Skip to content

Overview of Deploying FastPanel on Server

FastPanel is installed on a server by running a single shell script that configures the system, creates a dedicated user, and sets up a Docker‑based infrastructure. After the installation completes, the following components and file structures are present on the machine.

Prerequisites and Basic Requirements

  • A Linux distribution with wget or curl available.
  • Docker and Docker Compose must be installed; the script pulls the required images from Docker Hub.
  • The system must allow the host network mode for containers, as the Nginx proxy uses it.
  • The user executing the installation must have sudo or root privileges to download and run the installer script.

The installer script is fetched from http://repo.fastpanel.direct/install_fastpanel.sh and executed with root privileges. It performs system package updates, installs required utilities, and sets up FastPanel.

File and Directory Structure

/data
├── nginx
│   ├── nginx-certbot.env      # Environment file for certbot settings
│   └── user_conf.d            # Directory for custom Nginx configurations
└── fastpanel
    └── ...                    # Application files (created by the installer)
  • /data/nginx/nginx-certbot.env contains configuration variables such as the email address used for Let's Encrypt certificates (CERTBOT_EMAIL).
  • /data/nginx/user_conf.d is a mount point for user‑provided Nginx configuration snippets that are served by the reverse proxy.
  • The application itself resides in a directory created by the installer, typically under /opt/fastpanel or /data/fastpanel.

An external Docker volume named nginx_secrets is mounted to /etc/letsencrypt inside the Nginx container to store TLS certificates.

Access Rights and Security

A dedicated system user named fastuser is created or updated during installation. The password for this account is derived from the SSH password used by the Ansible host, hashed with SHA‑512. This user is the owner of the application files and is granted the necessary permissions to manage the FastPanel installation.

The Docker containers run with the host network mode and bind to standard HTTP/HTTPS ports. The Nginx container uses a certbot image (jonasal/nginx-certbot:latest) that automatically obtains and renews TLS certificates.

Databases

The provided configuration does not include any database services. Any databases required by the application are expected to be configured manually or are handled by the installation script itself.

Docker Containers and Their Deployment

The application uses Docker Compose for its container orchestration. The generated docker-compose.yml (from the compose.yml.j2 template) defines a single service:

services:
  nginx:
    image: jonasal/nginx-certbot:latest
    restart: unless-stopped
    environment:
      - [email protected]
    env_file:
      - /data/nginx/nginx-certbot.env
    network_mode: host
    volumes:
      - nginx_secrets:/etc/letsencrypt
      - /data/nginx/user_conf.d:/etc/nginx/user_conf.d
    extra_hosts:
      - "host.docker.internal:host-gateway"
  • nginx – A reverse proxy with built‑in Let's Encrypt support.
  • Runs with restart: unless-stopped so it restarts automatically on failures.
  • The environment variable CERTBOT_EMAIL specifies the email address for certificate registration.
  • An external volume nginx_secrets persists TLS secrets.
  • User‑defined configuration files can be dropped into /data/nginx/user_conf.d.
  • network_mode: host allows the container to listen directly on the host’s network stack, simplifying port mapping.

If additional services (such as application servers or databases) are needed, they would be defined in the same Compose file, but those are not present in the current configuration.

Proxy Servers

The Nginx container serves as a proxy server for FastPanel. It automatically obtains and renews TLS certificates via Certbot. The following key points apply:

  • Custom Domains – Users can add domain configuration snippets to /data/nginx/user_conf.d. Each file can define server blocks that map custom domains to FastPanel services.
  • Certbot Integration – The container’s jonasal/nginx-certbot image takes care of obtaining certificates using the email address provided in CERTBOT_EMAIL.
  • Security – All traffic is encrypted using TLS certificates stored in the nginx_secrets volume.

Permission Settings

The following permissions are established during installation:

  • The fastuser account owns all application files and has read/write access to its directories.
  • The /data/nginx directory and its subdirectories are readable by the Docker process so that Nginx can load configuration and certificate files.
  • The nginx_secrets Docker volume is managed by Docker, and the Nginx container has full access to /etc/letsencrypt inside the container.

Starting, Stopping, and Updating

Once the installation has finished, the FastPanel stack can be managed with Docker Compose:

# Bring the stack up in the background
docker compose -f /path/to/docker-compose.yml up -d

# Bring the stack down
docker compose -f /path/to/docker-compose.yml down

# To update the stack (pull new images and restart)
docker compose -f /path/to/docker-compose.yml pull
docker compose -f /path/to/docker-compose.yml up -d

Because the Nginx container uses restart: unless-stopped, it will automatically restart after a system reboot or if it crashes.

The FastPanel installer script handles all initial setup; after that, Docker Compose commands control the runtime lifecycle of the application and its proxy.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×