## DNS settings: make sure it is in the correct subnet; connect to internet before installation
## download image or template
proxmox:~$ pveam available --section system
# system alpine-*-amd64.tar.xz
# system debian-*-amd64.tar.gz
proxmox:~$ pveam download local debian*.gz
custom:
- from_web:
proxmox:~$ wget https://${weblink}.isp
proxmox:~$ sudo mv *.iso /var/lib/vz/template/cache
- from_usb:
## find the USB
proxmox:~$ lsblk
# NAME SIZE RO TYPE MOUNTPOINT
# sda 10G 0 disk
# |_ sda1 9.6G 0 part /
# |_ sda2 1K 0 part
# |_ sda3 466M 0 part [SWAP]
## insert USB
proxmox:~$ lsblk
# NAME SIZE RO TYPE MOUNTPOINT
# sda 10G 0 disk
# |_ sda1 9.6G 0 part /
# |_ sda2 1K 0 part
# |_ sda3 466M 0 part [SWAP]
# sdc 1024M 0 disk /media/USB
proxmox:~$ dd if=proxmox-ve*.iso of=/dev/sdc bs=1M
network:
## network: bridged adapter
## in the lxc container, set up eth0 interface
$ nano /etc/networking/interfaces
< /etc/networking/interfaces >
# configure eth0 manually
auto eth0
iface eth0 inet static
address 192.168.35.176
netmask 255.255.255.0
gateway 192.168.35.1
$ /etc/init.d/networking restart
## update dns if necessary (use pihole address: 192.168.35.30)
System > DNS > DNS server 1
lxc:
Network/eth0
Edit:Network Device (veth)
IPv4: Static
IPv4/CIDR: 192.168.35.26/24
Gateway(IPv4): 192.168.35.1
## changing subnet ip
## -- prev_ip: 192.168.1.235
## -- new_ip: 192.168.35.235
## -- prev_gateway: 192.168.1.235
## -- new_gateway: 192.168.35.235
## -- host: pve.somedomain.com
$ nano /etc/hosts
< /etc/hosts >
127.0.0.1 localhost.localdomain localhost
# ${prev_ip} ${host} pve pvelocalhost
${new_ip} ${host} pve pvelocalhost
$ nano /etc/resolv.conf
< /etc/resolv.conf >
Search somedomain.com
# nameserver ${prev_gateway}
nameserver ${new_gateway}
## go to web console
https://${new_ip}:8006
Datacenter > pve > System > Network
Name: vmbr0
Type: Linux Bridge
Active: Yes
Autostart: Yes
Ports/Slaves: enp0s31f6
IP Address: ${new_ip}
Subnet mask: 255.255.255.0
Gateway: ${new_gateway}
## assigning IPs to network device
# Name Type VLAN aware Ports/Slaves CIDR Gateway
# enp6s0f1 Network Device No -- -- --
# enp7s0f0 Network Device No -- 192.168.35.201/24 --
# enp7s0f1 Network Device No -- 192.168.35.202/24 --
# vmbr0 Linux Bridge No enp6s0f1 192.168.35.235/24 192.168.35.1
repositories:
## add repository
See < Notes/Server/misc.notes >
packages:
repo: download.com/proxmox.com/debian/pve
distro: stretch
component: pve-no-subscription
firewall:
See < Notes/Server/networking.notes >
firewall:
## default
## allow
ip: 192.168.35.0
## allow
direction: in
interface: tun0
## allow
direction: out
interface: tun0
## enable
## reload
## status
# To Action From
# -- ------ ----
# Anywhere ALLOW 192.168.35.0/24
# Anywhere on tun0 ALLOW Anywhere
# Anywhere (v6) on tun0 ALLOW Anywhere (v6)
# Anywhere ALLOW OUT Anywhere on tun0
# Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
openvpn:
## install and setup
See < /media/veracrypt2/Docs/Notes/DigitalOcean/VPN/vpn_do.notes >
## change the routing
$ ip addr
# vmbr0:
# inet 192.168.35.235/24 rd 192.168.35.255 scope global vmbr0
See < Notes/Server/networking.notes >
## add SNAT rule
source: 192.168.35.235
newsource: 10.8.0.0
## show rules
# Chain POSTROUTING (policy ACCEPT)
# target prot opt source destination
# SNAT all -- 10.8.0.0/24 !10.8.0.0/24 to:192.168.35.235
mountpoints:
## -- example
## -- hostpath: /storage/Video
## -- containerpath: /mnt/video
$ nano /etc/pve/lxc/102.conf
< /etc/pve/lxc/102.conf >
mp0: ${containerpath},mp=${hostpath}
security:
## allow docker
$ nano /etc/pve/lxc/${ID}.conf
lxc.apparmor.profile: unconfined
Container launch failure:
$ lxc-start -n ${ID} -F -l DEBUG -o /tmp/lxc.log
# if output contains `unsupported debian version 'xx.x'`
# update /usr/share/perl5/PVE/LXC/Setup/Debian.pm
- if !($version >= 4 && $version <= 12);
+ if !($version >= 4 && $version <= 15);