Pelican
Welcome to the first 2026 guide!
While I am using this as my 'production' environment, it is undergoing many changes
Pelican is a fork of Pterodactyl that is currently in beta. It has some pretty cool features like OAuth and supports plugins.
You can view a comparison of Pelican vs Pterodactyl here
Total Time Required
2 Hours
Difficulty
Moderate
Required Knowledge
Docker Compose, DNS, Cloudflare Zero Trust, Linux Servers
What does this stack do?
This stack is split into 2 pieces - the front end panel and the backend node. This is for a few reasons,
recommended by the devs
reduces issues from things starting up before others
easier to set up additional nodes if wanted
I've had a focus on security and ease of use for these 2 stacks. Using the correct env values (covered later), this compose file will automatically build a strong and secure hosting environment for your game servers. I've done this by using initialization containers to build and download configuration files, and Crowdsec for security.
My repository for the Crowdsec configurations
Node / Wings
The software that hosts and manages game servers. You can connect multiple Wings nodes to a singular panel
Panel / Pelican
The front end UI used to manage multiple nodes
Dockflare
Dockflare is a IaC solution for managing Cloudflare Tunnel routes using Docker labels.
This compose stack uses the dockflare label prefix dfpelican
If you are using Dockflare elsewhere in your homelab, I would highly advise changing the label prefix as you may experience issues with this compose file taking over other Dockflare tunnels
The version of Dockflare used will grab ANY container with the dockflare or cloudflare.tunnel labels, even though we've set the prefix
Cloudflare Tunnel
The "bridge" between your internal network and Cloudflare servers. Web apps are tunnelled through this, allowing a public address to reach an internal resource. Access is secured with CF Zero Trust The tunnel is created by Dockflare outside of the compose file - you will need to manually delete it if you delete the compose stack
Crowdsec Engine
Crowdsec is a crowdsourced cyber security tool. It monitors the Wings SFTP logs for brute force attempts adds the IP address to a 4 hour blocklist.
It also adds known bad IPs to your Cloudflare firewall, forcing them to do a Captcha before accessing anything. If a device is incorrectly blocked, refer to Crowdsec
Firewall Bouncer
This is the 'bridge' between the Crowdsec Engine container and the firewall on your machine
Cloudflare Bouncer
This is the 'bridge' between Crowdsec Engine and your Cloudflare Security Rules
Prerequisites
Please ensure you meet these before continuing.
Requirements
Recommended
Before you start,
You will need to select some subdomains and ports
Take note of this data in a txt document or somewhere nearby, or fill out the below chart. I have prefilled it with example data
Domain
example.com
Subdomain for Panel
panel
Subdomain for node
node1
Subdomain for game servers and SFTP
play
Game server port range
6600-6700
From email address
SFTP Port
2022
Last updated