mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-07-04 15:46:16 +00:00
fix: remove subscription nag and lock down proxmox
This commit is contained in:
parent
d3b516c594
commit
29ed9c6282
3 changed files with 34 additions and 7 deletions
|
|
@ -2,3 +2,12 @@
|
||||||
- name: Update apt cache
|
- name: Update apt cache
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
|
- name: Restart pveproxy
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: pveproxy
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: Reload ufw
|
||||||
|
community.general.ufw:
|
||||||
|
state: enabled
|
||||||
|
|
|
||||||
|
|
@ -25,3 +25,22 @@
|
||||||
- name: Update apt cache
|
- name: Update apt cache
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
|
# Patch is re-applied automatically on each Ansible run, which handles pve-manager package updates
|
||||||
|
# reverting the file.
|
||||||
|
- name: Suppress Proxmox subscription nag dialog
|
||||||
|
ansible.builtin.replace:
|
||||||
|
path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
|
||||||
|
regexp: "if \\(res === null \\|\\| res === undefined \\|\\| !res \\|\\| res\\.data\\.status\\.toLowerCase\\(\\) !== 'active'\\)"
|
||||||
|
replace: "if (false)"
|
||||||
|
notify: Restart pveproxy
|
||||||
|
|
||||||
|
- name: Allow Proxmox web UI on Tailscale only
|
||||||
|
community.general.ufw:
|
||||||
|
rule: allow
|
||||||
|
port: '8006'
|
||||||
|
proto: tcp
|
||||||
|
interface: tailscale0
|
||||||
|
direction: in
|
||||||
|
comment: "Proxmox web UI - Tailscale only"
|
||||||
|
notify: Reload ufw
|
||||||
|
|
|
||||||
|
|
@ -1,15 +1,15 @@
|
||||||
# london-a
|
# london-a
|
||||||
|
|
||||||
VM host. Runs KVM virtual machines via Cockpit.
|
Proxmox VE hypervisor.
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
| | |
|
| | |
|
||||||
|---|---|
|
|---|---|
|
||||||
| **Location** | London (NW9) |
|
| **Location** | London (NW9) |
|
||||||
| **OS** | Debian |
|
| **OS** | Proxmox VE (Debian Bookworm) |
|
||||||
| **Tailscale IP** | 100.90.111.19 |
|
| **Tailscale IP** | 100.122.180.98 |
|
||||||
| **Role** | VM host (Cockpit + KVM) |
|
| **Role** | Hypervisor (Proxmox VE) |
|
||||||
|
|
||||||
## Hardware
|
## Hardware
|
||||||
|
|
||||||
|
|
@ -19,14 +19,13 @@ VM host. Runs KVM virtual machines via Cockpit.
|
||||||
| Memory | 32 GB |
|
| Memory | 32 GB |
|
||||||
| Boot disk | 1 TB |
|
| Boot disk | 1 TB |
|
||||||
|
|
||||||
Old gaming PC. Reinstalled with Debian in 2026-05 after moving monitoring to Grafana Cloud.
|
Old gaming PC. Runs Proxmox VE on bare metal.
|
||||||
|
|
||||||
## Services
|
## Services
|
||||||
|
|
||||||
| Service | Port | Status | Notes |
|
| Service | Port | Status | Notes |
|
||||||
|---------|------|--------|-------|
|
|---------|------|--------|-------|
|
||||||
| Cockpit | 9090 | Active | Web UI for VM management |
|
| Proxmox VE | 8006 | Active | Web UI — Tailscale only |
|
||||||
| cockpit-machines | — | Active | KVM/libvirt VM management via Cockpit |
|
|
||||||
| Tailscale | — | Active | Mesh networking |
|
| Tailscale | — | Active | Mesh networking |
|
||||||
|
|
||||||
## Networking
|
## Networking
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue