How to setup Pterodactyl to run a Rust server
Introduction
In this article we will be discussing how to configure your newly delivered dedicated server to use with Pterodactyl. This article is considered to be an "all-in-one" tutorial with an emphasis on utilizing your Pterodactyl installation to run multiple Rust game servers with multiple IP addresses. For more information on purchasing additional IP address, please read this article.
How to login and use DCImanager
Navigate to the Client Portal of the Tempest Hosting website or click here.
Click on My Services from the navigation menu.
Select the server you wish to manage and click the Login to DCImanager button.
Installation of Ubuntu and Pterodactyl
Pre-Existing Deployments
It is recommended that in order to follow this tutorial without encountering errors, you must clear the disks on your server using DCImanager. This will ensure only the required applications are installed on your server and will help increase overall performance. To accomplish this, do the following:
Open up DCImanager for the server you wish to clear disks on.
Ensure that the server you wish to wipe is shown and click on the ••• menu icon to the far right.
Click on Clear disks and select Full clear from the pop-up window.
This process will take approximately 2 hours to complete. In the meantime we can move on to creating our Firewall Rules and Filters as explained later in this article. Once your firewall rules and filters have been configured and the server has completed the disk clearing operation, follow the instructions listed under New Deployments.
New Deployments
If this server has yet to be used, great, this will save you some time. On a freshly provided server you can follow these instructions to install the operating system and Pterodactyl using the installation scripts built into DCImanager.
Open up DCImanager for the server you wish to install the operating system and Pterodactyl on.
Click on the ••• menu icon to the far right.
Select Install OS from template from the dropdown menu. A new interface will open.
Select the Ubuntu option from the operating systems list and ensure you are installation version 20.04.
Under Applications and scripts you will see an option for Pterodactyl and Pterodactyl (wings only).
Note: The "wings only" option for Pterodactyl allows for you to run the game servers on a server which won't host the panel. If you are planning on using a separate server to deploy Pterodactyl panel, select this option. Otherwise select the "Pterodactyl" option.
For Server boot mode utilize the "Set by template" option.
For Drive layout utilize the automatic provisioning process.
After continuing in the installation process, you will be asked to provide a password for what will be the root account.
It is highly recommended that you utilize a strong, lengthy password made up of various numbers, letters and symbols.
DCImanager will now proceed to install the server. This process usually takes 15-30 minutes to complete.
Setting up Firewall Rules and Filters
Firewall rules and filters are paramount in ensuring you're covered by the full protection that is offered by Tempest Hosting. We have provided an intuitive Firewall Manager for our customers to utilize at their leisure. Here's how to access your Firewall Manager:
Navigate to the Client Portal of the Tempest Hosting website or click here.
Hover over Services from the navigation menu.
Click on the Firewall Manager menu item.
When the Firewall Manager has opened, you will see a list of IP addresses associated with your services. We will first focus on configuring the firewall rules and filters for the primary IP address of your server. Click on the red Manage Rules button for the primary IP address to continue. By default you will see a handful of rules pre-configured for this IP address.
If you are utilizing BattleMetrics or Tebex as a service, we've already pre-configured these rules for you.
Click New Rule and a popup window will open.
When creating a rule, you will be able to specify Protocol, Source IP, Destination Port, Source Port, Type, Comment and Rule Priority.
The first rule we should create will allow for you to SSH into your newly installed server. For security purposes in this tutorial, we are going to whitelist only our IP address for this port. However, if you do not utilize a Static IP with your internet service provider, we recommend leaving the Source IP section of this rule blank, as your IP is subject to change without notice and it will render you unable to SSH into your server.
If you are comfortable with modifying this SSH rule each time your IP address changes, you may do so, this is completely your choice in terms of security.
SSH uses the protocol TCP and operates off of port 22. For Source IP, enter your IP address followed by /32. Leave Source Port blank and use the type Whitelist. For easier reference, use a comment such as "SSH - My Home IP" or whichever you prefer. You do not have to worry about making this rule a priority. Click Create and you will see your newly established rule on the page.
