Some text here
Proxmox
https://github.com/tteck/Proxmox?tab=readme-ov-file
Pve login? root, borabora
Proxmox: https://192.168.178.111:8006/, root, borabora, boraers@gmail.com, xy.proxmoxBE.lan
portainer: http://192.168.178.23:9000/, admin, boraborabora
Unraid server: http://192.168.178.23:8080/, Bora, bora90bora
Ubuntu upgrade to the latest version
sudo do-release-upgrade
figure out IP address of VM/container:
lxc-info -n 111
https://www.reddit.com/r/Proxmox/comments/kxdjrc/i_am_running_proxmox_on_a_thinkpad_laptop_how_can/
I’m doing this from memory, so google will help you verify, but there’s an option in /etc/systemd/logind.conf that should help. Uncomment the line about HandleLidSwitch=suspend and change suspend to ignore. Save and close that and restart systemd-logind and you should be in business.
>> nano /etc/systemd/logind.conf
Uncomment the line about HandleLidSwitch=suspend and change suspend to ignore
>>systemctl restart systemd-logind
https://www.wundertech.net/install-nextcloud-on-proxmox/
in console of LXC container: pct enter 100
>> root >> borabora
apt update && apt upgrade -y
apt install curl -y
curl -sSL https://get.docker.com/ | sh
docker run --restart always -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce
figure out IP address: ip addr >> eth0@if12
>> http://[CONTAINER_IP]:9000
http://192.168.178.23:9000
in portainer:
version: '2'
services:
db:
image: mariadb:10.5
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- /var/lib/docker/volumes/Nextcloud_Database:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=password
- MYSQL_PASSWORD=password
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
app:
image: nextcloud
restart: always
ports:
- 8080:80
links:
- db
volumes:
- /var/lib/docker/volumes/Nextcloud_Application:/var/www/html
environment:
- MYSQL_PASSWORD=password
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
https://www.derekseaman.com/2023/10/home-assistant-proxmox-ve-8-0-quick-start-guide-2.html
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/misc/post-pve-install.sh)"
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/haos-vm.sh)"
http://192.168.178.43:8123
Test, bora
samba share: homeassistant, sharemyHA, WORKGROUP
network storage on fritz.nas
Name: fritzbox
Server: fritz.nas
Remote Share: fritz.nas/USB-SanDisk3-2Gen1-01/Data
Username: see Keepass
Password:
configure static IP address:
in HA: 192.168.178.43/24, 192.168.178.1, 192.168.178.1
in Fritzbox: 192.168.178.43
deConz: ConbeeIII, testtest
homeassistant, ***, WORKGROUP
https://smarthomescene.com/guides/how-to-separate-zigbee2mqtt-from-home-assistant-in-proxmox/
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/mqtt.sh)"
http://192.168.178.80:1883
sudo mosquitto_passwd -c /etc/mosquitto/passwd root
password: mqtt4bora
sudo nano /etc/mosquitto/conf.d/default.conf
sudo systemctl restart mosquitto
sudo /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
do not forget:
chown mosquitto:mosquitto /etc/mosquitto/passwd
chown root /etc/mosquitto/passwd
topic_pub = f"homeassistant/sensor/node_{node.nodeNumber}/state"
add new user:
https://stackoverflow.com/questions/41396710/adding-users-in-mqtt-broker
sudo mosquitto_passwd -c /etc/mosquitto/passwd note4
note4
attention: when migrating HAOS, the user/pswd of mqtt must be identical for correct operation of Tasmota, Shelly and Mycropython devices
https://tteck.github.io/Proxmox/
http://192.168.178.26:3000/, borabora, boraers@gmail.com
https://wiki.mywiki.com
diagrams can be created by inserting “diagram” from the left panel on Markdown pages
how to access the file system of a proxmox container?
