Skip to main content
Version: 1.5.9

Managing User Containers from the Terminal

In OpenPanel, each user has their own Docker context running in rootless mode. If you are familiar with Docker, you can manage a userโ€™s files and services directly from the terminal.

SSH access as the root user on the server is required to switch between Docker contexts.


Compose Setupโ€‹

Each userโ€™s environment is based on:

  • docker-compose.yml โ€“ defines services, networks, and volumes.
  • .env โ€“ defines CPU/memory limits, Docker image tags, and custom ports.

โš ๏ธ Always edit these files via the OpenAdmin interface. The interface validates your changes. Editing directly from the terminal bypasses validation and can break services. Make a backup before any modifications.


File Structureโ€‹

Each userโ€™s home directory is located at:

/home/USERNAME/

It contains configuration files and user data. Example structure:

โ”œโ”€โ”€ .env                 # Environment variables: versions, ports, CPU/memory limits
โ”œโ”€โ”€ backup.env # Backup configuration
โ”œโ”€โ”€ crons.ini # Cron jobs
โ”œโ”€โ”€ custom.cnf # MySQL configuration
โ”œโ”€โ”€ default.vcl # Varnish cache configuration
โ”œโ”€โ”€ docker-compose.yml # Service definitions
โ”œโ”€โ”€ docker-data # Docker storage
โ”‚ โ”œโ”€โ”€ containerd # Container runtime data
โ”‚ โ”œโ”€โ”€ containers # Individual container data
โ”‚ โ”œโ”€โ”€ image # Docker images
โ”‚ โ”œโ”€โ”€ network # Docker networks
โ”‚ โ”œโ”€โ”€ overlay2 # Overlay filesystem storage
โ”‚ โ”œโ”€โ”€ plugins # Docker plugins
โ”‚ โ””โ”€โ”€ volumes # Persistent data volumes
โ”‚ โ”œโ”€โ”€ <USERNAME>_html_data # Website files (/var/www/html/)
โ”‚ โ””โ”€โ”€ <USERNAME>_mysql_data # MySQL database files (/var/lib/mysql/)
โ”œโ”€โ”€ httpd.conf # Apache configuration
โ”œโ”€โ”€ my.cnf # MySQL root credentials for service commands
โ”œโ”€โ”€ nginx.conf # NGINX configuration
โ”œโ”€โ”€ openlitespeed.conf # OpenLiteSpeed configuration
โ”œโ”€โ”€ openresty.conf # OpenResty configuration
โ”œโ”€โ”€ php.ini/ # PHP configuration files
โ”œโ”€โ”€ pma.php # phpMyAdmin entry point
โ””โ”€โ”€ sockets # Sockets (MySQL, Redis, PostgreSQL, etc.)
  • Website files are stored in the Docker volume USERNAME_html_data and physically located at:
/home/USERNAME/docker_data/volumes/USERNAME_html_data/_data/
  • File ownership should match the OpenPanel user ID. Check with:
id -u USERNAME
  • Docker runs in rootless mode, mapping the user UID to root inside containers. This avoids permission issues while giving the user root-level permissions in their services.

  • Disk quotas are enforced using the quota tool. To check disk and inodes usage for user:

quota -u USERNAME

Managing Servicesโ€‹

Services are defined in /home/USERNAME/docker-compose.yml. You can extend this file with custom services, but to maintain compatibility with the OpenPanel UI, follow the guidelines.

Use the userโ€™s Docker context to manage their services. Examples:

  • List running services:
docker --context=USERNAME ps -a
  • Stop a service:
docker --context=USERNAME stop mysql
  • Restart a service:
cd /home/USERNAME && \
docker --context=USERNAME compose down mysql && \
docker --context=USERNAME compose up -d mysql
  • Exec into a service:
docker --context=USERNAME exec -it mysql bash
  • View resource usage:
docker --context=USERNAME stats --no-stream

Domainsโ€‹

Domain configuration files are stored in:

  • Caddy configuration:
/etc/openpanel/caddy/domains/<DOMAIN>.conf

Each domain has its own Caddyfile. Caddy handles SSL certificates and acts as a reverse proxy to the userโ€™s web server. For more information, see: How Web Traffic Flows with User Containers

  • BIND9 zone file:
/etc/bind/zones/<DOMAIN>.db

Contains the DNS records for the domain.


Backupsโ€‹

OpenPanel uses offen/docker-volume-backup for backups. Configuration is stored in backup.env.

  • Administrators can schedule automatic backups for users.
  • Users can also enable and manage their own backups if permitted.
  • Only Docker volumes are backed up, which include the actual user data (website files and databases).

For detailed instructions, see: Configuring OpenPanel Backups


Portsโ€‹

Ports are defined in the userโ€™s .env file:

root@vagabundo:/# grep _PORT home/mysqlbaja/.env 
HTTP_PORT="127.0.0.1:32780:80"
HTTPS_PORT="127.0.0.1:32781:443"
PROXY_HTTP_PORT="127.0.0.1:32782:80"
MYSQL_PORT="127.0.0.1:32777:3306"
PMA_PORT="32779:80"
POSTGRES_PORT="0:5432"
PGADMIN_PORT="0:80"
  • Ports are generated during user creation but can be modified by the administrator. After changes, run compose down && compose up for the changes to take effect.
  • โš ๏ธ Docker rootless mode prevents the use of ports under 1024.
  • Services should not expose ports externally unless remote access is required (e.g., phpMyAdmin, remote MySQL, or pgAdmin).