens/websocket.go
@@ -4,10 +4,13 @@ import (
 	"encoding/json"
 	"github.com/gbrlsnchs/jwt/v3"
 	"strings"
+	"sync"
 )

 type WebsocketPayload struct {
 	jwt.Payload
+	sync.RWMutex
+
 	UserID      json.Number `json:"user_id"`
 	ServerUUID  string      `json:"server_uuid"`
 	Permissions []string    `json:"permissions"`
@@ -15,11 +18,24 @@ type WebsocketPayload struct {

 // Returns the JWT payload.
 func (p *WebsocketPayload) GetPayload() *jwt.Payload {
+	p.RLock()
+	defer p.RUnlock()
+
 	return &p.Payload
 }

+func (p *WebsocketPayload) GetServerUuid() string {
+	p.RLock()
+	defer p.RUnlock()
+
+	return p.ServerUUID
+}
+
 // Checks if the given token payload has a permission string.
 func (p *WebsocketPayload) HasPermission(permission string) bool {
+	p.RLock()
+	defer p.RUnlock()
+
 	for _, k := range p.Permissions {
 		if k == permission || (!strings.HasPrefix(permission, "admin") && k == "*") {
 			return true
--- a/router/websocket/listeners.go
+++ b/router/websocket/listeners.go
@@ -2,6 +2,7 @@ package websocket

 import (
 	"context"
+	"github.com/pterodactyl/wings/events"
 	"github.com/pterodactyl/wings/server"
 	"time"
 )
@@ -26,43 +27,44 @@ func (h *Handler) ListenForExpiration(ctx context.Context) {
 			jwt := h.GetJwt()
 			if jwt != nil {
 				if jwt.ExpirationTime.Unix()-time.Now().Unix() <= 0 {
-					h.SendJson(&Message{Event: TokenExpiredEvent})
-				} else if jwt.ExpirationTime.Unix()-time.Now().Unix() <= 180 {
-					h.SendJson(&Message{Event: TokenExpiringEvent})
+					_ = h.SendJson(&Message{Event: TokenExpiredEvent})
+				} else if jwt.ExpirationTime.Unix()-time.Now().Unix() <= 60 {
+					_ = h.SendJson(&Message{Event: TokenExpiringEvent})
 				}
 			}
 		}
 	}
 }

+var e = []string{
+	server.StatsEvent,
+	server.StatusEvent,
+	server.ConsoleOutputEvent,
+	server.InstallOutputEvent,
+	server.InstallStartedEvent,
+	server.InstallCompletedEvent,
+	server.DaemonMessageEvent,
+	server.BackupCompletedEvent,
+}
+
 // Listens for different events happening on a server and sends them along
 // to the connected websocket.
 func (h *Handler) ListenForServerEvents(ctx context.Context) {
-	events := []string{
-		server.StatsEvent,
-		server.StatusEvent,
-		server.ConsoleOutputEvent,
-		server.InstallOutputEvent,
-		server.DaemonMessageEvent,
-		server.BackupCompletedEvent,
-	}
-
-	eventChannel := make(chan server.Event)
-	for _, event := range events {
+	eventChannel := make(chan events.Event)
+	for _, event := range e {
 		h.server.Events().Subscribe(event, eventChannel)
 	}

-	select {
-	case <-ctx.Done():
-		for _, event := range events {
-			h.server.Events().Unsubscribe(event, eventChannel)
-		}
+	for d := range eventChannel {
+		select {
+		case <-ctx.Done():
+			for _, event := range e {
+				h.server.Events().Unsubscribe(event, eventChannel)
+			}

-		close(eventChannel)
-	default:
-		// Listen for different events emitted by the server and respond to them appropriately.
-		for d := range eventChannel {
-			h.SendJson(&Message{
+			close(eventChannel)
+		default:
+			_ = h.SendJson(&Message{
 				Event: d.Topic,
 				Args:  []string{d.Data},
 			})
--- a/router/websocket/message.go
+++ b/router/websocket/message.go
@@ -16,7 +16,7 @@ type Message struct {
 	//
 	// - status : Returns the server's power state.
 	// - logs : Returns the server log data at the time of the request.
-	// - power : Performs a power action aganist the server based the data.
+	// - power : Performs a power action against the server based the data.
 	// - command : Performs a command on a server using the data field.
 	Event string `json:"event"`

--- a/router/websocket/websocket.go
+++ b/router/websocket/websocket.go
@@ -1,17 +1,19 @@
 package websocket

 import (
+	"context"
+	"encoding/json"
 	"fmt"
+	"github.com/apex/log"
 	"github.com/gbrlsnchs/jwt/v3"
 	"github.com/google/uuid"
 	"github.com/gorilla/websocket"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/config"
+	"github.com/pterodactyl/wings/environment"
 	"github.com/pterodactyl/wings/router/tokens"
 	"github.com/pterodactyl/wings/server"
-	"go.uber.org/zap"
 	"net/http"
-	"os"
 	"strings"
 	"sync"
 	"time"
@@ -56,7 +58,24 @@ func GetHandler(s *server.Server, w http.ResponseWriter, r *http.Request) (*Hand
 		// Ensure that the websocket request is originating from the Panel itself,
 		// and not some other location.
 		CheckOrigin: func(r *http.Request) bool {
-			return r.Header.Get("Origin") == config.Get().PanelLocation
+			o := r.Header.Get("Origin")
+			if o == config.Get().PanelLocation {
+				return true
+			}
+
+			for _, origin := range config.Get().AllowedOrigins {
+				if origin == "*" {
+					return true
+				}
+
+				if o != origin {
+					continue
+				}
+
+				return true
+			}
+
+			return false
 		},
 	}

@@ -84,7 +103,6 @@ func (h *Handler) SendJson(v *Message) error {
 		// If we're sending installation output but the user does not have the required
 		// permissions to see the output, don't send it down the line.
 		if v.Event == server.InstallOutputEvent {
-			zap.S().Debugf("%+v", v.Args)
 			if !j.HasPermission(PermissionReceiveInstall) {
 				return nil
 			}
@@ -127,7 +145,7 @@ func (h *Handler) TokenValid() error {
 		return errors.New("jwt does not have connect permission")
 	}

-	if h.server.Uuid != j.ServerUUID {
+	if h.server.Id() != j.GetServerUuid() {
 		return errors.New("jwt server uuid mismatch")
 	}

@@ -137,10 +155,7 @@ func (h *Handler) TokenValid() error {
 // Sends an error back to the connected websocket instance by checking the permissions
 // of the token. If the user has the "receive-errors" grant we will send back the actual
 // error message, otherwise we just send back a standard error message.
-func (h *Handler) SendErrorJson(err error) error {
-	h.Lock()
-	defer h.Unlock()
-
+func (h *Handler) SendErrorJson(msg Message, err error, shouldLog ...bool) error {
 	j := h.GetJwt()

 	message := "an unexpected error was encountered while handling this request"
@@ -153,16 +168,14 @@ func (h *Handler) SendErrorJson(err error) error {
 	wsm := Message{Event: ErrorEvent}
 	wsm.Args = []string{m}

-	if !server.IsSuspendedError(err) {
-		zap.S().Errorw(
-			"an error was encountered in the websocket process",
-			zap.String("server", h.server.Uuid),
-			zap.String("error_identifier", u.String()),
-			zap.Error(err),
-		)
+	if len(shouldLog) == 0 || (len(shouldLog) == 1 && shouldLog[0] == true) {
+		if !server.IsSuspendedError(err) {
+			h.server.Log().WithFields(log.Fields{"event": msg.Event, "error_identifier": u.String(), "error": err}).
+				Error("failed to handle websocket process; an error was encountered processing an event")
+		}
 	}

-	return h.Connection.WriteJSON(wsm)
+	return h.unsafeSendJson(wsm)
 }

 // Converts an error message into a more readable representation and returns a UUID
@@ -193,7 +206,7 @@ func (h *Handler) GetJwt() *tokens.WebsocketPayload {
 func (h *Handler) HandleInbound(m Message) error {
 	if m.Event != AuthenticationEvent {
 		if err := h.TokenValid(); err != nil {
-			zap.S().Debugw("jwt token is no longer valid", zap.String("message", err.Error()))
+			log.WithField("message", err.Error()).Debug("jwt for server websocket is no longer valid")

 			h.unsafeSendJson(Message{
 				Event: ErrorEvent,
@@ -219,51 +232,80 @@ func (h *Handler) HandleInbound(m Message) error {
 				return err
 			}

-			if token.HasPermission(PermissionConnect) {
-				h.setJwt(token)
-			}
+			// Check if the user has previously authenticated successfully.
+			newConnection := h.GetJwt() == nil

-			// On every authentication event, send the current server status back
-			// to the client. :)
-			h.server.Events().Publish(server.StatusEvent, h.server.GetState())
+			// Previously there was a HasPermission(PermissionConnect) check around this,
+			// however NewTokenPayload will return an error if it doesn't have the connect
+			// permission meaning that it was a redundant function call.
+			h.setJwt(token)

+			// Tell the client they authenticated successfully.
 			h.unsafeSendJson(Message{
 				Event: AuthenticationSuccessEvent,
 				Args:  []string{},
 			})

+			// Check if the client was refreshing their authentication token
+			// instead of authenticating for the first time.
+			if !newConnection {
+				// This prevents duplicate status messages as outlined in
+				// https://github.com/pterodactyl/panel/issues/2077
+				return nil
+			}
+
+			// On every authentication event, send the current server status back
+			// to the client. :)
+			state := h.server.GetState()
+			h.SendJson(&Message{
+				Event: server.StatusEvent,
+				Args:  []string{state},
+			})
+
+			// Only send the current disk usage if the server is offline, if docker container is running,
+			// Environment#EnableResourcePolling() will send this data to all clients.
+			if state == environment.ProcessOfflineState {
+				_ = h.server.Filesystem.HasSpaceAvailable(false)
+
+				b, _ := json.Marshal(h.server.Proc())
+				h.SendJson(&Message{
+					Event: server.StatsEvent,
+					Args:  []string{string(b)},
+				})
+			}
+
 			return nil
 		}
 	case SetStateEvent:
 		{
-			switch strings.Join(m.Args, "") {
-			case "start":
-				if h.GetJwt().HasPermission(PermissionSendPowerStart) {
-					return h.server.Environment.Start()
-				}
-				break
-			case "stop":
-				if h.GetJwt().HasPermission(PermissionSendPowerStop) {
-					return h.server.Environment.Stop()
-				}
-				break
-			case "restart":
-				if h.GetJwt().HasPermission(PermissionSendPowerRestart) {
-					if err := h.server.Environment.WaitForStop(60, false); err != nil {
-						return err
-					}
+			action := server.PowerAction(strings.Join(m.Args, ""))

-					return h.server.Environment.Start()
+			actions := make(map[server.PowerAction]string)
+			actions[server.PowerActionStart] = PermissionSendPowerStart
+			actions[server.PowerActionStop] = PermissionSendPowerStop
+			actions[server.PowerActionRestart] = PermissionSendPowerRestart
+			actions[server.PowerActionTerminate] = PermissionSendPowerStop
+
+			// Check that they have permission to perform this action if it is needed.
+			if permission, exists := actions[action]; exists {
+				if !h.GetJwt().HasPermission(permission) {
+					return nil
 				}
-				break
-			case "kill":
-				if h.GetJwt().HasPermission(PermissionSendPowerStop) {
-					return h.server.Environment.Terminate(os.Kill)
-				}
-				break
 			}

-			return nil
+			err := h.server.HandlePowerAction(action)
+			if errors.Is(err, context.DeadlineExceeded) {
+				m, _ := h.GetErrorMessage("another power action is currently being processed for this server, please try again later")
+
+				h.SendJson(&Message{
+					Event: ErrorEvent,
+					Args:  []string{m},
+				})
+
+				return nil
+			}
+
+			return err
 		}
 	case SendServerLogsEvent:
 		{
@@ -291,7 +333,7 @@ func (h *Handler) HandleInbound(m Message) error {
 				return nil
 			}

-			if h.server.GetState() == server.ProcessOfflineState {
+			if h.server.GetState() == environment.ProcessOfflineState {
 				return nil
 			}

--- a/server/archiver.go
+++ b/server/archiver.go
@@ -23,7 +23,7 @@ func (a *Archiver) ArchivePath() string {

 // ArchiveName returns the name of the server's archive.
 func (a *Archiver) ArchiveName() string {
-	return a.Server.Uuid + ".tar.gz"
+	return a.Server.Id() + ".tar.gz"
 }

 // Exists returns a boolean based off if the archive exists.
@@ -52,7 +52,12 @@ func (a *Archiver) Archive() error {
 	}

 	for _, file := range fileInfo {
-		files = append(files, filepath.Join(path, file.Name()))
+		f, err := a.Server.Filesystem.SafeJoin(path, file)
+		if err != nil {
+			return err
+		}
+
+		files = append(files, f)
 	}

 	stat, err := a.Stat()
@@ -96,7 +101,9 @@ func (a *Archiver) Checksum() (string, error) {
 	defer file.Close()

 	hash := sha256.New()
-	if _, err := io.Copy(hash, file); err != nil {
+
+	buf := make([]byte, 1024*4)
+	if _, err := io.CopyBuffer(hash, file, buf); err != nil {
 		return "", err
 	}

--- a/server/backup.go
+++ b/server/backup.go
@@ -2,10 +2,10 @@ package server

 import (
 	"bufio"
+	"github.com/apex/log"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
 	"github.com/pterodactyl/wings/server/backup"
-	"go.uber.org/zap"
 	"os"
 	"path"
 )
@@ -17,17 +17,14 @@ func (s *Server) notifyPanelOfBackup(uuid string, ad *backup.ArchiveDetails, suc
 	rerr, err := r.SendBackupStatus(uuid, ad.ToRequest(successful))
 	if rerr != nil || err != nil {
 		if err != nil {
-			zap.S().Errorw(
-				"failed to notify panel of backup status due to internal code error",
-				zap.String("backup", s.Uuid),
-				zap.Error(err),
-			)
+			s.Log().WithFields(log.Fields{
+				"backup": uuid,
+				"error":  err,
+			}).Error("failed to notify panel of backup status due to wings error")

 			return err
 		}

-		zap.S().Warnw(rerr.String(), zap.String("backup", uuid))
-
 		return errors.New(rerr.String())
 	}

@@ -66,7 +63,7 @@ func (s *Server) GetIncludedBackupFiles(ignored []string) (*backup.IncludedFiles
 	// of the server files directory, and use that to generate the backup.
 	if len(ignored) == 0 {
 		if i, err := s.getServerwideIgnoredFiles(); err != nil {
-			zap.S().Warnw("failed to retrieve server ignored files", zap.String("server", s.Uuid), zap.Error(err))
+			s.Log().WithField("error", err).Warn("failed to retrieve ignored files listing for server")
 		} else {
 			ignored = i
 		}
@@ -86,17 +83,28 @@ func (s *Server) Backup(b backup.BackupInterface) error {
 		return errors.WithStack(err)
 	}

-	if err := b.Generate(inc, s.Filesystem.Path()); err != nil {
+	ad, err := b.Generate(inc, s.Filesystem.Path())
+	if err != nil {
 		if notifyError := s.notifyPanelOfBackup(b.Identifier(), &backup.ArchiveDetails{}, false); notifyError != nil {
-			zap.S().Warnw("failed to notify panel of failed backup state", zap.String("backup", b.Identifier()), zap.Error(err))
+			s.Log().WithFields(log.Fields{
+				"backup": b.Identifier(),
+				"error":  notifyError,
+			}).Warn("failed to notify panel of failed backup state")
 		}

-		return errors.WithStack(err)
+		s.Events().PublishJson(BackupCompletedEvent+":"+b.Identifier(), map[string]interface{}{
+			"uuid":          b.Identifier(),
+			"is_successful": false,
+			"checksum":      "",
+			"checksum_type": "sha1",
+			"file_size":     0,
+		})
+
+		return errors.Wrap(err, "error while generating server backup")
 	}

 	// Try to notify the panel about the status of this backup. If for some reason this request
 	// fails, delete the archive from the daemon and return that error up the chain to the caller.
-	ad := b.Details()
 	if notifyError := s.notifyPanelOfBackup(b.Identifier(), ad, true); notifyError != nil {
 		b.Remove()

@@ -106,10 +114,12 @@ func (s *Server) Backup(b backup.BackupInterface) error {
 	// Emit an event over the socket so we can update the backup in realtime on
 	// the frontend for the server.
 	s.Events().PublishJson(BackupCompletedEvent+":"+b.Identifier(), map[string]interface{}{
-		"uuid":        b.Identifier(),
-		"sha256_hash": ad.Checksum,
-		"file_size":   ad.Size,
+		"uuid":          b.Identifier(),
+		"is_successful": true,
+		"checksum":      ad.Checksum,
+		"checksum_type": "sha1",
+		"file_size":     ad.Size,
 	})

 	return nil
-}
+}
--- a/server/backup/archiver.go
+++ b/server/backup/archiver.go
@@ -3,12 +3,14 @@ package backup
 import (
 	"archive/tar"
 	"context"
+	"github.com/apex/log"
 	gzip "github.com/klauspost/pgzip"
+	"github.com/pkg/errors"
 	"github.com/remeh/sizedwaitgroup"
-	"go.uber.org/zap"
 	"golang.org/x/sync/errgroup"
 	"io"
 	"os"
+	"runtime"
 	"strings"
 	"sync"
 )
@@ -20,18 +22,27 @@ type Archive struct {
 	Files      *IncludedFiles
 }

-// Creates an archive at dest with all of the files definied in the included files struct.
-func (a *Archive) Create(dest string, ctx context.Context) error {
-	f, err := os.OpenFile(dest, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+// Creates an archive at dst with all of the files defined in the included files struct.
+func (a *Archive) Create(dst string, ctx context.Context) (os.FileInfo, error) {
+	f, err := os.OpenFile(dst, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
-		return err
+		return nil, errors.WithStack(err)
 	}
 	defer f.Close()

-	gzw := gzip.NewWriter(f)
+	maxCpu := runtime.NumCPU() / 2
+	if maxCpu > 4 {
+		maxCpu = 4
+	}
+
+	gzw, _ := gzip.NewWriterLevel(f, gzip.BestSpeed)
+	_ = gzw.SetConcurrency(1<<20, maxCpu)
+
+	defer gzw.Flush()
 	defer gzw.Close()

 	tw := tar.NewWriter(gzw)
+	defer tw.Flush()
 	defer tw.Close()

 	wg := sizedwaitgroup.New(10)
@@ -39,23 +50,17 @@ func (a *Archive) Create(dest string, ctx context.Context) error {
 	// Iterate over all of the files to be included and put them into the archive. This is
 	// done as a concurrent goroutine to speed things along. If an error is encountered at
 	// any step, the entire process is aborted.
-	for p, s := range a.Files.All() {
-		if (*s).IsDir() {
-			continue
-		}
-
-		pa := p
-		st := s
-
+	for _, p := range a.Files.All() {
+		p := p
 		g.Go(func() error {
 			wg.Add()
 			defer wg.Done()

 			select {
 			case <-ctx.Done():
-				return ctx.Err()
+				return errors.WithStack(ctx.Err())
 			default:
-				return a.addToArchive(pa, st, tw)
+				return a.addToArchive(p, tw)
 			}
 		})
 	}
@@ -66,32 +71,52 @@ func (a *Archive) Create(dest string, ctx context.Context) error {

 		// Attempt to remove the archive if there is an error, report that error to
 		// the logger if it fails.
-		if rerr := os.Remove(dest); rerr != nil && !os.IsNotExist(rerr) {
-			zap.S().Warnw("failed to delete corrupted backup archive", zap.String("location", dest))
+		if rerr := os.Remove(dst); rerr != nil && !os.IsNotExist(rerr) {
+			log.WithField("location", dst).Warn("failed to delete corrupted backup archive")
 		}

-		return err
+		return nil, errors.WithStack(err)
 	}

-	return nil
+	st, err := f.Stat()
+	if err != nil {
+		return nil, errors.WithStack(err)
+	}
+
+	return st, nil
 }

 // Adds a single file to the existing tar archive writer.
-func (a *Archive) addToArchive(p string, s *os.FileInfo, w *tar.Writer) error {
+func (a *Archive) addToArchive(p string, w *tar.Writer) error {
 	f, err := os.Open(p)
 	if err != nil {
-		return err
+		// If you try to backup something that no longer exists (got deleted somewhere during the process
+		// but not by this process), just skip over it and don't kill the entire backup.
+		if os.IsNotExist(err) {
+			return nil
+		}
+
+		return errors.WithStack(err)
 	}
 	defer f.Close()

-	st := *s
+	s, err := f.Stat()
+	if err != nil {
+		// Same as above, don't kill the process just because the file no longer exists.
+		if os.IsNotExist(err) {
+			return nil
+		}
+
+		return errors.WithStack(err)
+	}
+
 	header := &tar.Header{
 		// Trim the long server path from the name of the file so that the resulting
 		// archive is exactly how the user would see it in the panel file manager.
 		Name:    strings.TrimPrefix(p, a.TrimPrefix),
-		Size:    st.Size(),
-		Mode:    int64(st.Mode()),
-		ModTime: st.ModTime(),
+		Size:    s.Size(),
+		Mode:    int64(s.Mode()),
+		ModTime: s.ModTime(),
 	}

 	// These actions must occur sequentially, even if this function is called multiple
@@ -99,12 +124,13 @@ func (a *Archive) addToArchive(p string, s *os.FileInfo, w *tar.Writer) error {
 	a.Lock()
 	defer a.Unlock()

-	if err = w.WriteHeader(header); err != nil {
-		return err
+	if err := w.WriteHeader(header); err != nil {
+		return errors.WithStack(err)
 	}

-	if _, err := io.Copy(w, f); err != nil {
-		return err
+	buf := make([]byte, 4*1024)
+	if _, err := io.CopyBuffer(w, f, buf); err != nil {
+		return errors.WithStack(err)
 	}

 	return nil
--- a/server/backup/backup.go
+++ b/server/backup/backup.go
@@ -1,12 +1,12 @@
 package backup

 import (
-	"crypto/sha256"
+	"crypto/sha1"
 	"encoding/hex"
+	"github.com/apex/log"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
 	"io"
 	"os"
 	"path"
@@ -19,16 +19,18 @@ const (
 )

 type ArchiveDetails struct {
-	Checksum string `json:"checksum"`
-	Size     int64  `json:"size"`
+	Checksum     string `json:"checksum"`
+	ChecksumType string `json:"checksum_type"`
+	Size         int64  `json:"size"`
 }

 // Returns a request object.
 func (ad *ArchiveDetails) ToRequest(successful bool) api.BackupRequest {
 	return api.BackupRequest{
-		Checksum:   ad.Checksum,
-		Size:       ad.Size,
-		Successful: successful,
+		Checksum:     ad.Checksum,
+		ChecksumType: ad.ChecksumType,
+		Size:         ad.Size,
+		Successful:   successful,
 	}
 }

@@ -49,7 +51,7 @@ type BackupInterface interface {

 	// Generates a backup in whatever the configured source for the specific
 	// implementation is.
-	Generate(*IncludedFiles, string) error
+	Generate(*IncludedFiles, string) (*ArchiveDetails, error)

 	// Returns the ignored files for this backup instance.
 	Ignored() []string
@@ -93,16 +95,17 @@ func (b *Backup) Size() (int64, error) {

 // Returns the SHA256 checksum of a backup.
 func (b *Backup) Checksum() ([]byte, error) {
-	h := sha256.New()
+	h := sha1.New()

 	f, err := os.Open(b.Path())
 	if err != nil {
-		return []byte{}, errors.WithStack(err)
+		return nil, errors.WithStack(err)
 	}
 	defer f.Close()

-	if _, err := io.Copy(h, f); err != nil {
-		return []byte{}, errors.WithStack(err)
+	buf := make([]byte, 1024*4)
+	if _, err := io.CopyBuffer(h, f, buf); err != nil {
+		return nil, err
 	}

 	return h.Sum(nil), nil
@@ -121,7 +124,10 @@ func (b *Backup) Details() *ArchiveDetails {

 		resp, err := b.Checksum()
 		if err != nil {
-			zap.S().Errorw("failed to calculate checksum for backup", zap.String("backup", b.Uuid), zap.Error(err))
+			log.WithFields(log.Fields{
+				"backup": b.Identifier(),
+				"error":  err,
+			}).Error("failed to calculate checksum for backup")
 		}

 		checksum = hex.EncodeToString(resp)
@@ -141,11 +147,12 @@ func (b *Backup) Details() *ArchiveDetails {
 	wg.Wait()

 	return &ArchiveDetails{
-		Checksum: checksum,
-		Size:     sz,
+		Checksum:     checksum,
+		ChecksumType: "sha1",
+		Size:         sz,
 	}
 }

 func (b *Backup) Ignored() []string {
 	return b.IgnoredFiles
-}
+}
--- a/server/backup/backup_local.go
+++ b/server/backup/backup_local.go
@@ -24,11 +24,11 @@ func LocateLocal(uuid string) (*LocalBackup, os.FileInfo, error) {

 	st, err := os.Stat(b.Path())
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, errors.WithStack(err)
 	}

 	if st.IsDir() {
-		return nil, nil, errors.New("invalid archive found; is directory")
+		return nil, nil, errors.New("invalid archive, is directory")
 	}

 	return b, st, nil
@@ -41,13 +41,15 @@ func (b *LocalBackup) Remove() error {

 // Generates a backup of the selected files and pushes it to the defined location
 // for this instance.
-func (b *LocalBackup) Generate(included *IncludedFiles, prefix string) error {
+func (b *LocalBackup) Generate(included *IncludedFiles, prefix string) (*ArchiveDetails, error) {
 	a := &Archive{
 		TrimPrefix: prefix,
 		Files:      included,
 	}

-	err := a.Create(b.Path(), context.Background())
+	if _, err := a.Create(b.Path(), context.Background()); err != nil {
+		return nil, errors.WithStack(err)
+	}

-	return err
+	return b.Details(), nil
 }
--- a/server/backup/backup_s3.go
+++ b/server/backup/backup_s3.go
@@ -3,6 +3,8 @@ package backup
 import (
 	"context"
 	"fmt"
+	"github.com/apex/log"
+	"github.com/pkg/errors"
 	"io"
 	"net/http"
 	"os"
@@ -21,7 +23,9 @@ type S3Backup struct {

 var _ BackupInterface = (*S3Backup)(nil)

