austindebest/proxpanel
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
5def26e0df05266a7e7367a258c4287e82bc2ab9
proxpanel/DEPLOYMENT.md

99 lines
2.8 KiB
Markdown
Raw Blame History

# ProxPanel Deployment Guide (Production Ubuntu)
## 1) Hands-Free Production Install (Recommended)
Run this on your Ubuntu server:
```bash
sudo apt-get update -y
sudo apt-get install -y git
git clone <YOUR_REPO_URL> /opt/proxpanel
cd /opt/proxpanel
sudo bash infra/deploy/install-proxpanel.sh \
--branch main \
--public-url http://102.69.243.167 \
--admin-email admin@yourdomain.com \
--configure-ufw
```
If the repo already exists on the server, just run:
```bash
cd /opt/proxpanel
sudo bash infra/deploy/install-proxpanel.sh \
--branch main \
--public-url http://102.69.243.167 \
--admin-email admin@yourdomain.com \
--configure-ufw
```
Installer behavior:
- Installs Docker + prerequisites.
- Builds and starts PostgreSQL, backend, frontend.
- Applies Prisma schema (`prisma:deploy`, fallback to `prisma:push`).
- Seeds admin user.
- Verifies API health and login.
- Writes deployment summary to `/root/proxpanel-install-summary.txt`.
## 2) Fast Production Checks
```bash
cd /opt/proxpanel
docker compose --env-file .env.production -f infra/deploy/docker-compose.production.yml ps
curl -fsS http://127.0.0.1:8080/api/health
curl -I http://102.69.243.167
```
## 3) Connect Proxmox Cluster In App
### A. Create Proxmox API token
In Proxmox UI:
1. Open `Datacenter -> Permissions -> API Tokens`.
2. Select your user (for example `root@pam` or a dedicated service user).
3. Click `Add`.
4. Set `Token ID` (example: `proxpanel`).
5. Copy the generated token secret immediately.
### B. Save credentials in ProxPanel
In ProxPanel UI:
1. Login as admin.
2. Go to `Settings -> Proxmox`.
3. Fill:
- `Host`: Proxmox hostname or IP (no `https://` prefix)
- `Port`: `8006`
- `Username`: e.g. `root@pam`
- `Token ID`: e.g. `proxpanel`
- `Token Secret`: generated secret
- `Verify SSL`: enabled if Proxmox cert is trusted; disable only if using self-signed cert temporarily
4. Click `Save Proxmox`.
### C. Trigger first sync
Use API once to import nodes/VMs:
```bash
APP_URL="http://102.69.243.167"
ADMIN_EMAIL="admin@yourdomain.com"
ADMIN_PASSWORD="<YOUR_ADMIN_PASSWORD>"
TOKEN=$(curl -s -X POST "$APP_URL/api/auth/login" \
-H "Content-Type: application/json" \
-d "{\"email\":\"$ADMIN_EMAIL\",\"password\":\"$ADMIN_PASSWORD\"}" | jq -r '.token')
curl -s -X POST "$APP_URL/api/proxmox/sync" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json"
```
Then confirm:
- `Nodes` page shows imported nodes.
- Dashboard cards and usage graphs populate.
## 4) Security Hardening Checklist
- Set a DNS name and terminate TLS (Nginx/Caddy/Cloudflare).
- Change the seeded admin password immediately.
- Keep `CORS_ORIGIN` set to your real public URL only.
- Use a dedicated Proxmox API user/token with least privileges.
- Keep backend bound to localhost (`127.0.0.1`) and expose only frontend port.
- Enable off-host backups for DB and app config.
Reference in New Issue View Git Blame Copy Permalink