Proxmox All-in-One

From Da Nerd Mage Wiki
Jump to navigation Jump to search

Installing PVE

Start with the port you will want as your LAN port (secondary) from pfSense connected to your network

Install PVE

Fix repositories

  • Add "pve-no-subscription"
  • Disable "pve-enterprise"
  • Refresh updates
  • Upgrade

Add a second Linux Bridge

  • No addresses or gateways
  • Assign your, as yet unused, second physical Ethernet port to this bridge

pfSense

Installing pfSense (a link)

  • Build the pfSense VM
    • 8GB drive, 4 cores, 4096MB RAM
    • Use the second bridge (vmbr1) as the first network port & the original (vmbr0) as the second port
    • Configure the pfSense VM to start at boot.
      • Strongly reccomend setting it to boot FIRST & give a startup delay of at least a couple of minutes.
    • Do a BACKUP
    • Open the VM console & pretend you're building a normal pfSense router
    • Once the VM is booted into pfSense...
    • Do a BACKUP
    • Then move on to:

Management VM

  • Pick your favourite OS & build a VM (Or... Ya know... Since ya gave that second network bridge a physical NIC (Ya did, right?)... You could just plug a computer in there.)
    • Point its network device at the second network bridge
    • Sign into https://192.168.0.1 (from the Management VM)
    • In Services / DHCP Server / LAN
      • Under Servers, add in your DNS server(s) address(es)
    • Restart networking on the Management VM
    • Feed access to this VM through the pfSense firewall
  • Do a BACKUP

pfSense Configuration

  • Sign into https://192.168.0.1 (from the Management VM)
  • In Services / DNS Resolver / General Settings, under Host Overrides
    • set up a DNS entry for PVE
  • In Firewall / NAT / Port Forward
    • set up port forwarding for the pfSense UI (port 443)
    • set up port forwarding for the PVE UI (port 8006)
    • set up port forwarding for SSH (port 22) to the Management VM (if used...)
  • Do a BACKUP

Taking it LIVE

Up to this point, your server works fine on an internal network. Unfortunately, as far as the world outside the box is concerned, there are 2 machines there. The Proxmox install AND a pfSense install. They both show up on the network.

So...

Let's fix that.

  • Sign into the physical machine (PVE)
    • edit /etc/network/interfaces
      • Change vmbr0 to vmbr1 & vmbr1 to vmbr0
      • Change the address & gateway (of what is now vmbr1) to those assigned for PVE on the pfSense VM
    • edit /etc/hosts
      • Change the address to that assigned for PVE on the pfSense VM

Reboot the machine

Wait at least a couple minutes for pfSense to fully boot.

At this point, the machine shows up on your network as a single device (The pfSense VM!)

You can now browse to https://MachineAddress/ to access pfSense or https://MachineAddress:8006/ to access the PVE UI to do further setup of the system.

(Where MachineAddress is the address or name assigned to it by your local network...)


Retrieved from ‘https://wiki.nerdmage.ca/index.php?title=Proxmox_All-in-One&oldid=1508