PPanel Easy Mode: Set Up Domain & Nginx in 3 Minutes for Complete Beginners | PPanel安装前戏：小白3分钟搞定域名 + Nginx配置🔥

Hey, wanna install PPanel? Hold up—gotta get your domain and Nginx ready first. Otherwise, it's like trying to make instant noodles without hot water... just staring at dry noodles! 😂 What you need: A domain (I use Cloudflare, example is sahara.de5.net—swap in your own, okay?) + A server with root access (don't tell me you don't have one yet～).

Pro move: Add an A record (or AAAA for IPv6) in your domain DNS settings, pointing to your server's IP. Once that's done, SSH into your server (I went straight for Google Cloud), and let's roll!

Easy, right? Follow along, no crashes guaranteed—because I've already crashed for you! 🚗💨

嘿！想装PPanel？先别急——域名和Nginx得安排上，不然就像煮泡面没开水，干瞪眼！😂 你需要啥：一个域名（我托管在Cloudflare，示例是sahara.de5.net，你换成自己的哦！）+ 一台有root权限的服务器（别告诉我还没有～）。

骚操作：在域名托管那儿加个A记录（IPv6就加AAAA），把域名指向服务器IP。搞定后，ssh连上服务器（我直接怼了谷歌云），准备开整！

简单吧？跟着走，不翻车，因为我翻过车了～🚗💨

# 用这个命令查看一下OS | Check the OS with this command

uname -a && cat /proc/version

# 转换到root用户 | Switch to root user

sudo -i

# 更新软件 | Update software packages

sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y

# 安装一下 curl nginx vim | Install curl nginx vim

apt install -y curl nginx vim

# 检查一下nginx是否已经安装好 | Check if nginx is installed correctly

which nginx

# 启动nginx | Start nginx

systemctl enable --now nginx

# 安装acme, 它能够自动获取SSL/TLS证书 | Install acme, which can automatically obtain SSL/TLS certificates

curl https://get.acme.sh | sh -s

export PATH="$HOME/.acme.sh:$PATH"

# 创建ppanel配置文件到Nginx底下 | Create ppanel config file under Nginx

touch /etc/nginx/conf.d/ppanel.conf

# 复制的配置文件内容 -- {sahara.de5.net -> 你的域名} | Configuration file content -- {sahara.de5.net -> your domain}

server {

    listen 80;

    listen [::]:80;

    server_name admin.sahara.de5.net

                user.sahara.de5.net

                api.sahara.de5.net;

    location /.well-known/acme-challenge {

        root /opt/ppanel;

    }

}

# 重新加载nginx | Reload nginx

nginx -t && nginx -s reload

# 创建验证⽬录 | Create verification directory

mkdir -p /opt/ppanel/.well-known/acme-challenge

# 创建证书存放⽬录 | Create certificate storage directory

mkdir /opt/ppanel/certs

# 创建ssl证书 -- {sahara.de5.net -> 你的域名} | Create SSL certificate -- {sahara.de5.net -> your domain}

acme.sh --issue --server letsencrypt \

-d admin.sahara.de5.net \

-d api.sahara.de5.net \

-d user.sahara.de5.net \

-w /opt/ppanel

# 查看服务器公网IP | Check server public IP

curl -4 ipinfo.io/ip

# 安装证书 -- {sahara.de5.net -> 你的域名} | Install certificate -- {sahara.de5.net -> your domain}

acme.sh --install-cert -d admin.sahara.de5.net \

  --key-file /opt/ppanel/certs/key.pem \

  --fullchain-file /opt/ppanel/certs/cert.pem \

  --reloadcmd "systemctl reload nginx"

# 自动刷新 -- {sahara.de5.net -> 你的域名} | Auto-renew -- {sahara.de5.net -> your domain}

# 每天凌晨 1:30 自动执行 "证书续期" 的任务，让SSL证书不会过期。 | Automatically renew SSL certificate at 1:30 AM daily to prevent expiration

echo "30 1 * * * \

acme.sh --renew \

  -d admin.sahara.de5.net \

  -d api.sahara.de5.net \

  -d user.sahara.de5.net \

  --force &> /dev/null" \

>> /etc/cron.d/ppanel_domain \

&& chmod +x /etc/cron.d/ppanel_domain

# 确认定时更新SSL任务添加 | Confirm scheduled SSL renewal task added

cat /etc/cron.d/ppanel_domain

# 应该能看到下面这个东西 -- {sahara.de5.net -> 你的域名}: | You should see the following -- {sahara.de5.net -> your domain}:

30 1 * * * acme.sh --renew -d admin.sahara.de5.net -d api.sahara.de5.net -d user.sahara.de5.net --force &> /dev/null

