Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Tontonjo/proxmox_toolbox
A toolbox to get the firsts configurations of Proxmox VE / BS done in no time
https://github.com/Tontonjo/proxmox_toolbox
backup notifications pbs proxmox pve restore security security-tools smart snmp swap update
Last synced: about 1 month ago
JSON representation
A toolbox to get the firsts configurations of Proxmox VE / BS done in no time
- Host: GitHub
- URL: https://github.com/Tontonjo/proxmox_toolbox
- Owner: Tontonjo
- License: gpl-3.0
- Created: 2021-06-01T08:50:38.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2024-01-24T20:25:34.000Z (5 months ago)
- Last Synced: 2024-02-14T21:49:00.217Z (5 months ago)
- Topics: backup, notifications, pbs, proxmox, pve, restore, security, security-tools, smart, snmp, swap, update
- Language: Shell
- Homepage: https://www.youtube.com/c/tontonjo
- Size: 499 KB
- Stars: 232
- Watchers: 15
- Forks: 37
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-stars - Tontonjo/proxmox_toolbox - A toolbox to get the firsts configurations of Proxmox VE / BS done in no time (Shell)
README
# Proxmox Toolbox
## Toolbox to setup Proxmox Virtual Environment and Backup Server![image](https://github.com/Tontonjo/proxmox_toolbox/assets/60965766/dc7f1493-0d29-4a7a-b84e-f1e61dcc7ffc)
## Tonton Jo
### Join the community & Support my work
[Click Here!](https://linktr.ee/tontonjo)## Informations:
This little tool aim to get smalls one-time configurations for Proxmox Virtual environement and backup server hosts in no time.
It automatically will find if the host is a pve or a pbs host and setup accordingly.### Demonstration:
You can watch a demonstration of the tool [in this playlist](https://www.youtube.com/playlist?list=PLU73OWQhDzsTpLpVNspJ14rVrXAmo2Biu)### Prerequisits:
- Up-to-date PVE 7 / 8 or PBS server
- Internet connexion## Features are:
- Automatic PVE / PBS host detection
- Hide enterprise repo and set no-subscription repository
- Update host and create a new command "proxmox-update"
- - when no-enterprise source is set, disable no-subscription message
- Install usefull dependencies: ifupdown2 - git - sudo - libsasl2-modules - snmp
- Security settings:
- - Enable fail 2 ban with default configuration for sshd, proxmox virtual environement and backup server
(credits to [inettgmbh](https://github.com/inettgmbh/fail2ban-proxmox-backup-server))
- - Create another debian user with sudo rights
- - Disable root ssh login
- - Create another Proxmox GUI administrator (login with Proxmox VE Realm)
- - Disabling root@pam user !!! root@pam is needed to update from GUI - update can still be done trough SSH if disabled !!!
- Change or disable SWAP
- Enable S.M.A.R.T self-tests on all supported drives
- - short: every sunday@22 - Long: every 1st of month @22
- Enable SNMP V2 or v3 - you choose - with a default working configuration
- Backup and restore Proxmox Virtual Environment and Backup Server configuration
- - Automatic remount of directories and zpools using previously existing configurations
- - Please find more informations below## Legacy hidden function:
- Configure email service to send system and proxmox notifications (postfix)## News
2023.11.24: Proxmox 8.1 - Emails Notifications - Proxmox VE now supports email configurations very well from the GUI, the toolbox wont get any update related to this function anymore.## Usage and arguments:
### Get and execute:
```shell
wget -qO proxmox_toolbox.sh https://raw.githubusercontent.com/Tontonjo/proxmox_toolbox/main/proxmox_toolbox.sh && bash proxmox_toolbox.sh
```### Updating host & remove subscription message
The script will update your host and detect if the no-enterprise source is configured, if so, remove the subscription message.
- If you still encounter it after, clear your broswer cache.
- If you update your host directly within the system, the no subscribtion message may reappear when the file gets updated.
