Skip to content

Deployment Overview of CloudPanel on Server

Prerequisites and Basic Requirements

The deployment of CloudPanel requires a clean Ubuntu-based environment with specific system configurations. The following prerequisites must be met before initiating the installation:

  • Operating System: Ubuntu (Debian-based).

  • Privileges: Root access or sudo privileges are required for all installation steps.

  • Port Availability: Ports 80, 443, and 3306 must be free and not occupied by other services (e.g., existing MySQL, MariaDB, Nginx, or Apache instances).

  • Network: The server must have outbound internet access to download the installer and required packages.

  • Package Management: The apt package manager must be functional and up to date.

FQDN of the Final Panel

The fully qualified domain name (FQDN) for accessing the CloudPanel interface follows the format defined by the host configuration. Based on the provided variables, the access URL is:

cloudPanel<Server ID>.hostkey.in:443

Where <Server ID> represents the specific identifier assigned to the server instance. The panel is accessible via HTTPS on port 443.

File and Directory Structure

The deployment establishes specific directories for configuration, data, and certificates. The primary locations are:

  • /etc/cloudpanel: The main installation directory for the CloudPanel application.

  • /root/nginx: The directory containing the Docker Compose configuration for the reverse proxy and SSL management.

  • /root/nginx/compose.yml: The Docker Compose file defining the Nginx and Certbot services.

  • /data/nginx/user_conf.d/: The directory containing custom Nginx configuration files for the panel.

  • /data/nginx/nginx-certbot.env: The environment file for the Nginx-Certbot container.

  • /etc/letsencrypt: The mount point for SSL certificates managed by the Docker container.

Application Installation Process

CloudPanel is installed using the official installer script, which is downloaded and executed with specific modifications to ensure compatibility with the target environment.

  1. System Preparation:

    • Existing database services (MySQL, MariaDB, Percona) and web servers (Nginx, Apache) are stopped and disabled to prevent port conflicts.

    • Leftover packages and data directories related to previous database installations are purged.

    • The apt cache is cleaned and updated.

  2. Package Installation:

    • Essential base packages are installed, including curl, wget, lsof, ca-certificates, gnupg, apt-transport-https, and apt-utils.

  3. Installer Download and Modification:

    • The installer script is downloaded from https://installer.cloudpanel.io/ce/v2/install.sh to /root/cloudpanel-install.sh.

    • The script is patched to enforce the use of MySQL 8.0 (DB_ENGINE="MYSQL_8.0") instead of the default version.

    • The upgrade command within the script is modified to allow package downgrades (apt -y --allow-downgrades upgrade) to ensure dependency resolution.

  4. Execution:

    • The installation is executed by running /root/cloudpanel-install.sh.

    • The process sets the DEBIAN_FRONTEND to noninteractive and TERM to xterm to ensure unattended execution.

Access Rights and Security

Security measures are implemented through port management and service isolation.

  • Port Enforcement: The installation process verifies that ports 80, 443, and 3306 are not in use. If any listeners are detected on these ports, the installation fails to prevent conflicts.

  • Service Isolation: Conflicting services such as mysql, mariadb, nginx, and apache2 are explicitly stopped and disabled during the preparation phase.

  • User Access: The installation and configuration files are owned by the root user.

Databases

CloudPanel utilizes an internal database for its operation.

  • Database Engine: MySQL 8.0.

  • Connection Method: The application connects to the database locally.

  • Storage Location: Database data is stored in the default MySQL data directory managed by the CloudPanel installation (typically /var/lib/mysql or a containerized equivalent depending on the specific installer version behavior, though the installer script targets a native installation).

  • Configuration: The installer configures the database engine automatically during the setup process.

Docker Containers and Their Deployment

A Docker container is deployed to manage SSL certificates and act as a reverse proxy for the CloudPanel interface.

  • Container Image: jonasal/nginx-certbot:latest.

  • Deployment Method: Docker Compose.

  • Compose File Location: /root/nginx/compose.yml.

  • Service Name: nginx.

  • Restart Policy: unless-stopped.

  • Network Mode: host.

  • Volumes:

    • nginx_secrets: An external volume mounted to /etc/letsencrypt for storing SSL certificates.

    • /data/nginx/user_conf.d: Mounted to /etc/nginx/user_conf.d inside the container for custom configurations.

Proxy Servers

The deployment includes an Nginx reverse proxy configured with Certbot for SSL termination.

  • Proxy Software: Nginx (running inside a Docker container).

  • SSL Management: Certbot is integrated into the Nginx container to handle SSL certificate generation and renewal.

  • Email Configuration: The certificate email is set to [email protected].

  • Configuration Path: Custom Nginx configurations are located in /data/nginx/user_conf.d/.

  • Location Block: The Nginx configuration is modified to route traffic from the root location (location /) to the CloudPanel application.

  • Environment Variables: Loaded from /data/nginx/nginx-certbot.env.

Permission Settings

File and directory permissions are set to ensure secure operation and proper access for the services.

  • /root/nginx: Owned by root:root with mode 0644.

  • /root/nginx/compose.yml: Owned by root:root with mode 0644.

  • /root/cloudpanel-install.sh: Executable permissions (0755) are set on the installer script.

  • /data/nginx/user_conf.d: Mounted into the Docker container, permissions are managed by the container's internal processes.

Location of Configuration Files and Data

The following table summarizes the key configuration and data locations:

File or Directory Path Description
Main Application /etc/cloudpanel Core CloudPanel installation directory.
Docker Compose /root/nginx/compose.yml Definition for the Nginx/Certbot container.
Nginx Configs /data/nginx/user_conf.d/ Custom Nginx configuration files.
Nginx Env /data/nginx/nginx-certbot.env Environment variables for the proxy container.
SSL Certificates /etc/letsencrypt Storage for SSL certificates (via Docker volume).
Installer Script /root/cloudpanel-install.sh The modified installation script.

Available Ports for Connection

The following ports are utilized by the deployed services:

  • Port 443: HTTPS traffic for the CloudPanel web interface (external access).

  • Port 80: HTTP traffic for SSL redirection and Let's Encrypt challenges.

  • Port 3306: MySQL database connection (internal use).

  • Port 8443: Internal communication port (configured in group_vars as internal_port).

Starting, Stopping, and Updating

Service management for the components is handled as follows:

  • CloudPanel Service: Managed by the system's service manager (systemd) under the name cloudpanel (or similar, depending on the installer's final service registration).

  • Nginx Proxy Service: Managed via Docker Compose.

    • Start/Restart: docker compose up -d executed from the /root/nginx directory.

    • Stop: docker compose down executed from the /root/nginx directory.

  • Nginx System Service: The host's native Nginx service is started and enabled via systemctl start nginx and systemctl enable nginx if required by the environment, though the primary proxy is containerized.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×