# 配置Nginx, 要进到/打开这个nginx的配置文件(/etc/nginx/nginx.conf) | Configure Nginx, open this nginx config file (/etc/nginx/nginx.conf)

# {sahara.de5.net -> 你的域名} | {sahara.de5.net -> your domain}

user www-data;

worker_processes auto;

pid /run/nginx.pid;

include /etc/nginx/modules-enabled/*.conf;

events {

    worker_connections 768;

}

http {

    sendfile on;

    tcp_nopush on;

    tcp_nodelay on;

    keepalive_timeout 65;

    types_hash_max_size 2048;

    include /etc/nginx/mime.types;

    default_type application/octet-stream;

    # 日志格式（可选） | Log format (optional)

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '

                    '$status $body_bytes_sent "$http_referer" '

                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;

    error_log  /var/log/nginx/error.log warn;

    ### =============== HTTP Server ===============

    server {

        listen 80;

        listen [::]:80;

        server_name admin.sahara.de5.net api.sahara.de5.net user.sahara.de5.net;

        # Let's Encrypt 验证目录 | Let's Encrypt verification directory

        location ^~ /.well-known/acme-challenge/ {

            root /opt/ppanel;

            default_type "text/plain";

        }

        # 其他请求全部重定向到 HTTPS | Redirect all other requests to HTTPS

        location / {

            return 301 https://$host$request_uri;

        }

    }

    ### =============== HTTPS for admin ===============

    server {

        listen 443 ssl http2;

        listen [::]:443 ssl http2;

        server_name admin.sahara.de5.net;

        ssl_certificate     /opt/ppanel/certs/cert.pem;

        ssl_certificate_key /opt/ppanel/certs/key.pem;

        ssl_protocols TLSv1.2 TLSv1.3;

        ssl_ciphers HIGH:!aNULL:!MD5;

        ssl_session_cache shared:SSL:10m;

        ssl_session_timeout 10m;

        ssl_prefer_server_ciphers on;

        location / {

            proxy_pass http://127.0.0.1:3001;

            proxy_http_version 1.1;

            proxy_set_header Upgrade $http_upgrade;

            proxy_set_header Connection "upgrade";

            proxy_set_header Host $host;

            proxy_set_header X-Real-IP $remote_addr;

            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header X-Forwarded-Proto $scheme;

        }

    }

    ### =============== HTTPS for api ===============

    server {

        listen 443 ssl http2;

        listen [::]:443 ssl http2;

        server_name api.sahara.de5.net;

        ssl_certificate     /opt/ppanel/certs/cert.pem;

        ssl_certificate_key /opt/ppanel/certs/key.pem;

        ssl_protocols TLSv1.2 TLSv1.3;

        ssl_ciphers HIGH:!aNULL:!MD5;

        ssl_session_cache shared:SSL:10m;

        ssl_session_timeout 10m;

        ssl_prefer_server_ciphers on;

        location / {

            proxy_pass http://127.0.0.1:8080;

            proxy_http_version 1.1;

            proxy_set_header Upgrade $http_upgrade;

            proxy_set_header Connection "upgrade";

            proxy_set_header Host $host;

            proxy_set_header X-Real-IP $remote_addr;

            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header X-Forwarded-Proto $scheme;

        }

    }

    ### =============== HTTPS for user ===============

    server {

        listen 443 ssl http2;

        listen [::]:443 ssl http2;

        server_name user.sahara.de5.net;

        ssl_certificate     /opt/ppanel/certs/cert.pem;

        ssl_certificate_key /opt/ppanel/certs/key.pem;

        ssl_protocols TLSv1.2 TLSv1.3;

        ssl_ciphers HIGH:!aNULL:!MD5;

        ssl_session_cache shared:SSL:10m;

        ssl_session_timeout 10m;

        ssl_prefer_server_ciphers on;

        location / {

            proxy_pass http://127.0.0.1:3002;

            proxy_http_version 1.1;

            proxy_set_header Upgrade $http_upgrade;

            proxy_set_header Connection "upgrade";

            proxy_set_header Host $host;

            proxy_set_header X-Real-IP $remote_addr;

            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header X-Forwarded-Proto $scheme;

