Home Lab Computer Self Taught, Eager Learner also a Teacher (All of Us are!) Learning Trial and Error Successes:
Public Note:
Please allow me to share my Trial and Error Proxmox 9.1 and Hestia Control Panel, Webserver Port Forwarding Success:
Here is my entire Proxmox 9.1 installation and network settings:
Self Taught, No Formal Teachings. I Just Really Like and Love Computers and I have for Months and Years Finally have written it on 1/one Page.
I Am That, I Am more than Happy to Share it Freely!
a working Setup for Proxmox 9.1. I have the same thing made for Canonical LXD… 🙂 Happy Computing. 🙂
I Am That, I Am a Conscious and Aware Individual Private Self!
I Am That, AM Sharing My Actual IP Addresses and Passwords from My Personal Self Hosting Computer Lab. it is easier to look at and understand in context instead of replacing it with demo examples or hiding it.
Self Awakening Equal Universal Knowledge Education of All of Us:
Stop having Secret, Keeping Secrets,- Stop Hiding Your Thoughts and Feelings Self Believes and Stop fearing Them Too!!! it is Only INSIDE the Brain! Don’t Believe, Do, Care or Need it! it is Only within,, INSIDE the Brain! Also,-Feel Healthy Only to Heal it! with Your Breathing!!! “Just Do it!” Awaken, Wake-Up! it Means to Knowledge! http://shaylehvgroup.wordpress.com its FREE! Copy it, Own it! it Belongs to All of Us Equally!!!
——————————————————————————
This was is done on a Contabo VPS Single IP Address, Operating System: Debian 13 Trixie.
And Raspberry Pi 5 Single IP Address, Raspberry Pi OS: Debian 13 Trixie.
The Purpose of Intention is for : Hestia Control Panel, Webserver and Docker and Portainer Containers:
This is Covering Preparations of Networking: ifupdown2, DNS: resolvconf, hosts file settings before installing Proxmox 9.1 and the installation of Proxmox 9.1.
CVPS Proxmox 9.1 Installation:
=====================
On the Host Computer:
Preparations before installing Proxmox 9.1:
CVPS Debian 13 Trixie Netplan original settings:
network:
version: 2
renderer: NetworkManager
ethernets:
eth0:
match:
macaddress: “00:50:56:5d:ae:35”
addresses:
– “66.94.124.242/21”
– “2605:a141:2286:5037:0000:0000:0000:0001/64”
nameservers:
addresses:
– 209.126.70.51
– 209.126.70.52
– 2605:a141:5028::1:53
search: []
set-name: “eth0”
routes:
– to: “default”
via: “66.94.120.1”
– on-link: true
to: “default”
via: “fe80::1”
Original sudo nano /etc/hosts file:
GNU nano 8.4 /etc/hosts
Your system has configured ‘manage_etc_hosts’ as True.
As a result, if you wish for changes to this file to persist
then you will need to either
a.) make changes to the master file in /etc/cloud/templates/hosts.debian.tmpl
b.) change or remove the value of ‘manage_etc_hosts’ in
/etc/cloud/cloud.cfg or cloud-config from user-data
#
127.0.1.1 vmi2865037.contaboserver.net vmi2865037
127.0.0.1 localhost
The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
sudo nano /etc/hosts
change to:
127.0.0.1 localhost
66.94.124.242 cvpspmox.netfreund.com cvpspmox
next time I’ll leave it with:
66.94.124.242 vmi2865037.contaboserver.net vmi2865037
change the Static Hostname:
sudo hostnamectl set-hostname cvpspmox
Prevent Cloud init from managing the /etc/hosts file:
sudo nano /var/lib/cloud/instance/user-data.txt
change: manage_etc_hosts: true
to manage_etc_hosts: false
uncomment manage_etc_hosts:
# manage_etc_hosts
in sudo nano /etc/cloud/cloud.cfg edit:
disable_root: false
ssh_pwauth: true
uncomment: manage_etc_hosts: true
The modules that run in the ‘init’ stage
Uncomment:
– update_etc_hosts
Master Cloud Config File:
sudo nano /etc/cloud/templates/hosts.debian.tmpl
127.0.0.1 localhost
66.94.124.242 cvpspmox.netfreund.com cvpspmox
resolvconf settings:
sudo nano /etc/resolv.conf
domain cvpspmox.netfreund.com
search cvpspmox.netfreund.com
nameservers 1.1.1.1 1.0.0.1
nameservers 209.126.70.51 209.126.70.52
nameservers 2605:a141:5028::1:53
(optionl, if needed, there it is):
disable support for IPv6 on the proxmox node:
sudo nano /etc/sysctl.d/disable-ipv6.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
ifupdown2 sudo nano /etc/network/interfaces Settings:
The loopback network interface
auto lo
auto eth0
iface eth0 inet static
address 66.94.124.242/21
netmask 255.255.248.0
gateway 66.94.124.1
dns-nameservers 1.1.1.1 1.0.0.1
dns-nameservers 209.126.70.51 209.126.70.52
dns-nameservers 2605:a141:5028::1:53
dns-domain netfreund.com
proxmox bridge
auto vmbr0
iface vmbr0 inet static
address 192.168.1.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
# rules to forward and masquerade the traffic of the vms
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o eth0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o eth0 -j MASQUERADE
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1HCP Container Port Forwaring:
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2083 -j DNAT --to 192.168.1.2:2083
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.2:80
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to 192.168.1.2:443
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 143 -j DNAT --to 192.168.1.2:143
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 993 -j DNAT --to 192.168.1.2:993
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to 192.168.1.2:110
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to 192.168.1.2:25
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 465 -j DNAT --to 192.168.1.2:465
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 587 -j DNAT --to 192.168.1.2:587
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 53 -j DNAT --to 192.168.1.2:53
post-up iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to 192.168.1.2:53
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j DNAT --to 192.168.1.2:21
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j DNAT --to 192.168.1.2:22NPM Container Port Forwaring:
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 81 -j DNAT --to 192.168.1.3:81
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 82 -j DNAT --to 192.168.1.3:80
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 444 -j DNAT --to 192.168.1.3:443NPM Container Port Forwaring:
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5354 -j DNAT --to 192.168.1.3:53
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5354 -j DNAT --to 192.168.1.3:53
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 67 -j DNAT --to 192.168.1.3:67
post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 84 -j DNAT --to 192.168.1.3:80update ifupdown2:
ifreload -a
On the VM set the following:
Network Settings:
IP: 192.168.1.2/24
GATEWAY: 192.168.1.1
NETMASK: 255.255.255.0
Test if ports are open:
tcpdump -eni vmbr0 port 80
is any service listening on port number?:
sudo ss -tuln | grep :80
sudo ss -tuln | grep :443
try to connect and receive a file:
nc -l -p 80 > nc_.txt
——————————————————————————————————————-f
Now Ready to Install Proxmox:
Proxmox 9.1 Installation:
Install Repository, Kernel, and Reboot:
sudo apt update \
&& sudo apt install wget -y \
&& sudo wget https://enterprise.proxmox.com/debian/proxmox-release-trixie.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-trixie.gpg \
&& sudo echo “deb [arch=amd64] http://download.proxmox.com/debian/pve trixie pve-no-subscription” \
| sudo tee /etc/apt/sources.list.d/pve-install-repo.list \
&& sudo apt update \
&& sudo apt full-upgrade -y \
&& sudo apt install -y proxmox-default-kernel \
&& sudo reboot
Install Packages And Remove Old Kernel:
sudo apt install -y proxmox-ve postfix open-iscsi chrony \
&& sudo apt remove linux-image-amd64 ‘linux-image-6.12*’ -y \
&& sudo update-grub \
&& sudo apt remove os-prober -y
Log in to Proxmox:
Proxmox Login info:
username: root
password: HLoVe2012NowLive#
Now Ready for Installing Containers and VMs
to allow unconfined AppArmor access:
sudo nano /etc/pve/lxc/100.conf #hcp Hestia Control Panel, Webserver Container settings.
sudo nano /etc/pve/lxc/101.conf #dp Docker, Portainer Container settings.
sudo nano /etc/pve/lxc/102.conf #npm NginX Proxy Manager Container settings.
sudo nano /etc/pve/lxc/103.conf #pihole Pi-Hole Container settnigs.
add:
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:
var_keyctl=0
Extra Stuff + Troubleshooting:
how to change NODE Host name:
mkdir /etc/pve/nodes/cvpspmox
mv /etc/pve/nodes/hcp/* /etc/pve/nodes/cvpspmox/
if error: can’t move because directory is not empty,- use:
cp -r /etc/pve/nodes/hcp/ /etc/pve/nodes/cvpspmox/
rm -rf /etc/pve/nodes/hcp
If using postfix for mail, update sudo nano /etc/postfix/main.cf
If you have specific storage configurations, check sudo nano /etc/pve/storage.cfg for references to the old name and update them.
systemctl restart pveproxy
reboot
Update SSL Certificate:
pvecm updatecerts -f
Done.
=============================
On the Ubuntu LXC/Container:
if the below error happens, solution for it:
error:
run-parts: /etc/update-motd.d/98-fsck-at-reboot exited with return code 2
solution:
sudo chmod 600 /etc/update-motd.d/98-fsck-at-reboot
Change DNS Settings via Terminal:
nmcli connection show –active
sudo nmcli connection modify “eth0” ipv4.dns “192.168.1.6” # pihole Proxmox eth0 static local IP.
sudo nmcli connection modify “eth0” ipv4.dns “192.168.1.6 1.1.1.1”