https://www.reddit.com/r/Proxmox/comments/fap1wx/beginner_question_where_are_container_filesystems/
find / -size +500M -ls
/var/lib/lxc/103/rootfs/
lvdisplay
/dev/pve/vm-103-disk-0
using github:
https://docs.requarks.io/storage/git
ssh-keygen -t rsa -b 4096
/root/.ssh/id_rsa
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:JmrdPXntGuqgopWrbAquqhZIGuy5rdo2vGLr/BHm3k4 root@wikijs
The key's randomart image is:
+---[RSA 4096]----+
| |
| |
|. |
|.o |
|=..o . S |
|o+o .+ + . . . |
|..+o=E. o + o . |
|=**+=. . . + o |
|#@XBo+. .o ... |
+----[SHA256]-----+
>>nano /root/.ssh/id_rsa.pub
https://unix.stackexchange.com/questions/122795/long-line-wrapping-in-nano
!!complicated copy procedure: esc → shift+4 → mar everything with mouse → Alt+6 or right mouse!!
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCy/UxBIoWGzWnRmHnLn89TwruJ3srW3ZeYPdUta5+Mv4l78IJsT+qIxyevQTH08kSktCz+J1M4aJSOXEpLdZmiy92kV5auFASNGbkwVKT9rV1+JihxZS14v3bcggOm8qfZZLDa/Wk54pcEvJOOuuZyjZpULAiaXtOUtIptd6Dt2jOHVnfuFRmqcNDokTJe6x/CCLcifcBb6W8GS2RbIORk/U4LMxqe+aXjdKwd6d3ksGq+nCzkRLgQ18h8ZnFrdFaq12ApP6xVmsZgM4aydWj7Y73j5Me0vJD1QltQGjb5sDOXJ3C3ZI8Oxnmaj+UWbwGXWEm5JlSuqqIdAjQCf8yWtfdQnxLtKa0zAtjt4YblD/l1zaOWg4+DxShMQ5qRPg3uHRxW0XBmGR7GTtjloFg6It4IUym+0g33JLlsQITVj9t5XAUFP6o5oTaFwvRT+wkUM/J4B4xkdeR9mha7Sxf8HjVThfrOBadqco37MuLRIGe76jQfglrn5w3AxyFFC4spd5CuFjdq+8vjxYYMnDorSSA5lHVpzswkd6UhJHgHD1L3lFEOkEK88k6D0nGMnj/S3N9ybdKWgaAy4vBYFj1FaAzsdh7p6trnSY9O+vPdA6lmZbFg89UDkmqnyu0mKUa/BSz5YtuqUNSqFRigmz6abq4fQ8fycmzLbaQsuCqJ3Q== root@wikijs
TARGET CONFIGURATION
Authentication Type
ssh
Use SSH for maximum security.
Repository URI
git@github.com:BoraEr90/WikiJS.git
Git-compliant URI (e.g. git@github.com:org/repo.git for ssh, https://github.com/org/repo.git for basic)
Branch
main
The branch to use during pull / push
SSH Private Key Mode
path
SSH Authentication Only - The mode to use to load the private key. Fill in the corresponding field below.
A - SSH Private Key Path
/root/.ssh/id_rsa
SSH Authentication Only - Absolute path to the key. The key must NOT be passphrase-protected. Mode must be set to path to use this option.
B - SSH Private Key Contents
SSH Authentication Only - Paste the contents of the private key. The key must NOT be passphrase-protected. Mode must be set to contents to use this option.
Some hosts requires SSL certificate checking to be disabled. Leave enabled for proper security.
Username
Basic Authentication Only
Password / PAT
Basic Authentication Only
Default Author Email
boraers@gmail.com
Used as fallback in case the author of the change is not present.
Default Author Name
BoraEr90
Used as fallback in case the author of the change is not present.
Local Repository Path
/root/repo
Path where the local git repository will be created.
Git Binary Path
Optional - Absolute path to the Git binary, when not available in PATH. Leave empty to use the default PATH location (recommended).
SYNC DIRECTION
Choose how content synchronization is handled for this storage target.
