This setup assumes you're a normal user, one such as minecraft
, with sudo
and docker
privileges/groups. Docker is assumed to be installed and functional. I deployed this on clean Debian 12, your mileage may vary with other distributions/versions.
Retrieve the linked docker-compose.yml
files and make changes detailed in the corresponding Gist files. Ensure you rename the example compose files to the same names in this Gist for the automatically generated scripts to work.
Retrieve Caddy from https://caddyserver.com, being sure to include the CloudFlare TLS package. I like installing Caddy to the system binaries folder, though you don't have to.
Download Caddy with Httpie:
sudo http -d https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fcaddy-dns%2Fcloudflare -o /usr/sbin/caddy && sudo chmod +x /usr/sbin/caddy
I suggest creating a www
user with no password (meaning direct password login disabled) whose home folder contains your Caddyfile
. Switch to that user with sudo su www
, save the Caddyfile
from this Gist, modify the example domain names, modify the CloudFlare token placeholder from the below step, then start Caddy with sudo caddy start
.
Create an API token at https://dash.cloudflare.com/profile/api-tokens. It should have Zone: Read
and DNS: Edit
permissions for the proper zone. Replace INSERT_CLOUDFLARE_TOKEN
in Caddyfile
with your token.
Create two A (or CNAME -> A) records for your panel and your daemon. Both should be proxied (orange cloud) and pointing to your server's IP.
We will be telling the panel to communicate through HTTPS to our node, which in reality will be CloudFlare. CloudFlare will then proxy the request to Caddy, which will then communicate over HTTP with our daemon at our local port. This allows us to not expose our daemon IP through our DNS record. Do note that the SFTP connection can't be proxied unless you have a TCP proxying service such as with CloudFlare's enterprise plan.
See also: https://pterodactyl.io/wings/1.0/configuration.html#enabling-cloudflare-proxy, https://developers.cloudflare.com/fundamentals/get-started/reference/network-ports/
Fully Qualified Domain Name
should match your configured DNS record, i.e.node.yourdomain.com
- Set
Communicate Over SSL
toUse SSL Connection
to enable the panel to communicate with Wings through HTTPS - Tick
Behind Proxy
as Caddy will be taking care of SSL for us automatically - Set
Daemon Port
to443
to tell Pterodactyl to communicate via HTTPS
Run setup.sh
with bash <(curl -s https://scarsz.me/pterodactyl)
. Once you get to Press any key to open daemon config
, press a key which will open daemon-config.yml
in nano. Copy + paste the generated YAML config from your newly created node's Configuration
tab, write changes, and close the file. The daemon will be automatically started.
Verify your node has a green heart in the node list and that the node's information shows up on its status page.
Install Uncomplicated Firewall with sudo apt install ufw
. Don't lock yourself out... allow SSH traffic with sudo ufw allow ssh
.
- Allow traffic to Caddy with
sudo ufw allow https
- Allow traffic to Pterodactyl's SFTP port with
sudo ufw allow 2022
- Allow traffic to Minecraft servers (ports 25000-25999) with
sudo ufw allow 25000:25999/tcp
./daemon
- shortcut fordocker compose -f docker-compose.daemon.yml ...
./panel
- shortcut fordocker compose -f docker-compose.panel.yml ...
You can use these as you would a normal docker compose stack. i.e.:
- Restart daemon:
./daemon restart
- Update panel:
./panel pull && ./panel up -d
This will run the Laravel user creation wizard in Pterodactyl's panel container. The setup script does this once to add the initial administrator user. Subsequent users can be added in the panel by an admin.