-func (s *S3Backup) Generate(included *IncludedFiles, prefix string) error {
+// Generates a new backup on the disk, moves it into the S3 bucket via the provided
+// presigned URL, and then deletes the backup from the disk.
+func (s *S3Backup) Generate(included *IncludedFiles, prefix string) (*ArchiveDetails, error) {
 	defer s.Remove()

 	a := &Archive{
@@ -29,46 +33,27 @@ func (s *S3Backup) Generate(included *IncludedFiles, prefix string) error {
 		Files:      included,
 	}

-	if err := a.Create(s.Path(), context.Background()); err != nil {
-		return err
+	if _, err := a.Create(s.Path(), context.Background()); err != nil {
+		return nil, errors.WithStack(err)
 	}

-	fmt.Println(s.PresignedUrl)
-
-	r, err := http.NewRequest(http.MethodPut, s.PresignedUrl, nil)
+	rc, err := os.Open(s.Path())
 	if err != nil {
-		return err
-	}
-
-	if sz, err := s.Size(); err != nil {
-		return err
-	} else {
-		r.ContentLength = sz
-		r.Header.Add("Content-Length", strconv.Itoa(int(sz)))
-		r.Header.Add("Content-Type", "application/x-gzip")
-	}
-
-	var rc io.ReadCloser
-	if f, err := os.Open(s.Path()); err != nil {
-		return err
-	} else {
-		rc = f
+		return nil, errors.WithStack(err)
 	}
 	defer rc.Close()

-	r.Body = rc
-	resp, err := http.DefaultClient.Do(r)
-	if err != nil {
-		return err
-	}
-	defer resp.Body.Close()
+	if resp, err := s.generateRemoteRequest(rc); err != nil {
+		return nil, errors.WithStack(err)
+	} else {
+		resp.Body.Close()

-	if resp.StatusCode != http.StatusOK {
-		io.Copy(os.Stdout, resp.Body)
-		return fmt.Errorf("failed to put S3 object, %d:%s", resp.StatusCode, resp.Status)
+		if resp.StatusCode != http.StatusOK {
+			return nil, fmt.Errorf("failed to put S3 object, %d:%s", resp.StatusCode, resp.Status)
+		}
 	}

-	return nil
+	return s.Details(), err
 }

 // Removes a backup from the system.
@@ -76,9 +61,27 @@ func (s *S3Backup) Remove() error {
 	return os.Remove(s.Path())
 }

-func (s *S3Backup) Details() *ArchiveDetails {
-	return &ArchiveDetails{
-		Checksum: "checksum",
-		Size:     1024,
+// Generates the remote S3 request and begins the upload.
+func (s *S3Backup) generateRemoteRequest(rc io.ReadCloser) (*http.Response, error) {
+	r, err := http.NewRequest(http.MethodPut, s.PresignedUrl, nil)
+	if err != nil {
+		return nil, err
 	}
+
+	if sz, err := s.Size(); err != nil {
+		return nil, err
+	} else {
+		r.ContentLength = sz
+		r.Header.Add("Content-Length", strconv.Itoa(int(sz)))
+		r.Header.Add("Content-Type", "application/x-gzip")
+	}
+
+	r.Body = rc
+
+	log.WithFields(log.Fields{
+		"endpoint": s.PresignedUrl,
+		"headers":  r.Header,
+	}).Debug("uploading backup to remote S3 endpoint")
+
+	return http.DefaultClient.Do(r)
 }
--- a/server/backup/included.go
+++ b/server/backup/included.go
@@ -1,29 +1,23 @@
 package backup

 import (
-	"os"
 	"sync"
 )

 type IncludedFiles struct {
 	sync.RWMutex
-	files map[string]*os.FileInfo
+	files []string
 }

 // Pushes an additional file or folder onto the struct.
-func (i *IncludedFiles) Push(info *os.FileInfo, p string) {
+func (i *IncludedFiles) Push(p string) {
 	i.Lock()
-	defer i.Unlock()
-
-	if i.files == nil {
-		i.files = make(map[string]*os.FileInfo)
-	}
-
-	i.files[p] = info
+	i.files = append(i.files, p) // ~~
+	i.Unlock()
 }

 // Returns all of the files that were marked as being included.
-func (i *IncludedFiles) All() map[string]*os.FileInfo {
+func (i *IncludedFiles) All() []string {
 	i.RLock()
 	defer i.RUnlock()

--- a/server/config_parser.go
+++ b/server/config_parser.go
@@ -1,34 +1,32 @@
 package server

 import (
-	"github.com/pterodactyl/wings/parser"
-	"go.uber.org/zap"
-	"sync"
+	"github.com/gammazero/workerpool"
+	"runtime"
 )

 // Parent function that will update all of the defined configuration files for a server
 // automatically to ensure that they always use the specified values.
 func (s *Server) UpdateConfigurationFiles() {
-	wg := new(sync.WaitGroup)
+	pool := workerpool.New(runtime.NumCPU())

-	for _, v := range s.processConfiguration.ConfigurationFiles {
-		wg.Add(1)
-
-		go func(f parser.ConfigurationFile, server *Server) {
-			defer wg.Done()
+	files := s.ProcessConfiguration().ConfigurationFiles
+	for _, cf := range files {
+		f := cf

+		pool.Submit(func() {
 			p, err := s.Filesystem.SafePath(f.FileName)
 			if err != nil {
-				zap.S().Errorw("failed to generate safe path for configuration file", zap.String("server", server.Uuid), zap.Error(err))
+				s.Log().WithField("error", err).Error("failed to generate safe path for configuration file")

 				return
 			}

 			if err := f.Parse(p, false); err != nil {
-				zap.S().Errorw("failed to parse and update server configuration file", zap.String("server", server.Uuid), zap.Error(err))
+				s.Log().WithField("error", err).Error("failed to parse and update server configuration file")
 			}
-		}(v, s)
+		})
 	}

-	wg.Wait()
-}
+	pool.StopWait()
+}
--- a/server/configuration.go
+++ b/server/configuration.go
@@ -0,0 +1,75 @@
+package server
+
+import (
+	"github.com/pterodactyl/wings/environment"
+	"sync"
+)
+
+type Configuration struct {
+	mu sync.RWMutex
+
+	// The unique identifier for the server that should be used when referencing
+	// it against the Panel API (and internally). This will be used when naming
+	// docker containers as well as in log output.
+	Uuid string `json:"uuid"`
+
+	// Whether or not the server is in a suspended state. Suspended servers cannot
+	// be started or modified except in certain scenarios by an admin user.
+	Suspended bool `json:"suspended"`
+
+	// The command that should be used when booting up the server instance.
+	Invocation string `json:"invocation"`
+
+	// By default this is false, however if selected within the Panel while installing or re-installing a
+	// server, specific installation scripts will be skipped for the server process.
+	SkipEggScripts bool `default:"false" json:"skip_egg_scripts"`
+
+	// An array of environment variables that should be passed along to the running
+	// server process.
+	EnvVars environment.Variables `json:"environment"`
+
+	Allocations           environment.Allocations `json:"allocations"`
+	Build                 environment.Limits      `json:"build"`
+	CrashDetectionEnabled bool                    `default:"true" json:"enabled" yaml:"enabled"`
+	Mounts                []Mount                 `json:"mounts"`
+	Resources             ResourceUsage           `json:"resources"`
+
+	Container struct {
+		// Defines the Docker image that will be used for this server
+		Image string `json:"image,omitempty"`
+	} `json:"container,omitempty"`
+}
+
+func (s *Server) Config() *Configuration {
+	s.cfg.mu.RLock()
+	defer s.cfg.mu.RUnlock()
+
+	return &s.cfg
+}
+
+func (s *Server) DiskSpace() int64 {
+	s.cfg.mu.RLock()
+	defer s.cfg.mu.RUnlock()
+
+	return s.cfg.Build.DiskSpace
+}
+
+func (s *Server) MemoryLimit() int64 {
+	s.cfg.mu.RLock()
+	defer s.cfg.mu.RUnlock()
+
+	return s.cfg.Build.MemoryLimit
+}
+
+func (c *Configuration) GetUuid() string {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	return c.Uuid
+}
+
+func (c *Configuration) SetSuspended(s bool) {
+	c.mu.Lock()
+	c.Suspended = s
+	c.mu.Unlock()
+}
--- a/server/console.go
+++ b/server/console.go
@@ -3,25 +3,97 @@ package server
 import (
 	"fmt"
 	"github.com/mitchellh/colorstring"
-	"io"
+	"github.com/pterodactyl/wings/config"
+	"sync"
+	"sync/atomic"
+	"time"
 )

-type Console struct {
-	Server      *Server
-	HandlerFunc *func(string)
+type ConsoleThrottler struct {
+	sync.RWMutex
+	config.ConsoleThrottles
+
+	// The total number of activations that have occurred thus far.
+	activations uint64
+
+	// The total number of lines processed so far during the given time period.
+	lines uint64
+
+	lastIntervalTime *time.Time
+	lastDecayTime    *time.Time
 }

-var _ io.Writer = Console{}
+// Increments the number of activations for a server.
+func (ct *ConsoleThrottler) AddActivation() uint64 {
+	ct.Lock()
+	defer ct.Unlock()

-func (c Console) Write(b []byte) (int, error) {
-	if c.HandlerFunc != nil {
-		l := make([]byte, len(b))
-		copy(l, b)
+	ct.activations += 1

-		(*c.HandlerFunc)(string(l))
+	return ct.activations
+}
+
+// Decrements the number of activations for a server.
+func (ct *ConsoleThrottler) RemoveActivation() uint64 {
+	ct.Lock()
+	defer ct.Unlock()
+
+	if ct.activations == 0 {
+		return 0
 	}

-	return len(b), nil
+	ct.activations -= 1
+
+	return ct.activations
+}
+
+// Increment the total count of lines that we have processed so far.
+func (ct *ConsoleThrottler) IncrementLineCount() uint64 {
+	return atomic.AddUint64(&ct.lines, 1)
+}
+
+// Reset the line count to zero.
+func (ct *ConsoleThrottler) ResetLineCount() {
+	atomic.SwapUint64(&ct.lines, 0)
+}
+
+// Handles output from a server's console. This code ensures that a server is not outputting
+// an excessive amount of data to the console that could indicate a malicious or run-away process
+// and lead to performance issues for other users.
+//
+// This was much more of a problem for the NodeJS version of the daemon which struggled to handle
+// large volumes of output. However, this code is much more performant so I generally feel a lot
+// better about it's abilities.
+//
+// However, extreme output is still somewhat of a DoS attack vector against this software since we
+// are still logging it to the disk temporarily and will want to avoid dumping a huge amount of
+// data all at once. These values are all configurable via the wings configuration file, however the
+// defaults have been in the wild for almost two years at the time of this writing, so I feel quite
+// confident in them.
+func (ct *ConsoleThrottler) Handle() {
+
+}
+
+// Returns the throttler instance for the server or creates a new one.
+func (s *Server) Throttler() *ConsoleThrottler {
+	s.throttleLock.RLock()
+
+	if s.throttler == nil {
+		// Release the read lock so that we can acquire a normal lock on the process and
+		// make modifications to the throttler.
+		s.throttleLock.RUnlock()
+
+		s.throttleLock.Lock()
+		s.throttler = &ConsoleThrottler{
+			ConsoleThrottles: config.Get().Throttles,
+		}
+		s.throttleLock.Unlock()
+
+		return s.throttler
+	} else {
+		defer s.throttleLock.RUnlock()
+		return s.throttler
+	}
 }

 // Sends output to the server console formatted to appear correctly as being sent
--- a/server/crash.go
+++ b/server/crash.go
@@ -4,38 +4,50 @@ import (
 	"fmt"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
+	"github.com/pterodactyl/wings/environment"
+	"sync"
 	"time"
 )

-type CrashDetection struct {
-	// If set to false, the system will not listen for crash detection events that
-	// can indicate that the server stopped unexpectedly.
-	Enabled bool `default:"true" json:"enabled" yaml:"enabled"`
+type CrashHandler struct {
+	mu sync.RWMutex

 	// Tracks the time of the last server crash event.
 	lastCrash time.Time
 }

+// Returns the time of the last crash for this server instance.
+func (cd *CrashHandler) LastCrashTime() time.Time {
+	cd.mu.RLock()
+	defer cd.mu.RUnlock()
+
+	return cd.lastCrash
+}
+
+// Sets the last crash time for a server.
+func (cd *CrashHandler) SetLastCrash(t time.Time) {
+	cd.mu.Lock()
+	cd.lastCrash = t
+	cd.mu.Unlock()
+}
+
 // Looks at the environment exit state to determine if the process exited cleanly or
 // if it was the result of an event that we should try to recover from.
 //
 // This function assumes it is called under circumstances where a crash is suspected
-// of occuring. It will not do anything to determine if it was actually a crash, just
+// of occurring. It will not do anything to determine if it was actually a crash, just
 // look at the exit state and check if it meets the criteria of being called a crash
 // by Wings.
 //
 // If the server is determined to have crashed, the process will be restarted and the
 // counter for the server will be incremented.
-//
-// @todo output event to server console
 func (s *Server) handleServerCrash() error {
 	// No point in doing anything here if the server isn't currently offline, there
 	// is no reason to do a crash detection event. If the server crash detection is
 	// disabled we want to skip anything after this as well.
-	if s.GetState() != ProcessOfflineState || !s.CrashDetection.Enabled {
-		if !s.CrashDetection.Enabled {
-			zap.S().Debugw("server triggered crash detection but handler is disabled for server process", zap.String("server", s.Uuid))
+	if s.GetState() != environment.ProcessOfflineState || !s.Config().CrashDetectionEnabled {
+		if !s.Config().CrashDetectionEnabled {
+			s.Log().Debug("server triggered crash detection but handler is disabled for server process")

 			s.PublishConsoleOutputFromDaemon("Server detected as crashed; crash detection is disabled for this instance.")
 		}
@@ -51,7 +63,7 @@ func (s *Server) handleServerCrash() error {
 	// If the system is not configured to detect a clean exit code as a crash, and the
 	// crash is not the result of the program running out of memory, do nothing.
 	if exitCode == 0 && !oomKilled && !config.Get().System.DetectCleanExitAsCrash {
-		zap.S().Debugw("server exited with successful code; system configured to not detect as crash", zap.String("server", s.Uuid))
+		s.Log().Debug("server exited with successful exit code; system is configured to not detect this as a crash")

 		return nil
 	}
@@ -60,16 +72,16 @@ func (s *Server) handleServerCrash() error {
 	s.PublishConsoleOutputFromDaemon(fmt.Sprintf("Exit code: %d", exitCode))
 	s.PublishConsoleOutputFromDaemon(fmt.Sprintf("Out of memory: %t", oomKilled))

-	c := s.CrashDetection.lastCrash
+	c := s.crasher.LastCrashTime()
 	// If the last crash time was within the last 60 seconds we do not want to perform
 	// an automatic reboot of the process. Return an error that can be handled.
-	if !c.IsZero() && c.Add(time.Second * 60).After(time.Now()) {
+	if !c.IsZero() && c.Add(time.Second*60).After(time.Now()) {
 		s.PublishConsoleOutputFromDaemon("Aborting automatic reboot: last crash occurred less than 60 seconds ago.")

 		return &crashTooFrequent{}
 	}

-	s.CrashDetection.lastCrash = time.Now()
+	s.crasher.SetLastCrash(time.Now())