Now that we understand how to create firewall rules, use the following table to create rules which apply to this tutorial:
| Protocol | Source IP | Destination Port | Source Port | Type | Comment | Priority |
|---|---|---|---|---|---|---|
| TCP | 0.0.0.0/0 | 80 | Whitelist | HTTP | No | |
| TCP | 0.0.0.0/0 | 443 | Whitelist | HTTPS | No | |
| TCP | 0.0.0.0/0 | 2022 | Whitelist | Pterodactyl Wings | No | |
| TCP | 0.0.0.0/0 | 8080 | Whitelist | Pterodactyl Wings | No | |
| TCP | 0.0.0.0/0 | 28015 | Whitelist | Rust Primary Port | No | |
| UDP | 0.0.0.0/0 | 28015 | Whitelist | Rust Primary Port | No | |
| TCP | 0.0.0.0/0 | 28082 | Whitelist | Rust+ App Port | No |
If you utilize any third-party services which host applications and that make RCon connections to your servers, you will need to create a TCP rule for port 28016. As demonstrated when setting up the SSH port, if you wish to provide an extra layer of security for your RCon port, you may specify the Source IP of the service which will be making that connection.
If you have purchased additional IP addresses from us, you will need to configure the same firewall rules as above on each IP address, except for the rules for SSH, HTTP and HTTPS.
Now that we have our firewall rules established, we need to create filters for specific ports to ensure the best protection of our services. Click on the Filters sub-menu of the Firewall Manager and click on New Filter. Add the following filters to each IP address you plan on using with this server:
RakNet Server (v2) - Port should be set to 28015 - Accept server queries should be set to Yes.
Source Engine Queries - Port should be set to 28015 - Strict Mode should be set to No - A2S Caching should be set to Yes.
TCP Service (Symmetric) - Port should be set to 28082 - Per-connection max packets per second should be set to 1000.
Once your firewall rules and filters have been configured, wait approximately 15-30 minutes for these changes to apply. Afterwards your server should be ready with a fresh OS installation from the previous step.
Initial SSH Login
For this section of this article, you must already be familiar with SSH and how to utilize it. For new beginners, we recommend using an SSH client like MobaXterm. There you can utilize bookmarks for future SSH sessions.
Log into your server via SSH.
Upon successful logon, you will be greeted with a message to continue the installation of Pterodactyl.
Proceed into the installation script by sending the command configure-panel.
You will be prompted to enter your First Name, Last Name, Email Address and Password, which will be used to create your administrator account on the panel.
You will be prompted to provide the URL in which you would like to access the panel.
Using an isolated domain
We strongly recommend that you utilize a domain that is isolated from the domain you are using as the public site for your community. Using a sub-domain such as panel.example.com could potentially lead mischievous individuals to attempt to brute-force or attack your panel. If you wish to use an isolated domain name, follow these instructions:
Purchase a domain from a reputable provider that gives it's customers access to use their own DNS records system. Otherwise you can point the nameservers of this domain to your pre-existing hosting solution and add these DNS records through that solution.
Create the following DNS records for your panel domain:
| Type | Name | Record/Data | TTL |
|---|---|---|---|
| A | @ | Your Server's Primary IP Address | 3600 (or) 1 Hour |
| A | secure | Your Server's Primary IP Address | 3600 (or) 1 Hour |
| CNAME | www | Your Server's Primary IP Address | 3600 (or) 1 Hour |
Some hosts will not accept @ as an entry into their records, thus you should utilize the domain name instead followed by a period .. Consult with the provider of your DNS records should you encounter an issue with this step.
The A record which contains the name secure can be modified to your liking. This record will be used to specify the Fully Qualified Domain Name (FQDN) during the setup process of the panel. The FQDN will be used to provide a URL to use when connecting to services such as FTP, for example: secure.example.com:2022
Once your DNS records have been setup, you can enter this domain as the desired panel URL.
You must include www. when entering your domain as the desired panel URL or the installation process will encounter errors.
