Deploy Proxmox with KVM on a Hetzner server

Proxmox Logo

This guide will show you how to deploy Proxmox VE 5 with KVM Routing and NAT on a Hetzner server with focus on networking and DHCP/DHCPv6.

Assumptions

  • The connected interface is enp4s0
  • 192.0.2.62/27 is the public IP assigned by Hetzner
  • 192.0.2.33 is the default gateway for the network
  • 10.1.1.0/24 is the private block used on the VMs
  • 2001:db8:1111:2222::/64 is the IPv6 block assigned to the host
  • 2001:db8:1111:2222:81::/80 is the IPv6 block delegated to the VMs
  • The domain name used in the VMs is my.cloud
  • The host name of the hypervisor is hyper.my.cloud
  • All the commands are run as root

Deployment and Installation of Proxmox

Boot into rescue mode and run installimage. These are the settings for Custom image:
Continue reading Deploy Proxmox with KVM on a Hetzner server

Website Provisioning – Automate Apache with SaltStack

Website Provisioning - Apache and SaltstackEver since I’ve started hosting my own domains, I’ve searched for ways to automate the website provisioning.

Normally, the documentation includes the information on configuring your infrastructure based on roles. But if you have a webserver role for all your minions it doesn’t help with the individual provisioning I am aiming at.
Continue reading Website Provisioning – Automate Apache with SaltStack

Spring Cleaning

dog-1178365

Since it’s spring, it’s clean-up time.

I’ve managed to move the blog away from tumblr.com to my own hosted server. I’m celebrating by deleting old (and obsolete) posts from my blog.

I’m curious to see how much success I’ll have in writing new articles on WP.

Linux “root” tweaks

Tired of always being afraid someone will hack into your Linux computer/server?

One of the most important steps is to make sure the attacker can’t log in with the “root” account.

In order to do this, you have to:

  1. Make sure you can “switch user” to root (you will need to be able to control your system, after all)
  2. Make sure that nobody can log in with root, neither remote nor local.

Continue reading Linux “root” tweaks