Bi-directional
In bi-directional mode, content is first pulled from the storage target. Any newer content overwrites local content. New content since last sync is then pushed to the storage target, overwriting any content on target if present.
Push to target
Content is always pushed to the storage target, overwriting any existing content. This is safest choice for backup scenarios.
Pull from target
Content is always pulled from the storage target, overwriting any local content which already exists. This choice is usually reserved for single-use content import. Caution with this option as any local content will always be overwritten!
SYNC SCHEDULE
For performance reasons, this storage target synchronize changes on an interval-based schedule, instead of on every change. Define at which interval should the synchronization occur.
Every
5
Minute(s)
0
Hour(s)
0
Day(s)
0
Month(s)
0
Year(s)
Currently set to every 5 minutes.
The default is every 5 minutes.
https://www.reddit.com/r/wikijs/comments/uyfjlz/help_cannot_use_storage_targets/
https://www.youtube.com/watch?v=NaKExFTCKtg
192.168.178.79
attention: DHCP to be activated manually!
root, mygit90
#Install git
apt update && apt install git -y
#Get the correct download link for the latest version
wget https://dl.gitea.com/gitea/1.21.4/gitea-1.21.4-linux-amd64
#Move the binary to bin
mv gitea* /usr/local/bin/gitea
#Make executable
chmod +x /usr/local/bin/gitea
#Ensure it works
gitea --version
#Create the user/group for gitea to operate as
adduser --system --group --disabled-password --home /etc/gitea gitea
#Config directory was created by adduser
#Create directory structure (mountpoint should be /var/lib/gitea)
mkdir -p /var/lib/gitea/{custom,data,log}
chown -R gitea:gitea /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
chown root:gitea /etc/gitea
chmod 770 /etc/gitea
checking permission:
ls -l
/var/lib/gitea/lost+found
rmdir /var/lib/gitea/
rm -r -f /var/lib/gitea/
lsof +D /var/lib/gitea/
umount /var/lib/gitea
lsof +D /var/lib/gitea | awk '{print $2}' | tail -n +2 | xargs -r kill -9
need to delete the Linux lost+found directory to avoid issues with changing permissions:
https://www.baeldung.com/linux/lost-found-directory
find "-iname" lost+found -type d -exec rm -r "{}" \;
nano /etc/systemd/system/gitea.service
→ copy code from aforementioned instruction webpage
ip a
192.168.178.79/24
fe80::be24:11ff:fee4:4091/64
systemctl daemon-reload
systemctl enable --now gitea
→ configure via web gui: http://192.168.178.79:3000/
admin_bora, boraers@gmail.com, mygit90
after isntallation: http://192.168.178.79:80/
http://192.168.178.79:3000/admin_bora/WikiJS.git
gitea@192.168.178.79:admin_bora/WikiJS.git
instead of git@github.com:BoraEr90/WikiJS.git
TARGET CONFIGURATION
Authentication Type
basic
Use SSH for maximum security.
Repository URI
http://192.168.178.79:80/admin_bora/WikiJS.git
Git-compliant URI (e.g. git@github.com:org/repo.git for ssh, https://github.com/org/repo.git for basic)
Branch
main
The branch to use during pull / push
SSH Private Key Mode
path
SSH Authentication Only - The mode to use to load the private key. Fill in the corresponding field below.
A - SSH Private Key Path
/root/.ssh/id_rsa
SSH Authentication Only - Absolute path to the key. The key must NOT be passphrase-protected. Mode must be set to path to use this option.
B - SSH Private Key Contents
SSH Authentication Only - Paste the contents of the private key. The key must NOT be passphrase-protected. Mode must be set to contents to use this option.
Some hosts requires SSL certificate checking to be disabled. Leave enabled for proper security.
Username
admin_bora
Basic Authentication Only
Password / PAT
mygit90
Basic Authentication Only
Default Author Email
boraers@gmail.com
Used as fallback in case the author of the change is not present.
Default Author Name
admin_bora
Used as fallback in case the author of the change is not present.