        }

    }

}

# 检测nginx语法,重新加载nginx | Check nginx syntax, reload nginx

nginx -t && nginx -s reload

# 域名配置完成之后,就可以开始安装PPanel了. | After domain configuration is complete, you can start installing PPanel.

# 这个是官网的PPanel Docker 一件安装命令(2025年12月13号) | This is the official PPanel Docker one-click installation command. (13/12/2025)

bash <(curl -fsSL https://raw.githubusercontent.com/perfect-panel/ppanel-script/refs/heads/main/install.sh)

🔥 $0 Remote Desktop? Oracle Cloud FREE Tier + RustDesk Hacks 🔥 | 💥零成本自建远程桌面！甲骨文+RustDesk真香警告💥

Zero-cost remote access, beginners can operate smoothly—this is awesome industry conscience! | 免费就是香！小白也能丝滑搞远程，业界良心没跑了～

Guys! Stop wasting money on remote tools! I found a game-changer—set up RustDesk with Oracle Cloud, zero cost, even newbies can do it.

✨【Pre-Action Key Points】Put your mind at ease first!

✅ Cost: $0! Oracle's free tier lasts forever

✅ Traffic: 10TB/month! Remote control uses so little traffic it’s negligible

✅ Installation: Server-side on cloud (Docker is super easy), client-side on Mac

✅ Account: No registration! Privacy lovers rejoice—no more filling out tons of info～

🖥️【Oracle Cloud Server Prep】Win by copy-pasting!

Open Mac Terminal, connect to cloud server: ssh ubuntu@<your-server-IP> (fill in your own IP!)

Update system & install tools: sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install -y curl ufw (copy the whole line, don’t miss characters!)

Install Docker even easier: curl -fsSL https://get.docker.com | sudo sh (official one-click script, faster than ordering takeout)

Add to Docker group to skip sudo: sudo usermod -aG docker $USER && newgrp docker (no more repeated password entries for Docker—so nice!)

Verify: docker --version, if it shows the version, it’s successful～

🛡️【Dual Firewall Protection】Don’t skip! Safety first!

▪️ Cloud platform operation: Log in to Oracle Console, find 「Network→Virtual Cloud Network→Security List」, add 2 rules:

TCP protocol + 0.0.0.0/0 + port 21115-21119 (RustDesk exclusive channel)

UDP protocol + 0.0.0.0/0 + port 21116 (Don’t ask! It’s double protection)

▪️ Server command: sudo ufw allow 21115:21119/tcp && sudo ufw allow 21116/udp && sudo ufw allow ssh && sudo ufw --force enable (copy and run, firewall becomes impenetrable～)

▪️ Test: Enter nc -l -p 21116 on cloud server, open a new Mac Terminal and enter nc -zv <server-IP> 21116, if it shows succeeded, it’s OK!

🚀【One-Click RustDesk Deployment】I laughed out loud at how easy this is!

Create directory: mkdir ~/rustdesk && cd ~/rustdesk

One-click config generation: Copy the entire following block (don’t split!)

cat > compose.yml <<EOF

services:

hbbs:

image: rustdesk/rustdesk-server:latest

container_name: hbbs

ports:

"21115:21115"

"21116:21116"

"21116:21116/udp"

"21118:21118"

volumes:

./data:/root

restart: unless-stopped

hbbr:

image: rustdesk/rustdesk-server:latest

container_name: hbbr

ports:

"21117:21117"

"21119:21119"

volumes:

./data:/root

restart: unless-stopped

EOF

Start service: docker compose up -d (wait a few seconds, service runs!)

Get public key (super important!): sleep 5 && cat ./data/id_ed25519.pub, copy and save it～

🍎【Mac Client Setup + Test】Witness the miracle!

Install client: brew install --cask rustdesk (if no Homebrew, install from brew.sh first—it’s quick!)

Grant permissions: System Settings→Privacy & Security, check 「Accessibility」and 「Screen Recording」for RustDesk (otherwise you can’t control the screen!)

Fill in config: Open RustDesk, click 「...」→「ID/Relay Server」, fill cloud server IP for both ID Server and Relay Server, paste the saved public key in Key, click Apply. If it shows green "Ready", it’s done!

Test: Open http://<cloud-server-IP>:21115 in browser, enter Mac’s RustDesk ID and password. After successful connection, open Terminal remotely, enter touch ~/Desktop/hw.txt && echo "Hello from OCI RustDesk" > ~/Desktop/hw.txt, the file appears on desktop instantly! I was so excited I hit the table🤣

🔧【Daily Maintenance】Unbelievably easy!

