fix: remove subscription nag and lock down proxmox

This commit is contained in:
Rasmus Wejlgaard 2026-05-13 21:05:40 +01:00
parent d3b516c594
commit 29ed9c6282
3 changed files with 34 additions and 7 deletions

View file

@ -2,3 +2,12 @@
- name: Update apt cache - name: Update apt cache
ansible.builtin.apt: ansible.builtin.apt:
update_cache: true update_cache: true
- name: Restart pveproxy
ansible.builtin.service:
name: pveproxy
state: restarted
- name: Reload ufw
community.general.ufw:
state: enabled

View file

@ -25,3 +25,22 @@
- name: Update apt cache - name: Update apt cache
ansible.builtin.apt: ansible.builtin.apt:
update_cache: true update_cache: true
# Patch is re-applied automatically on each Ansible run, which handles pve-manager package updates
# reverting the file.
- name: Suppress Proxmox subscription nag dialog
ansible.builtin.replace:
path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
regexp: "if \\(res === null \\|\\| res === undefined \\|\\| !res \\|\\| res\\.data\\.status\\.toLowerCase\\(\\) !== 'active'\\)"
replace: "if (false)"
notify: Restart pveproxy
- name: Allow Proxmox web UI on Tailscale only
community.general.ufw:
rule: allow
port: '8006'
proto: tcp
interface: tailscale0
direction: in
comment: "Proxmox web UI - Tailscale only"
notify: Reload ufw

View file

@ -1,15 +1,15 @@
# london-a # london-a
VM host. Runs KVM virtual machines via Cockpit. Proxmox VE hypervisor.
## Overview ## Overview
| | | | | |
|---|---| |---|---|
| **Location** | London (NW9) | | **Location** | London (NW9) |
| **OS** | Debian | | **OS** | Proxmox VE (Debian Bookworm) |
| **Tailscale IP** | 100.90.111.19 | | **Tailscale IP** | 100.122.180.98 |
| **Role** | VM host (Cockpit + KVM) | | **Role** | Hypervisor (Proxmox VE) |
## Hardware ## Hardware
@ -19,14 +19,13 @@ VM host. Runs KVM virtual machines via Cockpit.
| Memory | 32 GB | | Memory | 32 GB |
| Boot disk | 1 TB | | Boot disk | 1 TB |
Old gaming PC. Reinstalled with Debian in 2026-05 after moving monitoring to Grafana Cloud. Old gaming PC. Runs Proxmox VE on bare metal.
## Services ## Services
| Service | Port | Status | Notes | | Service | Port | Status | Notes |
|---------|------|--------|-------| |---------|------|--------|-------|
| Cockpit | 9090 | Active | Web UI for VM management | | Proxmox VE | 8006 | Active | Web UI — Tailscale only |
| cockpit-machines | — | Active | KVM/libvirt VM management via Cockpit |
| Tailscale | — | Active | Mesh networking | | Tailscale | — | Active | Mesh networking |
## Networking ## Networking