-	return s.Environment.Start()
-}
+	return s.HandlePowerAction(PowerActionStart)
+}
--- a/server/environment_docker.go
+++ b/server/environment_docker.go
@@ -1,849 +0,0 @@
-package server
-
-import (
-	"bufio"
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/api/types/container"
-	"github.com/docker/docker/api/types/mount"
-	"github.com/docker/docker/client"
-	"github.com/docker/docker/daemon/logger/jsonfilelog"
-	"github.com/docker/go-connections/nat"
-	"github.com/pkg/errors"
-	"github.com/pterodactyl/wings/api"
-	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
-	"io"
-	"math"
-	"os"
-	"strconv"
-	"strings"
-	"time"
-)
-
-// Defines the base environment for Docker instances running through Wings.
-type DockerEnvironment struct {
-	Server *Server
-
-	// The Docker client being used for this instance.
-	Client *client.Client
-
-	// Tracks if we are currently attached to the server container. This allows us to attach
-	// once and then just use that attachment to stream logs out of the server and also stream
-	// commands back into it without constantly attaching and detaching.
-	attached bool
-
-	// Controls the hijacked response stream which exists only when we're attached to
-	// the running container instance.
-	stream types.HijackedResponse
-
-	// Holds the stats stream used by the polling commands so that we can easily close
-	// it out.
-	stats io.ReadCloser
-}
-
-// Creates a new base Docker environment. A server must still be attached to it.
-func NewDockerEnvironment(server *Server) error {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
-	if err != nil {
-		return err
-	}
-
-	server.Environment = &DockerEnvironment{
-		Server: server,
-		Client: cli,
-	}
-
-	return nil
-}
-
-// Ensure that the Docker environment is always implementing all of the methods
-// from the base environment interface.
-var _ Environment = (*DockerEnvironment)(nil)
-
-// Returns the name of the environment.
-func (d *DockerEnvironment) Type() string {
-	return "docker"
-}
-
-// Determines if the container exists in this environment.
-func (d *DockerEnvironment) Exists() (bool, error) {
-	_, err := d.Client.ContainerInspect(context.Background(), d.Server.Uuid)
-
-	if err != nil {
-		// If this error is because the container instance wasn't found via Docker we
-		// can safely ignore the error and just return false.
-		if client.IsErrNotFound(err) {
-			return false, nil
-		}
-
-		return false, err
-	}
-
-	return true, nil
-}
-
-// Determines if the server's docker container is currently running. If there is no container
-// present, an error will be raised (since this shouldn't be a case that ever happens under
-// correctly developed circumstances).
-//
-// You can confirm if the instance wasn't found by using client.IsErrNotFound from the Docker
-// API.
-//
-// @see docker/client/errors.go
-func (d *DockerEnvironment) IsRunning() (bool, error) {
-	ctx := context.Background()
-
-	c, err := d.Client.ContainerInspect(ctx, d.Server.Uuid)
-	if err != nil {
-		return false, err
-	}
-
-	return c.State.Running, nil
-}
-
-// Performs an in-place update of the Docker container's resource limits without actually
-// making any changes to the operational state of the container. This allows memory, cpu,
-// and IO limitations to be adjusted on the fly for individual instances.
-func (d *DockerEnvironment) InSituUpdate() error {
-	if _, err := d.Client.ContainerInspect(context.Background(), d.Server.Uuid); err != nil {
-		// If the container doesn't exist for some reason there really isn't anything
-		// we can do to fix that in this process (it doesn't make sense at least). In those
-		// cases just return without doing anything since we still want to save the configuration
-		// to the disk.
-		//
-		// We'll let a boot process make modifications to the container if needed at this point.
-		if client.IsErrNotFound(err) {
-			return nil
-		}
-
-		return errors.WithStack(err)
-	}
-
-	u := container.UpdateConfig{
-		Resources: d.getResourcesForServer(),
-	}
-
-	if _, err := d.Client.ContainerUpdate(context.Background(), d.Server.Uuid, u); err != nil {
-		return errors.WithStack(err)
-	}
-
-	return nil
-}
-
-// Run before the container starts and get the process configuration from the Panel.
-// This is important since we use this to check configuration files as well as ensure
-// we always have the latest version of an egg available for server processes.
-//
-// This process will also confirm that the server environment exists and is in a bootable
-// state. This ensures that unexpected container deletion while Wings is running does
-// not result in the server becoming unbootable.
-func (d *DockerEnvironment) OnBeforeStart() error {
-	zap.S().Infow("syncing server configuration with Panel", zap.String("server", d.Server.Uuid))
-	if err := d.Server.Sync(); err != nil {
-		return err
-	}
-
-	if !d.Server.Filesystem.HasSpaceAvailable() {
-		return errors.New("cannot start server, not enough disk space available")
-	}
-
-	// Always destroy and re-create the server container to ensure that synced data from
-	// the Panel is used.
-	if err := d.Client.ContainerRemove(context.Background(), d.Server.Uuid, types.ContainerRemoveOptions{RemoveVolumes: true}); err != nil {
-		if !client.IsErrNotFound(err) {
-			return err
-		}
-	}
-
-	// The Create() function will check if the container exists in the first place, and if
-	// so just silently return without an error. Otherwise, it will try to create the necessary
-	// container and data storage directory.
-	//
-	// This won't actually run an installation process however, it is just here to ensure the
-	// environment gets created properly if it is missing and the server is started. We're making
-	// an assumption that all of the files will still exist at this point.
-	if err := d.Create(); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// Starts the server environment and begins piping output to the event listeners for the
-// console. If a container does not exist, or needs to be rebuilt that will happen in the
-// call to OnBeforeStart().
-func (d *DockerEnvironment) Start() error {
-	sawError := false
-	// If sawError is set to true there was an error somewhere in the pipeline that
-	// got passed up, but we also want to ensure we set the server to be offline at
-	// that point.
-	defer func() {
-		if sawError {
-			d.Server.SetState(ProcessOfflineState)
-		}
-	}()
-
-	// If the server is suspended the user shouldn't be able to boot it, in those cases
-	// return a suspension error and let the calling area handle the issue.
-	//
-	// Theoretically you'd have the Panel handle all of this logic, but we cannot do that
-	// because we allow the websocket to control the server power state as well, so we'll
-	// need to handle that action in here.
-	if d.Server.Suspended {
-		return &suspendedError{}
-	}
-
-	c, err := d.Client.ContainerInspect(context.Background(), d.Server.Uuid)
-	if err != nil && !client.IsErrNotFound(err) {
-		return errors.WithStack(err)
-	}
-
-	// No reason to try starting a container that is already running.
-	if c.State.Running {
-		d.Server.SetState(ProcessRunningState)
-
-		return d.Attach()
-	}
-
-	d.Server.SetState(ProcessStartingState)
-	// Set this to true for now, we will set it to false once we reach the
-	// end of this chain.
-	sawError = true
-
-	// Run the before start function and wait for it to finish. This will validate that the container
-	// exists on the system, and rebuild the container if that is required for server booting to
-	// occur.
-	if err := d.OnBeforeStart(); err != nil {
-		return errors.WithStack(err)
-	}
-
-	// Truncate the log file so we don't end up outputting a bunch of useless log information
-	// to the websocket and whatnot. Check first that the path and file exist before trying
-	// to truncate them.
-	if _, err := os.Stat(c.LogPath); err == nil {
-		if err := os.Truncate(c.LogPath, 0); err != nil {
-			return errors.WithStack(err)
-		}
-	}
-
-	// Update the configuration files defined for the server before beginning the boot process.
-	// This process executes a bunch of parallel updates, so we just block until that process
-	// is completed. Any errors as a result of this will just be bubbled out in the logger,
-	// we don't need to actively do anything about it at this point, worst comes to worst the
-	// server starts in a weird state and the user can manually adjust.
-	d.Server.UpdateConfigurationFiles()
-
-	// Reset the permissions on files for the server before actually trying
-	// to start it.
-	if err := d.Server.Filesystem.Chown("/"); err != nil {
-		return errors.WithStack(err)
-	}
-
-	opts := types.ContainerStartOptions{}
-	if err := d.Client.ContainerStart(context.Background(), d.Server.Uuid, opts); err != nil {
-		return errors.WithStack(err)
-	}
-
-	// No errors, good to continue through.
-	sawError = false
-
-	return d.Attach()
-}
-
-// Stops the container that the server is running in. This will allow up to 10
-// seconds to pass before a failure occurs.
-func (d *DockerEnvironment) Stop() error {
-	stop := d.Server.processConfiguration.Stop
-	if stop.Type == api.ProcessStopSignal {
-		return d.Terminate(os.Kill)
-	}
-
-	d.Server.SetState(ProcessStoppingState)
-	if stop.Type == api.ProcessStopCommand {
-		return d.SendCommand(stop.Value)
-	}
-
-	t := time.Second * 10
-
-	return d.Client.ContainerStop(context.Background(), d.Server.Uuid, &t)
-}
-
-// Attempts to gracefully stop a server using the defined stop command. If the server
-// does not stop after seconds have passed, an error will be returned, or the instance
-// will be terminated forcefully depending on the value of the second argument.
-func (d *DockerEnvironment) WaitForStop(seconds int, terminate bool) error {
-	if d.Server.GetState() == ProcessOfflineState {
-		return nil
-	}
-
-	if err := d.Stop(); err != nil {
-		return errors.WithStack(err)
-	}
-
-	ctx, cancel := context.WithTimeout(context.Background(), time.Duration(seconds)*time.Second)
-	defer cancel()
-
-	// Block the return of this function until the container as been marked as no
-	// longer running. If this wait does not end by the time seconds have passed,
-	// attempt to terminate the container, or return an error.
-	ok, errChan := d.Client.ContainerWait(ctx, d.Server.Uuid, container.WaitConditionNotRunning)
-	select {
-	case <-ctx.Done():
-		if ctxErr := ctx.Err(); ctxErr != nil {
-			if terminate {
-				return d.Terminate(os.Kill)
-			}
-
-			return errors.WithStack(ctxErr)
-		}
-	case err := <-errChan:
-		if err != nil {
-			return errors.WithStack(err)
-		}
-	case <-ok:
-	}
-
-	return nil
-}
-
-// Forcefully terminates the container using the signal passed through.
-func (d *DockerEnvironment) Terminate(signal os.Signal) error {
-	ctx := context.Background()
-
-	c, err := d.Client.ContainerInspect(ctx, d.Server.Uuid)
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
-	if !c.State.Running {
-		return nil
-	}
-
-	d.Server.SetState(ProcessStoppingState)
-
-	return d.Client.ContainerKill(
-		ctx, d.Server.Uuid, strings.TrimSuffix(strings.TrimPrefix(signal.String(), "signal "), "ed"),
-	)
-}
-
-// Remove the Docker container from the machine. If the container is currently running
-// it will be forcibly stopped by Docker.
-func (d *DockerEnvironment) Destroy() error {
-	ctx := context.Background()
-
-	// Avoid crash detection firing off.
-	d.Server.SetState(ProcessStoppingState)
-
-	return d.Client.ContainerRemove(ctx, d.Server.Uuid, types.ContainerRemoveOptions{
-		RemoveVolumes: true,
-		RemoveLinks:   false,
-		Force:         true,
-	})
-}
-
-// Determine the container exit state and return the exit code and wether or not
-// the container was killed by the OOM killer.
-func (d *DockerEnvironment) ExitState() (uint32, bool, error) {
-	c, err := d.Client.ContainerInspect(context.Background(), d.Server.Uuid)
-	if err != nil {
-		return 0, false, errors.WithStack(err)
-	}
-
-	return uint32(c.State.ExitCode), c.State.OOMKilled, nil
-}
-
-// Attaches to the docker container itself and ensures that we can pipe data in and out
-// of the process stream. This should not be used for reading console data as you *will*
-// miss important output at the beginning because of the time delay with attaching to the
-// output.
-func (d *DockerEnvironment) Attach() error {
-	if d.attached {
-		return nil
-	}
-
-	if err := d.FollowConsoleOutput(); err != nil {
-		return errors.WithStack(err)
-	}
-
-	ctx := context.Background()
-
-	var err error
-	d.stream, err = d.Client.ContainerAttach(ctx, d.Server.Uuid, types.ContainerAttachOptions{
-		Stdin:  true,
-		Stdout: true,
-		Stderr: true,
-		Stream: true,
-	})
-
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
-	console := Console{
-		Server: d.Server,
-	}
-
-	d.attached = true
-	go func() {
-		if err := d.EnableResourcePolling(); err != nil {
-			zap.S().Warnw("failed to enabled resource polling on server", zap.String("server", d.Server.Uuid), zap.Error(errors.WithStack(err)))
-		}
-	}()
-
-	go func() {
-		defer d.stream.Close()
-		defer func() {
-			d.Server.SetState(ProcessOfflineState)
-			d.attached = false
-		}()
-
-		io.Copy(console, d.stream.Reader)
-	}()
-
-	return nil
-}
-
-// Attaches to the log for the container. This avoids us missing cruicial output that
-// happens in the split seconds before the code moves from 'Starting' to 'Attaching'
-// on the process.
-func (d *DockerEnvironment) FollowConsoleOutput() error {
-	if exists, err := d.Exists(); !exists {
-		if err != nil {
-			return errors.WithStack(err)
-		}
-
-		return errors.New(fmt.Sprintf("no such container: %s", d.Server.Uuid))
-	}
-
-	ctx := context.Background()
-	opts := types.ContainerLogsOptions{
-		ShowStderr: true,
-		ShowStdout: true,
-		Follow:     true,
-		Since:      time.Now().Format(time.RFC3339),
-	}
-
-	reader, err := d.Client.ContainerLogs(ctx, d.Server.Uuid, opts)
-
-	go func(r io.ReadCloser) {
-		defer r.Close()
-
-		s := bufio.NewScanner(r)
-		for s.Scan() {
-			d.Server.Events().Publish(ConsoleOutputEvent, s.Text())
-		}
-
-		if err := s.Err(); err != nil {
-			zap.S().Warnw("error processing scanner line in console output", zap.String("server", d.Server.Uuid), zap.Error(err))
-		}
-	}(reader)
-
-	return errors.WithStack(err)
-}
-
-// Enables resource polling on the docker instance. Except we aren't actually polling Docker for this
-// information, instead just sit there with an async process that lets Docker stream all of this data
-// to us automatically.
-func (d *DockerEnvironment) EnableResourcePolling() error {
-	if d.Server.GetState() == ProcessOfflineState {
-		return errors.New("cannot enable resource polling on a server that is not running")
-	}
-
-	ctx := context.Background()
-
-	stats, err := d.Client.ContainerStats(ctx, d.Server.Uuid, true)
-	if err != nil {
-		return errors.WithStack(err)
-	}
-	d.stats = stats.Body
-
-	dec := json.NewDecoder(d.stats)
-	go func(s *Server) {
-		for {
-			var v *types.StatsJSON
-
-			if err := dec.Decode(&v); err != nil {
-				if err != io.EOF {
-					zap.S().Warnw("encountered error processing server stats; stopping collection", zap.Error(err))
-				}
-
-				d.DisableResourcePolling()
-				return
-			}
-
-			// Disable collection if the server is in an offline state and this process is
-			// still running.
-			if s.GetState() == ProcessOfflineState {
-				d.DisableResourcePolling()
-				return
-			}
-
-			s.Resources.CpuAbsolute = s.Resources.CalculateAbsoluteCpu(&v.PreCPUStats, &v.CPUStats)
-			s.Resources.Memory = v.MemoryStats.Usage
-			s.Resources.MemoryLimit = v.MemoryStats.Limit
-
-			// Why you ask? This already has the logic for caching disk space in use and then
-			// also handles pushing that value to the resources object automatically.
-			s.Filesystem.HasSpaceAvailable()
-
-			for _, nw := range v.Networks {
-				s.Resources.Network.RxBytes += nw.RxBytes
-				s.Resources.Network.TxBytes += nw.TxBytes
-			}
-
-			b, _ := json.Marshal(s.Resources)
-			s.Events().Publish(StatsEvent, string(b))
-		}
-	}(d.Server)
-
-	return nil
-}
-
-// Closes the stats stream for a server process.
-func (d *DockerEnvironment) DisableResourcePolling() error {
-	if d.stats == nil {
-		return nil
-	}
-
-	err := d.stats.Close()
-
-	d.Server.Resources.CpuAbsolute = 0
-	d.Server.Resources.Memory = 0
-	d.Server.Resources.Network.TxBytes = 0
-	d.Server.Resources.Network.RxBytes = 0
-
-	return errors.WithStack(err)
-}
-
-// Pulls the image from Docker.
-//
-// @todo handle authorization & local images
-func (d *DockerEnvironment) ensureImageExists(c *client.Client) error {
-	out, err := c.ImagePull(context.Background(), d.Server.Container.Image, types.ImagePullOptions{All: false})
-	if err != nil {
-		return err
-	}
-	defer out.Close()
-
-	zap.S().Debugw("pulling docker image... this could take a bit of time", zap.String("image", d.Server.Container.Image))
-
-	// I'm not sure what the best approach here is, but this will block execution until the image
-	// is done being pulled, which is what we need.
-	scanner := bufio.NewScanner(out)
-	for scanner.Scan() {
-		continue
-	}
-
-	if err := scanner.Err(); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// Creates a new container for the server using all of the data that is currently
-// available for it. If the container already exists it will be returned.
-//
-// @todo pull the image being requested if it doesn't exist currently.
-func (d *DockerEnvironment) Create() error {
-	ctx := context.Background()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
-	// Ensure the data directory exists before getting too far through this process.
-	if err := d.Server.Filesystem.EnsureDataDirectory(); err != nil {
-		return errors.WithStack(err)
-	}
-
-	// If the container already exists don't hit the user with an error, just return
-	// the current information about it which is what we would do when creating the
-	// container anyways.
-	if _, err := cli.ContainerInspect(ctx, d.Server.Uuid); err == nil {
-		return nil
-	} else if !client.IsErrNotFound(err) {
-		return errors.WithStack(err)
-	}
-
-	// Try to pull the requested image before creating the container.
-	if err := d.ensureImageExists(cli); err != nil {
-		return errors.WithStack(err)
-	}
-
-	conf := &container.Config{
-		Hostname:     "container",
-		User:         strconv.Itoa(config.Get().System.User.Uid),
-		AttachStdin:  true,
-		AttachStdout: true,
-		AttachStderr: true,
-		OpenStdin:    true,
-		Tty:          true,
-
-		ExposedPorts: d.exposedPorts(),
-
-		Image: d.Server.Container.Image,
-		Env:   d.environmentVariables(),
-
-		Labels: map[string]string{
-			"Service":       "Pterodactyl",
-			"ContainerType": "server_process",
-		},
-	}
-
-	hostConf := &container.HostConfig{
-		PortBindings: d.portBindings(),
-
-		// Configure the mounts for this container. First mount the server data directory
-		// into the container as a r/w bind.
-		Mounts: []mount.Mount{
-			{
-				Target:   "/home/container",
-				Source:   d.Server.Filesystem.Path(),
-				Type:     mount.TypeBind,
-				ReadOnly: false,
-			},
-		},
-
-		// Configure the /tmp folder mapping in containers. This is necessary for some
-		// games that need to make use of it for downloads and other installation processes.
-		Tmpfs: map[string]string{
-			"/tmp": "rw,exec,nosuid,size=50M",
-		},
-
-		// Define resource limits for the container based on the data passed through
-		// from the Panel.
-		Resources: d.getResourcesForServer(),
-
-		DNS: config.Get().Docker.Network.Dns,
-
-		// Configure logging for the container to make it easier on the Daemon to grab
-		// the server output. Ensure that we don't use too much space on the host machine
-		// since we only need it for the last few hundred lines of output and don't care
-		// about anything else in it.
-		LogConfig: container.LogConfig{
-			Type: jsonfilelog.Name,
-			Config: map[string]string{
-				"max-size": "5m",
-				"max-file": "1",
-			},
-		},
-
-		SecurityOpt:    []string{"no-new-privileges"},
-		ReadonlyRootfs: true,
-		CapDrop: []string{
-			"setpcap", "mknod", "audit_write", "net_raw", "dac_override",
-			"fowner", "fsetid", "net_bind_service", "sys_chroot", "setfcap",
-		},
-		NetworkMode: "pterodactyl_nw",
-	}
-
-	// Pretty sure TZ=X in the environment variables negates the need for this
-	// to happen. Leaving it until I can confirm that works for everything.
-	//
-	// if err := mountTimezoneData(hostConf); err != nil {
-	// 	if os.IsNotExist(err) {
-	// 		zap.S().Warnw("the timezone data path configured does not exist on the system", zap.Error(errors.WithStack(err)))
-	// 	} else {
-	// 		zap.S().Warnw("failed to mount timezone data into container", zap.Error(errors.WithStack(err)))
-	// 	}
-	// }
-
-	if _, err := cli.ContainerCreate(ctx, conf, hostConf, nil, d.Server.Uuid); err != nil {
-		return errors.WithStack(err)
-	}
-
-	return nil
-}
-
-// Sends the specified command to the stdin of the running container instance. There is no
-// confirmation that this data is sent successfully, only that it gets pushed into the stdin.
-func (d *DockerEnvironment) SendCommand(c string) error {
-	if !d.attached {
-		return errors.New("attempting to send command to non-attached instance")
-	}
-
-	_, err := d.stream.Conn.Write([]byte(c + "\n"))
-
-	return errors.WithStack(err)
-}
-
-// Reads the log file for the server. This does not care if the server is running or not, it will
-// simply try to read the last X bytes of the file and return them.
-func (d *DockerEnvironment) Readlog(len int64) ([]string, error) {
-	ctx := context.Background()
-
-	j, err := d.Client.ContainerInspect(ctx, d.Server.Uuid)
-	if err != nil {
-		return nil, err
-	}
-
-	if j.LogPath == "" {
-		return nil, errors.New("empty log path defined for server")
-	}
-
-	f, err := os.Open(j.LogPath)
-	if err != nil {
-		return nil, err
-	}
-	defer f.Close()
-
-	// Check if the length of the file is smaller than the amount of data that was requested
-	// for reading. If so, adjust the length to be the total length of the file. If this is not
-	// done an error is thrown since we're reading backwards, and not forwards.
-	if stat, err := os.Stat(j.LogPath); err != nil {
-		return nil, err
-	} else if stat.Size() < len {
-		len = stat.Size()
-	}
-
-	// Seed to the end of the file and then move backwards until the length is met to avoid
-	// reading the entirety of the file into memory.
-	if _, err := f.Seek(-len, io.SeekEnd); err != nil {
-		return nil, err
-	}
-
-	b := make([]byte, len)
-
-	if _, err := f.Read(b); err != nil && err != io.EOF {
-		return nil, err
-	}
-
-	return d.parseLogToStrings(b)
-}
-
-type dockerLogLine struct {
-	Log string `json:"log"`
-}
-
-// Docker stores the logs for server output in a JSON format. This function will iterate over the JSON
-// that was read from the log file and parse it into a more human readable format.
-func (d *DockerEnvironment) parseLogToStrings(b []byte) ([]string, error) {
-	var hasError = false
-	var out []string
-
-	scanner := bufio.NewScanner(bytes.NewReader(b))
-	for scanner.Scan() {
-		var l dockerLogLine
-		// Unmarshal the contents and allow up to a single error before bailing out of the process. We
-		// do this because if you're arbitrarily reading a length of the file you'll likely end up
-		// with the first line in the output being improperly formatted JSON. In those cases we want to
-		// just skip over it. However if we see another error we're going to bail out because that is an
-		// abnormal situation.
-		if err := json.Unmarshal([]byte(scanner.Text()), &l); err != nil {
-			if hasError {
-				return nil, err
-			}
-
-			hasError = true
-			continue
-		}
-
-		out = append(out, l.Log)
-	}
-
-	return out, nil
-}
-
-// Returns the environment variables for a server in KEY="VALUE" form.
-func (d *DockerEnvironment) environmentVariables() []string {
-	zone, _ := time.Now().In(time.Local).Zone()
-
-	var out = []string{
-		fmt.Sprintf("TZ=%s", zone),
-		fmt.Sprintf("STARTUP=%s", d.Server.Invocation),
-		fmt.Sprintf("SERVER_MEMORY=%d", d.Server.Build.MemoryLimit),
-		fmt.Sprintf("SERVER_IP=%s", d.Server.Allocations.DefaultMapping.Ip),
-		fmt.Sprintf("SERVER_PORT=%d", d.Server.Allocations.DefaultMapping.Port),
-	}
-
-eloop:
-	for k, v := range d.Server.EnvVars {
-		for _, e := range out {
-			if strings.HasPrefix(e, strings.ToUpper(k)) {
-				continue eloop
-			}
-		}
-
-		out = append(out, fmt.Sprintf("%s=\"%s\"", strings.ToUpper(k), v))
-	}
-
-	return out
-}
-
-func (d *DockerEnvironment) volumes() map[string]struct{} {
-	return nil
-}
-
-// Converts the server allocation mappings into a format that can be understood
-// by Docker.
-func (d *DockerEnvironment) portBindings() nat.PortMap {
-	var out = nat.PortMap{}
-
-	for ip, ports := range d.Server.Allocations.Mappings {
-		for _, port := range ports {
-			// Skip over invalid ports.
-			if port < 0 || port > 65535 {
-				continue
-			}
-
-			binding := []nat.PortBinding{
-				{
-					HostIP:   ip,
-					HostPort: strconv.Itoa(port),
-				},
-			}
-
-			out[nat.Port(fmt.Sprintf("%d/tcp", port))] = binding
-			out[nat.Port(fmt.Sprintf("%d/udp", port))] = binding
-		}
-	}
-
-	return out
-}
-
-// Converts the server allocation mappings into a PortSet that can be understood
-// by Docker. This formatting is slightly different than portBindings as it should
-// return an empty struct rather than a binding.
-//
-// To accomplish this, we'll just get the values from portBindings and then set them
-// to empty structs. Because why not.
-func (d *DockerEnvironment) exposedPorts() nat.PortSet {
-	var out = nat.PortSet{}
-
-	for port := range d.portBindings() {
-		out[port] = struct{}{}
-	}
-
-	return out
-}
-
-// Formats the resources available to a server instance in such as way that Docker will
-// generate a matching environment in the container.
-func (d *DockerEnvironment) getResourcesForServer() container.Resources {
-	overhead := 1.05
-	// Set the hard limit for memory usage to be 5% more than the amount of memory assigned to
-	// the server. If the memory limit for the server is < 4G, use 10%, if less than 2G use
-	// 15%. This avoids unexpected crashes from processes like Java which run over the limit.
-	if d.Server.Build.MemoryLimit <= 2048 {
-		overhead = 1.15
-	} else if d.Server.Build.MemoryLimit  <= 4096 {
-		overhead = 1.10;
-	}
-
-	return container.Resources{
-		Memory:            int64(math.Round(float64(d.Server.Build.MemoryLimit) * 1000000.0 * overhead)),
-		MemoryReservation: d.Server.Build.MemoryLimit * 1000000,
-		MemorySwap:        d.Server.Build.ConvertedSwap(),
-		CPUQuota:          d.Server.Build.ConvertedCpuLimit(),
-		CPUPeriod:         100000,
-		CPUShares:         1024,
-		BlkioWeight:       d.Server.Build.IoWeight,
-		OomKillDisable:    &d.Server.Container.OomDisabled,
-		CpusetCpus:        d.Server.Build.Threads,
-	}
-}
--- a/server/errors.go
+++ b/server/errors.go
@@ -37,4 +37,4 @@ func IsServerDoesNotExistError(err error) bool {
 	_, ok := err.(*serverDoesNotExist)

 	return ok
-}
+}
--- a/server/events.go
+++ b/server/events.go
@@ -1,120 +1,30 @@
 package server

 import (
-	"encoding/json"
-	"strings"
-	"sync"
+	"github.com/pterodactyl/wings/events"
 )

 // Defines all of the possible output events for a server.
 // noinspection GoNameStartsWithPackageName
 const (
-	DaemonMessageEvent   = "daemon message"
-	InstallOutputEvent   = "install output"
-	ConsoleOutputEvent   = "console output"
-	StatusEvent          = "status"
-	StatsEvent           = "stats"
-	BackupCompletedEvent = "backup completed"
+	DaemonMessageEvent    = "daemon message"
+	InstallOutputEvent    = "install output"
+	InstallStartedEvent   = "install started"
+	InstallCompletedEvent = "install completed"
+	ConsoleOutputEvent    = "console output"
+	StatusEvent           = "status"
+	StatsEvent            = "stats"
+	BackupCompletedEvent  = "backup completed"
 )

-type Event struct {
-	Data  string
-	Topic string
-}
-
-type EventBus struct {
-	sync.RWMutex
-
-	subscribers map[string][]chan Event
-}
-
 // Returns the server's emitter instance.
-func (s *Server) Events() *EventBus {
+func (s *Server) Events() *events.EventBus {
+	s.emitterLock.Lock()
+	defer s.emitterLock.Unlock()
+
 	if s.emitter == nil {
-		s.emitter = &EventBus{
-			subscribers: map[string][]chan Event{},
-		}
+		s.emitter = events.New()
 	}

 	return s.emitter
 }
-
-// Publish data to a given topic.
-func (e *EventBus) Publish(topic string, data string) {
-	e.RLock()
-	defer e.RUnlock()
-
-	t := topic
-	// Some of our topics for the socket support passing a more specific namespace,
-	// such as "backup completed:1234" to indicate which specific backup was completed.
-	//
-	// In these cases, we still need to the send the event using the standard listener
-	// name of "backup completed".
-	if strings.Contains(topic, ":") {
-		parts := strings.SplitN(topic, ":", 2)
-
-		if len(parts) == 2 {
-			t = parts[0]
-		}
-	}
-
-	if ch, ok := e.subscribers[t]; ok {
-		go func(data Event, cs []chan Event) {
-			for _, channel := range cs {
-				channel <- data
-			}
-		}(Event{Data: data, Topic: topic}, ch)
-	}
-}
-
-func (e *EventBus) PublishJson(topic string, data interface{}) error {
-	b, err := json.Marshal(data)
-	if err != nil {
-		return err
-	}
-
-	e.Publish(topic, string(b))
-
-	return nil
-}
-
-// Subscribe to an emitter topic using a channel.
-func (e *EventBus) Subscribe(topic string, ch chan Event) {
-	e.Lock()
-	defer e.Unlock()
-
-	if p, ok := e.subscribers[topic]; ok {
-		e.subscribers[topic] = append(p, ch)
-	} else {
-		e.subscribers[topic] = append([]chan Event{}, ch)
-	}
-}
-
-// Unsubscribe a channel from a topic.
-func (e *EventBus) Unsubscribe(topic string, ch chan Event) {
-	e.Lock()
-	defer e.Unlock()
-
-	if _, ok := e.subscribers[topic]; ok {
-		for i := range e.subscribers[topic] {
-			if ch == e.subscribers[topic][i] {
-				e.subscribers[topic] = append(e.subscribers[topic][:i], e.subscribers[topic][i+1:]...)
-			}
-		}
-	}
-}
-
-// Removes all of the event listeners for the server. This is used when a server
-// is being deleted to avoid a bunch of de-reference errors cropping up. Obviously
-// should also check elsewhere and handle a server reference going nil, but this
-// won't hurt.
-func (e *EventBus) UnsubscribeAll() {
-	e.Lock()
-	defer e.Unlock()
-
-	// Loop over all of the subscribers and just remove all of the events
-	// for them.
-	for t := range e.subscribers {
-		e.subscribers[t] = make([]chan Event, 0)
-	}
-}
--- a/server/filesystem.go
+++ b/server/filesystem.go
@@ -1,17 +1,17 @@
 package server

 import (
-	"bufio"
 	"bytes"
 	"context"
 	"encoding/json"
 	"fmt"
 	"github.com/gabriel-vasile/mimetype"
+	"github.com/karrick/godirwalk"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/config"
 	"github.com/pterodactyl/wings/server/backup"
 	ignore "github.com/sabhiram/go-gitignore"
-	"go.uber.org/zap"
+	"golang.org/x/sync/errgroup"
 	"io"
 	"io/ioutil"
 	"os"
@@ -22,22 +22,38 @@ import (
 	"strings"
 	"sync"
 	"sync/atomic"
+	"syscall"
 	"time"
 )

 // Error returned when there is a bad path provided to one of the FS calls.
-var InvalidPathResolution = errors.New("invalid path resolution")
+type PathResolutionError struct{}
+
+// Returns the error response in a string form that can be more easily consumed.
+func (pre PathResolutionError) Error() string {
+	return "invalid path resolution"
+}
+
+func IsPathResolutionError(err error) bool {
+	_, ok := err.(PathResolutionError)
+
+	return ok
+}

 type Filesystem struct {
-	// The server object associated with this Filesystem.
-	Server *Server
+	mu           sync.Mutex
+	lookupTimeMu sync.RWMutex

-	Configuration *config.SystemConfiguration
+	lastLookupTime   time.Time
+	lookupInProgress int32
+	disk             int64
+
+	Server *Server
 }

 // Returns the root path that contains all of a server's data.
 func (fs *Filesystem) Path() string {
-	return filepath.Join(fs.Configuration.Data, fs.Server.Uuid)
+	return filepath.Join(config.Get().System.Data, fs.Server.Id())
 }

 // Normalizes a directory being passed in to ensure the user is not able to escape
@@ -49,12 +65,8 @@ func (fs *Filesystem) Path() string {
 func (fs *Filesystem) SafePath(p string) (string, error) {
 	var nonExistentPathResolution string

-	// Calling filpath.Clean on the joined directory will resolve it to the absolute path,
-	// removing any ../ type of resolution arguments, and leaving us with a direct path link.
-	//
-	// This will also trim the existing root path off the beginning of the path passed to
-	// the function since that can get a bit messy.
-	r := filepath.Clean(filepath.Join(fs.Path(), strings.TrimPrefix(p, fs.Path())))
+	// Start with a cleaned up path before checking the more complex bits.
+	r := fs.unsafeFilePath(p)

 	// At the same time, evaluate the symlink status and determine where this file or folder
 	// is truly pointing to.
@@ -72,7 +84,7 @@ func (fs *Filesystem) SafePath(p string) (string, error) {
 		for k := range parts {
 			try = strings.Join(parts[:(len(parts)-k)], "/")

-			if !strings.HasPrefix(try, fs.Path()) {
+			if !fs.unsafeIsInDataDirectory(try) {
 				break
 			}

@@ -87,8 +99,8 @@ func (fs *Filesystem) SafePath(p string) (string, error) {
 	// If the new path doesn't start with their root directory there is clearly an escape
 	// attempt going on, and we should NOT resolve this path for them.
 	if nonExistentPathResolution != "" {
-		if !strings.HasPrefix(nonExistentPathResolution, fs.Path()) {
-			return "", InvalidPathResolution
+		if !fs.unsafeIsInDataDirectory(nonExistentPathResolution) {
+			return "", PathResolutionError{}
 		}

 		// If the nonExistentPathResolution variable is not empty then the initial path requested
@@ -101,11 +113,103 @@ func (fs *Filesystem) SafePath(p string) (string, error) {
 	// If the requested directory from EvalSymlinks begins with the server root directory go
 	// ahead and return it. If not we'll return an error which will block any further action
 	// on the file.
-	if strings.HasPrefix(p, fs.Path()) {
+	if fs.unsafeIsInDataDirectory(p) {
 		return p, nil
 	}

-	return "", InvalidPathResolution
+	return "", PathResolutionError{}
+}
+
+// Generate a path to the file by cleaning it up and appending the root server path to it. This
+// DOES NOT guarantee that the file resolves within the server data directory. You'll want to use
+// the fs.unsafeIsInDataDirectory(p) function to confirm.
+func (fs *Filesystem) unsafeFilePath(p string) string {
+	// Calling filepath.Clean on the joined directory will resolve it to the absolute path,
+	// removing any ../ type of resolution arguments, and leaving us with a direct path link.
+	//
+	// This will also trim the existing root path off the beginning of the path passed to
+	// the function since that can get a bit messy.
+	return filepath.Clean(filepath.Join(fs.Path(), strings.TrimPrefix(p, fs.Path())))
+}
+
+// Check that that path string starts with the server data directory path. This function DOES NOT
+// validate that the rest of the path does not end up resolving out of this directory, or that the
+// targeted file or folder is not a symlink doing the same thing.
+func (fs *Filesystem) unsafeIsInDataDirectory(p string) bool {
+	return strings.HasPrefix(strings.TrimSuffix(p, "/")+"/", strings.TrimSuffix(fs.Path(), "/")+"/")
+}
+
+// Helper function to keep some of the codebase a little cleaner. Returns a "safe" version of the path
+// joined with a file. This is important because you cannot just assume that appending a file to a cleaned
+// path will result in a cleaned path to that file. For example, imagine you have the following scenario:
+//
+// my_bad_file -> symlink:/etc/passwd
+//
+// cleaned := SafePath("../../etc") -> "/"
+// filepath.Join(cleaned, my_bad_file) -> "/my_bad_file"
+//
+// You might think that "/my_bad_file" is fine since it isn't pointing to the original "../../etc/my_bad_file".
+// However, this doesn't account for symlinks where the file might be pointing outside of the directory, so
+// calling a function such as Chown against it would chown the symlinked location, and not the file within the
+// Wings daemon.
+func (fs *Filesystem) SafeJoin(dir string, f os.FileInfo) (string, error) {
+	if f.Mode()&os.ModeSymlink != 0 {
+		return fs.SafePath(filepath.Join(dir, f.Name()))
+	}
+
+	return filepath.Join(dir, f.Name()), nil
+}
+
+// Executes the fs.SafePath function in parallel against an array of paths. If any of the calls
+// fails an error will be returned.
+func (fs *Filesystem) ParallelSafePath(paths []string) ([]string, error) {
+	var cleaned []string
+
+	// Simple locker function to avoid racy appends to the array of cleaned paths.
+	var m = new(sync.Mutex)
+	var push = func(c string) {
+		m.Lock()
+		cleaned = append(cleaned, c)
+		m.Unlock()
+	}
+
+	// Create an error group that we can use to run processes in parallel while retaining
+	// the ability to cancel the entire process immediately should any of it fail.
+	g, ctx := errgroup.WithContext(context.Background())
+
+	// Iterate over all of the paths and generate a cleaned path, if there is an error for any
+	// of the files, abort the process.
+	for _, p := range paths {
+		// Create copy so we can use it within the goroutine correctly.
+		pi := p
+
+		// Recursively call this function to continue digging through the directory tree within
+		// a separate goroutine. If the context is canceled abort this process.
+		g.Go(func() error {
+			select {
+			case <-ctx.Done():
+				return ctx.Err()
+			default:
+				// If the callback returns true, go ahead and keep walking deeper. This allows
+				// us to programmatically continue deeper into directories, or stop digging
+				// if that pathway knows it needs nothing else.
+				if c, err := fs.SafePath(pi); err != nil {
+					return err
+				} else {
+					push(c)
+				}
+
+				return nil
+			}
+		})
+	}
+
+	// Block until all of the routines finish and have returned a value.
+	return cleaned, g.Wait()
+}
+
+type SpaceCheckingOpts struct {
+	AllowStaleResponse bool
 }

 // Determines if the directory a file is trying to be added to has enough space available
@@ -113,60 +217,139 @@ func (fs *Filesystem) SafePath(p string) (string, error) {
 //
 // Because determining the amount of space being used by a server is a taxing operation we
 // will load it all up into a cache and pull from that as long as the key is not expired.
-func (fs *Filesystem) HasSpaceAvailable() bool {
-	var space = fs.Server.Build.DiskSpace
+//
+// This operation will potentially block unless allowStaleValue is set to true. See the
+// documentation on DiskUsage for how this affects the call.
+func (fs *Filesystem) HasSpaceAvailable(allowStaleValue bool) bool {
+	size, err := fs.DiskUsage(allowStaleValue)
+	if err != nil {
+		fs.Server.Log().WithField("error", err).Warn("failed to determine root server directory size")
+	}

+	// Determine if their folder size, in bytes, is smaller than the amount of space they've
+	// been allocated.
+	fs.Server.Proc().SetDisk(size)
+
+	space := fs.Server.DiskSpace()
 	// If space is -1 or 0 just return true, means they're allowed unlimited.
+	//
+	// Technically we could skip disk space calculation because we don't need to check if the server exceeds it's limit
+	// but because this method caches the disk usage it would be best to calculate the disk usage and always
+	// return true.
 	if space <= 0 {
 		return true
 	}

-	// If we have a match in the cache, use that value in the return. No need to perform an expensive
-	// disk operation, even if this is an empty value.
-	if x, exists := fs.Server.Cache.Get("disk_used"); exists {
-		fs.Server.Resources.Disk = x.(int64)
-		return (x.(int64) / 1000.0 / 1000.0) <= space
+	return (size / 1000.0 / 1000.0) <= space
+}
+
+// Internal helper function to allow other parts of the codebase to check the total used disk space
+// as needed without overly taxing the system. This will prioritize the value from the cache to avoid
+// excessive IO usage. We will only walk the filesystem and determine the size of the directory if there
+// is no longer a cached value.
+//
+// If "allowStaleValue" is set to true, a stale value MAY be returned to the caller if there is an
+// expired cache value AND there is currently another lookup in progress. If there is no cached value but
+// no other lookup is in progress, a fresh disk space response will be returned to the caller.
+//
+// This is primarily to avoid a bunch of I/O operations from piling up on the server, especially on servers
+// with a large amount of files.
+func (fs *Filesystem) DiskUsage(allowStaleValue bool) (int64, error) {
+	// Check if cache is expired.
+	fs.lookupTimeMu.RLock()
+	isValidInCache := fs.lastLookupTime.After(time.Now().Add(time.Second * -10))
+	fs.lookupTimeMu.RUnlock()
+
+	if !isValidInCache {
+		// If we are now allowing a stale response go ahead  and perform the lookup and return the fresh
+		// value. This is a blocking operation to the calling process.
+		if !allowStaleValue {
+			return fs.updateCachedDiskUsage()
+		} else if atomic.LoadInt32(&fs.lookupInProgress) == 0 {
+			// Otherwise, if we allow a stale value and there isn't a valid item in the cache and we aren't
+			// currently performing a lookup, just do the disk usage calculation in the background.
+			go func(fs *Filesystem) {
+				if _, err := fs.updateCachedDiskUsage(); err != nil {
+					fs.Server.Log().WithField("error", errors.WithStack(err)).Warn("failed to determine disk usage in go-routine")
+				}
+			}(fs)
+		}
 	}

+	// Return the currently cached value back to the calling function.
+	return atomic.LoadInt64(&fs.disk), nil
+}
+
+// Updates the currently used disk space for a server.
+func (fs *Filesystem) updateCachedDiskUsage() (int64, error) {
+	// Obtain an exclusive lock on this process so that we don't unintentionally run it at the same
+	// time as another running process. Once the lock is available it'll read from the cache for the
+	// second call rather than hitting the disk in parallel.
+	fs.mu.Lock()
+	defer fs.mu.Unlock()
+
+	// Signal that we're currently updating the disk size so that other calls to the disk checking
+	// functions can determine if they should queue up additional calls to this function. Ensure that
+	// we always set this back to 0 when this process is done executing.
+	atomic.StoreInt32(&fs.lookupInProgress, 1)
+	defer atomic.StoreInt32(&fs.lookupInProgress, 0)
+
 	// If there is no size its either because there is no data (in which case running this function
 	// will have effectively no impact), or there is nothing in the cache, in which case we need to
 	// grab the size of their data directory. This is a taxing operation, so we want to store it in
 	// the cache once we've gotten it.
 	size, err := fs.DirectorySize("/")
-	if err != nil {
-		zap.S().Warnw("failed to determine directory size", zap.String("server", fs.Server.Uuid), zap.Error(err))
-	}

 	// Always cache the size, even if there is an error. We want to always return that value
 	// so that we don't cause an endless loop of determining the disk size if there is a temporary
 	// error encountered.
-	fs.Server.Cache.Set("disk_used", size, time.Second*60)
+	fs.lookupTimeMu.Lock()
+	fs.lastLookupTime = time.Now()
+	fs.lookupTimeMu.Unlock()

-	// Determine if their folder size, in bytes, is smaller than the amount of space they've
-	// been allocated.
-	fs.Server.Resources.Disk = size
+	atomic.StoreInt64(&fs.disk, size)

-	return (size / 1000.0 / 1000.0) <= space
+	return size, err
 }

 // Determines the directory size of a given location by running parallel tasks to iterate
 // through all of the folders. Returns the size in bytes. This can be a fairly taxing operation
 // on locations with tons of files, so it is recommended that you cache the output.
 func (fs *Filesystem) DirectorySize(dir string) (int64, error) {
-	w := fs.NewWalker()
-	ctx := context.Background()
+	d, err := fs.SafePath(dir)
+	if err != nil {
+		return 0, errors.WithStack(err)
+	}

 	var size int64
-	err := w.Walk(dir, ctx, func(f os.FileInfo, _ string) bool {
-		// Only increment the size when we're dealing with a file specifically, otherwise
-		// just continue digging deeper until there are no more directories to iterate over.
-		if !f.IsDir() {
-			atomic.AddInt64(&size, f.Size())
-		}
-		return true
+	var st syscall.Stat_t
+
+	err = godirwalk.Walk(d, &godirwalk.Options{
+		Unsorted: true,
+		Callback: func(p string, e *godirwalk.Dirent) error {
+			// If this is a symlink then resolve the final destination of it before trying to continue walking
+			// over its contents. If it resolves outside the server data directory just skip everything else for
+			// it. Otherwise, allow it to continue.
+			if e.IsSymlink() {
+				if _, err := fs.SafePath(p); err != nil {
+					if IsPathResolutionError(err) {
+						return godirwalk.SkipThis
+					}
+
+					return err
+				}
+			}
+
+			if !e.IsDir() {
+				syscall.Lstat(p, &st)
+				atomic.AddInt64(&size, st.Size)
+			}
+
+			return nil
+		},
 	})

-	return size, err
+	return size, errors.WithStack(err)
 }

 // Reads a file on the system and returns it as a byte representation in a file
@@ -187,17 +370,21 @@ func (fs *Filesystem) Readfile(p string) (io.Reader, error) {
 }

 // Writes a file to the system. If the file does not already exist one will be created.
-//
-// @todo should probably have a write lock here so we don't write twice at once.
 func (fs *Filesystem) Writefile(p string, r io.Reader) error {
 	cleaned, err := fs.SafePath(p)
 	if err != nil {
 		return errors.WithStack(err)
 	}

+	var currentSize int64
+
 	// If the file does not exist on the system already go ahead and create the pathway
 	// to it and an empty file. We'll then write to it later on after this completes.
-	if stat, err := os.Stat(cleaned); err != nil && os.IsNotExist(err) {
+	if stat, err := os.Stat(cleaned); err != nil {
+		if !os.IsNotExist(err) {
+			return errors.WithStack(err)
+		}
+
 		if err := os.MkdirAll(filepath.Dir(cleaned), 0755); err != nil {
 			return errors.WithStack(err)
 		}
@@ -205,10 +392,12 @@ func (fs *Filesystem) Writefile(p string, r io.Reader) error {
 		if err := fs.Chown(filepath.Dir(cleaned)); err != nil {
 			return errors.WithStack(err)
 		}
-	} else if err != nil {
-		return errors.WithStack(err)
-	} else if stat.IsDir() {
-		return errors.New("cannot use a directory as a file for writing")
+	} else {
+		if stat.IsDir() {
+			return errors.New("cannot write file contents to a directory")
+		}
+
+		currentSize = stat.Size()
 	}

 	// This will either create the file if it does not already exist, or open and
@@ -219,33 +408,15 @@ func (fs *Filesystem) Writefile(p string, r io.Reader) error {
 	}
 	defer file.Close()

-	// Create a new buffered writer that will write to the file we just opened
-	// and stream in the contents from the reader.
-	w := bufio.NewWriter(file)
+	buf := make([]byte, 1024*4)
+	sz, err := io.CopyBuffer(file, r, buf)

-	buf := make([]byte, 1024)
-	for {
-		n, err := r.Read(buf)
-		if err != nil && err != io.EOF {
-			return errors.WithStack(err)
-		}
-
-		if n == 0 {
-			break
-		}
-
-		if _, err := w.Write(buf[:n]); err != nil {
-			return errors.WithStack(err)
-		}
-	}
-
-	if err := w.Flush(); err != nil {
-		return errors.WithStack(err)
-	}
+	// Adjust the disk usage to account for the old size and the new size of the file.
+	atomic.AddInt64(&fs.disk, sz-currentSize)

 	// Finally, chown the file to ensure the permissions don't end up out-of-whack
 	// if we had just created it.
-	return fs.Chown(p)
+	return fs.Chown(cleaned)
 }

 // Defines the stat struct object.
@@ -295,9 +466,9 @@ func (fs *Filesystem) unsafeStat(p string) (*Stat, error) {
 		return nil, err
 	}

-	var m = "inode/directory"
+	var m *mimetype.MIME
 	if !s.IsDir() {
-		m, _, err = mimetype.DetectFile(p)
+		m, err = mimetype.DetectFile(p)
 		if err != nil {
 			return nil, err
 		}
@@ -305,13 +476,17 @@ func (fs *Filesystem) unsafeStat(p string) (*Stat, error) {

 	st := &Stat{
 		Info:     s,
-		Mimetype: m,
+		Mimetype: "inode/directory",
+	}
+
+	if m != nil {
+		st.Mimetype = m.String()
 	}

 	return st, nil
 }

-// Creates a new directory (name) at a specificied path (p) for the server.
+// Creates a new directory (name) at a specified path (p) for the server.
 func (fs *Filesystem) CreateDirectory(name string, p string) error {
 	cleaned, err := fs.SafePath(path.Join(p, name))
 	if err != nil {
@@ -333,62 +508,71 @@ func (fs *Filesystem) Rename(from string, to string) error {
 		return errors.WithStack(err)
 	}

+	// If the target file or directory already exists the rename function will fail, so just
+	// bail out now.
+	if _, err := os.Stat(cleanedTo); err == nil {
+		return os.ErrExist
+	}
+
+	if cleanedTo == fs.Path() {
+		return errors.New("attempting to rename into an invalid directory space")
+	}
+
+	d := strings.TrimSuffix(cleanedTo, path.Base(cleanedTo))
+	// Ensure that the directory we're moving into exists correctly on the system. Only do this if
+	// we're not at the root directory level.
+	if d != fs.Path() {
+		if mkerr := os.MkdirAll(d, 0644); mkerr != nil {
+			return errors.Wrap(mkerr, "failed to create directory structure for file rename")
+		}
+	}
+
 	return os.Rename(cleanedFrom, cleanedTo)
 }

-// Recursively iterates over a directory and sets the permissions on all of the
-// underlying files.
+// Recursively iterates over a file or directory and sets the permissions on all of the
+// underlying files. Iterate over all of the files and directories. If it is a file just
+// go ahead and perform the chown operation. Otherwise dig deeper into the directory until
+// we've run out of directories to dig into.
 func (fs *Filesystem) Chown(path string) error {
 	cleaned, err := fs.SafePath(path)
 	if err != nil {
 		return errors.WithStack(err)
 	}

-	if s, err := os.Stat(cleaned); err != nil {
-		return errors.WithStack(err)
-	} else if !s.IsDir() {
-		return os.Chown(cleaned, fs.Configuration.User.Uid, fs.Configuration.User.Gid)
-	}
+	uid := config.Get().System.User.Uid
+	gid := config.Get().System.User.Gid

-	return fs.chownDirectory(cleaned)
-}
-
-// Iterate over all of the files and directories. If it is a file just go ahead and perform
-// the chown operation. Otherwise dig deeper into the directory until we've run out of
-// directories to dig into.
-func (fs *Filesystem) chownDirectory(path string) error {
-	var wg sync.WaitGroup
-
-	cleaned, err := fs.SafePath(path)
-	if err != nil {
+	// Start by just chowning the initial path that we received.
+	if err := os.Chown(cleaned, uid, gid); err != nil {
 		return errors.WithStack(err)
 	}

-	// Chown the directory itself.
-	os.Chown(cleaned, config.Get().System.User.Uid, config.Get().System.User.Gid)
-
-	files, err := ioutil.ReadDir(cleaned)
-	if err != nil {
-		return errors.WithStack(err)
+	// If this is not a directory we can now return from the function, there is nothing
+	// left that we need to do.
+	if st, _ := os.Stat(cleaned); !st.IsDir() {
+		return nil
 	}

-	for _, f := range files {
-		if f.IsDir() {
-			wg.Add(1)
+	// If this was a directory, begin walking over its contents recursively and ensure that all
+	// of the subfiles and directories get their permissions updated as well.
+	return godirwalk.Walk(cleaned, &godirwalk.Options{
+		Unsorted: true,
+		Callback: func(p string, e *godirwalk.Dirent) error {
+			// Do not attempt to chmod a symlink. Go's os.Chown function will affect the symlink
+			// so if it points to a location outside the data directory the user would be able to
+			// (un)intentionally modify that files permissions.
+			if e.IsSymlink() {
+				if e.IsDir() {
+					return godirwalk.SkipThis
+				}

-			go func(p string) {
-				defer wg.Done()
-				fs.chownDirectory(p)
-			}(filepath.Join(cleaned, f.Name()))
-		} else {
-			// Chown the file.
-			os.Chown(filepath.Join(cleaned, f.Name()), fs.Configuration.User.Uid, fs.Configuration.User.Gid)
-		}
-	}
+				return nil
+			}

-	wg.Wait()
-
-	return nil
+			return os.Chown(p, uid, gid)
+		},
+	})
 }

 // Copies a given file to the same location and appends a suffix to the file to indicate that
@@ -401,13 +585,12 @@ func (fs *Filesystem) Copy(p string) error {
 		return errors.WithStack(err)
 	}

-	if s, err := os.Stat(cleaned); (err != nil && os.IsNotExist(err)) || s.IsDir() || !s.Mode().IsRegular() {
-		// For now I think I am okay just returning a nil response if the thing
-		// we're trying to copy doesn't exist. Probably will want to come back and
-		// re-evaluate if this is a smart decision (I'm guessing not).
-		return nil
-	} else if err != nil {
+	if s, err := os.Stat(cleaned); err != nil {
 		return errors.WithStack(err)
+	} else if s.IsDir() || !s.Mode().IsRegular() {
+		// If this is a directory or not a regular file, just throw a not-exist error
+		// since anything calling this function should understand what that means.
+		return os.ErrNotExist
 	}

 	base := filepath.Base(cleaned)
@@ -465,7 +648,8 @@ func (fs *Filesystem) Copy(p string) error {
 	}
 	defer dest.Close()

-	if _, err := io.Copy(dest, source); err != nil {
+	buf := make([]byte, 1024*4)
+	if _, err := io.CopyBuffer(dest, source, buf); err != nil {
 		return errors.WithStack(err)
 	}

@@ -475,17 +659,42 @@ func (fs *Filesystem) Copy(p string) error {
 // Deletes a file or folder from the system. Prevents the user from accidentally
 // (or maliciously) removing their root server data directory.
 func (fs *Filesystem) Delete(p string) error {
-	cleaned, err := fs.SafePath(p)
-	if err != nil {
-		return errors.WithStack(err)
+	// This is one of the few (only?) places in the codebase where we're explicitly not using
+	// the SafePath functionality when working with user provided input. If we did, you would
+	// not be able to delete a file that is a symlink pointing to a location outside of the data
+	// directory.
+	//
+	// We also want to avoid resolving a symlink that points _within_ the data directory and thus
+	// deleting the actual source file for the symlink rather than the symlink itself. For these
+	// purposes just resolve the actual file path using filepath.Join() and confirm that the path
+	// exists within the data directory.
+	resolved := fs.unsafeFilePath(p)
+	if !fs.unsafeIsInDataDirectory(resolved) {
+		return PathResolutionError{}
 	}

 	// Block any whoopsies.
-	if cleaned == fs.Path() {
+	if resolved == fs.Path() {
 		return errors.New("cannot delete root server directory")
 	}

-	return os.RemoveAll(cleaned)
+	if st, err := os.Stat(resolved); err != nil {
+		if !os.IsNotExist(err) {
+			fs.Server.Log().WithField("error", err).WithField("path", resolved).Warn("error while attempting to stat file before deletion")
+		}
+	} else {
+		if !st.IsDir() {
+			atomic.SwapInt64(&fs.disk, -st.Size())
+		} else {
+			go func(st os.FileInfo, resolved string) {
+				if s, err := fs.DirectorySize(resolved); err == nil {
+					atomic.AddInt64(&fs.disk, -s)
+				}
+			}(st, resolved)
+		}
+	}
+
+	return os.RemoveAll(resolved)
 }

 // Lists the contents of a given directory and returns stat information about each
@@ -516,15 +725,29 @@ func (fs *Filesystem) ListDirectory(p string) ([]*Stat, error) {
 		go func(idx int, f os.FileInfo) {
 			defer wg.Done()

-			var m = "inode/directory"
+			var m *mimetype.MIME
+			var d = "inode/directory"
 			if !f.IsDir() {
-				m, _, _ = mimetype.DetectFile(filepath.Join(cleaned, f.Name()))
+				cleanedp, _ := fs.SafeJoin(cleaned, f)
+				if cleanedp != "" {
+					m, _ = mimetype.DetectFile(filepath.Join(cleaned, f.Name()))
+				} else {
+					// Just pass this for an unknown type because the file could not safely be resolved within
+					// the server data path.
+					d = "application/octet-stream"
+				}
 			}

-			out[idx] = &Stat{
+			st := &Stat{
 				Info:     f,
-				Mimetype: m,
+				Mimetype: d,
 			}
+
+			if m != nil {
+				st.Mimetype = m.String()
+			}
+
+			out[idx] = st
 		}(i, file)
 	}

@@ -575,9 +798,6 @@ func (fs *Filesystem) GetIncludedFiles(dir string, ignored []string) (*backup.In
 		return nil, err
 	}

-	w := fs.NewWalker()
-	ctx := context.Background()
-
 	i, err := ignore.CompileIgnoreLines(ignored...)
 	if err != nil {
 		return nil, err
@@ -586,20 +806,130 @@ func (fs *Filesystem) GetIncludedFiles(dir string, ignored []string) (*backup.In
 	// Walk through all of the files and directories on a server. This callback only returns
 	// files found, and will keep walking deeper and deeper into directories.
 	inc := new(backup.IncludedFiles)
-	if err := w.Walk(cleaned, ctx, func(f os.FileInfo, p string) bool {
-		// Avoid unnecessary parsing if there are no ignored files, nothing will match anyways
-		// so no reason to call the function.
-		if len(ignored) == 0 || !i.MatchesPath(strings.TrimPrefix(p, fs.Path() + "/")) {
-			inc.Push(&f, p)
-		}

-		// We can't just abort if the path is technically ignored. It is possible there is a nested
-		// file or folder that should not be excluded, so in this case we need to just keep going
-		// until we get to a final state.
-		return true
-	}); err != nil {
+	err = godirwalk.Walk(cleaned, &godirwalk.Options{
+		Unsorted: true,
+		Callback: func(p string, e *godirwalk.Dirent) error {
+			sp := p
+			if e.IsSymlink() {
+				sp, err = fs.SafePath(p)
+				if err != nil {
+					if IsPathResolutionError(err) {
+						return godirwalk.SkipThis
+					}
+
+					return err
+				}
+			}
+
+			// Only push files into the result array since archives can't create an empty directory within them.
+			if !e.IsDir() {
+				// Avoid unnecessary parsing if there are no ignored files, nothing will match anyways
+				// so no reason to call the function.
+				if len(ignored) == 0 || !i.MatchesPath(strings.TrimPrefix(sp, fs.Path()+"/")) {
+					inc.Push(sp)
+				}
+			}
+
+			// We can't just abort if the path is technically ignored. It is possible there is a nested
+			// file or folder that should not be excluded, so in this case we need to just keep going
+			// until we get to a final state.
+			return nil
+		},
+	})
+
+	return inc, errors.WithStack(err)
+}
+
+// Compresses all of the files matching the given paths in the specified directory. This function
+// also supports passing nested paths to only compress certain files and folders when working in
+// a larger directory. This effectively creates a local backup, but rather than ignoring specific
+// files and folders, it takes an allow-list of files and folders.
+//
+// All paths are relative to the dir that is passed in as the first argument, and the compressed
+// file will be placed at that location named `archive-{date}.tar.gz`.
+func (fs *Filesystem) CompressFiles(dir string, paths []string) (os.FileInfo, error) {
+	cleanedRootDir, err := fs.SafePath(dir)
+	if err != nil {
 		return nil, err
 	}

-	return inc, nil
+	// Take all of the paths passed in and merge them together with the root directory we've gotten.
+	for i, p := range paths {
+		paths[i] = filepath.Join(cleanedRootDir, p)
+	}
+
+	cleaned, err := fs.ParallelSafePath(paths)
+	if err != nil {
+		return nil, err
+	}
+
+	inc := new(backup.IncludedFiles)
+	// Iterate over all of the cleaned paths and merge them into a large object of final file
+	// paths to pass into the archiver. As directories are encountered this will drop into them
+	// and look for all of the files.
+	for _, p := range cleaned {
+		f, err := os.Stat(p)
+		if err != nil {
+			fs.Server.Log().WithField("error", err).WithField("path", p).Debug("failed to stat file or directory for compression")
+			continue
+		}
+
+		if !f.IsDir() {
+			inc.Push(p)
+		} else {
+			err := godirwalk.Walk(p, &godirwalk.Options{
+				Unsorted: true,
+				Callback: func(p string, e *godirwalk.Dirent) error {
+					sp := p
+					if e.IsSymlink() {
+						// Ensure that any symlinks are properly resolved to their final destination. If
+						// that destination is outside the server directory skip over this entire item, otherwise
+						// use the resolved location for the rest of this function.
+						sp, err = fs.SafePath(p)
+						if err != nil {
+							if IsPathResolutionError(err) {
+								return godirwalk.SkipThis
+							}
+
+							return err
+						}
+					}
+
+					if !e.IsDir() {
+						inc.Push(sp)
+					}
+
+					return nil
+				},
+			})
+
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	a := &backup.Archive{TrimPrefix: fs.Path(), Files: inc}
+
+	d := path.Join(cleanedRootDir, fmt.Sprintf("archive-%s.tar.gz", strings.ReplaceAll(time.Now().Format(time.RFC3339), ":", "")))
+
+	return a.Create(d, context.Background())
+}
+
+// Handle errors encountered when walking through directories.
+//
+// If there is a path resolution error just skip the item entirely. Only return this for a
+// directory, otherwise return nil. Returning this error for a file will stop the walking
+// for the remainder of the directory. This is assuming an os.FileInfo struct was even returned.
+func (fs *Filesystem) handleWalkerError(err error, f os.FileInfo) error {
+	if !IsPathResolutionError(err) {
+		return err
+	}
+
+	if f != nil && f.IsDir() {
+		return filepath.SkipDir
+	}
+
+	return nil
 }
--- a/server/filesystem_darwin.go
+++ b/server/filesystem_darwin.go
@@ -9,5 +9,5 @@ import (
 func (s *Stat) CTime() time.Time {
 	st := s.Info.Sys().(*syscall.Stat_t)

-	return time.Unix(int64(st.Ctimespec.Sec), int64(st.Ctimespec.Nsec))
-}
+	return time.Unix(st.Ctimespec.Sec, st.Ctimespec.Nsec)
+}
--- a/server/filesystem_linux.go
+++ b/server/filesystem_linux.go
@@ -9,5 +9,5 @@ import (
 func (s *Stat) CTime() time.Time {
 	st := s.Info.Sys().(*syscall.Stat_t)

-	return time.Unix(int64(st.Ctim.Sec), int64(st.Ctim.Nsec))
-}
+	return time.Unix(st.Ctim.Sec, st.Ctim.Nsec)
+}
--- a/server/filesystem_unarchive.go
+++ b/server/filesystem_unarchive.go
@@ -0,0 +1,85 @@
+package server
+
+import (
+	"archive/tar"
+	"archive/zip"
+	"compress/gzip"
+	"fmt"
+	"github.com/mholt/archiver/v3"
+	"github.com/pkg/errors"
+	"os"
+	"path/filepath"
+	"reflect"
+	"sync/atomic"
+)
+
+// Look through a given archive and determine if decompressing it would put the server over
+// its allocated disk space limit.
+func (fs *Filesystem) SpaceAvailableForDecompression(dir string, file string) (bool, error) {
+	// Don't waste time trying to determine this if we know the server will have the space for
+	// it since there is no limit.
+	if fs.Server.DiskSpace() <= 0 {
+		return true, nil
+	}
+
+	source, err := fs.SafePath(filepath.Join(dir, file))
+	if err != nil {
+		return false, err
+	}
+
+	// Get the cached size in a parallel process so that if it is not cached we are not
+	// waiting an unnecessary amount of time on this call.
+	dirSize, err := fs.DiskUsage(false)
+
+	var size int64
+	// Walk over the archive and figure out just how large the final output would be from unarchiving it.
+	archiver.Walk(source, func(f archiver.File) error {
+		atomic.AddInt64(&size, f.Size())
+
+		return nil
+	})
+
+	return ((dirSize + size) / 1000.0 / 1000.0) <= fs.Server.DiskSpace(), errors.WithStack(err)
+}
+
+// Decompress a file in a given directory by using the archiver tool to infer the file
+// type and go from there. This will walk over all of the files within the given archive
+// and ensure that there is not a zip-slip attack being attempted by validating that the
+// final path is within the server data directory.
+func (fs *Filesystem) DecompressFile(dir string, file string) error {
+	source, err := fs.SafePath(filepath.Join(dir, file))
+	if err != nil {
+		return errors.WithStack(err)
+	}
+
+	// Make sure the file exists basically.
+	if _, err := os.Stat(source); err != nil {
+		return errors.WithStack(err)
+	}
+
+	// Walk over all of the files spinning up an additional go-routine for each file we've encountered
+	// and then extract that file from the archive and write it to the disk. If any part of this process
+	// encounters an error the entire process will be stopped.
+	return archiver.Walk(source, func(f archiver.File) error {
+		// Don't waste time with directories, we don't need to create them if they have no contents, and
+		// we will ensure the directory exists when opening the file for writing anyways.
+		if f.IsDir() {
+			return nil
+		}
+
+		var name string
+
+		switch s := f.Sys().(type) {
+		case *tar.Header:
+			name = s.Name
+		case *gzip.Header:
+			name = s.Name
+		case *zip.FileHeader:
+			name = s.Name
+		default:
+			return errors.New(fmt.Sprintf("could not parse underlying data source with type %s", reflect.TypeOf(s).String()))
+		}
+
+		return errors.Wrap(fs.Writefile(name, f), "could not extract file from archive")
+	})
+}
--- a/server/filesystem_walker.go
+++ b/server/filesystem_walker.go
@@ -1,70 +0,0 @@
-package server
-
-import (
-	"context"
-	"golang.org/x/sync/errgroup"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-)
-
-type FileWalker struct {
-	*Filesystem
-}
-
-// Returns a new walker instance.
-func (fs *Filesystem) NewWalker() *FileWalker {
-	return &FileWalker{fs}
-}
-
-// Iterate over all of the files and directories within a given directory. When a file is
-// found the callback will be called with the file information. If a directory is encountered
-// it will be recursively passed back through to this function.
-func (fw *FileWalker) Walk(dir string, ctx context.Context, callback func (os.FileInfo, string) bool) error {
-	cleaned, err := fw.SafePath(dir)
-	if err != nil {
-		return err
-	}
-
-	// Get all of the files from this directory.
-	files, err := ioutil.ReadDir(cleaned)
-	if err != nil {
-		return err
-	}
-
-	// Create an error group that we can use to run processes in parallel while retaining
-	// the ability to cancel the entire process immediately should any of it fail.
-	g, ctx := errgroup.WithContext(ctx)
-
-	for _, f := range files {
-		if f.IsDir() {
-			fi := f
-			p := filepath.Join(cleaned, f.Name())
-			// Recursively call this function to continue digging through the directory tree within
-			// a seperate goroutine. If the context is canceled abort this process.
-			g.Go(func() error {
-				select {
-				case <-ctx.Done():
-					return ctx.Err()
-				default:
-					// If the callback returns true, go ahead and keep walking deeper. This allows
-					// us to programatically continue deeper into directories, or stop digging
-					// if that pathway knows it needs nothing else.
-					if callback(fi, p) {
-						return fw.Walk(p, ctx, callback)
-					}
-
-					return nil
-				}
-			})
-		} else {
-			// If this isn't a directory, go ahead and pass the file information into the
-			// callback. We don't care about the response since we won't be stepping into
-			// anything from here.
-			callback(f, filepath.Join(cleaned, f.Name()))
-		}
-	}
-
-	// Block until all of the routines finish and have returned a value.
-	return g.Wait()
-}
--- a/server/filesystem_windows.go
+++ b/server/filesystem_windows.go
@@ -9,4 +9,4 @@ import (
 // for right now.
 func (s *Stat) CTime() time.Time {
 	return s.Info.ModTime()
-}
+}
--- a/server/install.go
+++ b/server/install.go
@@ -4,6 +4,7 @@ import (
 	"bufio"
 	"bytes"
 	"context"
+	"github.com/apex/log"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/mount"
@@ -11,49 +12,82 @@ import (
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
+	"github.com/pterodactyl/wings/environment"
+	"golang.org/x/sync/semaphore"
+	"html/template"
 	"io"
-	"io/ioutil"
 	"os"
-	"path"
 	"path/filepath"
-	"sync"
+	"strconv"
+	"time"
 )

 // Executes the installation stack for a server process. Bubbles any errors up to the calling
 // function which should handle contacting the panel to notify it of the server state.
-func (s *Server) Install() error {
-	err := s.internalInstall()
-
-	zap.S().Debugw("notifying panel of server install state", zap.String("server", s.Uuid))
-	if serr := s.SyncInstallState(err == nil); serr != nil {
-		zap.S().Warnw(
-			"failed to notify panel of server install state",
-			zap.String("server", s.Uuid),
-			zap.Bool("was_successful", err == nil),
-			zap.Error(serr),
-		)
+//
+// Pass true as the first argument in order to execute a server sync before the process to
+// ensure the latest information is used.
+func (s *Server) Install(sync bool) error {
+	if sync {
+		s.Log().Info("syncing server state with remote source before executing installation process")
+		if err := s.Sync(); err != nil {
+			return err
+		}
 	}

+	var err error
+	if !s.Config().SkipEggScripts {
+		// Send the start event so the Panel can automatically update. We don't send this unless the process
+		// is actually going to run, otherwise all sorts of weird rapid UI behavior happens since there isn't
+		// an actual install process being executed.
+		s.Events().Publish(InstallStartedEvent, "")
+
+		err = s.internalInstall()
+	} else {
+		s.Log().Info("server configured to skip running installation scripts for this egg, not executing process")
+	}
+
+	s.Log().Debug("notifying panel of server install state")
+	if serr := s.SyncInstallState(err == nil); serr != nil {
+		l := s.Log().WithField("was_successful", err == nil)
+
+		// If the request was successful but there was an error with this request, attach the
+		// error to this log entry. Otherwise ignore it in this log since whatever is calling
+		// this function should handle the error and will end up logging the same one.
+		if err == nil {
+			l.WithField("error", serr)
+		}
+
+		l.Warn("failed to notify panel of server install state")
+	}
+
+	// Ensure that the server is marked as offline at this point, otherwise you end up
+	// with a blank value which is a bit confusing.
+	s.SetState(environment.ProcessOfflineState)
+
+	// Push an event to the websocket so we can auto-refresh the information in the panel once
+	// the install is completed.
+	s.Events().Publish(InstallCompletedEvent, "")
+
 	return err
 }

 // Reinstalls a server's software by utilizing the install script for the server egg. This
 // does not touch any existing files for the server, other than what the script modifies.
 func (s *Server) Reinstall() error {
-	if s.GetState() != ProcessOfflineState {
-		zap.S().Debugw("waiting for server instance to enter a stopped state", zap.String("server", s.Uuid))
+	if s.GetState() != environment.ProcessOfflineState {
+		s.Log().Debug("waiting for server instance to enter a stopped state")
 		if err := s.Environment.WaitForStop(10, true); err != nil {
 			return err
 		}
 	}

-	return s.Install()
+	return s.Install(true)
 }

 // Internal installation function used to simplify reporting back to the Panel.
 func (s *Server) internalInstall() error {
-	script, rerr, err := api.NewRequester().GetInstallationScript(s.Uuid)
+	script, rerr, err := api.NewRequester().GetInstallationScript(s.Id())
 	if err != nil || rerr != nil {
 		if err != nil {
 			return err
@@ -67,14 +101,12 @@ func (s *Server) internalInstall() error {
 		return errors.WithStack(err)
 	}

-	zap.S().Infow("beginning installation process for server", zap.String("server", s.Uuid))
-
+	s.Log().Info("beginning installation process for server")
 	if err := p.Run(); err != nil {
 		return err
 	}

-	zap.S().Infow("completed installation process for server", zap.String("server", s.Uuid))
-
+	s.Log().Info("completed installation process for server")
 	return nil
 }

@@ -82,8 +114,8 @@ type InstallationProcess struct {
 	Server *Server
 	Script *api.InstallationScript

-	client *client.Client
-	mutex  *sync.Mutex
+	client  *client.Client
+	context context.Context
 }

 // Generates a new installation process struct that will be used to create containers,
@@ -92,60 +124,136 @@ func NewInstallationProcess(s *Server, script *api.InstallationScript) (*Install
 	proc := &InstallationProcess{
 		Script: script,
 		Server: s,
-		mutex:  &sync.Mutex{},
 	}

+	ctx, cancel := context.WithCancel(context.Background())
+	s.installer.cancel = &cancel
+
 	if c, err := client.NewClientWithOpts(client.FromEnv); err != nil {
 		return nil, errors.WithStack(err)
 	} else {
 		proc.client = c
+		proc.context = ctx
 	}

 	return proc, nil
 }

-// Runs the installation process, this is done as a backgrounded thread. This will configure
+// Try to obtain an exclusive lock on the installation process for the server. Waits up to 10
+// seconds before aborting with a context timeout.
+func (s *Server) acquireInstallationLock() error {
+	if s.installer.sem == nil {
+		s.installer.sem = semaphore.NewWeighted(1)
+	}
+
+	ctx, _ := context.WithTimeout(context.Background(), time.Second*10)
+
+	return s.installer.sem.Acquire(ctx, 1)
+}
+
+// Determines if the server is actively running the installation process by checking the status
+// of the semaphore lock.
+func (s *Server) IsInstalling() bool {
+	if s.installer.sem == nil {
+		return false
+	}
+
+	if s.installer.sem.TryAcquire(1) {
+		// If we made it into this block it means we were able to obtain an exclusive lock
+		// on the semaphore. In that case, go ahead and release that lock immediately, and
+		// return false.
+		s.installer.sem.Release(1)
+
+		return false
+	}
+
+	return true
+}
+
+// Aborts the server installation process by calling the cancel function on the installer
+// context.
+func (s *Server) AbortInstallation() {
+	if !s.IsInstalling() {
+		return
+	}
+
+	if s.installer.cancel != nil {
+		cancel := *s.installer.cancel
+
+		s.Log().Warn("aborting running installation process")
+		cancel()
+	}
+}
+
+// Removes the installer container for the server.
+func (ip *InstallationProcess) RemoveContainer() {
+	err := ip.client.ContainerRemove(ip.context, ip.Server.Id()+"_installer", types.ContainerRemoveOptions{
+		RemoveVolumes: true,
+		Force:         true,
+	})
+
+	if err != nil && !client.IsErrNotFound(err) {
+		ip.Server.Log().WithField("error", errors.WithStack(err)).Warn("failed to delete server install container")
+	}
+}
+
+// Runs the installation process, this is done as in a background thread. This will configure
 // the required environment, and then spin up the installation container.
 //
 // Once the container finishes installing the results will be stored in an installation
 // log in the server's configuration directory.
 func (ip *InstallationProcess) Run() error {
-	installPath, err := ip.BeforeExecute()
-	if err != nil {
+	ip.Server.Log().Debug("acquiring installation process lock")
+	if err := ip.Server.acquireInstallationLock(); err != nil {
 		return err
 	}

-	cid, err := ip.Execute(installPath)
+	// We now have an exclusive lock on this installation process. Ensure that whenever this
+	// process is finished that the semaphore is released so that other processes and be executed
+	// without encountering a wait timeout.
+	defer func() {
+		ip.Server.Log().Debug("releasing installation process lock")
+		ip.Server.installer.sem.Release(1)
+		ip.Server.installer.cancel = nil
+	}()
+
+	if err := ip.BeforeExecute(); err != nil {
+		return errors.WithStack(err)
+	}
+
+	cid, err := ip.Execute()
 	if err != nil {
-		return err
+		ip.RemoveContainer()
+
+		return errors.WithStack(err)
 	}

 	// If this step fails, log a warning but don't exit out of the process. This is completely
 	// internal to the daemon's functionality, and does not affect the status of the server itself.
 	if err := ip.AfterExecute(cid); err != nil {
-		zap.S().Warnw("failed to complete after-execute step of installation process", zap.String("server", ip.Server.Uuid), zap.Error(err))
+		ip.Server.Log().WithField("error", err).Warn("failed to complete after-execute step of installation process")
 	}

 	return nil
 }

+// Returns the location of the temporary data for the installation process.
+func (ip *InstallationProcess) tempDir() string {
+	return filepath.Join(os.TempDir(), "pterodactyl/", ip.Server.Id())
+}
+
 // Writes the installation script to a temporary file on the host machine so that it
 // can be properly mounted into the installation container and then executed.
-func (ip *InstallationProcess) writeScriptToDisk() (string, error) {
+func (ip *InstallationProcess) writeScriptToDisk() error {
 	// Make sure the temp directory root exists before trying to make a directory within it. The
 	// ioutil.TempDir call expects this base to exist, it won't create it for you.
-	if err := os.MkdirAll(path.Join(os.TempDir(), "pterodactyl/"), 0700); err != nil {
-		return "", errors.WithStack(err)
+	if err := os.MkdirAll(ip.tempDir(), 0700); err != nil {
+		return errors.Wrap(err, "could not create temporary directory for install process")
 	}

-	d, err := ioutil.TempDir("", "pterodactyl/")
+	f, err := os.OpenFile(filepath.Join(ip.tempDir(), "install.sh"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644)
 	if err != nil {
-		return "", errors.WithStack(err)
-	}
-
-	f, err := os.OpenFile(filepath.Join(d, "install.sh"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644)
-	if err != nil {
-		return "", errors.WithStack(err)
+		return errors.Wrap(err, "failed to write server installation script to disk before mount")
 	}
 	defer f.Close()

@@ -157,17 +265,17 @@ func (ip *InstallationProcess) writeScriptToDisk() (string, error) {
 	}

 	if err := scanner.Err(); err != nil {
-		return "", errors.WithStack(err)
+		return errors.WithStack(err)
 	}

 	w.Flush()

-	return d, nil
+	return nil
 }

 // Pulls the docker image to be used for the installation container.
 func (ip *InstallationProcess) pullInstallationImage() error {
-	r, err := ip.client.ImagePull(context.Background(), ip.Script.ContainerImage, types.ImagePullOptions{})
+	r, err := ip.client.ImagePull(ip.context, ip.Script.ContainerImage, types.ImagePullOptions{})
 	if err != nil {
 		return errors.WithStack(err)
 	}
@@ -175,7 +283,7 @@ func (ip *InstallationProcess) pullInstallationImage() error {
 	// Block continuation until the image has been pulled successfully.
 	scanner := bufio.NewScanner(r)
 	for scanner.Scan() {
-		zap.S().Debugw(scanner.Text())
+		log.Debug(scanner.Text())
 	}

 	if err := scanner.Err(); err != nil {
@@ -188,70 +296,42 @@ func (ip *InstallationProcess) pullInstallationImage() error {
 // Runs before the container is executed. This pulls down the required docker container image
 // as well as writes the installation script to the disk. This process is executed in an async
 // manner, if either one fails the error is returned.
-func (ip *InstallationProcess) BeforeExecute() (string, error) {
-	wg := sync.WaitGroup{}
-	wg.Add(3)
-
-	var e []error
-	var fileName string
-
-	go func() {
-		defer wg.Done()
-		name, err := ip.writeScriptToDisk()
-		if err != nil {
-			e = append(e, err)
-			return
-		}
-
-		fileName = name
-	}()
-
-	go func() {
-		defer wg.Done()
-		if err := ip.pullInstallationImage(); err != nil {
-			e = append(e, err)
-		}
-	}()
-
-	go func() {
-		defer wg.Done()
-
-		opts := types.ContainerRemoveOptions{
-			RemoveVolumes: true,
-			Force:         true,
-		}
-
-		if err := ip.client.ContainerRemove(context.Background(), ip.Server.Uuid+"_installer", opts); err != nil {
-			if !client.IsErrNotFound(err) {
-				e = append(e, err)
-			}
-		}
-	}()
-
-	wg.Wait()
-
-	// Maybe a better way to handle this, but if there is at least one error
-	// just bail out of the process now.
-	if len(e) > 0 {
-		return "", errors.WithStack(e[0])
+func (ip *InstallationProcess) BeforeExecute() error {
+	if err := ip.writeScriptToDisk(); err != nil {
+		return errors.Wrap(err, "failed to write installation script to disk")
 	}

-	return fileName, nil
+	if err := ip.pullInstallationImage(); err != nil {
+		return errors.Wrap(err, "failed to pull updated installation container image for server")
+	}
+
+	opts := types.ContainerRemoveOptions{
+		RemoveVolumes: true,
+		Force:         true,
+	}
+
+	if err := ip.client.ContainerRemove(ip.context, ip.Server.Id()+"_installer", opts); err != nil {
+		if !client.IsErrNotFound(err) {
+			return errors.Wrap(err, "failed to remove existing install container for server")
+		}
+	}
+
+	return nil
 }

 // Returns the log path for the installation process.
 func (ip *InstallationProcess) GetLogPath() string {
-	return filepath.Join(config.Get().System.GetInstallLogPath(), ip.Server.Uuid+".log")
+	return filepath.Join(config.Get().System.GetInstallLogPath(), ip.Server.Id()+".log")
 }

 // Cleans up after the execution of the installation process. This grabs the logs from the
 // process to store in the server configuration directory, and then destroys the associated
 // installation container.
 func (ip *InstallationProcess) AfterExecute(containerId string) error {
-	ctx := context.Background()
+	defer ip.RemoveContainer()

-	zap.S().Debugw("pulling installation logs for server", zap.String("server", ip.Server.Uuid), zap.String("container_id", containerId))
-	reader, err := ip.client.ContainerLogs(ctx, containerId, types.ContainerLogsOptions{
+	ip.Server.Log().WithField("container_id", containerId).Debug("pulling installation logs for server")
+	reader, err := ip.client.ContainerLogs(ip.context, containerId, types.ContainerLogsOptions{
 		ShowStdout: true,
 		ShowStderr: true,
 		Follow:     false,
@@ -268,35 +348,46 @@ func (ip *InstallationProcess) AfterExecute(containerId string) error {
 	defer f.Close()

 	// We write the contents of the container output to a more "permanent" file so that they
-	// can be referenced after this container is deleted.
-	if _, err := io.Copy(f, reader); err != nil {
+	// can be referenced after this container is deleted. We'll also include the environment
+	// variables passed into the container to make debugging things a little easier.
+	ip.Server.Log().WithField("path", ip.GetLogPath()).Debug("writing most recent installation logs to disk")
+
+	tmpl, err := template.New("header").Parse(`Pterodactyl Server Installation Log
+
+|
+| Details
+| ------------------------------
+  Server UUID:          {{.Server.Id}}
+  Container Image:      {{.Script.ContainerImage}}
+  Container Entrypoint: {{.Script.Entrypoint}}
+
+|
+| Environment Variables
+| ------------------------------
+{{ range $key, $value := .Server.GetEnvironmentVariables }}  {{ $value }}
+{{ end }}
+
+|
+| Script Output
+| ------------------------------
+`)
+	if err != nil {
 		return errors.WithStack(err)
 	}

-	zap.S().Debugw("removing server installation container", zap.String("server", ip.Server.Uuid), zap.String("container_id", containerId))
-	rErr := ip.client.ContainerRemove(ctx, containerId, types.ContainerRemoveOptions{
-		RemoveVolumes: true,
-		RemoveLinks:   false,
-		Force:         true,
-	})
+	if err := tmpl.Execute(f, ip); err != nil {
+		return errors.WithStack(err)
+	}

-	if rErr != nil && !client.IsErrNotFound(rErr) {
-		return errors.WithStack(rErr)
+	if _, err := io.Copy(f, reader); err != nil {
+		return errors.WithStack(err)
 	}

 	return nil
 }

 // Executes the installation process inside a specially created docker container.
-func (ip *InstallationProcess) Execute(installPath string) (string, error) {
-	ctx := context.Background()
-
-	zap.S().Debugw(
-		"creating server installer container",
-		zap.String("server", ip.Server.Uuid),
-		zap.String("script_path", installPath+"/install.sh"),
-	)
-
+func (ip *InstallationProcess) Execute() (string, error) {
 	conf := &container.Config{
 		Hostname:     "installer",
 		AttachStdout: true,
@@ -313,6 +404,7 @@ func (ip *InstallationProcess) Execute(installPath string) (string, error) {
 		},
 	}

+	tmpfsSize := strconv.Itoa(int(config.Get().Docker.TmpfsSize))
 	hostConf := &container.HostConfig{
 		Mounts: []mount.Mount{
 			{
@@ -323,15 +415,15 @@ func (ip *InstallationProcess) Execute(installPath string) (string, error) {
 			},
 			{
 				Target:   "/mnt/install",
-				Source:   installPath,
+				Source:   ip.tempDir(),
 				Type:     mount.TypeBind,
 				ReadOnly: false,
 			},
 		},
 		Tmpfs: map[string]string{
-			"/tmp": "rw,exec,nosuid,size=50M",
+			"/tmp": "rw,exec,nosuid,size=" + tmpfsSize + "M",
 		},
-		DNS: []string{"1.1.1.1", "8.8.8.8"},
+		DNS: config.Get().Docker.Network.Dns,
 		LogConfig: container.LogConfig{
 			Type: "local",
 			Config: map[string]string{
@@ -341,43 +433,44 @@ func (ip *InstallationProcess) Execute(installPath string) (string, error) {
 			},
 		},
 		Privileged:  true,
-		NetworkMode: "pterodactyl_nw",
+		NetworkMode: container.NetworkMode(config.Get().Docker.Network.Mode),
 	}

-	zap.S().Infow("creating installer container for server process", zap.String("server", ip.Server.Uuid))
-	r, err := ip.client.ContainerCreate(ctx, conf, hostConf, nil, ip.Server.Uuid+"_installer")
+	ip.Server.Log().WithField("install_script", ip.tempDir()+"/install.sh").Info("creating install container for server process")
+	// Remove the temporary directory when the installation process finishes for this server container.
+	defer func() {
+		if err := os.RemoveAll(ip.tempDir()); err != nil {
+			if !os.IsNotExist(err) {
+				ip.Server.Log().WithField("error", err).Warn("failed to remove temporary data directory after install process")
+			}
+		}
+	}()
+
+	r, err := ip.client.ContainerCreate(ip.context, conf, hostConf, nil, ip.Server.Id()+"_installer")
 	if err != nil {
 		return "", errors.WithStack(err)
 	}

-	zap.S().Infow(
-		"running installation script for server in container",
-		zap.String("server", ip.Server.Uuid),
-		zap.String("container_id", r.ID),
-	)
-	if err := ip.client.ContainerStart(ctx, r.ID, types.ContainerStartOptions{}); err != nil {
+	ip.Server.Log().WithField("container_id", r.ID).Info("running installation script for server in container")
+	if err := ip.client.ContainerStart(ip.context, r.ID, types.ContainerStartOptions{}); err != nil {
 		return "", err
 	}

 	go func(id string) {
 		ip.Server.Events().Publish(DaemonMessageEvent, "Starting installation process, this could take a few minutes...")
 		if err := ip.StreamOutput(id); err != nil {
-			zap.S().Errorw(
-				"error handling streaming output for server install process",
-				zap.String("container_id", id),
-				zap.Error(err),
-			)
+			ip.Server.Log().WithField("error", err).Error("error while handling output stream for server install process")
 		}
 		ip.Server.Events().Publish(DaemonMessageEvent, "Installation process completed.")
 	}(r.ID)

