Add wings template

[zaralX]

What is this PR about?

New PR of Pterodacrtyl Wings Template

Checklist

Before submitting this PR, please make sure that:

• I have read the suggestions in the README.md file https://github.com/Dokploy/templates?tab=readme-ov-file#general-requirements-when-creating-a-template
• I have tested the template in my instance, so the maintainers don't spend time trying to figure out what's wrong.
• I have added tests that demonstrate that my correction works or that my new feature works.

Issues related (if applicable)

Close automatically the related issues using the keywords: closes #ISSUE_NUMBER

Screenshots or Videos

Greptile Summary

This PR adds a new Dokploy template for Pterodactyl Wings (v1.11.11), the server control plane companion to Pterodactyl Panel. The template includes a docker-compose.yml, template.toml, logo image, and meta.json entry.

Key issues found:

• docker-compose.yml uses ports instead of expose: The Dokploy template conventions require using expose rather than ports, since Dokploy manages its own networking and port routing. Using ports can cause host port conflicts.
• Hardcoded Traefik labels should be removed: The compose file includes Traefik routing labels with a placeholder domain (your.wings.domain) and cert resolver (myresolver). Dokploy manages Traefik configuration automatically based on template.toml, so these labels are redundant and will likely conflict with Dokploy's routing.
• The template.toml and meta.json entries are well-structured and follow the project conventions correctly.
• The pinned image version (v1.11.11) matches between meta.json and docker-compose.yml, with a helpful comment explaining why the latest v1.12.0 is not used.

Confidence Score: 2/5

• This PR needs changes to the docker-compose.yml before merging — the Traefik labels and ports configuration conflict with Dokploy conventions.
• Score of 2 reflects two actionable issues in the docker-compose.yml: (1) use of ports instead of expose which violates project conventions and can cause host conflicts, and (2) hardcoded Traefik labels that will conflict with Dokploy's automatic routing. The template.toml and meta.json are correct, and the issues are straightforward to fix.
• blueprints/wings/docker-compose.yml — needs ports changed to expose and Traefik labels removed.

_{Last reviewed commit: e52747a}

_{(2/5) Greptile learns from your feedback when you react with thumbs up/down!}

Context used:

• Context from dashboard - AGENTS.md (source)

[github-actions]

built with Refined Cloudflare Pages Action

⚡ Cloudflare Pages Deployment

Name	Status	Preview	Last Commit
templates	✅ Ready (View Log)	Visit Preview	e52747a

[Siumauricio]

why do we need this?

[Siumauricio]

@greptile review

[greptile-apps]

_{4 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

ports should not be used in Dokploy templates

Per the project's contribution guidelines (AGENTS.md), docker-compose templates should never include ports — Dokploy handles network routing internally. If these ports need to be exposed to the container network, use expose instead:

Suggested change

	ports:
	- 8080
	- 2022
	expose:
	- 8080
	- 2022

Using ports can cause conflicts with Dokploy's internal networking and port management on the host.

Context Used: Context from dashboard - AGENTS.md (source)

[greptile-apps]

Traefik labels conflict with Dokploy's routing

These Traefik labels are redundant and potentially problematic. Dokploy manages its own Traefik routing configuration based on the [[config.domains]] section in template.toml. Including hardcoded Traefik labels with a placeholder domain (your.wings.domain) and a cert resolver (myresolver) will likely conflict with Dokploy's automatic routing setup.

The template.toml already correctly configures domain routing for port 8080. This entire labels block should be removed:

Suggested change

	labels:
	- "traefik.enable=true"
	- "traefik.http.routers.c1.rule=Host(`your.wings.domain`)"
	- "traefik.http.routers.c1.entrypoints=websecure"
	- "traefik.http.services.c1.loadbalancer.server.port=8080"
	- "traefik.http.routers.c1.tls=true"
	- "traefik.http.middlewares.c1-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
	- "traefik.http.routers.c1.middlewares=c1-headers"
	- "traefik.http.services.c1.loadbalancer.server.scheme=https"
	- "traefik.http.routers.c1.tls.certresolver=myresolver"

If custom Traefik configuration is genuinely needed beyond what Dokploy provides, it should be documented clearly, but in this case the template.toml domain configuration is sufficient.

[greptile-apps]

Host bind mounts expose sensitive host paths

This template mounts the Docker socket (/var/run/docker.sock) and several host directories directly. While this is required for Wings to manage game server containers, it effectively grants the container full Docker daemon access and read/write to host paths. This is a significant security surface — users deploying this template should be aware that Wings requires these elevated privileges by design.

Additionally, the host path mounts (e.g., /etc/wings/, /var/lib/pterodactyl/) are not using named Docker volumes, which means they depend on specific host directory structures. Consider adding a comment at the top of the compose file explaining these requirements and the security implications, similar to how other templates (e.g., crowdsec) document their prerequisites.

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}