In virtualized environments, it’s common to have a VM running behind NAT, especially when using tools like QEMU, VirtualBox, or cloud labs. This setup means the VM can reach the host, but the host cannot directly initiate connections to the VM — including to web services like the Proxmox web GUI running on port 8006. Fortunately, this limitation is easy to bypass using reverse SSH tunneling. 🧠 Objective We want to: ...
🧩 VM Behind NAT? 🖥️ Scenario Your VM is running as root user. Your host machine has a user named rohan. The VM is behind NAT — it can talk to the host, but the host can’t directly talk to the VM. You want the host to be able to connect to the VM anyway. No worries — you can use a reverse SSH tunnel to solve this! ✅ Goal Allow your host (rohan@host) to SSH into your VM (root@vm) even though the VM is behind NAT. ...
End-to-end automation of Proxmox ISO customization and VM provisioning using Docker and libvirt with support for dual QCOW2 disks.
🔐 How I Handle Secrets in My DevOps Workflows — A GPG-First Approach to Security As someone who frequently automates deployments and manages infrastructure—across Proxmox clusters, Linux servers, and CI/CD pipelines—I take the handling of secrets seriously. In a world where credentials are often hardcoded into scripts or buried in dotfiles, I wanted a system that was: Tamper-proof Auditable Public-repo friendly Portable across machines And, most importantly, zero-trust by design So I built a secret management system around GPG-based encryption, leaning on battle-tested cryptography and deliberate design. ...
This document describes how to use the Dockerized Proxmox Auto Installer image to generate unattended Proxmox VE installation ISOs for multiple profiles (e.g., pve-1, pve-2). Overview The proxmox-auto-installer Docker image wraps the official proxmox-auto-install-assistant tool to convert a standard Proxmox VE ISO into an unattended-install ISO using profile-specific answer.toml files. By specifying a profile name, you can maintain multiple configurations and generate distinct custom ISOs in a reproducible manner. Prerequisites Docker installed (version 20.10+). A Proxmox VE ISO (e.g., proxmox-ve_8.4-1.iso). Profile directories each containing an answer.toml file. Write permissions for the output directory. Directory Structure Scripts/ ├── iso/ │ ├── proxmox-ve_8.4-1.iso # Base ISO │ └── output/ # Generated ISOs ├── secrets/ │ ├── pve-1/ │ │ └── answer.toml # Profile pve-1 settings │ └── pve-2/ │ └── answer.toml # Profile pve-2 settings ├── Dockerfile # Build definition └── entrypoint.sh # Profile-aware entrypoint Building the Docker Image Run the following command from the directory containing the Dockerfile and entrypoint.sh: ...