gilangvperdana/AddFail2Ban.md

## AddFail2Ban.md

      
    Raw
  

              AddFail2Ban.md
            
          
    General

If you want to protect your auth Proxmox VE, you can follow this step.
Brief

This configuration will be make max 3 attempt for Login to SSH or GUI & ban for 1 days you can modify on maxretry & bantime parameter.
Install Fail2ban

apt-get install -y fail2ban

Create SSHD Configuration


Create SSH Jail Configuration

nano /etc/fail2ban/jail.d/sshd.conf

[sshd]

# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
#mode   = normal
enabled   = true
filter    = sshd
banaction = iptables
backend   = systemd
maxretry  = 3
findtime  = 1d
bantime   = 1d
action  = iptables[name=SSH, port=22, protocol=tcp]
          telegram


You optionally use action line, if you want to use that you can follow this step first.


Create GUI Jail Configuration


nano /etc/fail2ban/jail.d/proxmox.conf

[proxmox]
enabled = true
filter = proxmox
backend = systemd
banaction = iptables
maxretry = 3
findtime = 7d
bantime = 1d


Create PAM Jail Configuration

nano /etc/fail2ban/jail.d/pam-generic.conf

[pam-generic]
enabled = true
backend = systemd
banaction = iptables
findtime = 7d
bantime = 1d
maxretry = 3


Restart Fail2ban

systemctl restart fail2ban

Check & Re-check


To check Ban

fail2ban-client status sshd
fail2ban-client status proxmox
fail2ban-client status pam-generic


To Unban IP

fail2ban-client set sshd unbanip $1
fail2ban-client set proxmox unbanip $1
fail2ban-client set pam-generic unbanip $1


To Manually Ban IP

fail2ban-client -vvv set sshd banip $1
fail2ban-client -vvv set proxmox banip $1
fail2ban-client -vvv set pam-generic banip $1

Reference


https://forum.proxmox.com/threads/pve-8-0-%E2%80%93-fail2ban-log-locations-missing.129338/
https://gist.github.com/gilangvperdana/4f80b83aadda3d813a9a60b2ecee300c


## ChangeLogo.md

      
    Raw
  

              ChangeLogo.md
            
          
    General

If you want to change favicon & left logo side you can replace this path

/usr/share/pve-manager/images/proxmox_logo.png
/usr/share/pve-manager/images/favicon.ico
/usr/share/pve-manager/images/logo-128.png

Size requirement


proxmox_logo.png -> 172x30
favicon.ico -> 32x32
logo-128.png -> 128x128


## CreateTemplateImage.md

      
    Raw
  

              CreateTemplateImage.md
            
          
    General

If you want to easily deploy VM on Proxmox, you can create a template from ISO Image.
Make sure your ISO already uploaded to Proxmox


Create Template


Goes to VM who want to be template (edit on CD/DVD Drive then Do not use any media)


Then add new CloudInit Drive


Then select storage to local-lvm


Then goes to Cloud-Init tab then fill to your needs then click Regenerate Image


Convert to Template


Finnish


Launch from Template


Goes to template then right click & clone


Select Full Clone


Reference


https://www.youtube.com/watch?v=t3Yv4OOYcLs&ab_channel=LearnLinuxTV


## CreateVMfromISO.md

      
    Raw
  

              CreateVMfromISO.md
            
          
    General

If you want to Create a new VM from fresh ISO Cloud Image you can follow this step.
Create VM on Proxmox Host


Fill in the Form


Finnish

You can start your VM then create a template for easily deploy next.
Reference


https://www.youtube.com/watch?v=xBUnV2rQ7do&ab_channel=LearnLinuxTV


## FixLockVM.md

      
    Raw
  

              FixLockVM.md
            
          
    General

If you see experienced an error message like trying to acquire lock... TASK ERROR: can't lock file '/var/lock/qemu-server/lock-205.conf' - got timeout you can use this script to unlock first then do your task before again.
Script

#!/bin/bash

echo 'Existing lock files'
ls -l /run/lock/qemu-server
read -p 'Enter the VM ID here to delete corresponding lock e.g. 101: ' vmid
qm unlock $vmid
rm -f /run/lock/qemu-server/lock-$vmid.conf
qm unlock $vmid
echo
echo '---Remaining locks---'
ls -l /run/lock/qemu-server


## forceStopVM.md

      
    Raw
  

              forceStopVM.md
            
          
    General

If you can't powerOff some VM on Proxmox, you can try this playground to force stop that VM's.
QM Command

## Gather VMID from QM Command
qm list

## Stop VM from QM Command
qm stop VMID

Force stop by Kill PID

## Gather VMID from QM Command
qm list

## Gather VMID PID
ps aux | grep "/usr/bin/kvm -id VMID"
kill -9 PID

Reference


https://bobcares.com/blog/proxmox-cant-stop-vm/


## ImportQCOW2.md

      
    Raw
  

              ImportQCOW2.md
            
          
    General

If you have a QCOW2 image type then you want to deploy on Proxmox, you can follow this step
Step