Local Repository Path
/root/repo
Path where the local git repository will be created.
Git Binary Path
Optional - Absolute path to the Git binary, when not available in PATH. Leave empty to use the default PATH location (recommended).
SYNC DIRECTION
Choose how content synchronization is handled for this storage target.
Bi-directional
In bi-directional mode, content is first pulled from the storage target. Any newer content overwrites local content. New content since last sync is then pushed to the storage target, overwriting any content on target if present.
Push to target
Content is always pushed to the storage target, overwriting any existing content. This is safest choice for backup scenarios.
Pull from target
Content is always pulled from the storage target, overwriting any local content which already exists. This choice is usually reserved for single-use content import. Caution with this option as any local content will always be overwritten!
SYNC SCHEDULE
For performance reasons, this storage target synchronize changes on an interval-based schedule, instead of on every change. Define at which interval should the synchronization occur.
Every
5
Minute(s)
0
Hour(s)
0
Day(s)
0
Month(s)
0
Year(s)
Currently set to every 5 minutes.
The default is every 5 minutes.
https://www.markdownguide.org/tools/wiki-js/
https://docs.requarks.io/en/editors/markdown
convert doc and odt to markdown: use pandox
http://192.168.178.70
root, borabora
ConbeeIII, borabora
https://tisgoud.nl/2020/08/conbee-in-home-assistant-on-proxmox/
>>lsusb
deCONZ shows up as ‘Future Technology Devices International, Ltd Bridge(I2C/SPI/UART/FIFO)’. Notice the ID of the device ‘ID 0403:6015’.
>>qm list
101 proxmoxhaos
>>qm set 101 -usb0 host=0403:6015
Settings > System > Hardware > All hardware
Device path: /dev/ttyUSB0
ID: /dev/serial/by-id/usb-dresden_elektronik_ConBee_III_DE03188934-if00-port0
https://wiki.fhem.de/wiki/Conbee/deCONZ_im_Proxmox_LXC-Container_(Tutorial)
>>ls /dev/ttyUSB*
/dev/ttyUSB0
>>lsusb
Bus 002 Device 002: ID 0403:6015 Future Technology Devices International, Ltd Bridge(I2C/SPI/UART/FIFO)
>>ls -l /dev/bus/usb/002/002
crw-rw-r-- 1 root root 189, 8 Jan 21 19:54 /dev/bus/usb/002/002
>> cd /etc/pve/local/lxc/
>> nano <CONTAINER-ID>.conf
lxc.cgroup.devices.allow: c 189:* rwm
lxc.mount.entry: /dev/bus/usb/002/002 dev/bus/usb/002/002 none bind,optional,create=file
lxc.cgroup.devices.allow: c 188:* rwm
lxc.mount.entry: /dev/ttyUSB0 dev/ttyUSB0 none bind,optional,create=file
LXC>>sudo reboot now
LXC>>ls -l /dev/bus/usb/002/002
LXC>>ls -l /dev/ttyUSB*
node>>chmod o+rw /dev/ttyUSB0
node>>ls -l /dev/ttyUSB0
LXC>>ls -l /dev/ttyUSB0
node>>nano /etc/udev/rules.d/50-lxcusb.rules
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6015", GROUP="users", MODE="0666"
LXC>>sudo systemctl enable deconz
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu-vm.sh)"
root, borabora
192.168.178.76
https://phoscon.de/en/conbee/install#ubuntu
http://192.168.178.63:3000
admin, admin → borabora
https://www.derekseaman.com/2023/04/home-assistant-installing-grafana-lxc.html
http://192.168.178.64:8086
version 2 and Telegraf installed
nano /etc/influxdb/influxdb.conf
nano /etc/telegraf/telegraf.conf
https://www.derekseaman.com/2023/04/home-assistant-installing-influxdb-lxc.html
http://192.168.178.68:8888
If you don’t know the IP of your container type >>ip a
https://www.influxdata.com/downloads/
root, salzbrezel
wget https://dl.influxdata.com/chronograf/releases/chronograf_1.10.2_amd64.deb
homeassistant, savemydata
http://192.168.178.65
adminer installed
The subsequent step involves executing the included security script. This script modifies certain default options that are less secure. Our purpose for running it is to prevent remote root logins and eliminate unnecessary database users.