-	sChann, eChann := ip.client.ContainerWait(ctx, r.ID, container.WaitConditionNotRunning)
+	sChan, eChan := ip.client.ContainerWait(ip.context, r.ID, container.WaitConditionNotRunning)
 	select {
-	case err := <-eChann:
+	case err := <-eChan:
 		if err != nil {
 			return "", errors.WithStack(err)
 		}
-	case <-sChann:
+	case <-sChan:
 	}

 	return r.ID, nil
@@ -387,7 +480,7 @@ func (ip *InstallationProcess) Execute(installPath string) (string, error) {
 // directory, as well as to a websocket listener so that the process can be viewed in
 // the panel by administrators.
 func (ip *InstallationProcess) StreamOutput(id string) error {
-	reader, err := ip.client.ContainerLogs(context.Background(), id, types.ContainerLogsOptions{
+	reader, err := ip.client.ContainerLogs(ip.context, id, types.ContainerLogsOptions{
 		ShowStdout: true,
 		ShowStderr: true,
 		Follow:     true,
@@ -405,12 +498,10 @@ func (ip *InstallationProcess) StreamOutput(id string) error {
 	}

 	if err := s.Err(); err != nil {
-		zap.S().Warnw(
-			"error processing scanner line in installation output for server",
-			zap.String("server", ip.Server.Uuid),
-			zap.String("container_id", id),
-			zap.Error(errors.WithStack(err)),
-		)
+		ip.Server.Log().WithFields(log.Fields{
+			"container_id": id,
+			"error":        errors.WithStack(err),
+		}).Warn("error processing scanner line in installation output for server")
 	}

 	return nil
@@ -423,7 +514,7 @@ func (ip *InstallationProcess) StreamOutput(id string) error {
 func (s *Server) SyncInstallState(successful bool) error {
 	r := api.NewRequester()

-	rerr, err := r.SendInstallationStatus(s.Uuid, successful)
+	rerr, err := r.SendInstallationStatus(s.Id(), successful)
 	if rerr != nil || err != nil {
 		if err != nil {
 			return errors.WithStack(err)
--- a/server/listeners.go
+++ b/server/listeners.go
@@ -1,46 +1,107 @@
 package server

 import (
+	"encoding/json"
+	"github.com/apex/log"
+	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
-	"go.uber.org/zap"
-	"strings"
+	"github.com/pterodactyl/wings/environment"
+	"github.com/pterodactyl/wings/events"
+	"regexp"
+	"strconv"
 )

 // Adds all of the internal event listeners we want to use for a server.
-func (s *Server) AddEventListeners() {
-	consoleChannel := make(chan Event)
-	s.Events().Subscribe(ConsoleOutputEvent, consoleChannel)
+func (s *Server) StartEventListeners() {
+	console := make(chan events.Event)
+	state := make(chan events.Event)
+	stats := make(chan events.Event)

-	go func() {
-		for {
-			select {
-			case data := <-consoleChannel:
-				s.onConsoleOutput(data.Data)
-			}
+	s.Environment.Events().Subscribe(environment.ConsoleOutputEvent, console)
+	s.Environment.Events().Subscribe(environment.StateChangeEvent, state)
+	s.Environment.Events().Subscribe(environment.ResourceEvent, stats)
+
+	go func(console chan events.Event) {
+		for data := range console {
+			// Immediately emit this event back over the server event stream since it is
+			// being called from the environment event stream and things probably aren't
+			// listening to that event.
+			s.Events().Publish(ConsoleOutputEvent, data.Data)
+
+			// Also pass the data along to the console output channel.
+			s.onConsoleOutput(data.Data)
 		}
-	}()
+	}(console)
+
+	go func(state chan events.Event) {
+		for data := range state {
+			s.SetState(data.Data)
+		}
+	}(state)
+
+	go func(stats chan events.Event) {
+		for data := range stats {
+			st := new(environment.Stats)
+			if err := json.Unmarshal([]byte(data.Data), st); err != nil {
+				s.Log().WithField("error", errors.WithStack(err)).Warn("failed to unmarshal server environment stats")
+				continue
+			}
+
+			// Update the server resource tracking object with the resources we got here.
+			s.resources.mu.Lock()
+			s.resources.Stats = *st
+			s.resources.mu.Unlock()
+
+			s.Filesystem.HasSpaceAvailable(true)
+
+			s.emitProcUsage()
+		}
+	}(stats)
 }

+var stripAnsiRegex = regexp.MustCompile("[\u001B\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[a-zA-Z\\d]*)*)?\u0007)|(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PRZcf-ntqry=><~]))")
+
 // Custom listener for console output events that will check if the given line
 // of output matches one that should mark the server as started or not.
 func (s *Server) onConsoleOutput(data string) {
-	// If the specific line of output is one that would mark the server as started,
-	// set the server to that state. Only do this if the server is not currently stopped
-	// or stopping.
-	if s.GetState() == ProcessStartingState && strings.Contains(data, s.processConfiguration.Startup.Done) {
-		zap.S().Debugw(
-			"detected server in running state based on line output", zap.String("match", s.processConfiguration.Startup.Done), zap.String("against", data),
-		)
+	// Get the server's process configuration.
+	processConfiguration := s.ProcessConfiguration()

-		s.SetState(ProcessRunningState)
+	// Check if the server is currently starting.
+	if s.GetState() == environment.ProcessStartingState {
+		// Check if we should strip ansi color codes.
+		if processConfiguration.Startup.StripAnsi {
+			// Strip ansi color codes from the data string.
+			data = stripAnsiRegex.ReplaceAllString(data, "")
+		}
+
+		// Iterate over all the done lines.
+		for _, l := range processConfiguration.Startup.Done {
+			if !l.Matches(data) {
+				continue
+			}
+
+			s.Log().WithFields(log.Fields{
+				"match":   l.String(),
+				"against": strconv.QuoteToASCII(data),
+			}).Debug("detected server in running state based on console line output")
+
+			// If the specific line of output is one that would mark the server as started,
+			// set the server to that state. Only do this if the server is not currently stopped
+			// or stopping.
+			_ = s.SetState(environment.ProcessRunningState)
+			break
+		}
 	}

 	// If the command sent to the server is one that should stop the server we will need to
 	// set the server to be in a stopping state, otherwise crash detection will kick in and
 	// cause the server to unexpectedly restart on the user.
 	if s.IsRunning() {
-		if s.processConfiguration.Stop.Type == api.ProcessStopCommand && data == s.processConfiguration.Stop.Value {
-			s.SetState(ProcessStoppingState)
+		stop := processConfiguration.Stop
+
+		if stop.Type == api.ProcessStopCommand && data == stop.Value {
+			_ = s.SetState(environment.ProcessOfflineState)
 		}
 	}
 }
--- a/server/loader.go
+++ b/server/loader.go
@@ -0,0 +1,135 @@
+package server
+
+import (
+	"fmt"
+	"github.com/apex/log"
+	"github.com/creasty/defaults"
+	"github.com/gammazero/workerpool"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/api"
+	"github.com/pterodactyl/wings/environment"
+	"github.com/pterodactyl/wings/environment/docker"
+	"os"
+	"runtime"
+	"time"
+)
+
+var servers = NewCollection(nil)
+
+func GetServers() *Collection {
+	return servers
+}
+
+// Iterates over a given directory and loads all of the servers listed before returning
+// them to the calling function.
+func LoadDirectory() error {
+	if len(servers.items) != 0 {
+		return errors.New("cannot call LoadDirectory with a non-nil collection")
+	}
+
+	log.Info("fetching list of servers from API")
+	configs, rerr, err := api.NewRequester().GetAllServerConfigurations()
+	if err != nil || rerr != nil {
+		if err != nil {
+			return errors.WithStack(err)
+		}
+
+		return errors.New(rerr.String())
+	}
+
+	log.Debug("retrieving cached server states from disk")
+	states, err := getServerStates()
+	if err != nil {
+		log.WithField("error", errors.WithStack(err)).Error("failed to retrieve locally cached server states from disk, assuming all servers in offline state")
+	}
+
+	start := time.Now()
+	log.WithField("total_configs", len(configs)).Info("processing servers returned by the API")
+
+	pool := workerpool.New(runtime.NumCPU())
+	for uuid, data := range configs {
+		uuid := uuid
+		data := data
+
+		pool.Submit(func() {
+			log.WithField("server", uuid).Info("creating new server object from API response")
+			s, err := FromConfiguration(data)
+			if err != nil {
+				log.WithField("server", uuid).WithField("error", err).Error("failed to load server, skipping...")
+				return
+			}
+
+			if state, exists := states[s.Id()]; exists {
+				s.Log().WithField("state", state).Debug("found existing server state in cache file; re-instantiating server state")
+				s.SetState(state)
+			}
+
+			servers.Add(s)
+		})
+	}
+
+	// Wait until we've processed all of the configuration files in the directory
+	// before continuing.
+	pool.StopWait()
+
+	diff := time.Now().Sub(start)
+	log.WithField("duration", fmt.Sprintf("%s", diff)).Info("finished processing server configurations")
+
+	return nil
+}
+
+// Initializes a server using a data byte array. This will be marshaled into the
+// given struct using a YAML marshaler. This will also configure the given environment
+// for a server.
+func FromConfiguration(data *api.ServerConfigurationResponse) (*Server, error) {
+	cfg := Configuration{}
+	if err := defaults.Set(&cfg); err != nil {
+		return nil, errors.Wrap(err, "failed to set struct defaults for server configuration")
+	}
+
+	s := new(Server)
+	if err := defaults.Set(s); err != nil {
+		return nil, errors.Wrap(err, "failed to set struct defaults for server")
+	}
+
+	s.cfg = cfg
+	if err := s.UpdateDataStructure(data.Settings); err != nil {
+		return nil, err
+	}
+
+	s.Archiver = Archiver{Server: s}
+	s.Filesystem = Filesystem{Server: s}
+
+	// Right now we only support a Docker based environment, so I'm going to hard code
+	// this logic in. When we're ready to support other environment we'll need to make
+	// some modifications here obviously.
+	settings := environment.Settings{
+		Mounts:      s.Mounts(),
+		Allocations: s.cfg.Allocations,
+		Limits:      s.cfg.Build,
+	}
+
+	envCfg := environment.NewConfiguration(settings, s.GetEnvironmentVariables())
+	meta := docker.Metadata{
+		Image: s.Config().Container.Image,
+	}
+
+	if env, err := docker.New(s.Id(), &meta, envCfg); err != nil {
+		return nil, err
+	} else {
+		s.Environment = env
+		go s.StartEventListeners()
+	}
+
+	// Forces the configuration to be synced with the panel.
+	if err := s.SyncWithConfiguration(data); err != nil {
+		return nil, err
+	}
+
+	// If the server's data directory exists, force disk usage calculation.
+	if _, err := os.Stat(s.Filesystem.Path()); err == nil {
+		s.Filesystem.HasSpaceAvailable(true)
+	}
+
+	return s, nil
+}
--- a/server/mounts.go
+++ b/server/mounts.go
@@ -0,0 +1,98 @@
+package server
+
+import (
+	"github.com/apex/log"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/config"
+	"github.com/pterodactyl/wings/environment"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// To avoid confusion when working with mounts, assume that a server.Mount has not been properly
+// cleaned up and had the paths set. An environment.Mount should only be returned with valid paths
+// that have been checked.
+type Mount environment.Mount
+
+// Returns the default container mounts for the server instance. This includes the data directory
+// for the server as well as any timezone related files if they exist on the host system so that
+// servers running within the container will use the correct time.
+func (s *Server) Mounts() []environment.Mount {
+	var m []environment.Mount
+
+	m = append(m, environment.Mount{
+		Default:  true,
+		Target:   "/home/container",
+		Source:   s.Filesystem.Path(),
+		ReadOnly: false,
+	})
+
+	// Try to mount in /etc/localtime and /etc/timezone if they exist on the host system.
+	if _, err := os.Stat("/etc/localtime"); err != nil {
+		if !os.IsNotExist(err) {
+			log.WithField("error", errors.WithStack(err)).Warn("failed to stat /etc/localtime due to an error")
+		}
+	} else {
+		m = append(m, environment.Mount{
+			Target:   "/etc/localtime",
+			Source:   "/etc/localtime",
+			ReadOnly: true,
+		})
+	}
+
+	if _, err := os.Stat("/etc/timezone"); err != nil {
+		if !os.IsNotExist(err) {
+			log.WithField("error", errors.WithStack(err)).Warn("failed to stat /etc/timezone due to an error")
+		}
+	} else {
+		m = append(m, environment.Mount{
+			Target:   "/etc/timezone",
+			Source:   "/etc/timezone",
+			ReadOnly: true,
+		})
+	}
+
+	// Also include any of this server's custom mounts when returning them.
+	return append(m, s.customMounts()...)
+}
+
+// Returns the custom mounts for a given server after verifying that they are within a list of
+// allowed mount points for the node.
+func (s *Server) customMounts() []environment.Mount {
+	var mounts []environment.Mount
+
+	// TODO: probably need to handle things trying to mount directories that do not exist.
+	for _, m := range s.Config().Mounts {
+		source := filepath.Clean(m.Source)
+		target := filepath.Clean(m.Target)
+
+		logger := s.Log().WithFields(log.Fields{
+			"source_path": source,
+			"target_path": target,
+			"read_only":   m.ReadOnly,
+		})
+
+		mounted := false
+		for _, allowed := range config.Get().AllowedMounts {
+			if !strings.HasPrefix(source, allowed) {
+				continue
+			}
+
+			mounted = true
+			mounts = append(mounts, environment.Mount{
+				Source:   source,
+				Target:   target,
+				ReadOnly: m.ReadOnly,
+			})
+
+			break
+		}
+
+		if !mounted {
+			logger.Warn("skipping custom server mount, not in list of allowed mount points")
+		}
+	}
+
+	return mounts
+}
--- a/server/power.go
+++ b/server/power.go
@@ -1,12 +1,172 @@
 package server

-type PowerAction struct {
-	Action string `json:"action"`
+import (
+	"context"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/config"
+	"golang.org/x/sync/semaphore"
+	"os"
+	"time"
+)
+
+type PowerAction string
+
+// The power actions that can be performed for a given server. This taps into the given server
+// environment and performs them in a way that prevents a race condition from occurring. For
+// example, sending two "start" actions back to back will not process the second action until
+// the first action has been completed.
+//
+// This utilizes a workerpool with a limit of one worker so that all of the actions execute
+// in a sync manner.
+const (
+	PowerActionStart     = "start"
+	PowerActionStop      = "stop"
+	PowerActionRestart   = "restart"
+	PowerActionTerminate = "kill"
+)
+
+// Checks if the power action being received is valid.
+func (pa PowerAction) IsValid() bool {
+	return pa == PowerActionStart ||
+		pa == PowerActionStop ||
+		pa == PowerActionTerminate ||
+		pa == PowerActionRestart
 }

-func (pr *PowerAction) IsValid() bool {
-	return pr.Action == "start" ||
-		pr.Action == "stop" ||
-		pr.Action == "kill" ||
-		pr.Action == "restart"
+func (pa PowerAction) IsStart() bool {
+	return pa == PowerActionStart || pa == PowerActionRestart
+}
+
+// Helper function that can receive a power action and then process the actions that need
+// to occur for it. This guards against someone calling Start() twice at the same time, or
+// trying to restart while another restart process is currently running.
+//
+// However, the code design for the daemon does depend on the user correctly calling this
+// function rather than making direct calls to the start/stop/restart functions on the
+// environment struct.
+func (s *Server) HandlePowerAction(action PowerAction, waitSeconds ...int) error {
+	if s.powerLock == nil {
+		s.powerLock = semaphore.NewWeighted(1)
+	}
+
+	// Only attempt to acquire a lock on the process if this is not a termination event. We want to
+	// just allow those events to pass right through for good reason. If a server is currently trying
+	// to process a power action but has gotten stuck you still should be able to pass through the
+	// terminate event. The good news here is that doing that oftentimes will get the stuck process to
+	// move again, and naturally continue through the process.
+	if action != PowerActionTerminate {
+		// Determines if we should wait for the lock or not. If a value greater than 0 is passed
+		// into this function we will wait that long for a lock to be acquired.
+		if len(waitSeconds) > 0 && waitSeconds[0] != 0 {
+			ctx, _ := context.WithTimeout(context.Background(), time.Second*time.Duration(waitSeconds[0]))
+			// Attempt to acquire a lock on the power action lock for up to 30 seconds. If more
+			// time than that passes an error will be propagated back up the chain and this
+			// request will be aborted.
+			if err := s.powerLock.Acquire(ctx, 1); err != nil {
+				return errors.Wrap(err, "could not acquire lock on power state")
+			}
+		} else {
+			// If no wait duration was provided we will attempt to immediately acquire the lock
+			// and bail out with a context deadline error if it is not acquired immediately.
+			if ok := s.powerLock.TryAcquire(1); !ok {
+				return errors.Wrap(context.DeadlineExceeded, "could not acquire lock on power state")
+			}
+		}
+
+		// Release the lock once the process being requested has finished executing.
+		defer s.powerLock.Release(1)
+	} else {
+		// Still try to acquire the lock if terminating and it is available, just so that other power
+		// actions are blocked until it has completed. However, if it is unavailable we won't stop
+		// the entire process.
+		if ok := s.powerLock.TryAcquire(1); ok {
+			// If we managed to acquire the lock be sure to released it once this process is completed.
+			defer s.powerLock.Release(1)
+		}
+	}
+
+	switch action {
+	case PowerActionStart:
+		// Run the pre-boot logic for the server before processing the environment start.
+		if err := s.onBeforeStart(); err != nil {
+			return err
+		}
+
+		return s.Environment.Start()
+	case PowerActionStop:
+		// We're specifically waiting for the process to be stopped here, otherwise the lock is released
+		// too soon, and you can rack up all sorts of issues.
+		return s.Environment.WaitForStop(10*60, true)
+	case PowerActionRestart:
+		if err := s.Environment.WaitForStop(10*60, true); err != nil {
+			// Even timeout errors should be bubbled back up the stack. If the process didn't stop
+			// nicely, but the terminate argument was passed then the server is stopped without an
+			// error being returned.
+			//
+			// However, if terminate is not passed you'll get a context deadline error. We could
+			// probably handle that nicely here, but I'd rather just pass it back up the stack for now.
+			// Either way, any type of error indicates we should not attempt to start the server back
+			// up.
+			return err
+		}
+
+		// Now actually try to start the process by executing the normal pre-boot logic.
+		if err := s.onBeforeStart(); err != nil {
+			return err
+		}
+
+		return s.Environment.Start()
+	case PowerActionTerminate:
+		return s.Environment.Terminate(os.Kill)
+	}
+
+	return errors.New("attempting to handle unknown power action")
+}
+
+// Execute a few functions before actually calling the environment start commands. This ensures
+// that everything is ready to go for environment booting, and that the server can even be started.
+func (s *Server) onBeforeStart() error {
+	s.Log().Info("syncing server configuration with panel")
+	if err := s.Sync(); err != nil {
+		return errors.Wrap(err, "unable to sync server data from Panel instance")
+	}
+
+	// Disallow start & restart if the server is suspended. Do this check after performing a sync
+	// action with the Panel to ensure that we have the most up-to-date information for that server.
+	if s.IsSuspended() {
+		return new(suspendedError)
+	}
+
+	// Ensure we sync the server information with the environment so that any new environment variables
+	// and process resource limits are correctly applied.
+	s.SyncWithEnvironment()
+
+	// If a server has unlimited disk space, we don't care enough to block the startup to check remaining.
+	// However, we should trigger a size anyway, as it'd be good to kick it off for other processes.
+	if s.DiskSpace() <= 0 {
+		s.Filesystem.HasSpaceAvailable(true)
+	} else {
+		s.PublishConsoleOutputFromDaemon("Checking server disk space usage, this could take a few seconds...")
+		if !s.Filesystem.HasSpaceAvailable(false) {
+			return errors.New("cannot start server, not enough disk space available")
+		}
+	}
+
+	// Update the configuration files defined for the server before beginning the boot process.
+	// This process executes a bunch of parallel updates, so we just block until that process
+	// is complete. Any errors as a result of this will just be bubbled out in the logger,
+	// we don't need to actively do anything about it at this point, worst comes to worst the
+	// server starts in a weird state and the user can manually adjust.
+	s.PublishConsoleOutputFromDaemon("Updating process configuration files...")
+	s.UpdateConfigurationFiles()
+
+	if config.Get().System.CheckPermissionsOnBoot {
+		s.PublishConsoleOutputFromDaemon("Ensuring file permissions are set correctly, this could take a few seconds...")
+		// Ensure all of the server file permissions are set correctly before booting the process.
+		if err := s.Filesystem.Chown("/"); err != nil {
+			return errors.Wrap(err, "failed to chown root server directory during pre-boot process")
+		}
+	}
+
+	return nil
 }
--- a/server/resources.go
+++ b/server/resources.go
@@ -1,54 +1,69 @@
 package server

 import (
-	"github.com/docker/docker/api/types"
-	"math"
+	"encoding/json"
+	"github.com/pterodactyl/wings/environment"
+	"sync"
 )

 // Defines the current resource usage for a given server instance. If a server is offline you
 // should obviously expect memory and CPU usage to be 0. However, disk will always be returned
 // since that is not dependent on the server being running to collect that data.
 type ResourceUsage struct {
-	// The total amount of memory, in bytes, that this server instance is consuming.
-	Memory uint64 `json:"memory_bytes"`
-	// The total amount of memory this container or resource can use. Inside Docker this is
-	// going to be higher than you'd expect because we're automatically allocating overhead
-	// abilities for the container, so its not going to be a perfect match.
-	MemoryLimit uint64 `json:"memory_limit_bytes"`
-	// The absolute CPU usage is the amount of CPU used in relation to the entire system and
-	// does not take into account any limits on the server process itself.
-	CpuAbsolute float64 `json:"cpu_absolute"`
+	mu sync.RWMutex
+
+	// Embed the current environment stats into this server specific resource usage struct.
+	environment.Stats
+
+	// The current server status.
+	State string `json:"state" default:"offline"`
+
 	// The current disk space being used by the server. This is cached to prevent slow lookup
 	// issues on frequent refreshes.
 	Disk int64 `json:"disk_bytes"`
-	// Current network transmit in & out for a container.
-	Network struct {
-		RxBytes uint64 `json:"rx_bytes"`
-		TxBytes uint64 `json:"tx_bytes"`
-	} `json:"network"`
 }

-// Calculates the absolute CPU usage used by the server process on the system, not constrained
-// by the defined CPU limits on the container.
+// Returns the resource usage stats for the server instance. If the server is not running, only the
+// disk space currently used will be returned. When the server is running all of the other stats will
+// be returned.
 //
-// @see https://github.com/docker/cli/blob/aa097cf1aa19099da70930460250797c8920b709/cli/command/container/stats_helpers.go#L166
-func (ru *ResourceUsage) CalculateAbsoluteCpu(pStats *types.CPUStats, stats *types.CPUStats) float64 {
-	// Calculate the change in CPU usage between the current and previous reading.
-	cpuDelta := float64(stats.CPUUsage.TotalUsage) - float64(pStats.CPUUsage.TotalUsage)
+// When a process is stopped all of the stats are zeroed out except for the disk.
+func (s *Server) Proc() *ResourceUsage {
+	s.resources.mu.RLock()
+	defer s.resources.mu.RUnlock()

-	// Calculate the change for the entire system's CPU usage between current and previous reading.
-	systemDelta := float64(stats.SystemUsage) - float64(pStats.SystemUsage)
+	return &s.resources
+}

-	// Calculate the total number of CPU cores being used.
-	cpus := float64(stats.OnlineCPUs)
-	if cpus == 0.0 {
-		cpus = float64(len(stats.CPUUsage.PercpuUsage))
+func (s *Server) emitProcUsage() {
+	s.resources.mu.RLock()
+	defer s.resources.mu.RUnlock()
+
+	b, err := json.Marshal(s.resources)
+	if err == nil {
+		s.Events().Publish(StatsEvent, string(b))
 	}

-	percent := 0.0
-	if systemDelta > 0.0 && cpuDelta > 0.0 {
-		percent = (cpuDelta / systemDelta) * cpus * 100.0
-	}
+	// TODO: This might be a good place to add a debug log if stats are not sending.
+}

-	return math.Round(percent*1000) / 1000
-}
+// Returns the servers current state.
+func (ru *ResourceUsage) getInternalState() string {
+	ru.mu.RLock()
+	defer ru.mu.RUnlock()
+
+	return ru.State
+}
+
+// Sets the new state for the server.
+func (ru *ResourceUsage) setInternalState(state string) {
+	ru.mu.Lock()
+	ru.State = state
+	ru.mu.Unlock()
+}
+
+func (ru *ResourceUsage) SetDisk(i int64) {
+	ru.mu.Lock()
+	ru.Disk = i
+	ru.mu.Unlock()
+}
--- a/server/server.go
+++ b/server/server.go
@@ -1,240 +1,72 @@
 package server

 import (
+	"context"
 	"fmt"
-	"github.com/creasty/defaults"
-	"github.com/patrickmn/go-cache"
+	"github.com/apex/log"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/api"
-	"github.com/pterodactyl/wings/config"
-	"github.com/remeh/sizedwaitgroup"
-	"go.uber.org/zap"
-	"os"
+	"github.com/pterodactyl/wings/environment"
+	"github.com/pterodactyl/wings/environment/docker"
+	"github.com/pterodactyl/wings/events"
+	"golang.org/x/sync/semaphore"
 	"strings"
 	"sync"
 	"time"
 )

-var servers *Collection
-
-func GetServers() *Collection {
-	return servers
-}
-
 // High level definition for a server instance being controlled by Wings.
 type Server struct {
-	// The unique identifier for the server that should be used when referencing
-	// it against the Panel API (and internally). This will be used when naming
-	// docker containers as well as in log output.
-	Uuid string `json:"uuid"`
+	// Internal mutex used to block actions that need to occur sequentially, such as
+	// writing the configuration to the disk.
+	sync.RWMutex
+	emitterLock  sync.Mutex
+	powerLock    *semaphore.Weighted
+	throttleLock sync.RWMutex

-	// Whether or not the server is in a suspended state. Suspended servers cannot
-	// be started or modified except in certain scenarios by an admin user.
-	Suspended bool `json:"suspended"`
+	// Maintains the configuration for the server. This is the data that gets returned by the Panel
+	// such as build settings and container images.
+	cfg Configuration

-	// The power state of the server.
-	State string `default:"offline" json:"state"`
+	// The crash handler for this server instance.
+	crasher CrashHandler

-	// The command that should be used when booting up the server instance.
-	Invocation string `json:"invocation"`
-
-	// An array of environment variables that should be passed along to the running
-	// server process.
-	EnvVars map[string]string `json:"environment" yaml:"environment"`
-
-	Archiver       Archiver       `json:"-" yaml:"-"`
-	CrashDetection CrashDetection `json:"crash_detection" yaml:"crash_detection"`
-	Build          BuildSettings  `json:"build"`
-	Allocations    Allocations    `json:"allocations"`
-	Environment    Environment    `json:"-" yaml:"-"`
-	Filesystem     Filesystem     `json:"-" yaml:"-"`
-	Resources      ResourceUsage  `json:"resources" yaml:"-"`
-
-	Container struct {
-		// Defines the Docker image that will be used for this server
-		Image string `json:"image,omitempty"`
-		// If set to true, OOM killer will be disabled on the server's Docker container.
-		// If not present (nil) we will default to disabling it.
-		OomDisabled bool `default:"true" json:"oom_disabled" yaml:"oom_disabled"`
-	} `json:"container,omitempty"`
-
-	// Server cache used to store frequently requested information in memory and make
-	// certain long operations return faster. For example, FS disk space usage.
-	Cache *cache.Cache `json:"-" yaml:"-"`
+	resources   ResourceUsage
+	Archiver    Archiver                       `json:"-"`
+	Environment environment.ProcessEnvironment `json:"-"`
+	Filesystem  Filesystem                     `json:"-"`

 	// Events emitted by the server instance.
-	emitter *EventBus
+	emitter *events.EventBus

 	// Defines the process configuration for the server instance. This is dynamically
 	// fetched from the Pterodactyl Server instance each time the server process is
 	// started, and then cached here.
-	processConfiguration *api.ProcessConfiguration
+	procConfig *api.ProcessConfiguration

-	// Internal mutex used to block actions that need to occur sequentially, such as
-	// writing the configuration to the disk.
-	sync.RWMutex
+	// Tracks the installation process for this server and prevents a server from running
+	// two installer processes at the same time. This also allows us to cancel a running
+	// installation process, for example when a server is deleted from the panel while the
+	// installer process is still running.
+	installer InstallerDetails
+
+	// The console throttler instance used to control outputs.
+	throttler *ConsoleThrottler
 }

-// The build settings for a given server that impact docker container creation and
-// resource limits for a server instance.
-type BuildSettings struct {
-	// The total amount of memory in megabytes that this server is allowed to
-	// use on the host system.
-	MemoryLimit int64 `json:"memory_limit" yaml:"memory"`
+type InstallerDetails struct {
+	// The cancel function for the installer. This will be a non-nil value while there
+	// is an installer running for the server.
+	cancel *context.CancelFunc

-	// The amount of additional swap space to be provided to a container instance.
-	Swap int64 `json:"swap"`
-
-	// The relative weight for IO operations in a container. This is relative to other
-	// containers on the system and should be a value between 10 and 1000.
-	IoWeight uint16 `json:"io_weight" yaml:"io"`
-
-	// The percentage of CPU that this instance is allowed to consume relative to
-	// the host. A value of 200% represents complete utilization of two cores. This
-	// should be a value between 1 and THREAD_COUNT * 100.
-	CpuLimit int64 `json:"cpu_limit" yaml:"cpu"`
-
-	// The amount of disk space in megabytes that a server is allowed to use.
-	DiskSpace int64 `json:"disk_space" yaml:"disk"`
-
-	// Sets which CPU threads can be used by the docker instance.
-	Threads string `json:"threads" yaml:"threads"`
+	// Installer lock. You should obtain an exclusive lock on this context while running
+	// the installation process and release it when finished.
+	sem *semaphore.Weighted
 }

-// Converts the CPU limit for a server build into a number that can be better understood
-// by the Docker environment. If there is no limit set, return -1 which will indicate to
-// Docker that it has unlimited CPU quota.
-func (b *BuildSettings) ConvertedCpuLimit() int64 {
-	if b.CpuLimit == 0 {
-		return -1
-	}
-
-	return b.CpuLimit * 1000
-}
-
-// Returns the amount of swap available as a total in bytes. This is returned as the amount
-// of memory available to the server initially, PLUS the amount of additional swap to include
-// which is the format used by Docker.
-func (b *BuildSettings) ConvertedSwap() int64 {
-	if b.Swap < 0 {
-		return -1
-	}
-
-	return (b.Swap * 1000000) + (b.MemoryLimit * 1000000)
-}
-
-// Defines the allocations available for a given server. When using the Docker environment
-// driver these correspond to mappings for the container that allow external connections.
-type Allocations struct {
-	// Defines the default allocation that should be used for this server. This is
-	// what will be used for {SERVER_IP} and {SERVER_PORT} when modifying configuration
-	// files or the startup arguments for a server.
-	DefaultMapping struct {
-		Ip   string `json:"ip"`
-		Port int    `json:"port"`
-	} `json:"default" yaml:"default"`
-
-	// Mappings contains all of the ports that should be assigned to a given server
-	// attached to the IP they correspond to.
-	Mappings map[string][]int `json:"mappings"`
-}
-
-// Iterates over a given directory and loads all of the servers listed before returning
-// them to the calling function.
-func LoadDirectory() error {
-	// We could theoretically use a standard wait group here, however doing
-	// that introduces the potential to crash the program due to too many
-	// open files. This wouldn't happen on a small setup, but once the daemon is
-	// handling many servers you run that risk.
-	//
-	// For now just process 10 files at a time, that should be plenty fast to
-	// read and parse the YAML. We should probably make this configurable down
-	// the road to help big instances scale better.
-	wg := sizedwaitgroup.New(10)
-
-	configs, rerr, err := api.NewRequester().GetAllServerConfigurations()
-	if err != nil || rerr != nil {
-		if err != nil {
-			return errors.WithStack(err)
-		}
-
-		return errors.New(rerr.String())
-	}
-
-	states, err := getServerStates()
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
-	servers = NewCollection(nil)
-
-	for uuid, data := range configs {
-		wg.Add()
-
-		go func(uuid string, data *api.ServerConfigurationResponse) {
-			defer wg.Done()
-
-			s, err := FromConfiguration(data)
-			if err != nil {
-				zap.S().Errorw("failed to load server, skipping...", zap.String("server", uuid), zap.Error(err))
-				return
-			}
-
-			if state, exists := states[s.Uuid]; exists {
-				s.SetState(state)
-				zap.S().Debugw("loaded server state from cache", zap.String("server", s.Uuid), zap.String("state", s.GetState()))
-			}
-
-			servers.Add(s)
-		}(uuid, data)
-	}
-
-	// Wait until we've processed all of the configuration files in the directory
-	// before continuing.
-	wg.Wait()
-
-	return nil
-}
-
-// Initializes a server using a data byte array. This will be marshaled into the
-// given struct using a YAML marshaler. This will also configure the given environment
-// for a server.
-func FromConfiguration(data *api.ServerConfigurationResponse) (*Server, error) {
-	s := new(Server)
-
-	if err := defaults.Set(s); err != nil {
-		return nil, err
-	}
-
-	if err := s.UpdateDataStructure(data.Settings, false); err != nil {
-		return nil, err
-	}
-
-	s.AddEventListeners()
-
-	// Right now we only support a Docker based environment, so I'm going to hard code
-	// this logic in. When we're ready to support other environment we'll need to make
-	// some modifications here obviously.
-	if err := NewDockerEnvironment(s); err != nil {
-		return nil, err
-	}
-
-	s.Cache = cache.New(time.Minute*10, time.Minute*15)
-	s.Archiver = Archiver{
-		Server: s,
-	}
-	s.Filesystem = Filesystem{
-		Configuration: &config.Get().System,
-		Server:        s,
-	}
-	s.Resources = ResourceUsage{}
-
-	// Forces the configuration to be synced with the panel.
-	if err := s.SyncWithConfiguration(data); err != nil {
-		return nil, err
-	}
-
-	return s, nil
+// Returns the UUID for the server instance.
+func (s *Server) Id() string {
+	return s.Config().GetUuid()
 }

 // Returns all of the environment variables that should be assigned to a running
@@ -244,26 +76,30 @@ func (s *Server) GetEnvironmentVariables() []string {

 	var out = []string{
 		fmt.Sprintf("TZ=%s", zone),
-		fmt.Sprintf("STARTUP=%s", s.Invocation),
-		fmt.Sprintf("SERVER_MEMORY=%d", s.Build.MemoryLimit),
-		fmt.Sprintf("SERVER_IP=%s", s.Allocations.DefaultMapping.Ip),
-		fmt.Sprintf("SERVER_PORT=%d", s.Allocations.DefaultMapping.Port),
+		fmt.Sprintf("STARTUP=%s", s.Config().Invocation),
+		fmt.Sprintf("SERVER_MEMORY=%d", s.MemoryLimit()),
+		fmt.Sprintf("SERVER_IP=%s", s.Config().Allocations.DefaultMapping.Ip),
+		fmt.Sprintf("SERVER_PORT=%d", s.Config().Allocations.DefaultMapping.Port),
 	}

 eloop:
-	for k, v := range s.EnvVars {
+	for k := range s.Config().EnvVars {
 		for _, e := range out {
 			if strings.HasPrefix(e, strings.ToUpper(k)) {
 				continue eloop
 			}
 		}

-		out = append(out, fmt.Sprintf("%s=%s", strings.ToUpper(k), v))
+		out = append(out, fmt.Sprintf("%s=%s", strings.ToUpper(k), s.Config().EnvVars.Get(k)))
 	}

 	return out
 }

+func (s *Server) Log() *log.Entry {
+	return log.WithField("server", s.Id())
+}
+
 // Syncs the state of the server on the Panel with Wings. This ensures that we're always
 // using the state of the server from the Panel and allows us to not require successful
 // API calls to Wings to do things.
@@ -289,16 +125,26 @@ func (s *Server) Sync() error {

 func (s *Server) SyncWithConfiguration(cfg *api.ServerConfigurationResponse) error {
 	// Update the data structure and persist it to the disk.
-	if err := s.UpdateDataStructure(cfg.Settings, false); err != nil {
+	if err := s.UpdateDataStructure(cfg.Settings); err != nil {
 		return errors.WithStack(err)
 	}

-	s.processConfiguration = cfg.ProcessConfiguration
+	s.Lock()
+	s.procConfig = cfg.ProcessConfiguration
+	s.Unlock()
+
+	// If this is a Docker environment we need to sync the stop configuration with it so that
+	// the process isn't just terminated when a user requests it be stopped.
+	if e, ok := s.Environment.(*docker.Environment); ok {
+		s.Log().Debug("syncing stop configuration with configured docker environment")
+		e.SetStopConfiguration(&cfg.ProcessConfiguration.Stop)
+	}
+
 	return nil
 }

 // Reads the log file for a server up to a specified number of bytes.
-func (s *Server) ReadLogfile(len int64) ([]string, error) {
+func (s *Server) ReadLogfile(len int) ([]string, error) {
 	return s.Environment.Readlog(len)
 }

@@ -310,34 +156,30 @@ func (s *Server) IsBootable() bool {
 	return exists
 }

-// Initalizes a server instance. This will run through and ensure that the environment
+// Initializes a server instance. This will run through and ensure that the environment
 // for the server is setup, and that all of the necessary files are created.
 func (s *Server) CreateEnvironment() error {
+	// Ensure the data directory exists before getting too far through this process.
+	if err := s.Filesystem.EnsureDataDirectory(); err != nil {
+		return errors.WithStack(err)
+	}
+
 	return s.Environment.Create()
 }

 // Gets the process configuration data for the server.
 func (s *Server) GetProcessConfiguration() (*api.ServerConfigurationResponse, *api.RequestError, error) {
-	return api.NewRequester().GetServerConfiguration(s.Uuid)
+	return api.NewRequester().GetServerConfiguration(s.Id())
 }

-// Helper function that can receieve a power action and then process the
-// actions that need to occur for it.
-func (s *Server) HandlePowerAction(action PowerAction) error {
-	switch action.Action {
-	case "start":
-		return s.Environment.Start()
-	case "restart":
-		if err := s.Environment.WaitForStop(60, false); err != nil {
-			return err
-		}
-
-		return s.Environment.Start()
-	case "stop":
-		return s.Environment.Stop()
-	case "kill":
-		return s.Environment.Terminate(os.Kill)
-	default:
-		return errors.New("an invalid power action was provided")
-	}
+// Checks if the server is marked as being suspended or not on the system.
+func (s *Server) IsSuspended() bool {
+	return s.Config().Suspended
+}
+
+func (s *Server) ProcessConfiguration() *api.ProcessConfiguration {
+	s.RLock()
+	defer s.RUnlock()
+
+	return s.procConfig
 }
--- a/server/state.go
+++ b/server/state.go
@@ -5,7 +5,7 @@ import (
 	"fmt"
 	"github.com/pkg/errors"
 	"github.com/pterodactyl/wings/config"
-	"go.uber.org/zap"
+	"github.com/pterodactyl/wings/environment"
 	"io"
 	"io/ioutil"
 	"os"
@@ -41,7 +41,7 @@ func saveServerStates() error {
 	// Get the states of all servers on the daemon.
 	states := map[string]string{}
 	for _, s := range GetServers().All() {
-		states[s.Uuid] = s.GetState()
+		states[s.Id()] = s.GetState()
 	}

 	// Convert the map to a json object.
@@ -61,32 +61,26 @@ func saveServerStates() error {
 	return nil
 }

-const (
-	ProcessOfflineState  = "offline"
-	ProcessStartingState = "starting"
-	ProcessRunningState  = "running"
-	ProcessStoppingState = "stopping"
-)
-
 // Sets the state of the server internally. This function handles crash detection as
 // well as reporting to event listeners for the server.
 func (s *Server) SetState(state string) error {
-	if state != ProcessOfflineState && state != ProcessStartingState && state != ProcessRunningState && state != ProcessStoppingState {
+	if state != environment.ProcessOfflineState &&
+		state != environment.ProcessStartingState &&
+		state != environment.ProcessRunningState &&
+		state != environment.ProcessStoppingState {
 		return errors.New(fmt.Sprintf("invalid server state received: %s", state))
 	}

 	prevState := s.GetState()

-	// Obtain a mutex lock and update the current state of the server.
-	s.Lock()
-	s.State = state
+	// Update the currently tracked state for the server.
+	s.Proc().setInternalState(state)

 	// Emit the event to any listeners that are currently registered.
-	zap.S().Debugw("saw server status change event", zap.String("server", s.Uuid), zap.String("status", s.State))
-	s.Events().Publish(StatusEvent, s.State)
-
-	// Release the lock as it is no longer needed for the following actions.
-	s.Unlock()
+	if prevState != state {
+		s.Log().WithField("status", s.Proc().State).Debug("saw server status change event")
+		s.Events().Publish(StatusEvent, s.Proc().State)
+	}

 	// Persist this change to the disk immediately so that should the Daemon be stopped or
 	// crash we can immediately restore the server state.
@@ -98,10 +92,20 @@ func (s *Server) SetState(state string) error {
 	// to the disk should we forget to do it elsewhere.
 	go func() {
 		if err := saveServerStates(); err != nil {
-			zap.S().Warnw("failed to write server states to disk", zap.Error(err))
+			s.Log().WithField("error", err).Warn("failed to write server states to disk")
 		}
 	}()

+	// Reset the resource usage to 0 when the process fully stops so that all of the UI
+	// views in the Panel correctly display 0.
+	if state == environment.ProcessOfflineState {
+		s.resources.mu.Lock()
+		s.resources.Empty()
+		s.resources.mu.Unlock()
+
+		s.emitProcUsage()
+	}
+
 	// If server was in an online state, and is now in an offline state we should handle
 	// that as a crash event. In that scenario, check the last crash time, and the crash
 	// counter.
@@ -110,15 +114,15 @@ func (s *Server) SetState(state string) error {
 	// automatically attempt to start the process back up for the user. This is done in a
 	// separate thread as to not block any actions currently taking place in the flow
 	// that called this function.
-	if (prevState == ProcessStartingState || prevState == ProcessRunningState) && s.GetState() == ProcessOfflineState {
-		zap.S().Infow("detected server as entering a potentially crashed state; running handler", zap.String("server", s.Uuid))
+	if (prevState == environment.ProcessStartingState || prevState == environment.ProcessRunningState) && s.GetState() == environment.ProcessOfflineState {
+		s.Log().Info("detected server as entering a crashed state; running crash handler")

 		go func(server *Server) {
 			if err := server.handleServerCrash(); err != nil {
 				if IsTooFrequentCrashError(err) {
-					zap.S().Infow("did not restart server after crash; occurred too soon after last", zap.String("server", server.Uuid))
+					server.Log().Info("did not restart server after crash; occurred too soon after the last")
 				} else {
-					zap.S().Errorw("failed to handle server crash state", zap.String("server", server.Uuid), zap.Error(err))
+					server.Log().WithField("error", err).Error("failed to handle server crash")
 				}
 			}
 		}(s)
@@ -129,15 +133,14 @@ func (s *Server) SetState(state string) error {

 // Returns the current state of the server in a race-safe manner.
 func (s *Server) GetState() string {
-	s.RLock()
-	defer s.RUnlock()
-
-	return s.State
+	return s.Proc().getInternalState()
 }

 // Determines if the server state is running or not. This is different than the
 // environment state, it is simply the tracked state from this daemon instance, and
 // not the response from Docker.
 func (s *Server) IsRunning() bool {
-	return s.GetState() == ProcessRunningState || s.GetState() == ProcessStartingState
+	st := s.GetState()
+
+	return st == environment.ProcessRunningState || st == environment.ProcessStartingState
 }
--- a/server/update.go
+++ b/server/update.go
@@ -5,7 +5,7 @@ import (
 	"github.com/buger/jsonparser"
 	"github.com/imdario/mergo"
 	"github.com/pkg/errors"
-	"go.uber.org/zap"
+	"github.com/pterodactyl/wings/environment"
 )

 // Merges data passed through in JSON form into the existing server object.
@@ -15,8 +15,8 @@ import (
 // The server will be marked as requiring a rebuild on the next boot sequence,
 // it is up to the specific environment to determine what needs to happen when
 // that is the case.
-func (s *Server) UpdateDataStructure(data []byte, background bool) error {
-	src := new(Server)
+func (s *Server) UpdateDataStructure(data []byte) error {
+	src := new(Configuration)
 	if err := json.Unmarshal(data, src); err != nil {
 		return errors.WithStack(err)
 	}
@@ -24,16 +24,42 @@ func (s *Server) UpdateDataStructure(data []byte, background bool) error {
 	// Don't allow obviously corrupted data to pass through into this function. If the UUID
 	// doesn't match something has gone wrong and the API is attempting to meld this server
 	// instance into a totally different one, which would be bad.
-	if src.Uuid != "" && s.Uuid != "" && src.Uuid != s.Uuid {
+	if src.Uuid != "" && s.Id() != "" && src.Uuid != s.Id() {
 		return errors.New("attempting to merge a data stack with an invalid UUID")
 	}

+	// Grab a copy of the configuration to work on.
+	c := *s.Config()
+
+	// Lock our copy of the configuration since the deferred unlock will end up acting upon this
+	// new memory address rather than the old one. If we don't lock this, the deferred unlock will
+	// cause a panic when it goes to run. However, since we only update s.cfg at the end, if there
+	// is an error before that point we'll still properly unlock the original configuration for the
+	// server.
+	c.mu.Lock()
+
+	// Lock the server configuration while we're doing this merge to avoid anything
+	// trying to overwrite it or make modifications while we're sorting out what we
+	// need to do.
+	s.cfg.mu.Lock()
+	defer s.cfg.mu.Unlock()
+
 	// Merge the new data object that we have received with the existing server data object
 	// and then save it to the disk so it is persistent.
-	if err := mergo.Merge(s, src, mergo.WithOverride); err != nil {
+	if err := mergo.Merge(&c, src, mergo.WithOverride); err != nil {
 		return errors.WithStack(err)
 	}

+	// Don't explode if we're setting CPU limits to 0. Mergo sees that as an empty value
+	// so it won't override the value we've passed through in the API call. However, we can
+	// safely assume that we're passing through valid data structures here. I foresee this
+	// backfiring at some point, but until then...
+	//
+	// We'll go ahead and do this with swap as well.
+	c.Build.CpuLimit = src.Build.CpuLimit
+	c.Build.Swap = src.Build.Swap
+	c.Build.DiskSpace = src.Build.DiskSpace
+
 	// Mergo can't quite handle this boolean value correctly, so for now we'll just
 	// handle this edge case manually since none of the other data passed through in this
 	// request is going to be boolean. Allegedly.
@@ -42,7 +68,7 @@ func (s *Server) UpdateDataStructure(data []byte, background bool) error {
 			return errors.WithStack(err)
 		}
 	} else {
-		s.Container.OomDisabled = v
+		c.Build.OOMDisabled = v
 	}

 	// Mergo also cannot handle this boolean value.
@@ -51,58 +77,80 @@ func (s *Server) UpdateDataStructure(data []byte, background bool) error {
 			return errors.WithStack(err)
 		}
 	} else {
-		s.Suspended = v
+		c.Suspended = v
+	}
+
+	if v, err := jsonparser.GetBoolean(data, "skip_egg_scripts"); err != nil {
+		if err != jsonparser.KeyPathNotFoundError {
+			return errors.WithStack(err)
+		}
+	} else {
+		c.SkipEggScripts = v
 	}

 	// Environment and Mappings should be treated as a full update at all times, never a
 	// true patch, otherwise we can't know what we're passing along.
 	if src.EnvVars != nil && len(src.EnvVars) > 0 {
-		s.EnvVars = src.EnvVars
+		c.EnvVars = src.EnvVars
 	}

 	if src.Allocations.Mappings != nil && len(src.Allocations.Mappings) > 0 {
-		s.Allocations.Mappings = src.Allocations.Mappings
+		c.Allocations.Mappings = src.Allocations.Mappings
 	}

-	if background {
-		s.runBackgroundActions()
+	if src.Mounts != nil && len(src.Mounts) > 0 {
+		c.Mounts = src.Mounts
 	}

+	// Update the configuration once we have a lock on the configuration object.
+	s.cfg = c
+
 	return nil
 }

-// Runs through different actions once a server's configuration has been persisted
-// to the disk. This function does not return anything as any failures should be logged
-// but have no effect on actually updating the server itself.
+// Updates the environment for the server to match any of the changed data. This pushes new settings and
+// environment variables to the environment. In addition, the in-situ update method is called on the
+// environment which will allow environments that make use of it (such as Docker) to immediately apply
+// some settings without having to wait on a server to restart.
 //
-// These tasks run in independent threads where relevant to speed up any updates
-// that need to happen.
-func (s *Server) runBackgroundActions() {
-	// Update the environment in place, allowing memory and CPU usage to be adjusted
-	// on the fly without the user needing to reboot (theoretically).
-	go func(server *Server) {
-		if err := server.Environment.InSituUpdate(); err != nil {
-			zap.S().Warnw(
-				"failed to perform in-situ update of server environment",
-				zap.String("server", server.Uuid),
-				zap.Error(err),
-			)
-		}
-	}(s)
+// This functionality allows a server's resources limits to be modified on the fly and have them apply
+// right away allowing for dynamic resource allocation and responses to abusive server processes.
+func (s *Server) SyncWithEnvironment() {
+	s.Log().Debug("syncing server settings with environment")

-	// Check if the server is now suspended, and if so and the process is not terminated
-	// yet, do it immediately.
-	go func(server *Server) {
-		if server.Suspended && server.GetState() != ProcessOfflineState {
-			zap.S().Infow("server suspended with running process state, terminating now", zap.String("server", server.Uuid))
+	// Update the environment settings using the new information from this server.
+	s.Environment.Config().SetSettings(environment.Settings{
+		Mounts:      s.Mounts(),
+		Allocations: s.Config().Allocations,
+		Limits:      s.Config().Build,
+	})