Create Empty VM
Import QCOW2 to VM

qm importdisk <vmid> <image.qcow2> <lvm-name>
qm importdisk 101 WP.qcow2 local-lvm


Change Unused Disk type to VirtIO Block


Set Boot Order


Start your VM

Reference


https://www.youtube.com/watch?v=uyUzGv5IZ9E
https://bobcares.com/blog/add-qcow2-to-proxmox/
https://ostechnix.com/import-qcow2-into-proxmox/


## InstallSpiceRC.md

      
    Raw
  

              InstallSpiceRC.md
            
          
    General

If you need an Advanced Remote Console VM than NoVNC (default), we can use Spice for Remote Console.
Before we can use Spice, we must install additional agent on VM named virt-viewer
Before

Make sure you have a Spice Client first on your local machine to access Spice Server. You can download on Here
Installation

sudo apt install virt-viewer

Tested on Ubuntu Server
Change type of Display on Hardware VM Configuration


Noted : 32 MiB is very sufficient for 4K use.
Reference


https://ostechnix.com/access-proxmox-virtual-machine-with-spice/


## QemuGuestAgent.md

      
    Raw
  

              QemuGuestAgent.md
            
          
    General

If you want to add qemu-guest-agent to Server who run on Proxmox, you can execute this command.
Command for Unix

apt-get install qemu-guest-agent
systemctl start qemu-guest-agent
systemctl enable qemu-guest-agent

Command for Windows Server


Reference : https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers
Check : qm agent <vmid> ping

Source


https://pve.proxmox.com/wiki/Qemu-guest-agent


## scaleDownVMDisk.md

      
    Raw
  

              scaleDownVMDisk.md
            
          
    General

If you want to scale down VM Disk on Proxmox VE you can follow this step.
for Linux

you can follow detach PV from VG with pvmove on this link first then continue to point decrease disk from Proxmox VE.
for Windows

you can shrink your existing disk from disk management then continue to point decrease disk from Proxmox VE.
Decrease disk from Proxmox VE

you can reffer this link or you can simply execute this on your Proxmox VE terminal.
lvm lvreduce -L -32g pve/vm-103-disk-0
qm rescan


## UbuntuStaticDNS.md

      
    Raw
  

              UbuntuStaticDNS.md
            
          
    General

If you have a problem when DNS not configurar persistence, please follow this step.
Install

sudo apt install resolvconf	

sudo systemctl enable resolvconf
sudo systemctl start resolvconf
sudo systemctl status resolvconf	

Configure DNS

sudo nano /etc/resolvconf/resolv.conf.d/head 

nameserver 1.1.1.1
nameserver 8.8.8.8	

Apply

sudo resolvconf --enable-updates
sudo resolvconf -u 

Reference


https://musaamin.web.id/set-permanent-resolv-conf-ubuntu/
for CentOS -> https://www.cyberciti.biz/faq/howto-setting-rhel7-centos-7-static-ip-configuration/


## UploadISOfromCLI.md

      
    Raw
  

              UploadISOfromCLI.md
            
          
    General

If you don't want to upload ISO from Proxmox Console, you can upload ISO from CLI with these step.
Download your ISO on Proxmox Host


Windows : https://s3.bigstack.co/downloads/cloud-image/win2019en-standard-minimal.vmdk

Import VMDK to Proxmox :

Create VM
qm importdisk 312 for312.vmdk local-lvm --format raw 
qm rescan
Attach disk 1
Set disk 1 to first boot order
Start VM
Reference : https://www.bacula.lat/importing-vmdk-in-proxmox-step-by-step-guide/?lang=en


Ubuntu : https://ubuntu.com/download/server


CentOS : https://www.centos.org/download/


For example we want to upload Ubuntu ISO image to Proxmox
#Ubuntu 22.04 server edition:
wget https://releases.ubuntu.com/22.04/ubuntu-22.04-live-server-amd64.iso

#Ubuntu 20.04 server edition
wget https://releases.ubuntu.com/20.04/ubuntu-20.04.4-live-server-amd64.iso


Copy to /var/lib/vz/template/iso/
scp ubuntu-22.04-live-server-amd64.iso root@proxmox_server:/var/lib/vz/template/iso/


Then check on Proxmox Console tab ISO, our image must be on there.


Reference


https://techviewleo.com/how-to-upload-os-iso-files-in-proxmox-ve/


## VNCStaticAddr.md

      
    Raw
  

              VNCStaticAddr.md
            
          
    General

If you want to access your GUI VM on top of Proxmox, you can set static IP on proxmox conf.
Set

Go to /etc/pve/local/qemu-server/<VMID>.conf then add this args for set static VNC IP.
args: -vnc 0.0.0.0:77

Reboot your VM.
Access

You can access it on <YOUR_PROXMOX_HOST_IP>:5977
Reference


https://pve.proxmox.com/wiki/VNC_Client_Access