- In order to nerver see this again, you have to update Proxmox with one of the following options:To start an update only, without menu or prompt:
```shell
bash proxmox_toolbox.sh -u
```
Once the tool has been used to update host, you can execute this command to fully update your host - kind of an alias of bash proxmox_toolbox.sh -u
```shell
proxmox-update
```### Backup configuration
To start a configuration backup only:
```shell
bash proxmox_toolbox.sh -b
```
## Fail2ban:
If you enable fail2ban, i guess you know what you're doing, if you dont: here's some usefull informations and commands:
- ban are for 1 hour
- ssh and web interface logins are monitored
#### List of $jailname:
```ssh
fail2ban-client status
```
#### get status of a jails - display banned IP's
```ssh
fail2ban-client status $jailname
```
#### Unband an IP:
```ssh
fail2ban-client set $jailname unbanip $ipaddress
```## Backup and Restoration:
- Be carefull as this was not extensively tested - especially not with cluster configurations
- The following folders and configurations are backuped by default:
```/etc/ssh/sshd_config /root/.ssh/ /etc/fail2ban/ /etc/systemd/system/*.mount /etc/network/interfaces /etc/sysctl.conf /etc/resolv.conf /etc/hosts /etc/hostname /etc/cron* /etc/aliases /etc/snmp/ /etc/smartd.conf /usr/share/snmp/snmpd.conf /etc/postfix/ /etc/pve/ /etc/lvm/ /etc/modprobe.d/ /var/lib/pve-firewall/ /var/lib/pve-cluster/ /etc/vzdump.conf /etc/ksmtuned.conf /etc/proxmox-backup/```### Backup
The script will put every folder listed in backup_content in a tar.gz archive.
- You cand add /remove folder trough the edit of backup_content= line in the script
- You can change the target folder to use for backup and restoration in the script env. variables at: backupdir="/root/"Once the backup is done, a tar.gz archive is located at backupdir="/root/".
### Restauration:
The script looks for tar.gz files located in backupdir="/root/" and will list all the available archives for you to choose one.
Warning: The restauration will overwrite any existing file with the one in archiveThe restauration process will:
- Reinstall missing dependencies for snmp and fail2ban if config were existing
- Restore Proxmox configurations (proxmox configs, certificates, vm configs, storages configs, proxmox users)
- Automatically remount the following storages: dir and zpools## Directory mountpoint and zpool
In case of need, here's how you can manually mount storages:
#### Directory:
Mount configurations are located in /etc/systemd/system/mnt-datastore-$datastorename.mount
- run the following commands:
```shell
source /etc/systemd/system/mnt-datastore-$datastorename.mount
mkdir -p "$Where"
echo "$What $Where $Type $Options 0 2" >> /etc/fstab
mount -a
```
- Control if the drives are now correctly mounted
- Add a new Directory storage in pve/pbs using "where" as directory path
#### Zpool:
- run
```shell
zpool import
```
- Take note of the "pool" name and run
```shell
zpool import -f $poolname
```
- Add a new ZFS storage in pve/pbs
## SOURCES:
https://pve.proxmox.com/wiki/Fail2ban
https://github.com/inettgmbh/fail2ban-proxmox-backup-server
https://forum.proxmox.com/threads/how-do-i-set-the-mail-server-to-be-used-in-proxmox.23669/
https://linuxscriptshub.com/configure-smtp-with-gmail-using-postfix/
https://suoption_pickedpport.google.com/accounts/answer/6010255
https://www.howtoforge.com/community/threads/solved-problem-with-outgoing-mail-from-server.53920/
http://mhawthorne.net/posts/2011-postfix-configuring-gmail-as-relay/
https://docs.oracle.com/en/cloud/cloud-at-customer/occ-get-started/add-ssh-enabled-user.html
https://www.noobunbox.net/serveur/monitoring/configurer-snmp-v3-sous-debian
https://github.com/DeadlockState/Proxmox-prepare
https://blog.lbdg.me/proxmox-best-performance-disable-swappiness/
https://gist.github.com/mrpeardotnet/6bdc4b504f43ce57fa7eaee96d376edf
https://github.com/DerDanilo/proxmox-stuff/blob/master/prox_config_backup.sh
https://pve.proxmox.com/wiki/Upgrade_from_6.x_to_7.0
https://wiki.debian.org/SSDOptimization
https://www.linuxtricks.fr/wiki/proxmox-quelques-infos
https://bobcares.com/blog/fail2ban-unban-ip/## TODO:
settings for zram -> https://pve.proxmox.com/wiki/Zram
PBS: add support for user creation and backup / restoration
user creation fro PBS when available
make things stupid-proof (deny characters when numbers expected and so on)Tonton Jo - 2022