目录
1. 部署前准备
1.1 安装软件
1.1.1 安装基础软件
git
curl/wget
vim/nano
socat
Debian/Ubuntu:
apt update
apt install -y git curl wget vim socat
红帽系:
yum update
yum install -y git curl wget vim socat
1.1.2 安装docker
使用官方的一键安装脚本
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
# 启动
systemctl enable --now docker
1.1.3 Nginx
apt update
apt install -y nginx
# 启动
systemctl enable --now nginx
1.1.4 安装acme
curl https://get.acme.sh | sh -s
export PATH="$HOME/.acme.sh:$PATH"
1.2 准备环境
一个vps:
公网ip:22.22.22.22
⼀个域名: userdomain.com
将以下二级域名解析至你的VPS:
api.userdomain.com: api接口地址, 用于前端请求后端服务
user.userdomain.com: 前端用户页面
admin.userdomain.com: 前端管理面板地址
2.部署PPanel
2.1 申请SSL
注意: 每个配置文件, 每条命令都要改成自己的域名
配置Nginx /etc/nginx/conf.d/ppanel.conf
server {
listen 80;
listen [::]:80;
server_name admin.userdomain.com #替换为自己的域名
user.userdomain.com
api.userdomain.com;
location /.well-known/acme-challenge {
root /opt/ppanel;
}
}
# 重载nginx
nginx -t && nginx -s reload
申请证书
# 创建验证⽬录
mkdir -p /opt/ppanel/.well-known/acme-challenge
# 创建证书存放⽬录
mkdir /opt/ppanel/certs
# 创建ssl证书 #替换为自己的域名
acme.sh --issue --server letsencrypt -d admin.userdomain.com -d api.userdomain.com
-d user.userdomain.com -w /opt/ppanel
# 安装证书 #替换为自己的域名
acme.sh --install-cert -d admin.userdomain.com --key-file /opt/ppanel/certs/key.pem
--fullchain-file /opt/ppanel/certs/cert.pem --reloadcmd "systemctl reload nginx"
自动刷新 #替换为自己的域名
echo "10 1 * * * acme.sh --renew -d admin.userdomain.com -d api.userdomain.com -d
user.userdomain.com --force &> /dev/null" >> /etc/cron.d/ppanel_domain && chmod +x
/etc/cron.d/ppanel_domain
2.2 配置Nginx /etc/nginx/conf.d/ppanel.conf
# HTTP to HTTPS redirection
server {
listen 80;
listen [::]:80;
server_name admin.userdomain.com
user.userdomain.com;
return 301 https://$http_host$request_uri;
}
# Admin server (HTTPS)
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /opt/ppanel/certs/cert.pem;
ssl_certificate_key /opt/ppanel/certs/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name admin.userdomain.com;
location /.well-known/acme-challenge {
root /opt/ppanel;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:3000;
}
}
# API server (HTTPS)
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /opt/ppanel/certs/cert.pem;
ssl_certificate_key /opt/ppanel/certs/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name api.userdomain.com;
location /.well-known/acme-challenge {
root /opt/ppanel;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8080;
}
}
# User server (HTTPS)
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /opt/ppanel/certs/cert.pem;
ssl_certificate_key /opt/ppanel/certs/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name user.userdomain.com;
location /.well-known/acme-challenge {
root /opt/ppanel;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:3001;
}
}
nginx -t && nginx -s reload #重载nginx
2.3 All in One
2.1.1 编辑配置
# 克隆项⽬
cd /opt/ppanel && git clone https://github.com/perfect-panel/ppanel-script.git
cd ppanel-script
# 备份原docker-compose.yml⽂件
cp docker-compose.yml{,.bak}
修改 docker-compose.yml #youdomain替换为自己的域名
version: '3.8'
services:
ppanel-server:
image: ppanel/ppanel-server:beta
container_name: ppanel-server-beta
ports:
- '8080:8080'
volumes:
- ./config/ppanel.yaml:/opt/ppanel/ppanel-script/config/ppanel.yaml
restart: always
depends_on:
mysql:
condition: service_healthy
redis:
condition: service_healthy
networks:
- ppanel-network
mysql:
image: mysql:8.0.23
container_name: mysql_db
restart: always
environment:
MYSQL_ROOT_PASSWORD: aws123456
MYSQL_DATABASE: my_database
MYSQL_USER: user
MYSQL_PASSWORD: aws123456
ports:
- "3306:3306"
volumes:
- ./docker/mysql:/var/lib/mysql
command: --default-authentication-plugin=mysql_native_password --bind-address=0.0.0.0
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-uroot", "-prootpassword"]
interval: 10s
timeout: 5s
retries: 3
networks:
- ppanel-network
redis:
image: redis:7
container_name: redis_cache
restart: always
ports:
- "6379:6379"
volumes:
- ./docker/redis:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 3
networks:
- ppanel-network
ppanel-admin-web:
image: ppanel/ppanel-admin-web:beta
container_name: ppanel-admin-web
ports:
- '3000:3000'
environment:
# Replace with actual API endpoint if needed
NEXT_PUBLIC_DEFAULT_LANGUAGE: en-US
NEXT_PUBLIC_SITE_URL: https://admin.youdomain.com
NEXT_PUBLIC_API_URL: https://api.youdomain.com
NEXT_PUBLIC_DEFAULT_USER_EMAIL: [email protected]
NEXT_PUBLIC_DEFAULT_USER_PASSWORD: password123
ppanel-user-web:
image: ppanel/ppanel-user-web:beta
container_name: ppanel-user-web
ports:
- '3001:3000'
environment:
# Replace with actual API endpoint if needed
NEXT_PUBLIC_DEFAULT_LANGUAGE: en-US
NEXT_PUBLIC_SITE_URL: https://user.youdomain.com
NEXT_PUBLIC_API_URL: https://api.youdomain.com
NEXT_PUBLIC_EMAIL: [email protected]
NEXT_PUBLIC_TELEGRAM_LINK: https://t.me/example
NEXT_PUBLIC_TWITTER_LINK: https://twitter.com/example
NEXT_PUBLIC_DISCORD_LINK: https://discord.com/example
NEXT_PUBLIC_INSTAGRAM_LINK: https://instagram.com/example
NEXT_PUBLIC_LINKEDIN_LINK: https://linkedin.com/example
NEXT_PUBLIC_FACEBOOK_LINK: https://facebook.com/example
NEXT_PUBLIC_GITHUB_LINK: https://github.com/example/repository
NEXT_PUBLIC_DEFAULT_USER_EMAIL: [email protected]
NEXT_PUBLIC_DEFAULT_USER_PASSWORD: password123
networks:
ppanel-network:
driver: bridge
2.1.2 启动服务
docker compose up -d
原文链接: https://pppanel.gitbook.io/ppanel-bu-shu-wen-dang
