Vultr DocsLatest Articles

How to Install Cockpit on Debian 12

DebianCockpit
SM
Updated on January 17, 2025
How to Install Cockpit on Debian 12 header image

Introduction

Cockpit is an open-source, web-based graphical server management control panel that simplifies server management using system APIs and commands to perform system administration tasks. It's highly extensible with modules that enable additional Cockpit functionalities such as container management, system reporting, and web server configurations. To get started, you can easily install Cockpit on Debian 12, giving you a user-friendly interface for managing your server's resources and tasks.

This article explains how to install Cockpit on Debian. You will access the Cockpit management control panel, secure it with trusted SSL certificates, and install modules like Podman to manage containers on the server.

Install Cockpit on Debian 12

Cockpit is available in the default package repositories on Debian 12. Follow the steps below to update the APT package index and install Cockpit.

  1. Update the server's package information index.

    console 
    $ sudo apt update

  2. Install Cockpit.

    console 
    $ sudo apt install cockpit -y

  3. Enable Cockpit to start at system boot.

    console 
    $ sudo systemctl enable --now cockpit.socket

  4. Start the Cockpit service.

    console 
    $ sudo systemctl start cockpit

  5. View the Cockpit service status and verify that it's active.

    console 
    $ sudo systemctl status cockpit

    Output:

    ● cockpit.service - Cockpit Web Service
     Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static)
     Active: active (running) since Fri 2025-01-10 12:10:47 UTC; 5s ago
TriggeredBy: ● cockpit.socket
       Docs: man:cockpit-ws(8)
    Process: 68819 ExecStartPre=/usr/lib/cockpit/cockpit-certificate-ensure --for-cockpit-tls code=exi>   Main PID: 68833 (cockpit-tls)
      Tasks: 1 (limit: 1061)

  6. Allow the Cockpit port 9090, HTTP port 80, and the HTTPS port 443 through the default firewall configuration.

    console 
    $ sudo ufw allow 9090,80,443/tcp

  7. Reload UFW to apply the firewall changes.

    console 
    $ sudo ufw reload

  8. View the UFW status and verify all active firewall rules.

    console 
    $ sudo ufw status

    Output:

    Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
80,443,9090/tcp            ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
80,443,9090/tcp (v6)       ALLOW       Anywhere (v6)

Secure Cockpit with Trusted SSL Certificates

SSL certificates encrypt the traffic between a web browser and the Cockpit control panel. Follow the steps below to generate trusted Let's Encrypt SSL certificates to secure Cockpit on your server.

  1. Install the Certbot Let's Encrypt client tool.

    console 
    $ sudo apt install certbot -y

  2. Request a new SSL certificate using your Cockpit domain. Replace cockpit.example.com with your actual domain and admin@example.com with your active email address.

    console 
    $ sudo certbot certonly --standalone -d cockpit.example.com -m admin@example.com --agree-tos

  3. Link the fullchain.pem SSL certificate file to the /etc/cockpit/ws-certs.d/ directory. Replace certificate.cert with your desired certificate filename.

    console 
    $ sudo ln -sf /etc/letsencrypt/live/cockpit.example.com/fullchain.pem /etc/cockpit/ws-certs.d/certificate.cert

  4. Link the privkey.pem private key to the /etc/cockpit/ws-certs.d/. Replace certificate.key with your desired filename.

    console 
    $ sudo ln -sf /etc/letsencrypt/live/cockpit.example.com/privkey.pem /etc/cockpit/ws-certs.d/certificate.key

  5. Restart Cockpit to apply the changes and load the SSL certificate files.

    console 
    $ sudo systemctl restart cockpit

Access Cockpit

Cockpit uses the default server users and permissions to perform system administration tasks using the web-based control panel. Cockpit does not support root user authentication and requires non-root sudo user accounts to manage the server using the administrative access role. Follow the steps below to create a dedicated non-root sudo user and access Cockpit on your server.

  1. Create a new non-root user such as cockpitadmin and enter a strong user password when prompted.

    console 
    $ sudo adduser cockpitadmin

  2. Add the cockpitadmin user to the sudo users group.

    console 
    $ sudo usermod -aG sudo cockpitadmin

  3. Access the Cockpit port 9090 using your domain in a web browser such as Chrome.

    https://cockpit.example.com:9090

  4. Log in to Cockpit using your cockpitadmin user credentials.

    The Cockpit Login page

Manage a Server Using Cockpit

You can perform the following server management and monitoring tasks within the Cockpit control panel.

  1. Click the Turn on administrative access prompt to enable the user's sudo privileges in your Cockpit session.

  2. Click Overview to monitor the system resource usage (CPU, and memory), system health, system information, and basic configuration.

    Cockpit dashboard

  3. Click Logs tab to view and analyze the server logs.

    Cockpit's log viewing interface

  4. Click Storage to view the server's storage usage information.

    Cockpit's storage interface

  5. Click Accounts to manage user accounts on the server.

    Cockpit's Accounts tab

  6. Click Services to monitor and manage system services on the server.

    Cockpit's Service interface

  7. Click Applications to view the Cockpit addons installed on the server.

    Cocktail's Application interface

  8. Click Software Update to view the pending software updates on the server.

    Cockpit's Software updates tab

Create and Manage Containers Using Cockpit Podman

Cockpit Podman is a container management module that lets you create and manage containers using Podman on your server. Follow the steps below to install the Cockpit Podman module and manage containers on your server.

  1. Click the Terminal tab to access the server terminal in your web browser.

    Cockpit's Terminal interface

  2. Install the Cockpit Podman module.

    console 
    $ sudo apt install cockpit-podman -y

  3. Refresh your Cockpit window and click Podman containers on the left navigation menu.

    Cockpit's Podman Containers interface

  4. Click the Images options menu and select Download new image from the list.

    Images menu button

  5. Enter nginx in the Search field.

  6. Select the docker.io/library/nginx image from the list and click Download to pull the container image.

    Image selection in Podman

  7. Click Create Container in the Containers section to set up a new container.

    Creating the container

  8. Keep the Details configuration information.

    The details

  9. Navigate to the Integration tab and click Add port mapping.

  10. Map the host HTTP port 80 to the container port 80.

    Port mapping configurations

  11. Click Create and Run to deploy the container

  12. Click to expand the container in the Containers section and verify that it's in a Running state.

    The Nginx container in a running state

  13. Navigate to the Logs tab to monitor the container logs.

    The container's logs

  14. Click the options menu in the container's top-right corner to view the available container management actions.

    Container management actions

    The container management actions include stopping, force stopping, restarting, force restarting, pausing, creating a checkpoint, renaming, committing, and deleting the container.

Conclusion

You have installed Cockpit on Debian 12 and managed the server using the web-based control panel. You can install multiple modules to extend Cockpit with additional functionalities and use the control panel to perform system administration tasks. For more information, visit the Cocktpit documentation.