Run the security script:
>>mysql_secure_installation
Enter current password for root (enter for none): enter
Switch to unix_socket authentication [Y/n] y
Change the root password? [Y/n] n
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
We will create a new account called admin with the same capabilities as the root account, but configured for password authentication.
>>mysql
Prompt will change to MariaDB [(none)]>
Create a new local admin (Change the username and password to match your preferences)
>>CREATE USER 'admin'@'localhost' IDENTIFIED BY 'password';
>>CREATE USER 'admin'@'localhost' IDENTIFIED BY 'salzbrezel';
Give local admin root privileges (Change the username and password to match above)
>>GRANT ALL ON *.* TO 'admin'@'localhost' IDENTIFIED BY 'salzbrezel' WITH GRANT OPTION;
Now, we'll give the user admin root privileges and password-based access that can connect from anywhere on your local area network (LAN), which has addresses in the subnet 192.168.100.0/24. This is an improvement because opening a MariaDB server up to the Internet and granting access to all hosts is bad practice.. Change the username, password and subnet to match your preferences:
>>GRANT ALL ON *.* TO 'admin'@'192.168.178.%' IDENTIFIED BY 'salzbrezel' WITH GRANT OPTION;
Flush the privileges to ensure that they are saved and available in the current session:
>>FLUSH PRIVILEGES;
command below this, exit the MariaDB shell:
>>exit
Log in as the new database user you just created:
>>mysql -u admin -p
Create a new database:
>>CREATE DATABASE homeassistant;
command below this, exit the MariaDB shell:
>>exit
⚠️ Reboot the lxc
Checking status.
>>systemctl status mariadb
Change the recorder: db_url: in your HA configuration.yaml
Example:
recorder:
db_url: mysql://admin:salzbrezel@192.168.178.65:3306/homeassistant?charset=utf8mb4
⚙️ Adminer is a full-featured database management tool
Adminer Interface: 192.168.178.65/adminer/
https://smarthomescene.com/guides/moving-home-assistants-database-to-mariadb-on-proxmox/
Delaying Container Startup Time
Select the MariaDB container on the left
Click Options in the middle column
Double click Start/Shutdown order
Set Start/Shutdown order: 1
Set Startup Delay: 240
This setting essentially tells Proxmox that the MariaDB LXC needs to be started before any other VMs or Containers. It also sets a 240 seconds delay for starting subsequent containers. LXCs without a Start/Shutdown order parameter will always start after those where the parameter is set.
admin, salzbrezel
AdGuard Home Setup Interface: IP:3000 (After Setup use only IP)
(For the Home Assistant Integration, use port 80 not 3000)
127.0.0.1
192.168.178.67
::1
fe80::be24:11ff:fee1:a5a9%eth0
https://www.homeautomationguy.io/blog/running-frigate-on-proxmox
http://192.168.178.69:9000
admin, takesomepics
https://www.kentoseth.com/posts/2021/may/28/how-to-install-visual-studio-codevscode-inside-an-lxc-container/
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/nginxproxymanager.sh)"
Bora, BE, boraer@gmail.com
forwardmyports00
add to configuration.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 192.168.178.77 ###(Nginx Proxy Manager LXC IP)###
https://peyanski.com/home-assistant-remote-access-using-nginx/
https://theprivatesmarthome.com/how-to/set-up-nginx-proxy-manager-in-home-assistant/
https://theprivatesmarthome.com/how-to/put-home-assistant-behind-existing-nginx-proxy-manager/
https://graphicsreport.com/how-to-underclock-gpu/
https://wiki.archlinux.org/title/NVIDIA/Tips_and_tricks#Enabling_overclocking
Note:
Overclocking settings cannot be applied if the Xorg server is running in rootless mode. Consider running Xorg as root.