Using a sub-domain
If you are disinterested in purchasing an isolated domain name for use with this panel, follow these instructions:
Create the following DNS records for your panel sub-domain:
| Type | Name | Record/Data | TTL |
|---|---|---|---|
| A | secure | Your Server's Primary IP Address | 3600 (or) 1 Hour |
| CNAME | panel | Your Server's Primary IP Address | 3600 (or) 1 Hour |
Some hosts will not accept @ as an entry into their records, thus you should utilize the domain name instead followed by a period .. Consult with the provider of your DNS records should you encounter an issue with this step.
The A record which contains the name secure can be modified to your liking. This record will be used to specify the Fully Qualified Domain Name (FQDN) during the setup process of the panel. The FQDN will be used to provide a URL to use when connecting to services such as FTP, for example: secure.example.com:2022
You cannot use the panel's sub-domain as the FQDN or your installation process will encounter errors.
Once your DNS records have been setup, you can enter this sub-domain as the desired panel URL, for example: panel.example.com
You will be prompted to enable HTTPS with your Pterodactyl setup, we recommend enabling this for security purposes.
You will be reminded to ensure the proper firewall rules are in place, but thankfully we have already completed this step and can proceed.
If you selected to enable HTTPS, an SSL certificate provider Let's Encrypt will prompt for an agreement to their terms of service.
The installation script will then begin to run and you will be notified when it has completed.
Installing Wings
Now that Pterodactyl has been setup without error, it's time for us to install Wings. If you are continuing in the initial installation process, you may send the command install-wings to continue. After command execution, the installation script will begin to install the various packages needed to run Wings. You will be notified when this process has completed.
Configuring your panel
Now that Pterodactyl and Wings have been installed, it's time to navigate to your panel. Enter your domain or sub-domain into your browser and you will be prompted to login with the credentials you provided during the installation process. Upon successful login, navigate to the Admin Panel which has a gear icon in the navigation menu at the top of the page. Here we will set up your panel for first time usage:
Adding a location
Click on the Locations item from within the side navigation bar.
Click on Create New from the top right corner of this page.
Provide a short code which will be used to identify the location of the node you are getting ready to add. For example, if the name of my server as listed in DCImanager is EQX.DA11.110.RU01, I'll use this as my short code. This will come in handy when you eventually manage multiple nodes and would like to quickly identify the location of any issues which may potentially arise.
If you would like to provide a description for the location, you may, however this is not required.
Click on Create from the dialogue window and your location should appear within the locations list.
Adding a Node
Click on the Nodes item from within the side navigation bar.
Click on Create New from the top right corner of this page.
Provide a name for the node which will be used to identify it. For example, if the host name of my server as listed in DCImanager is EXAMPLE-12900KS-1, I'll use this as my node name.
If you would like to provide a description for the node, you may, however this is not required.
The location should automatically be populated with your newly created location from the panel.
Node visibility can be set to Public.
Provide the FQDN that you created when setting up your DNS records in the previous steps.
Input the Total Memory that this node will be allocated. You will be able to sub-allocate memory later.
For accurate allocation of memory, we recommend using a binary conversion tool rather than a decimal conversion tool. A reliable tool can be found here. For example, if my machine has 64GB of memory, I would want to use the value 65536 to accurate represent that measurement in the panel.
Input the Total Disk Space that this node will be allocated. You will be able to sub-allocate disk space later. The same conversion rates apply that would be used for the previous step.
A good rule-of-thumb is to preserve 100GB of storage for the operating system to utilize at it's discretion.
There are options to specify Memory Over-Allocation and Disk Over-Allocation. Both of these options contain descriptions which better explain the use of the features. If you do not want to handle over-allocation rules, simply use 0 to prevent new servers from deploying if all resources have been allocated.
Click on Create and you will be redirected to the allocation options for your newly created node.
