This guide covers creating and managing users, configuring service plans, understanding role-based access control (RBAC), and monitoring resource usage in Panelica.
Panelica has four user roles in a strict hierarchy:
| Role | Can Create | Can See | Primary Use |
|---|---|---|---|
| ROOT | All roles | All users and data | Server administrator |
| ADMIN | RESELLER, USER | Only users they created (and their RESELLER's users) | Hosting company staff |
| RESELLER | USER only | Only users they created | Reseller partner |
| USER | None | Only their own data | End customer |
Key principle: Each role can only see and manage users they created — never all users in the system. An ADMIN doesn't see another ADMIN's users.
---
Go to Users in the main navigation. The page shows:
Stats Cards (top row):
- Total Users — Count of all visible users
- Active Users — Currently active accounts
- Suspended Users — Suspended accounts
- Resellers — Reseller account count
Controls:
- View Mode — Toggle between Table View and Tree View (hierarchy). Preference saved in browser.
- Search — Filter by username, full name, or email
- Add User — Create a new user account
Table Columns:
- Username — With avatar initials and home directory path
- Full Name — Display name
- Email — With copy-to-clipboard button
- Role — Colored badge (ROOT=red, ADMIN=blue, RESELLER=green, USER=gray)
- Plan — Assigned service plan name
- Status — Active (green dot), Suspended (red dot), or Pending (yellow dot)
- System Username — Linux system username
- Created — Date and time
- Actions — Action buttons
Tree View: Shows users in a hierarchical tree: ROOT → ADMIN → RESELLER → USER, indented by ownership chain.
---
Each user row has these action buttons (based on your permissions):
| Action | Icon | Description |
|---|---|---|
| Impersonate | Blue user icon | View the panel as this user sees it. Cannot impersonate ROOT users. Logged in audit trail. |
| Edit | Gray pencil | Opens user edit form |
| Suspend / Unsuspend | Orange/Green circle | Suspends or reactivates the account |
| Delete | Red trash bin | Permanently removes the user account |
Delete Confirmation lists consequences:
- Home directory will be deleted
- System user will be removed
- All domains will be suspended
- All databases will be removed
- All email accounts will be removed
- Cannot be undone
Bulk Actions (ROOT only): Select multiple users with checkboxes, then use:
- Delete Selected — Remove multiple users at once
- Suspend — Suspend multiple users
- Activate — Unsuspend multiple users
---
Go to Users > Add User. The form has these sections:
Account Information:
| Field | Required | Rules |
|---|---|---|
| Username | Yes | Lowercase letters, numbers, underscores only. Max 32 chars. Must be unique. Cannot be changed later. |
| Yes | Valid email format. Must be unique. | |
| Full Name | No | Display name (optional) |
| Password | Yes | Minimum 8 characters. Strength meter shows requirements. "Generate Password" button creates a secure random password. |
| Confirm Password | Yes | Must match password exactly |
Password Strength Meter:
Shows a checklist of requirements (configurable per installation):
- At least 8 characters
- One lowercase letter
- One uppercase letter
- One number
- One special character
User Settings:
| Field | Description |
|---|---|
| Role | USER, RESELLER, ADMIN, or ROOT. Options depend on your role and license features. |
| IP Addresses | Select which server IPs this user can use. At least one required. |
Service Plan (right sidebar):
Select a plan from the dropdown. The plan summary shows real-time quotas: max domains, disk quota, bandwidth, databases, email accounts, subdomains, FTP accounts, cron jobs, SSH access, and more.
---
When you're an ADMIN or RESELLER creating users, you'll see a Remaining Resources box showing how much of your allocated quota remains:
- Users remaining
- CPU % remaining (color-coded)
- Memory remaining (in GB/MB)
- Disk remaining (in GB/MB)
If the selected plan's resources exceed your remaining quota, a red warning appears and the submit button is disabled. For example:
Code:
CPU exceeded: need 200%, remaining 100%
Memory exceeded: need 2GB, remaining 1GBQuota Hierarchy:
- ROOT has unlimited resources
- ROOT allocates quotas to ADMINs
- ADMIN allocates quotas to RESELLERs (within their own quota)
- No one can give more resources than they have
---
Go to Plans in the navigation. Plans define what resources and features each user gets.
Plan List: Shows all plans with name, status, domain/disk/bandwidth limits, user count, and actions.