-			if err := server.Environment.WaitForStop(10, true); err != nil {
-				zap.S().Warnw(
-					"failed to stop server environment after seeing suspension",
-					zap.String("server", server.Uuid),
-					zap.Error(err),
-				)
-			}
+	// If build limits are changed, environment variables also change. Plus, any modifications to
+	// the startup command also need to be properly propagated to this environment.
+	//
+	// @see https://github.com/pterodactyl/panel/issues/2255
+	s.Environment.Config().SetEnvironmentVariables(s.GetEnvironmentVariables())
+
+	if !s.IsSuspended() {
+		// Update the environment in place, allowing memory and CPU usage to be adjusted
+		// on the fly without the user needing to reboot (theoretically).
+		s.Log().Info("performing server limit modification on-the-fly")
+		if err := s.Environment.InSituUpdate(); err != nil {
+			// This is not a failure, the process is still running fine and will fix itself on the
+			// next boot, or fail out entirely in a more logical position.
+			s.Log().WithField("error", err).Warn("failed to perform on-the-fly update of the server environment")
 		}
-	}(s)
+	} else {
+		// Checks if the server is now in a suspended state. If so and a server process is currently running it
+		// will be gracefully stopped (and terminated if it refuses to stop).
+		if s.GetState() != environment.ProcessOfflineState {
+			s.Log().Info("server suspended with running process state, terminating now")
+
+			go func(s *Server) {
+				if err := s.Environment.WaitForStop(60, true); err != nil {
+					s.Log().WithField("error", err).Warn("failed to terminate server environment after suspension")
+				}
+			}(s)
+		}
+	}
 }
--- a/sftp/errors.go
+++ b/sftp/errors.go
@@ -0,0 +1,19 @@
+package sftp
+
+type fxerr uint32
+
+const (
+	// Extends the default SFTP server to return a quota exceeded error to the client.
+	//
+	// @see https://tools.ietf.org/id/draft-ietf-secsh-filexfer-13.txt
+	ErrSshQuotaExceeded = fxerr(15)
+)
+
+func (e fxerr) Error() string {
+	switch e {
+	case ErrSshQuotaExceeded:
+		return "Quota Exceeded"
+	default:
+		return "Failure"
+	}
+}
--- a/sftp/handler.go
+++ b/sftp/handler.go
@@ -0,0 +1,380 @@
+package sftp
+
+import (
+	"github.com/apex/log"
+	"github.com/patrickmn/go-cache"
+	"github.com/pkg/errors"
+	"github.com/pkg/sftp"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"sync"
+)
+
+type FileSystem struct {
+	UUID        string
+	Permissions []string
+	ReadOnly    bool
+	User        User
+	Cache       *cache.Cache
+
+	PathValidator func(fs FileSystem, p string) (string, error)
+	HasDiskSpace  func(fs FileSystem) bool
+
+	logger *log.Entry
+	lock   sync.Mutex
+}
+
+func (fs FileSystem) buildPath(p string) (string, error) {
+	return fs.PathValidator(fs, p)
+}
+
+const (
+	PermissionFileRead        = "file.read"
+	PermissionFileReadContent = "file.read-content"
+	PermissionFileCreate      = "file.create"
+	PermissionFileUpdate      = "file.update"
+	PermissionFileDelete      = "file.delete"
+)
+
+// Fileread creates a reader for a file on the system and returns the reader back.
+func (fs FileSystem) Fileread(request *sftp.Request) (io.ReaderAt, error) {
+	// Check first if the user can actually open and view a file. This permission is named
+	// really poorly, but it is checking if they can read. There is an addition permission,
+	// "save-files" which determines if they can write that file.
+	if !fs.can(PermissionFileReadContent) {
+		return nil, sftp.ErrSshFxPermissionDenied
+	}
+
+	p, err := fs.buildPath(request.Filepath)
+	if err != nil {
+		return nil, sftp.ErrSshFxNoSuchFile
+	}
+
+	fs.lock.Lock()
+	defer fs.lock.Unlock()
+
+	if _, err := os.Stat(p); os.IsNotExist(err) {
+		return nil, sftp.ErrSshFxNoSuchFile
+	} else if err != nil {
+		fs.logger.WithField("error", errors.WithStack(err)).Error("error while processing file stat")
+
+		return nil, sftp.ErrSshFxFailure
+	}
+
+	file, err := os.Open(p)
+	if err != nil {
+		fs.logger.WithField("source", p).WithField("error", errors.WithStack(err)).Error("could not open file for reading")
+		return nil, sftp.ErrSshFxFailure
+	}
+
+	return file, nil
+}
+
+// Filewrite handles the write actions for a file on the system.
+func (fs FileSystem) Filewrite(request *sftp.Request) (io.WriterAt, error) {
+	if fs.ReadOnly {
+		return nil, sftp.ErrSshFxOpUnsupported
+	}
+
+	p, err := fs.buildPath(request.Filepath)
+	if err != nil {
+		return nil, sftp.ErrSshFxNoSuchFile
+	}
+
+	var l = fs.logger.WithField("source", p)
+
+	// If the user doesn't have enough space left on the server it should respond with an
+	// error since we won't be letting them write this file to the disk.
+	if !fs.HasDiskSpace(fs) {
+		return nil, ErrSshQuotaExceeded
+	}
+
+	fs.lock.Lock()
+	defer fs.lock.Unlock()
+
+	stat, statErr := os.Stat(p)
+	// If the file doesn't exist we need to create it, as well as the directory pathway
+	// leading up to where that file will be created.
+	if os.IsNotExist(statErr) {
+		// This is a different pathway than just editing an existing file. If it doesn't exist already
+		// we need to determine if this user has permission to create files.
+		if !fs.can(PermissionFileCreate) {
+			return nil, sftp.ErrSshFxPermissionDenied
+		}
+
+		// Create all of the directories leading up to the location where this file is being created.
+		if err := os.MkdirAll(filepath.Dir(p), 0755); err != nil {
+			l.WithFields(log.Fields{
+				"path":  filepath.Dir(p),
+				"error": errors.WithStack(err),
+			}).Error("error making path for file")
+
+			return nil, sftp.ErrSshFxFailure
+		}
+
+		file, err := os.Create(p)
+		if err != nil {
+			l.WithField("error", errors.WithStack(err)).Error("failed to create file")
+
+			return nil, sftp.ErrSshFxFailure
+		}
+
+		// Not failing here is intentional. We still made the file, it is just owned incorrectly
+		// and will likely cause some issues.
+		if err := os.Chown(p, fs.User.Uid, fs.User.Gid); err != nil {
+			l.WithField("error", errors.WithStack(err)).Warn("failed to set permissions on file")
+		}
+
+		return file, nil
+	}
+
+	// If the stat error isn't about the file not existing, there is some other issue
+	// at play and we need to go ahead and bail out of the process.
+	if statErr != nil {
+		l.WithField("error", errors.WithStack(statErr)).Error("encountered error performing file stat")
+
+		return nil, sftp.ErrSshFxFailure
+	}
+
+	// If we've made it here it means the file already exists and we don't need to do anything
+	// fancy to handle it. Just pass over the request flags so the system knows what the end
+	// goal with the file is going to be.
+	//
+	// But first, check that the user has permission to save modified files.
+	if !fs.can(PermissionFileUpdate) {
+		return nil, sftp.ErrSshFxPermissionDenied
+	}
+
+	// Not sure this would ever happen, but lets not find out.
+	if stat.IsDir() {
+		return nil, sftp.ErrSshFxOpUnsupported
+	}
+
+	file, err := os.Create(p)
+	if err != nil {
+		// Prevent errors if the file is deleted between the stat and this call.
+		if os.IsNotExist(err) {
+			return nil, sftp.ErrSSHFxNoSuchFile
+		}
+
+		l.WithField("flags", request.Flags).WithField("error", errors.WithStack(err)).Error("failed to open existing file on system")
+		return nil, sftp.ErrSshFxFailure
+	}
+
+	// Not failing here is intentional. We still made the file, it is just owned incorrectly
+	// and will likely cause some issues.
+	if err := os.Chown(p, fs.User.Uid, fs.User.Gid); err != nil {
+		l.WithField("error", errors.WithStack(err)).Warn("error chowning file")
+	}
+
+	return file, nil
+}
+
+// Filecmd hander for basic SFTP system calls related to files, but not anything to do with reading
+// or writing to those files.
+func (fs FileSystem) Filecmd(request *sftp.Request) error {
+	if fs.ReadOnly {
+		return sftp.ErrSshFxOpUnsupported
+	}
+
+	p, err := fs.buildPath(request.Filepath)
+	if err != nil {
+		return sftp.ErrSshFxNoSuchFile
+	}
+
+	var l = fs.logger.WithField("source", p)
+
+	var target string
+	// If a target is provided in this request validate that it is going to the correct
+	// location for the server. If it is not, return an operation unsupported error. This
+	// is maybe not the best error response, but its not wrong either.
+	if request.Target != "" {
+		target, err = fs.buildPath(request.Target)
+		if err != nil {
+			return sftp.ErrSshFxOpUnsupported
+		}
+	}
+
+	switch request.Method {
+	case "Setstat":
+		if !fs.can(PermissionFileUpdate) {
+			return sftp.ErrSshFxPermissionDenied
+		}
+
+		var mode os.FileMode = 0644
+		// If the client passed a valid file permission use that, otherwise use the
+		// default of 0644 set above.
+		if request.Attributes().FileMode().Perm() != 0000 {
+			mode = request.Attributes().FileMode().Perm()
+		}
+
+		// Force directories to be 0755
+		if request.Attributes().FileMode().IsDir() {
+			mode = 0755
+		}
+
+		if err := os.Chmod(p, mode); err != nil {
+			if os.IsNotExist(err) {
+				return sftp.ErrSSHFxNoSuchFile
+			}
+
+			l.WithField("error", errors.WithStack(err)).Error("failed to perform setstat on item")
+			return sftp.ErrSSHFxFailure
+		}
+		return nil
+	case "Rename":
+		if !fs.can(PermissionFileUpdate) {
+			return sftp.ErrSSHFxPermissionDenied
+		}
+
+		if err := os.Rename(p, target); err != nil {
+			if os.IsNotExist(err) {
+				return sftp.ErrSSHFxNoSuchFile
+			}
+
+			l.WithField("target", target).WithField("error", errors.WithStack(err)).Error("failed to rename file")
+
+			return sftp.ErrSshFxFailure
+		}
+
+		break
+	case "Rmdir":
+		if !fs.can(PermissionFileDelete) {
+			return sftp.ErrSshFxPermissionDenied
+		}
+
+		if err := os.RemoveAll(p); err != nil {
+			l.WithField("error", errors.WithStack(err)).Error("failed to remove directory")
+
+			return sftp.ErrSshFxFailure
+		}
+
+		return sftp.ErrSshFxOk
+	case "Mkdir":
+		if !fs.can(PermissionFileCreate) {
+			return sftp.ErrSshFxPermissionDenied
+		}
+
+		if err := os.MkdirAll(p, 0755); err != nil {
+			l.WithField("error", errors.WithStack(err)).Error("failed to create directory")
+
+			return sftp.ErrSshFxFailure
+		}
+
+		break
+	case "Symlink":
+		if !fs.can(PermissionFileCreate) {
+			return sftp.ErrSshFxPermissionDenied
+		}
+
+		if err := os.Symlink(p, target); err != nil {
+			l.WithField("target", target).WithField("error", errors.WithStack(err)).Error("failed to create symlink")
+
+			return sftp.ErrSshFxFailure
+		}
+
+		break
+	case "Remove":
+		if !fs.can(PermissionFileDelete) {
+			return sftp.ErrSshFxPermissionDenied
+		}
+
+		if err := os.Remove(p); err != nil {
+			if os.IsNotExist(err) {
+				return sftp.ErrSSHFxNoSuchFile
+			}
+
+			l.WithField("error", errors.WithStack(err)).Error("failed to remove a file")
+
+			return sftp.ErrSshFxFailure
+		}
+
+		return sftp.ErrSshFxOk
+	default:
+		return sftp.ErrSshFxOpUnsupported
+	}
+
+	var fileLocation = p
+	if target != "" {
+		fileLocation = target
+	}
+
+	// Not failing here is intentional. We still made the file, it is just owned incorrectly
+	// and will likely cause some issues. There is no logical check for if the file was removed
+	// because both of those cases (Rmdir, Remove) have an explicit return rather than break.
+	if err := os.Chown(fileLocation, fs.User.Uid, fs.User.Gid); err != nil {
+		l.WithField("error", errors.WithStack(err)).Warn("error chowning file")
+	}
+
+	return sftp.ErrSshFxOk
+}
+
+// Filelist is the handler for SFTP filesystem list calls. This will handle calls to list the contents of
+// a directory as well as perform file/folder stat calls.
+func (fs FileSystem) Filelist(request *sftp.Request) (sftp.ListerAt, error) {
+	p, err := fs.buildPath(request.Filepath)
+	if err != nil {
+		return nil, sftp.ErrSshFxNoSuchFile
+	}
+
+	switch request.Method {
+	case "List":
+		if !fs.can(PermissionFileRead) {
+			return nil, sftp.ErrSshFxPermissionDenied
+		}
+
+		files, err := ioutil.ReadDir(p)
+		if err != nil {
+			fs.logger.WithField("error", errors.WithStack(err)).Error("error while listing directory")
+
+			return nil, sftp.ErrSshFxFailure
+		}
+
+		return ListerAt(files), nil
+	case "Stat":
+		if !fs.can(PermissionFileRead) {
+			return nil, sftp.ErrSshFxPermissionDenied
+		}
+
+		s, err := os.Stat(p)
+		if os.IsNotExist(err) {
+			return nil, sftp.ErrSshFxNoSuchFile
+		} else if err != nil {
+			fs.logger.WithField("source", p).WithField("error", errors.WithStack(err)).Error("error performing stat on file")
+
+			return nil, sftp.ErrSshFxFailure
+		}
+
+		return ListerAt([]os.FileInfo{s}), nil
+	default:
+		// Before adding readlink support we need to evaluate any potential security risks
+		// as a result of navigating around to a location that is outside the home directory
+		// for the logged in user. I don't foresee it being much of a problem, but I do want to
+		// check it out before slapping some code here. Until then, we'll just return an
+		// unsupported response code.
+		return nil, sftp.ErrSshFxOpUnsupported
+	}
+}
+
+// Determines if a user has permission to perform a specific action on the SFTP server. These
+// permissions are defined and returned by the Panel API.
+func (fs FileSystem) can(permission string) bool {
+	// Server owners and super admins have their permissions returned as '[*]' via the Panel
+	// API, so for the sake of speed do an initial check for that before iterating over the
+	// entire array of permissions.
+	if len(fs.Permissions) == 1 && fs.Permissions[0] == "*" {
+		return true
+	}
+
+	// Not the owner or an admin, loop over the permissions that were returned to determine
+	// if they have the passed permission.
+	for _, p := range fs.Permissions {
+		if p == permission {
+			return true
+		}
+	}
+
+	return false
+}
--- a/sftp/lister.go
+++ b/sftp/lister.go
@@ -0,0 +1,22 @@
+package sftp
+
+import (
+	"io"
+	"os"
+)
+
+type ListerAt []os.FileInfo
+
+// Returns the number of entries copied and an io.EOF error if we made it to the end of the file list.
+// Take a look at the pkg/sftp godoc for more information about how this function should work.
+func (l ListerAt) ListAt(f []os.FileInfo, offset int64) (int, error) {
+	if offset >= int64(len(l)) {
+		return 0, io.EOF
+	}
+
+	if n := copy(f, l[offset:]); n < len(f) {
+		return n, io.EOF
+	} else {
+		return n, nil
+	}
+}
--- a/sftp/server.go
+++ b/sftp/server.go
@@ -1,92 +1,238 @@
 package sftp

 import (
-	"github.com/pkg/errors"
-	"github.com/pterodactyl/sftp-server"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"fmt"
+	"github.com/apex/log"
+	"github.com/patrickmn/go-cache"
+	"github.com/pkg/sftp"
 	"github.com/pterodactyl/wings/api"
-	"github.com/pterodactyl/wings/config"
-	"github.com/pterodactyl/wings/server"
-	"go.uber.org/zap"
+	"golang.org/x/crypto/ssh"
+	"io"
+	"io/ioutil"
+	"net"
+	"os"
 	"path"
+	"strings"
+	"time"
 )

-func Initialize(config *config.Configuration) error {
-	c := &sftp_server.Server{
-		User: sftp_server.SftpUser{
-			Uid: config.System.User.Uid,
-			Gid: config.System.User.Gid,
-		},
-		Settings: sftp_server.Settings{
-			BasePath:         config.System.Data,
-			ReadOnly:         config.System.Sftp.ReadOnly,
-			BindAddress:      config.System.Sftp.Address,
-			BindPort:         config.System.Sftp.Port,
-			ServerDataFolder: path.Join(config.System.Data, "/servers"),
-			DisableDiskCheck: config.System.Sftp.DisableDiskChecking,
-		},
-		CredentialValidator: validateCredentials,
-		PathValidator: validatePath,
-		DiskSpaceValidator: validateDiskSpace,
-	}
+type Settings struct {
+	BasePath    string
+	ReadOnly    bool
+	BindPort    int
+	BindAddress string
+}

-	if err := sftp_server.New(c); err != nil {
-		return err
-	}
+type User struct {
+	Uid int
+	Gid int
+}

-	c.ConfigureLogger(func() *zap.SugaredLogger {
-		return zap.S().Named("sftp")
-	})
+type Server struct {
+	cache *cache.Cache

-	// Initialize the SFTP server in a background thread since this is
-	// a long running operation.
-	go func(instance *sftp_server.Server) {
-		if err := c.Initalize(); err != nil {
-			zap.S().Named("sftp").Errorw("failed to initialize SFTP subsystem", zap.Error(errors.WithStack(err)))
-		}
-	}(c)
+	Settings Settings
+	User     User
+
+	PathValidator      func(fs FileSystem, p string) (string, error)
+	DiskSpaceValidator func(fs FileSystem) bool
+
+	// Validator function that is called when a user connects to the server. This should
+	// check against whatever system is desired to confirm if the given username and password
+	// combination is valid. If so, should return an authentication response.
+	CredentialValidator func(r api.SftpAuthRequest) (*api.SftpAuthResponse, error)
+}
+
+// Create a new server configuration instance.
+func New(c *Server) error {
+	c.cache = cache.New(5*time.Minute, 10*time.Minute)

 	return nil
 }

-func validatePath(fs sftp_server.FileSystem, p string) (string, error) {
-	s := server.GetServers().Find(func(server *server.Server) bool {
-		return server.Uuid == fs.UUID
-	})
+// Initialize the SFTP server and add a persistent listener to handle inbound SFTP connections.
+func (c *Server) Initialize() error {
+	serverConfig := &ssh.ServerConfig{
+		NoClientAuth: false,
+		MaxAuthTries: 6,
+		PasswordCallback: func(conn ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
+			resp, err := c.CredentialValidator(api.SftpAuthRequest{
+				User:          conn.User(),
+				Pass:          string(pass),
+				IP:            conn.RemoteAddr().String(),
+				SessionID:     conn.SessionID(),
+				ClientVersion: conn.ClientVersion(),
+			})

-	if s == nil {
-		return "", errors.New("no server found with that UUID")
+			if err != nil {
+				return nil, err
+			}
+
+			sshPerm := &ssh.Permissions{
+				Extensions: map[string]string{
+					"uuid":        resp.Server,
+					"user":        conn.User(),
+					"permissions": strings.Join(resp.Permissions, ","),
+				},
+			}
+
+			return sshPerm, nil
+		},
 	}

-	return s.Filesystem.SafePath(p)
-}
-
-func validateDiskSpace(fs sftp_server.FileSystem) bool {
-	s := server.GetServers().Find(func(server *server.Server) bool {
-		return server.Uuid == fs.UUID
-	})
-
-	if s == nil {
-		return false
+	if _, err := os.Stat(path.Join(c.Settings.BasePath, ".sftp/id_rsa")); os.IsNotExist(err) {
+		if err := c.generatePrivateKey(); err != nil {
+			return err
+		}
+	} else if err != nil {
+		return err
 	}

-	return s.Filesystem.HasSpaceAvailable()
-}
-
-// Validates a set of credentials for a SFTP login aganist Pterodactyl Panel and returns
-// the server's UUID if the credentials were valid.
-func validateCredentials(c sftp_server.AuthenticationRequest) (*sftp_server.AuthenticationResponse, error) {
-	resp, err := api.NewRequester().ValidateSftpCredentials(c)
+	privateBytes, err := ioutil.ReadFile(path.Join(c.Settings.BasePath, ".sftp/id_rsa"))
 	if err != nil {
-		return resp, err
+		return err
 	}

-	s := server.GetServers().Find(func(server *server.Server) bool {
-		return server.Uuid == resp.Server
-	})
-
-	if s == nil {
-		return resp, errors.New("no server found with that UUID")
+	private, err := ssh.ParsePrivateKey(privateBytes)
+	if err != nil {
+		return err
 	}

-	return resp, err
+	// Add our private key to the server configuration.
+	serverConfig.AddHostKey(private)
+
+	listener, err := net.Listen("tcp", fmt.Sprintf("%s:%d", c.Settings.BindAddress, c.Settings.BindPort))
+	if err != nil {
+		return err
+	}
+
+	log.WithField("host", c.Settings.BindAddress).WithField("port", c.Settings.BindPort).Info("sftp subsystem listening for connections")
+
+	for {
+		conn, _ := listener.Accept()
+		if conn != nil {
+			go c.AcceptInboundConnection(conn, serverConfig)
+		}
+	}
+}
+
+// Handles an inbound connection to the instance and determines if we should serve the request
+// or not.
+func (c Server) AcceptInboundConnection(conn net.Conn, config *ssh.ServerConfig) {
+	defer conn.Close()
+
+	// Before beginning a handshake must be performed on the incoming net.Conn
+	sconn, chans, reqs, err := ssh.NewServerConn(conn, config)
+	if err != nil {
+		return
+	}
+	defer sconn.Close()
+
+	go ssh.DiscardRequests(reqs)
+
+	for newChannel := range chans {
+		// If its not a session channel we just move on because its not something we
+		// know how to handle at this point.
+		if newChannel.ChannelType() != "session" {
+			newChannel.Reject(ssh.UnknownChannelType, "unknown channel type")
+			continue
+		}
+
+		channel, requests, err := newChannel.Accept()
+		if err != nil {
+			continue
+		}
+
+		// Channels have a type that is dependent on the protocol. For SFTP this is "subsystem"
+		// with a payload that (should) be "sftp". Discard anything else we receive ("pty", "shell", etc)
+		go func(in <-chan *ssh.Request) {
+			for req := range in {
+				ok := false
+
+				switch req.Type {
+				case "subsystem":
+					if string(req.Payload[4:]) == "sftp" {
+						ok = true
+					}
+				}
+
+				req.Reply(ok, nil)
+			}
+		}(requests)
+
+		// Configure the user's home folder for the rest of the request cycle.
+		if sconn.Permissions.Extensions["uuid"] == "" {
+			continue
+		}
+
+		// Create a new handler for the currently logged in user's server.
+		fs := c.createHandler(sconn)
+
+		// Create the server instance for the channel using the filesystem we created above.
+		server := sftp.NewRequestServer(channel, fs)
+
+		if err := server.Serve(); err == io.EOF {
+			server.Close()
+		}
+	}
+}
+
+// Creates a new SFTP handler for a given server. The directory argument should
+// be the base directory for a server. All actions done on the server will be
+// relative to that directory, and the user will not be able to escape out of it.
+func (c Server) createHandler(sc *ssh.ServerConn) sftp.Handlers {
+	p := FileSystem{
+		UUID:          sc.Permissions.Extensions["uuid"],
+		Permissions:   strings.Split(sc.Permissions.Extensions["permissions"], ","),
+		ReadOnly:      c.Settings.ReadOnly,
+		Cache:         c.cache,
+		User:          c.User,
+		HasDiskSpace:  c.DiskSpaceValidator,
+		PathValidator: c.PathValidator,
+		logger: log.WithFields(log.Fields{
+			"subsystem": "sftp",
+			"username":  sc.User(),
+			"ip":        sc.RemoteAddr(),
+		}),
+	}
+
+	return sftp.Handlers{
+		FileGet:  p,
+		FilePut:  p,
+		FileCmd:  p,
+		FileList: p,
+	}
+}
+
+// Generates a private key that will be used by the SFTP server.
+func (c Server) generatePrivateKey() error {
+	key, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return err
+	}
+
+	if err := os.MkdirAll(path.Join(c.Settings.BasePath, ".sftp"), 0755); err != nil {
+		return err
+	}
+
+	o, err := os.OpenFile(path.Join(c.Settings.BasePath, ".sftp/id_rsa"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+	}
+	defer o.Close()
+
+	pkey := &pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: x509.MarshalPKCS1PrivateKey(key),
+	}
+
+	if err := pem.Encode(o, pkey); err != nil {
+		return err
+	}
+
+	return nil
 }
--- a/sftp/sftp.go
+++ b/sftp/sftp.go
@@ -0,0 +1,97 @@
+package sftp
+
+import (
+	"github.com/apex/log"
+	"github.com/pkg/errors"
+	"github.com/pterodactyl/wings/api"
+	"github.com/pterodactyl/wings/config"
+	"github.com/pterodactyl/wings/server"
+)
+
+var noMatchingServerError = errors.New("no matching server with that UUID was found")
+
+func Initialize(config config.SystemConfiguration) error {
+	s := &Server{
+		User: User{
+			Uid: config.User.Uid,
+			Gid: config.User.Gid,
+		},
+		Settings: Settings{
+			BasePath:    config.Data,
+			ReadOnly:    config.Sftp.ReadOnly,
+			BindAddress: config.Sftp.Address,
+			BindPort:    config.Sftp.Port,
+		},
+		CredentialValidator: validateCredentials,
+		PathValidator:       validatePath,
+		DiskSpaceValidator:  validateDiskSpace,
+	}
+
+	if err := New(s); err != nil {
+		return errors.WithStack(err)
+	}
+
+	// Initialize the SFTP server in a background thread since this is
+	// a long running operation.
+	go func(s *Server) {
+		if err := s.Initialize(); err != nil {
+			log.WithField("subsystem", "sftp").WithField("error", errors.WithStack(err)).Error("failed to initialize SFTP subsystem")
+		}
+	}(s)
+
+	return nil
+}
+
+func validatePath(fs FileSystem, p string) (string, error) {
+	s := server.GetServers().Find(func(server *server.Server) bool {
+		return server.Id() == fs.UUID
+	})
+
+	if s == nil {
+		return "", noMatchingServerError
+	}
+
+	return s.Filesystem.SafePath(p)
+}
+
+func validateDiskSpace(fs FileSystem) bool {
+	s := server.GetServers().Find(func(server *server.Server) bool {
+		return server.Id() == fs.UUID
+	})
+
+	if s == nil {
+		return false
+	}
+
+	return s.Filesystem.HasSpaceAvailable(true)
+}
+
+// Validates a set of credentials for a SFTP login against Pterodactyl Panel and returns
+// the server's UUID if the credentials were valid.
+func validateCredentials(c api.SftpAuthRequest) (*api.SftpAuthResponse, error) {
+	f := log.Fields{"subsystem": "sftp", "username": c.User, "ip": c.IP}
+
+	log.WithFields(f).Debug("validating credentials for SFTP connection")
+	resp, err := api.NewRequester().ValidateSftpCredentials(c)
+	if err != nil {
+		if api.IsInvalidCredentialsError(err) {
+			log.WithFields(f).Warn("failed to validate user credentials (invalid username or password)")
+		} else {
+			log.WithFields(f).Error("encountered an error while trying to validate user credentials")
+		}
+
+		return resp, err
+	}
+
+	s := server.GetServers().Find(func(server *server.Server) bool {
+		return server.Id() == resp.Server
+	})
+
+	if s == nil {
+		return resp, noMatchingServerError
+	}
+
+	s.Log().WithFields(f).Debug("credentials successfully validated and matched user to server instance")
+
+	return resp, err
+}
--- a/system/const.go
+++ b/system/const.go
@@ -1,6 +1,6 @@
 package system

-const (
+var (
 	// The current version of this software.
 	Version = "0.0.1"
 )
--- a/templates/logrotate.tpl
+++ b/templates/logrotate.tpl
@@ -0,0 +1,13 @@
+{{.LogDirectory}}/wings.log {
+    size 10M
+    compress
+    delaycompress
+    dateext
+    maxage 7
+    missingok
+    notifempty
+    create 0640 {{.User.Uid}} {{.User.Gid}}
+    postrotate
+        killall -SIGHUP wings
+    endscript
+}