Proxmox

Network

Configure trunking on proxmox

# Physical interface
iface enp86s0 inet manual

# VLAN Bridge, native VLAN
auto vmbr0
iface vmbr0 inet manual
	bridge-ports enp86s0
	bridge-stp off
	bridge-fd 0
	bridge-vlan-aware yes
	bridge-vids 2-10

# VLAN 2
auto vmbr0.2
iface vmbr0.2 inet dhcp

# VLAN 4
auto vmbr0.4
iface vmbr0.4 inet dhcp

• systemctl restart networking

• or ifreload -a: restart interfaces

SSL Certificate using let's Encrypt

Step 1: Add ACME Account

• Navigate to Datacenter > ACME > Add to add a new ACME account. Provide a name for the account, a valid email address, and accept the terms of service.

• pvenode acme account register

Step 2: Request Let's Encrypt SSL Certificate

• Next, navigate to the Certificates section under your Proxmox hypervisor node. Select the ACME account you added earlier and add your Proxmox VE domain name as configured in your DNS server.

• pvenode config set --acme domains=

• Click on Order Certificates Now to request the SSL certificate. Alternatively, you can use the command line:

• pvenode acme cert order

Step 3: Reload Proxmox VE Web Console

• Rreload your web browser to load the new certificate. You can verify the certificate details under the Certificates section.

Checking Services

• systemctl restart pveproxy pvedaemon pve-cluster

Troubleshooting

Doesn't see node in dashboard after deleting certificate:

• Fix be removing old certificate and regenerate

User Management

• pveum user add shutdown-user@pve --email [email protected]

• pveum passwd shutdown-user@pve

• pveum user list

• pveum acl modify / -user shutdown-user@pve -role ShutdownRole

• pveum user token add $username@pve $token-name: generate api token for user

• pveum user token list $username@pve

• pveum user token modify $username@pve $token-name --privsep 0

  • privilege separation enabled: token need to be assigned a role

    • pveum acl modify /nodes/$node-name -token $username@pve!$token-name -role ShutdownRole

  • privilege separation disabled: token have the same privilege as user

• API call using Curl

Role Management

• pveum role add ShutdownRole -privs "Sys.PowerMgmt Sys.Audit"

• pveum role modify ShutdownRole -privs "Sys.PowerMgmt"

• pveum acl delete / -user @pve -role Sys.Audit

• pveum acl modify /nodes/ -user @pve -role ShutdownOnly

• pveum acl list

• pveum acl list

• systemctl restart pveproxy

• systemctl restart pvedaemon

API

VM Management

• Get VM/Container Status

• Start VM

• Stop VM

• Shutdown VM

• Reboot VM

Reference

• Certificate Management

• Proxmox VE Community Script