Enabling DRM kernel mode setting may cause overclocking to become unavailable, regardless of the Coolbits value.
Overclocking is controlled via Coolbits option in the Device section, which enables various unsupported features:
Option "Coolbits" "value"
Tip: The Coolbits option can be easily controlled with the nvidia-xconfig, which manipulates the Xorg configuration files:
# nvidia-xconfig --cool-bits=value
The Coolbits value is the sum of its component bits in the binary numeral system. The component bits are:
1 (bit 0) - Enables overclocking of older (pre-Fermi) cores on the Clock Frequencies page in nvidia-settings.
2 (bit 1) - When this bit is set, the driver will "attempt to initialize SLI when using GPUs with different amounts of video memory".
4 (bit 2) - Enables manual configuration of GPU fan speed on the Thermal Monitor page in nvidia-settings.
8 (bit 3) - Enables overclocking on the PowerMizer page in nvidia-settings. Available since version 337.12 for the Fermi architecture and newer.[4]
16 (bit 4) - Enables overvoltage using nvidia-settings CLI options. Available since version 346.16 for the Fermi architecture and newer.[5]
To enable multiple features, add the Coolbits values together. For example, to enable overclocking and overvoltage of Fermi cores, set Option "Coolbits" "24".
The documentation of Coolbits can be found in /usr/share/doc/nvidia/html/xconfigoptions.html and here.
https://devicetests.com/ubuntu-20-04-gpu-fan-control
Coolbits is a feature provided by NVIDIA that allows users to manipulate several advanced properties of the NVIDIA graphics driver. These properties include GPU clock offsets, memory transfer rate offsets, and fan speed control. The value of Coolbits is a sum of its component bits in the binary numeral system. For example, a Coolbits value of 4 enables manual GPU fan control.
Before we begin, ensure you have administrative privileges on your Ubuntu 20.04 system and the NVIDIA graphics driver installed.
First, we need to edit the X configuration file. Open the terminal and run the following command:
sudo nano /etc/X11/xorg.conf
This
command uses the nano text
editor to open the xorg.conf file
located in the /etc/X11/ directory.
The sudo command
is used to run operations that require administrative privileges.
In
the file, locate the “Device” section. Here, you need to add the
line Option
"Coolbits" "4".
The “Device” section should look something like this:
Section "Device"Identifier "Device0"Driver "nvidia"VendorName "NVIDIA Corporation"BoardName "GeForce GTX 1070"Option "Coolbits" "4"EndSection
Press Ctrl
+ O to
save the file, then Ctrl
+ X to
exit the editor.
Next, we need to edit the Xwrapper configuration file. Run the following command in terminal:
sudo nano /etc/X11/Xwrapper.config
In
the file, locate the line that starts with allowed_users=.
Comment it out by adding a # at
the beginning. It should look like this:
# allowed_users=consoleBelow the commented line, add the following two lines:
allowed_users = anybodyneeds_root_rights = yes
The allowed_users
= anybody line
allows any user to start the X server. The needs_root_rights
= yes line
grants the X server root rights, which are necessary for Coolbits to
function correctly.
Press Ctrl
+ O to
save the file, then Ctrl
+ X to
exit the editor.
Finally, we need to change the permissions of the Xwrapper configuration file. Run the following command in terminal:
sudo chmod 2644 /etc/X11/Xwrapper.config
This
command changes the permissions of the Xwrapper.config file
to 2644. In this permission set, the owner can read and write the
file, while the group and others can only read the file.
Reboot your computer for the changes to take effect. You can do this by running the following command:
sudo rebootBy following these steps, you should be able to set the Coolbits in Ubuntu 20.04 and enable manual GPU fan control. Remember to adjust the Coolbits value according to your requirements. For more information on Coolbits and its different values, you can refer to the NVIDIA documentation.