howto:vps:proxmox-ve:security
Toto je starší verze dokumentu!
Zabezpečení Proxmox VE
Reverzní proxy před pveproxy
Návod volně založen na
- /etc/default/pveproxy
ALLOW_FROM="127.0.0.1" DENY_FROM="all" POLICY="allow"
/etc/init.d/pveproxy restart
apt install nginx-light
- /etc/nginx/sites-available/proxmox
## Momentalne koliduje s letsencryptem, tak to je zakazany nez to bude mozny nakombinovat #server { # listen 80; # server_name _; # return 302 https://$hostname$request_uri; #} server { listen 443 ssl; #choose your port or just use 443 server_name _; #place your domain or ip here if needed #root /usr/share/nginx/www; ssl_certificate /etc/letsencrypt/live/pve1.spoje.net/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/pve1.spoje.net/privkey.pem; proxy_redirect off; auth_basic "SPOJE.NET VPS"; auth_basic_user_file /etc/nginx/.htpasswd; #proxy_ssl_verify off; #default location ~ ^.+websocket$ { proxy_pass https://127.0.0.1:8006; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location / { proxy_pass https://127.0.0.1:8006; } }
username=virtual; echo "${username}:`openssl passwd -apr1`" >> /etc/nginx/.htpasswd
/etc/init.d/nginx restart
LXC - Zakázat dmesg
- /usr/share/lxc/config/common.seccomp
... syslog errno 1
howto/vps/proxmox-ve/security.1506388829.txt.gz · Poslední úprava: 2017/09/26 03:20 autor: harvie