Allocating IP Addresses and Ports
Multiple IP Game Server Hosting
If you have purchased additional IP addresses from us and intend to use them to deploy game servers with dedicated IP addresses, follow these steps:
| Server Instance # | IP Address | Primary Port | RCon Port | Rust+ Port |
|---|---|---|---|---|
| 1 | XXX.XXX.XXX.XXX | 28015 | 28016 | 28082 |
| 2 | XXX.XXX.XXX.XXX | 28015 | 28016 | 28082 |
| 3 | XXX.XXX.XXX.XXX | 28015 | 28016 | 28082 |
| 4 | XXX.XXX.XXX.XXX | 28015 | 28016 | 28082 |
Single IP Game Server Hosting
If you intend on only utilizing your primary server IP to deploy game servers, follow the steps above but only specify your primary server IP during that process. You will have to assign additional ports for each game server instance you intend on deploying. For example, use the following chart to determine how to properly allocate these ports:
| Server Instance # | IP Address | Primary Port | RCon Port | Rust+ Port |
|---|---|---|---|---|
| 1 | XXX.XXX.XXX.XXX | 28015 | 28016 | 28082 |
| 2 | XXX.XXX.XXX.XXX | 28017 | 28018 | 28083 |
| 3 | XXX.XXX.XXX.XXX | 28019 | 28020 | 28084 |
| 4 | XXX.XXX.XXX.XXX | 28021 | 28022 | 28085 |
As you submit these allocations, you will see them appear within the Existing Allocations list. Once you have finished allocating your IP addresses and ports, proceed to the next step.
Attaching your node to Wings
Click on the Configuration tab on the top navigation menu of your node. Here you will see a Configuration File and an option to Auto-Deploy your node to Wings.
Click on Generate Token and a modal will appear with a command you will need to copy and paste into your SSH client.
Once you have ran the command provided by the token modal, you should receive a message stating that you have configured wings successfully.
Setting up SSL for the FQDN
If you attempt to status-check your node prior to creating SSL for the FQDN you specified earlier, you will notice your node is not "online" or "responding" properly. To do this, we must create an SSL certificate using Let's Encrypt.
Run the following command on SSH: apt install certbot python3-certbot-nginx. This will install the nginx module for our SSL program.
Run the following command on SSH: certbot certonly --nginx -d secure.example.com.
Remember to change the domain specified in the command to what you set up as the FQDN for the node.
Perform a Reboot
Send the command reboot through your SSH client to perform a reboot of the operating system. This will ensure the changes you have made have applied correctly. This process will take a few minutes, afterwards you should be able to reconnect via SSH. Once your server has rebooted, refresh the Nodes page of the Admin Panel and you should now see a "green heart" indicating an active connection to the node. Hooray!
Creating your first server
Click on the Servers item from within the side navigation bar.
Click on Create New from the top right corner of this page.
Provide a name for the server. This will be only shown to panel users and this is not what is publicly displayed on the server browser in-game.
If you would like to provide a description for the server, you may, however this is not required.
Specify which user will be the Server Owner. This list is pulled from the Users page of the Admin Panel. The server owner will be able to create sub-users to maintain individual servers.
The Node and Default Allocation fields will be pre-populated with the first available unused entries. Under Additional Allocations, select the Rust RCon Port and Rust+ App Port for the matching IP address from the Default Allocation field.
Next you will want to specify a Backup Limit if you are interested in using Pterodactyl's backup features. This will correspond with the Allocation Limit field which should use the same data conversion type as previously mentioned during the setup of the node.
Under Resource Management you will be able to dedicate specific resources to each server you create. The instructions provided under each configuration option are self-explanatory. Remember that the Memory and Disk Space fields require an accurate data conversion type as previously mentioned during the setup of the node.
Under Nest Configuration you will be able to select the Rust nest and egg, which will pre-populate the docker image from the public repository of Pterodactyl.
You may choose to specify a custom image if you have one readily available, but be warned that we do not offer support for images that are not provided by Pterodactyl.
Startup Configuration
We recommend replacing and using the default startup parameter with:
./RustDedicated -batchmode +server.ip 0.0.0.0 +server.port {{SERVER_PORT}} +server.queryport {{SERVER_PORT}} +rcon.ip 0.0.0.0 +rcon.port {{RCON_PORT}} +rcon.password \"{{RCON_PASS}}\" +rcon.web true +app.publicip {{SERVER_IP}} +app.listenip 0.0.0.0 +app.port {{APP_PORT}} +server.identity "rust" +server.hostname \"{{HOSTNAME}}\" +server.level \"{{LEVEL}}\" +server.maxplayers {{MAX_PLAYERS}} +server.description \"{{DESCRIPTION}}\" +server.url \"{{SERVER_URL}}\" +server.headerimage \"{{SERVER_IMG}}\" +server.logoimage \"{{SERVER_LOGO}}\" +server.saveinterval {{SAVEINTERVAL}} $( [ -z ${MAP_URL} ] && printf %s "+server.worldsize \"{{WORLD_SIZE}}\" +server.seed \"{{WORLD_SEED}}\"" || printf %s "+server.levelurl {{MAP_URL}}" ) {{ADDITIONAL_ARGS}}This ensures that your server properly responds to queries from the Steam Master Server List and that your Rust+ App is functional.
Click Create and your server will begin to install.
Using Multiple IP Address with Pterodactyl
The current version of Docker does not handle multiple IP addresses well, and by default if you run multiple game servers from one node, you will observe that each server will attempt to broadcast itself from the main server IP. To avoid this we must make an adjustment using our SSH client. Credits to Calloway Sutton from GitHub for this fix.
Run the following commands from your SSH client:
touch /run/xtables.lock
docker pull callowaysutton/ptero-external-ip
nano /etc/systemd/system/external-ip.serviceAfter running the nano command, it will open the file /etc/systemd/system/external-ip.service. Paste the following object into this file:
[Unit]
Description=Simple SNAT for Docker Containers
After=docker.service
Requires=docker.service
StartLimitBurst=16
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=/usr/bin/docker pull callowaysutton/ptero-external-ip
ExecStart=/usr/bin/docker run --net=host --cap-add=NET_ADMIN --cap-add=NET_RAW --volume /var/run/docker.sock:/var/run/docker.sock --volume /run/xtables.lock:/run/xtables.lock --restart=always --name %n callowaysutton/ptero-external-ip
ExecStop=/usr/bin/docker stop %n
ExecStopPost=/usr/bin/docker rm -f %n
ExecReload=/usr/bin/docker restart %n
[Install]
WantedBy=multi-user.targetSave those changes to this file and exit the editor. Press CTRL+X, CTRL+Y and Enter to return to the command line.
Run the following command: systemctl enable --now external-ip
Reboot your server as previously explained before to ensure these changes have been applied.
Setting Proper MTU
To ensure that your server has stability while communicating across our network, you'll need to properly configure your Maximum Transmission Unit (MTU). We've published an article explaining what MTU is and you can read about it here.
Send the following command to your server:
nano /etc/network/interfacesWhile editing this file, find the entry for gateway and add a new line underneath it.
Set the MTU by entering mtu 1440 on that new line.
Save those changes to this file and exit the editor. Press CTRL+X, CTRL+Y and Enter to return to the command line.
Restart the network service by running the following command:
systemctl restart networkingSetting Your Time Zone
A good rule of thumb is to set your server time zone to where it's presently hosted or to use UTC.
Send the following command to your server:
timedatectlThis will display the current time zone that is set on your server. If you wish to make changes, proceed in this tutorial.
Identify which time zone region you would like to set by using this list. For the purposes of this tutorial, we are going to use America/New_York as the value.
Send the following command to your server:
timedatectl set-timezone America/New_YorkVerify that these changes have taken effect by checking the server's time zone again.
Next we will need to modify the time zone utilized by Pterodactyl. This is important when trying to utilize the Schedules function of the panel.
Send the following command to your server:
nano /var/www/pterodactyl/.etcEdit the line starting with APP_TIMEZONE= with the value you set for your server.
Save those changes to this file and exit the editor. Press CTRL+X, CTRL+Y and Enter to return to the command line.
Reboot your server to ensure your time zone changes have been applied successfully.
Conclusion
Now you will able to deploy your game servers without running into issues with not appearing on the Rust Server Browser. Explore the panel and configure it to your liking.
Written by Triax.
Updated on: 22/03/2023
Thank you!