Deployment Overview of Pterodactyl Control Panel on Server¶
Prerequisites and Basic Requirements¶
The deployment requires a server running Ubuntu Jammy (22.04 LTS). The following system components and requirements must be met:
-
Operating System: Ubuntu 22.04 (Jammy Jellyfish)
-
Privileges: Root or sudo access for service management and package installation
-
Domain Requirements: A valid FQDN on the
hostkey.indomain is required for SSL termination via Let's Encrypt. -
Required Packages:
-
PHP 8.2 (with specific extensions)
-
Nginx
-
MariaDB Server
-
Redis Server
-
Git, Unzip, Curl, and Cron
-
FQDN of the final panel¶
The application is accessible via the following FQDN format: <prefix><server_id>.hostkey.in (e.g., pterodactyl123.hostkey.in)
File and Directory Structure¶
The application files and configuration data are stored in the following locations:
| Component | Path |
|---|---|
| Application Installation Directory | /var/www/pterodactyl |
| Nginx Docker Configuration | /root/nginx |
| Nginx User Configurations | /data/nginx/user_conf.d/ |
| Let's Encrypt Certificates (Docker) | /etc/letsencrypt (via volume nginx_secrets) |
| Pterodactyl Initialization Marker | /var/www/pterodactyl/.ansible_ptero_initialized |
Application Installation Process¶
The installation is performed by downloading the latest release of the Pterodactyl Panel from GitHub. The process includes:
-
Downloading
panel.tar.gzto/tmp. -
Extracting the archive into
/var/www/pterodactyl. -
Installing PHP dependencies via Composer v2.
-
Configuring the environment using
.env. -
Running database migrations and seeding the initial administrator user.
Access Rights and Security¶
Security is enforced through several layers:
-
Firewall/Port Management: The application utilizes specific internal and external ports for communication.
-
Web Server Permissions: All files within
/var/www/pterodactylare owned by thewww-datauser and group with0755permissions on directories. -
SSL/TLS: Let's Encrypt certificates are managed via Certbot, providing HTTPS encryption for all web traffic.
-
Security Headers: Nginx is configured to prevent access to hidden files (e.g.,
.ht).
Databases¶
The application uses MariaDB as the primary database engine.
| Parameter | Value/Setting |
|---|---|
| Database Name | panel |
| Database User | pterodactyl |
| Connection Host | 127.0.0.1:306 |
| Storage Location | Managed by MariaDB system directories |
Docker Containers and Their Deployment¶
A Docker container is used specifically for managing Nginx and automated SSL certificate renewal via Certbot.
-
Image:
jonasal/nginx-certbot:latest -
Deployment Method: Deployed using
docker composefrom/root/nginx/compose.yml. -
Network Mode:
host -
Volumes:
-
nginx_secrets(external volume) mapped to/etc/letsencrypt. -
/data/nginx/user_conf.dmapped to/etc/nginx/user_conf.d. -
/var/www/pterodactyl/publicmapped as read-only (ro) to/var/www/pterodactyl/public.
-
Proxy Servers¶
The deployment utilizes a dual-layer proxy approach:
-
Dockerized Nginx (Certbot): Acts as the primary entry point, handling SSL termination and routing traffic to the host's PHP-FPM via port
9000or local socket. -
Host Nginx: Configured to handle specific site logic and serve as a fallback/interface for the panel.
Permission Settings¶
The following permission structure is applied to ensure service stability:
-
/var/www/pterodactyl: Owned bywww-data:www-data(Recursive). -
/etc/cron.d/pterodactyl: Mode0644. -
/root/nginx/compose.yml: Mode0644, owned byroot:root.
Location of configuration files and data¶
| File/Directory | Path |
|---|---|
| Main Environment Config | /var/www/pterodactyl/.env |
| Nginx Site Configuration | /etc/nginx/sites-available/pterodactyl.conf |
| Pterodactyl Systemd Service | /etc/systemd/system/pteroq.service |
Available ports for connection¶
The following ports are utilized by the system:
| Port | Usage |
|---|---|
80 | HTTP (Redirect to HTTPS) |
443 | HTTPS (Panel Access) |
12333 | Wings/Daemon SSL Communication |
3306 | MariaDB Database Connection |
6379 | Redis Cache/Queue |
8000 | Internal Application Port |
Starting, Stopping, and Updating¶
Service management is performed via systemctl. The following commands are used to manage the background processes:
-
Pterodactyl Queue Worker:
-
Start:
systemctl start pteroq -
Enable on boot:
systemctl enable pteroq
-
-
Web Server (Nginx):
- Restart:
systemctl restart nginx
- Restart:
-
Database (MariaDB):
- Status:
systemctl status mariadb
- Status:
-
Docker Proxy:
- Deployment/Restart:
docker compose up -dwithin the/root/nginxdirectory.
- Deployment/Restart: