mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-07-04 15:46:16 +00:00
fix: remove subscription nag and lock down proxmox (#106)
This commit is contained in:
parent
d3b516c594
commit
5481292b7f
3 changed files with 34 additions and 7 deletions
|
|
@ -2,3 +2,12 @@
|
|||
- name: Update apt cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
|
||||
- name: Restart pveproxy
|
||||
ansible.builtin.service:
|
||||
name: pveproxy
|
||||
state: restarted
|
||||
|
||||
- name: Reload ufw
|
||||
community.general.ufw:
|
||||
state: enabled
|
||||
|
|
|
|||
|
|
@ -25,3 +25,22 @@
|
|||
- name: Update apt cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
|
||||
# Patch is re-applied automatically on each Ansible run, which handles pve-manager package updates
|
||||
# reverting the file.
|
||||
- name: Suppress Proxmox subscription nag dialog
|
||||
ansible.builtin.replace:
|
||||
path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
|
||||
regexp: "if \\(res === null \\|\\| res === undefined \\|\\| !res \\|\\| res\\.data\\.status\\.toLowerCase\\(\\) !== 'active'\\)"
|
||||
replace: "if (false)"
|
||||
notify: Restart pveproxy
|
||||
|
||||
- name: Allow Proxmox web UI on Tailscale only
|
||||
community.general.ufw:
|
||||
rule: allow
|
||||
port: '8006'
|
||||
proto: tcp
|
||||
interface: tailscale0
|
||||
direction: in
|
||||
comment: "Proxmox web UI - Tailscale only"
|
||||
notify: Reload ufw
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
# london-a
|
||||
|
||||
VM host. Runs KVM virtual machines via Cockpit.
|
||||
Proxmox VE hypervisor.
|
||||
|
||||
## Overview
|
||||
|
||||
| | |
|
||||
|---|---|
|
||||
| **Location** | London (NW9) |
|
||||
| **OS** | Debian |
|
||||
| **Tailscale IP** | 100.90.111.19 |
|
||||
| **Role** | VM host (Cockpit + KVM) |
|
||||
| **OS** | Proxmox VE (Debian Bookworm) |
|
||||
| **Tailscale IP** | 100.122.180.98 |
|
||||
| **Role** | Hypervisor (Proxmox VE) |
|
||||
|
||||
## Hardware
|
||||
|
||||
|
|
@ -19,14 +19,13 @@ VM host. Runs KVM virtual machines via Cockpit.
|
|||
| Memory | 32 GB |
|
||||
| Boot disk | 1 TB |
|
||||
|
||||
Old gaming PC. Reinstalled with Debian in 2026-05 after moving monitoring to Grafana Cloud.
|
||||
Old gaming PC. Runs Proxmox VE on bare metal.
|
||||
|
||||
## Services
|
||||
|
||||
| Service | Port | Status | Notes |
|
||||
|---------|------|--------|-------|
|
||||
| Cockpit | 9090 | Active | Web UI for VM management |
|
||||
| cockpit-machines | — | Active | KVM/libvirt VM management via Cockpit |
|
||||
| Proxmox VE | 8006 | Active | Web UI — Tailscale only |
|
||||
| Tailscale | — | Active | Mesh networking |
|
||||
|
||||
## Networking
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue