Skip to content

Deployment Overview of Palworld Server on Server

Prerequisites and Basic Requirements

To successfully deploy and operate the Palworld Server management panel and associated game containers, the host server must meet the following requirements:

  • Operating System: Ubuntu (requires apt package manager).

  • Privileges: Root access or sudo privileges are required to install Docker, configure the firewall, and manage system services.

  • Docker Engine: Docker and the Docker Compose plugin must be installed and running.

  • Network Access: The server must have public IP access to allow external connections to the panel and the game server.

  • Domain Configuration: The DNS records must be configured to point the specific subdomain to the server's public IP address.

FQDN of the Final Panel

The web management panel is accessible via HTTPS using the following Fully Qualified Domain Name (FQDN) format:

palworld<Server ID>.hostkey.in

Replace <Server ID> with the specific identifier assigned to the instance. The panel runs on the standard HTTPS port (443).

File and Directory Structure

The deployment organizes configuration files, data, and logs into specific directories on the host system. The structure is as follows:

  • Proxy and SSL Configuration:

  • Nginx configuration: /opt/proxy/nginx/conf.d/

  • SSL Certificates: /opt/proxy/letsencrypt/

  • Webroot for Certbot: /opt/proxy/www/

  • Docker Compose definition: /opt/proxy/docker-compose.yml

  • MCSManager Components:

  • Web Panel Data: /opt/mcsmanager-web-data

  • Web Panel Logs: /opt/mcsmanager-web-logs

  • Daemon Data: /opt/mcsm/daemon/data

  • Daemon Logs: /opt/mcsmanager-daemon-logs

  • Palworld Game Server Data:

  • The game server container stores its data in a volume mapped to /data within the container context, managed via the MCSManager instance.

Application Installation Process

The deployment utilizes Docker containers for all core components. The system consists of the MCSManager web interface, the MCSManager daemon, and the Palworld game server container.

Docker Images and Versions

The deployment utilizes the following container images:

  • MCSManager Web: ngc7331/mcsmanager-web:latest (Note: Version pinning is set to v10.11.0 in configuration variables to ensure web/daemon consistency).

  • MCSManager Daemon: ngc7331/mcsmanager-daemon:latest

  • Palworld Server: kagurazakanyaa/palworld:latest

  • Nginx Proxy: nginx:alpine

  • Certbot: certbot/certbot

Container Deployment

The system automatically initializes the containers via the deployment process:

  1. MCSManager Daemon: Launched to manage game instances, mapping port 24444 locally.

  2. MCSManager Web: Launched to provide the management interface, mapping port 23333 locally.

  3. Palworld Instance: Created and started via the MCSManager API as a Docker-managed process.

  4. Proxy Services: Nginx and Certbot are deployed using a docker-compose stack to handle SSL termination and routing.

Initialization

Upon first deployment, the system automatically performs the following initialization steps:

  • Creates an administrative user with the username admin.

  • Generates and reads the daemon API key from /opt/mcsm/daemon/data/Config/global.json.

  • Registers the daemon with the web panel using the internal connection protocol.

  • Creates the Palworld game instance with the name palworld and the specific server_id suffix.

Access Rights and Security

The deployment implements security measures at the application and network levels:

  • Authentication: The MCSManager panel requires a username and password for access. The default administrative credentials are generated during the initial setup.

  • Firewall: The host firewall must allow traffic on ports 443 (HTTPS Panel), 12444 (Daemon WebSocket), and 8211 (Game Traffic).

  • Isolation: All services run within isolated Docker containers with defined restart policies (unless-stopped).

  • Secure Communication: All external traffic to the panel and daemon is encrypted using TLS (HTTPS/WSS) via Let's Encrypt certificates.

Proxy Servers

The system uses Nginx as a reverse proxy to manage external traffic and SSL certificates.

Domain and Port Configuration

  • Panel Access: HTTPS traffic on port 443 is proxied to the internal MCSManager web interface running on port 23333.

  • Daemon Access: HTTPS/WSS traffic on port 12444 is proxied to the internal MCSManager daemon running on port 24444.

SSL Configuration

  • Provider: Let's Encrypt.

  • Renewal: Handled via the certbot container.

  • Certificate Paths:

  • Certificate: /etc/letsencrypt/live/palworld<Server ID>.hostkey.in/fullchain.pem

  • Key: /etc/letsencrypt/live/palworld<Server ID>.hostkey.in/privkey.pem

Nginx Configuration Files

  • Panel Configuration: /opt/proxy/nginx/conf.d/palworld<Server ID>.hostkey.in.conf

  • Daemon Configuration: /opt/proxy/nginx/conf.d/palworld<Server ID>.hostkey.in-daemon.conf

The Nginx configuration enforces HTTP to HTTPS redirection and supports WebSocket upgrades for real-time communication between the panel and the daemon.

Permission Settings

The deployment script sets specific permissions for directories and files to ensure the Docker containers can access necessary resources:

  • Proxy Directories: The directories under /opt/proxy/ (conf.d, letsencrypt, www) are created with mode 0755.

  • Configuration Files: Nginx configuration files are deployed with mode 0644.

  • MCSManager Data Directories:

  • /opt/mcsm/daemon/data and /opt/mcsmanager-web-data are created with mode 0755.

  • Volume Mounts: Docker containers mount these host directories into the container filesystem, relying on Docker's volume mapping to handle internal permissions.

Available Ports for Connection

The following ports are exposed and utilized by the deployment:

Port Protocol Service / Purpose
443 TCP (HTTPS) MCSManager Web Panel Access
12444 TCP (WSS) MCSManager Daemon WebSocket
8211 UDP Palworld Game Server Traffic
25575 TCP Palworld RCON (Remote Console)
23333 TCP (Internal) MCSManager Web (Local Only)
24444 TCP (Internal) MCSManager Daemon (Local Only)

Starting, Stopping, and Updating

The services are managed primarily through Docker and Docker Compose.

Managing the Proxy and SSL Stack

The Nginx and Certbot containers are managed via the Docker Compose file located at /opt/proxy/docker-compose.yml.

  • Start/Restart Proxy: 

    docker compose -f /opt/proxy/docker-compose.yml up -d

  • Restart Specific Container: 

    docker container restart palworld-proxy

  • Update Images: 

    docker compose -f /opt/proxy/docker-compose.yml pull
docker compose -f /opt/proxy/docker-compose.yml up -d

Managing MCSManager Components

The MCSManager daemon and web containers are managed individually as they were deployed using the docker container service.

  • Restart MCSManager Web: 

    docker container restart mcsm-web

  • Restart MCSManager Daemon: 

    docker container restart mcsm-daemon

Managing the Palworld Instance

The Palworld game server is managed via the MCSManager web interface. However, the underlying Docker container can also be controlled directly using the container name palworld-<Server ID>.

  • Start Instance: 

    docker container start palworld-<Server ID>

  • Stop Instance: 

    docker container stop palworld-<Server ID>

  • Restart Instance: 

    docker container restart palworld-<Server ID>

Note: Replace <Server ID> with the actual identifier used in your deployment. The instance is configured with an unless-stopped restart policy to automatically restart upon container crash, unless manually stopped.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×