Upgrade: cd ~/rustdesk && docker compose pull && docker compose up -d (pull new image and restart)

Stop service: cd ~/rustdesk && docker compose stop (stop when not in use to save resources)

Start service: cd ~/rustdesk && docker compose start (start when needed, as easy as turning on a light)

Who says remote assistance is hard! This method is $0 and secure, newbies just copy commands. Try it!

宝子们！别再给远程工具交智商税了！我扒到个神操作 —— 用 Oracle 云搭 RustDesk，一分钱不花，手残党也能拿捏。😂

✨【事前划重点】先把心放肚子里！

✅ 成本：0！Oracle 免费额度用到天荒地老

✅ 流量：每月 10TB！远程控制耗的流量连塞牙缝都不够

✅ 安装：云服装服务端（Docker 超简单），Mac 装客户端

✅ 账号：不用注册！隐私党狂喜，再也不用填一堆信息啦～

🖥️【Oracle 云服准备】复制粘贴就赢了！

打开 Mac 终端，输这个连云服：ssh ubuntu@<你的服务器 IP>（IP 填自己的哦）

更新系统装工具：sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install -y curl ufw（复制整条，别手抖漏字符！）

装 Docker 更简单：curl -fsSL https://get.docker.com | sudo sh（官方一键脚本，比点外卖还快）

加 Docker 组告别 sudo：sudo usermod -aG docker $USER && newgrp docker（以后用 Docker 不用反复输密码，爽！）

验证下：docker --version，出版本号就是成功啦～

🛡️【防火墙双保险】别偷懒！安全第一！

▪️ 云平台操作：登 Oracle 控制台，找「网络→虚拟云网络→安全列表」，添 2 条规则：

TCP 协议 + 0.0.0.0/0+21115-21119 端口（RustDesk 专属通道）

UDP 协议 + 0.0.0.0/0+21116 端口（别问！问就是双保险）

▪️ 服务器命令：sudo ufw allow 21115:21119/tcp && sudo ufw allow 21116/udp && sudo ufw allow ssh && sudo ufw --force enable（复制运行，防火墙秒变铜墙铁壁～）

▪️ 测试下：云服输 nc -l -p 21116，Mac 新终端输 nc -zv <服务器 IP> 21116，显 succeeded 就 OK！

🚀【一键部署 RustDesk】这步我笑出鹅叫！

建目录：mkdir ~/rustdesk && cd ~/rustdesk

一键生成配置：复制下面整条（别拆！）

cat > compose.yml <<EOF

services:

hbbs:

image: rustdesk/rustdesk-server:latest

container_name: hbbs

ports:

"21115:21115"

"21116:21116"

"21116:21116/udp"

"21118:21118"

volumes:

./data:/root

restart: unless-stopped

hbbr:

image: rustdesk/rustdesk-server:latest

container_name: hbbr

ports:

"21117:21117"

"21119:21119"

volumes:

./data:/root

restart: unless-stopped

EOF

启动服务：docker compose up -d（等几秒，服务就跑起来啦）

拿公钥（超重要！）：sleep 5 && cat ./data/id_ed25519.pub，复制下来存好～

🍎【Mac 客户端配置 + 实测】见证奇迹！

装客户端：brew install --cask rustdesk（没 Homebrew 先去 brew.sh 装，很快！）

给权限：系统设置→隐私与安全性，给 RustDesk 勾「辅助功能」和「屏幕录制」（不然控不了屏哦）

填配置：打开 RustDesk 点「...」→「ID / 中继服务器」，ID 和中继服务器都填云服 IP，Key 粘刚才存的公钥，点应用，显绿色 “就绪” 就成！

实测：用浏览器开 http://<云服 IP>:21115，输 Mac 的 RustDesk ID 和密码，连成功后远程开终端，输 touch ~/Desktop/hw.txt && echo "Hello from OCI RustDesk" > ~/Desktop/hw.txt，桌面立马出文件！我当时激动到拍桌子🤣

🔧【日常维护】简单到离谱！

升级：cd ~/rustdesk && docker compose pull && docker compose up -d（拉新镜像重启就行）

关服务：cd ~/rustdesk && docker compose stop（不用就关，省资源）

开服务：cd ~/rustdesk && docker compose start（要用再开，跟开灯一样简单）

谁再说远程协助难我跟谁急！这方法 0 成本还安全，小白跟着命令抄就行，快试试！