# YakPanel distribution strategy

How customers install and run YakPanel on Linux VPS targets (aligned with common one-click panel installers).

## Decision: **both** native install and Docker

| Channel | Primary audience | Notes |
| --- | --- | --- |
| **Shell installer + systemd** | Default VPS users on Debian/Ubuntu **and** RHEL-family (`dnf`/`yum`) | Canonical script: [`install.sh`](../../YakPanel-master/YakPanel-server/install.sh). One-liners: `curl \| bash` / `wget`; optional `install-curl.sh` + `YAKPANEL_INSTALLER_BASE` for mirrors. Air-gap: `YAKPANEL_SOURCE_DIR` or `scripts/install.sh`. Optional **web + SSH** UI (`/install` on YakPanel-server) is **off by default**; see YakPanel-server README. |
| **Docker Compose** | Homelab, CI, and operators who prefer containers | [`docker-compose.yml`](../../YakPanel-master/YakPanel-server/docker-compose.yml); ports **8888** (backend), **5173** (frontend image), **6379** (Redis) — different from native install defaults (`PANEL_PORT` 8888 + Nginx static). |

**Rationale:** Bare-metal-style panels integrate deeply with the host (Nginx, MySQL data dirs, certbot). A container-only story works for demos but often fights production vhost layout; bare install works for production but is weaker for quick trials. Shipping **both** covers typical user segments.

## Native install (recommended for production)

1. **[`install.sh`](../../YakPanel-master/YakPanel-server/install.sh)** installs: git, Python 3 + venv, Redis, Nginx, Node 20 (NodeSource), then clones (or copies from `YAKPANEL_SOURCE_DIR`), builds the SPA, writes **systemd** for Uvicorn on `127.0.0.1:$BACKEND_PORT`, and configures Nginx for **`$PANEL_PORT`**.
2. **Debian/Ubuntu**: Nginx `sites-available` / `sites-enabled`; optional **ufw** rule.
3. **RHEL-family**: Nginx `/etc/nginx/conf.d/`; **firewalld** permanent port if firewalld is active; optional CRB/powertools for build deps.
4. **Post-install:** force password change, optional bind to localhost + SSH tunnel for first login (hardening doc).

## Docker (recommended for evaluation and dev parity)

- One-line pattern: `git clone … && cd …/YakPanel-master/YakPanel-server && docker compose up -d` (exact path depends on monorepo layout).
- Document env vars as needed: `DATABASE_URL`, `REDIS_URL`, `SECRET_KEY`, etc. (see compose file and backend config).
- Volume layout for persistence (panel SQLite/Postgres, `wwwroot` if applicable).
- Caveat: managing **host** Nginx/MySQL from inside Docker requires explicit volume/socket design—call out in operator docs.

## Installer matrix (YakPanel-server)

| Entry | Command idea |
| --- | --- |
| curl | `curl -fsSL …/YakPanel-server/install.sh \| sudo bash` |
| wget | `wget -qO- …/YakPanel-server/install.sh \| sudo bash` |
| Mirror | `YAKPANEL_INSTALLER_BASE=… curl …/install-curl.sh \| sudo -E bash` |
| Local clone | `sudo bash YakPanel-server/scripts/install.sh` or `sudo YAKPANEL_SOURCE_DIR=$PWD bash install.sh` |
| Docker | `docker compose up -d` in `YakPanel-server/` |

## What we are not choosing for v1

- **Windows/IIS** as a first-class target (different stack entirely).
- **Kubernetes-only** as the only distribution path (unnecessary complexity for a single-node panel unless you later offer a hosted multi-tenant product).

## Checklist before public download page

- [ ] Signed or checksum-published install script (or GitHub release asset).
- [ ] Versioned release tags aligned with installer.
- [ ] Uninstall / upgrade path documented (even if minimal).
- [ ] Default firewall guidance (panel port, SSH only) in quick start.