Creating a Plan:
Basic Information:
- Plan Name — Required, must be unique
- Description — Optional notes
- Display Order — Sort order in dropdowns
- Default Plan — Auto-selected when creating users (only one can be default)
- Status — Active, Inactive, or Hidden
Resource Quotas:
| Resource | Default | Notes |
|---|---|---|
| Max Domains | 1 | -1 = unlimited |
| Disk Quota | 5 GB | Total disk space for user |
| Monthly Bandwidth | 50 GB | Monthly transfer limit |
| Max Subdomains | 5 | -1 = unlimited |
| Max Email Accounts | 5 | -1 = unlimited |
| Max Databases | 2 | -1 = unlimited |
| Max FTP Accounts | 1 | -1 = unlimited |
| Max Cron Jobs | 3 | -1 = unlimited |
| Max Containers | 0 | 0 = disabled, -1 = unlimited |
Resource Isolation (Cgroups v2):
These settings enforce hard kernel-level limits per user:
| Setting | Default | Unit | Description |
|---|---|---|---|
| CPU Limit | 100 | % | 100% = 1 core, 200% = 2 cores, -1 = unlimited |
| Memory Limit | 512 | MB | Maximum RAM usage, -1 = unlimited |
| IO Read Limit | 0 | bytes/sec | 0 = unlimited |
| IO Write Limit | 0 | bytes/sec | 0 = unlimited |
| Process Limit | 50 | count | Maximum concurrent processes |
PHP-FPM Defaults:
| Setting | Default | Description |
|---|---|---|
| Max Children | 10 | PHP-FPM worker processes |
| Memory Limit | 128 MB | PHP memory_limit |
| Max Execution Time | 30 sec | Script timeout |
| Upload Max Filesize | 32 MB | Maximum upload size |
| Post Max Size | 64 MB | Maximum POST data size |
Feature Permissions:
| Feature | Default | Description |
|---|---|---|
| SSH Access | Disabled | Enable SSH for users on this plan. Level: none, jailed, or full. |
| FTP Access | Enabled | Allow FTP connections |
| MySQL Access | Enabled | Direct database management |
| Cron Jobs | Enabled | Schedule automated tasks |
| SSL | Enabled | SSL certificate management |
| Backup | Enabled | Backup functionality |
| ModSecurity | Enabled | WAF protection per domain |
Quota Enforcement:
- Strict — Blocks new resource creation when quota exceeded
- Monitor — Warns but still allows (logging only)
- Oversell — Allows overuse up to a configured ratio (e.g., 1.2 = 20% oversell)
---
Go to Resource Usage in the navigation. This page shows actual runtime resource usage — not plan limits, but real kernel-reported data.
Controls:
- Refresh — Manual reload
- Real-time Polling — Auto-refresh every 5/10/30/60/120 seconds
- Last Update — Timestamp of last data fetch
Summary Cards:
- Total Users
- Users with Exceeded Quota (red if > 0)
- High Usage Users (≥75% on CPU/RAM/Disk)
- Active Containers (if Docker enabled)
Per-User Table:
| Column | Description |
|---|---|
| Username | User with avatar |
| Role | Role badge |
| Quota Mode | Strict, Monitor, or Oversell |
| Status | Normal (green), Warning (yellow at 75-90%), Exceeded (red at 90%+) |
| CPU Usage | Progress bar: used% / limit% |
| Memory | Progress bar: used MB / limit MB |
| Disk | Progress bar: used GB / limit GB |
| IO Read/Write | Throughput in bytes/sec |
| Processes | Current / limit (e.g., "12 / 50") |
Click the expand arrow on any user row to see per-domain resource breakdown.
---
ROOT users can override default permissions for individual users. Go to Users > Edit > Permissions tab.
Page Overrides: Allow or deny access to specific panel pages.
Feature Overrides: Allow or deny specific features regardless of the user's role.
Each override includes:
- Permission code (e.g.,
users.create_admin) - Action: Allow or Deny
- Optional expiry date
- Optional reason note
---
Impersonation lets you view the panel exactly as another user sees it — useful for troubleshooting or support.
How to use:
- Go to Users list
- Find the target user
- Click the blue impersonate icon
- Confirm the dialog
- The panel reloads showing the user's view
A bar at the top shows "Viewing as {username}" with a "Stop impersonation" button to return to your account.
Limitations:
- Cannot impersonate ROOT users
- Cannot impersonate yourself
- All actions during impersonation are logged in the audit trail
---
- Create a default plan first — Mark one plan as "Default" so new users automatically get it.
- Use meaningful plan names — "Starter 5GB", "Business 50GB", "Enterprise Unlimited" are clearer than "Plan A".
- Set resource limits — Always configure CPU and memory limits to prevent one user from consuming all server resources.
- Use RESELLER accounts for hosting resellers — they can only manage their own users and can't access server settings.
- Monitor resource usage — Check the Resource Usage page regularly for users approaching limits.
- Use strict quota mode — Prevents accidental overuse. Switch to monitor mode only if you want to allow temporary overages.
---
- Setup Wizard — Creating your first admin account
- First Steps After Setup — Initial panel configuration
---
Questions? Ask in General Discussion.
Last edited: