Installing Pterodactyl Panel and Wings Behind Nginx Proxy Manager and Cloudflare

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

what's up everyone today i'm going to run through how to install the pterodactyl panel and secure it behind nginx proxy manager and cloudflare's proxy uh we're also going to be configuring wings to run on that same machine so some prerequisites you're going to need for this are a linux server i'm using ubuntu 2004 in this case you're going to need nginx proxy manager configured to have port 80 and 443 forwarded to it so you want to change those settings in your firewall you're going to need an sftp client like winscp so we can copy the certificate over you're also going to need a domain name with two dns records created so in this example i'm using the domain name rustserver.org and i've created two domain names two subdomains uh panel.rtserver.org is going to be for the pterodactyl panel and it's going to be behind nginx proxy manager as well as cloudflare's proxy i've also created node1.rustserver.org and that's going to be strictly for wings and there's going to be no nginx proxy for that domain and no cloudflare proxy so you'll also want to obtain an ssl certificate for your domain through nginx proxy manager i would recommend getting a wild card sir so you don't have to obtain two certificates one for the panel and one for wings a wild card will just cover both of these so i obtained one wild card cert and it's going to cover both of these domains so as you can see in here right here is that certificate it's actually a custom certificate in this case because i uploaded it from a different source but you're going to want to you know obtain it as you normally would through let's encrypt put your information in and get the certificate once you have the certificate you'll want to download it so you have them stored somewhere i have mine stored in a folder on my computer so that we could transfer it over to the server when the time comes another thing you're going to want to consider is if you use cloudflare which i'm assuming you're going to you're going to want to change your ssl settings for your domain so on the left hand side you'll click ssl tls go to overview and make sure this is set to full strict if you don't do that you're going to have redirect issues when you're proxying through cloudflare and through nginx so in that case let's uh let's get started so first things first you want to head over to the pterodactyl website i'm going to have this linked below i know that scripts exist to install pterodactyl for you however it's not recommended and if you follow pterodactyl's documentation closely it's really not that hard to install so go ahead and click let's get started and here we are at the page so um most of these commands are gonna be just copying and pasting but anything that's not a part of pterodactyl's documentation and is you know custom configuration that we're gonna do i will uh have documented below um so let's begin copying and pasting i'm going to speed this process up but i will slow it down whenever there's a portion that we need to go a little deeper on or any custom commands that we're going to need to do so just go ahead and scroll down and we're going to start here and just begin copying and pasting all the way down now the password for this is going to be this one i would recommend changing it i did not change it in this case but this is what you're going to put now at this portion we're going to need to make a crown job so you're going to want to uh go to the crown tab which is pseudo chrome tab dash e um i like using nano so just use nano for this go to the very bottom of this file and paste this in save that now we need to create a q worker for the pterodactyl service so you're going to want to nano a file that's located in etc systemd system it's a file we're going to create called tarot queue.service copy all of this data here and just paste it in and then save it and get out of it and then more copy and paste all right now we're at the web server portion so for this one of the most important things to note when it comes to nginx proxy manager um i would recommend here that you generate a self-signed certificate i know it sounds weird when you say it that way but for this web server internally it should be self-signed externally it's going to be using that signed certificate that we got from let's encrypt so i will put this command down below but here is the openssl command that we're going to use to generate a self-signed certificate now put this somewhere where you're going to have access to i'm going to actually put this in ubuntu's home folder but this command is going to generate a self-signed certificate for us so just go ahead and paste that and just put in the information that you need okay now if we list we have a self-send certificate and a private key now we can continue uh going through the pterodactyl documentation because we have the cert once we remove that default nginx configuration we can just nano utc nginx say it's available and we're going to make a file called pterodactyl.conf now what i always do um we're going to have to make some changes here to this this file so i like to just open this up in notepad plus plus and paste it so what we're going to do here is anything that says domain in parentheses here or brackets this should be the local ip of this machine so in my case this is 10 10 123 and there's one more line here we're going to have to change 10 10 123 now once those are set to the local ip we need to go down here to these two lines that say ssl certificate and ssl certificate key we need to point these to those certificates that we just generated that self-signed one so in my case those are located home ubuntu full chain self-signed and home ubuntu private key self signed once that is all there just copy this whole thing paste it in here save it close it and then we can continue on with this information so we're going to make a sim link here for the sites available pterodactylcon configuration and then we just have to restart nginx and if you didn't get any errors that means that you're good and the uh it took that self-signed certificate so now actually if we go ahead and we browse to this uh private ip you're gonna see it comes up with a self-signed cert but it's issued to the provider that we told it and we're at the pterodactyl panel now this will not work as it stands because pterodactyl does not play nice with self-signed certificates so we'll need to continue and do some more configurations for the nginx portion to work next we're going to configure wings so one of the big things for wings is wings is going to require a signed certificate so what i would recommend like i said previously is you have your signed certificate from let's encrypt in a folder on your computer you're gonna go ahead and take that and this needs to be uploaded to the server so use something like winscp to connect to this this linux machine go to a location that you want that certificate to be in in my case i'm in home ubuntu folder here's my signed certificate and here's my private key we're going to take both of these and just upload them here once they're there then we're good and we can proceed with the wings install but make sure that you have a signed certificate accessible somewhere on the server because you're going to need it for wings so let's go ahead and continue with copying and pasting so at this portion where we're at enabling swap we're gonna need to make an additional change along with what's listed here so let's go ahead and edit the grub file so nano etc default grub so along with what pterodactyl suggests here which is adding the swap count equal to one go ahead and paste that in along with that there's something pretty important that we're going to need to change um which is going to be this grub cmd line linux there's a bug within pterodactyl that uh for whatever reason when a container is running when a server is running it does not show the cpu usage and ram usage so we need to add another filter on this grub cmd land linux so let me go ahead and get that file pulled up okay so this is what we need to add in on the scrub cmd line linux line we need to put in system d unified c group hierarchy equals to 1. so just paste that in there save this file exit this file next we're going to need to follow this command here which is sudo update grub once grub updates we're going to need to reboot the machine so just type sudo reboot and then wait give it a couple of minutes to come back up and then we're going to reconnect okay i think it should be back online at this point so i'm going to go ahead and connect to it and then we can continue with the wings install okay and now that we have wings installed we're going to need to go ahead and add this node to the panel so for that we're going to want to go ahead and get the panel fully proxied and configured through nginx proxy manager so go ahead and head over there we're going to create a proxy host and the domain name in my case is panel.russerver.org scheme is going to be https it's and then it points to the local ip of your panel so that's mine in my case and it's port 443 you want to block common exploits you want to make websockets supported and apply your ssl certificate and then force ssl now one very important thing for pterodactyl you have to add a couple of other nginx flags so go to the advanced configuration and i'll have this link below it's also on pterodactyl's documentation but you're going to need to copy this info and paste that in then once you press save now the panel is fully proxied and we should be able to go ahead and access it via the fully qualified domain name and there we are and if we look at the certificate we should see it's a cloudflare certificate because this panel is now protected by cloudflare for dds protection go ahead and log in okay with us logged in now we can go ahead and create the node so head over to settings we're gonna go to locations create a location and you can call this whatever you want i'm just going to call this local then we can head over to nodes create a new node and i'm going to call this panel and the fully qualified domain name is going to be node1 dot rustserver.org it's going to be different in your case but that's mine we're going to leave this on use ssl connection and we're going to leave this on not behind proxy i know it sounds weird but this is referring to the wings node um not not the panel the panel is behind a proxy but wings will not be so go ahead and configure your memory in this case mine only has 8 gigs of ram and your disk usage now the dame import and sftp port are very important you're going to want to make sure that these ports are forwarded in your router to this to the local ip address of this panel in my case mine are a little different i changed mine but in most cases it's going to be the default 8080 and 2022. once all your settings are configured just go ahead and do create node then we can head over to the configuration tab we're going to copy this configuration open it in a text editor because we need to make some changes so big thing here is the certificate location remember we uploaded that certificate assigned certificate to uh in my case to the ubuntu home so i'm going to change this cert to the location and once all your configuration looks correct go ahead and copy it from here you can minimize and if you see right down here it says this should be placed in the daemon's root directory which is going to be an etc pterodactyl and a file called config.yml so we're going to go ahead and nano ptc pterodactylconfig.yml go ahead and paste that configuration in press x and we're going to head back to the pterodactyl documentation for right now because we got to make some more changes so once that configuration is in just go ahead and copy paste this wings command here and if all goes well it connects to the panel so it looks good you can control c out of this and one thing that's really important is this next step we need to use systemd to demonize uh wings so similar to what we did for that tarot cue service earlier we need to go ahead and do another one for wings so go ahead and nano etc systemd system wings.service and with that said go ahead and copy and paste all that in there do that save and exit and go ahead and enable the wing service so we do system ctl status wings we can see wings is active and it is running which is good now if we head back over to the panel let me go to nodes we see we got a green checkbox that's what you always want to see is the greenheart if you see it's red then you'll want to go into the f12 to the console and see what error you're getting but in this case all looks good so we can go ahead and we can create a test server to make sure everything works so go ahead into the node go to allocation now in this case because this node is behind a firewall and it is netted it's not directly exposed on the internet the ip address is going to be the local ip of this machine so in this case that's the local ip and go ahead and just allocate whatever port in my case i'm going to do a quick minecraft server once it's allocated we can go over to servers we can create one we can go ahead and do minecraft i'll give this two gigs of ram and two gigs of disk space we'll leave cpu on zero for unlimited go ahead and scroll down and i'll do a paper server and then we can just do create and if we open this up we should see it's pulling all the information so i hope this video was helpful um if you have any questions definitely just leave a comment and i'll try to help you out the best i can um and with that as we can see we've got a fully running pterodactyl server with wings installed it's protected with cloudflare and it has a signed certificate and it's fully accessible so yeah thanks for watching

Info

Channel: lilciv

Views: 24,148

Rating: undefined out of 5

Keywords:

Id: cbr8tddvAWw

Channel Id: undefined

Length: 18min 36sec (1116 seconds)

Published: Sun May 22 2022