Personal tools
Namespaces

Variants
Actions

Proxmox Proxy Application

From ModulesGarden Wiki
Jump to: navigation, search

Contents

About Proxmox Proxy Application

The purpose of maintaining and utilizing the 'Proxmox Proxy' application is to separate the user from the server infrastructure.
To use the console without a proxy, users require access to, for example, the Proxmox server. However, with proxy enabled this requirement is eliminated.

Before you begin the process of connecting the console to the server through a proxy, you need to download the proxy application file.
The file can be found under the following link after you have logged in to your ModulesGarden account.

  • Supported Connections:
Proxmox VE VPS For WHMCS
Proxmox VE Cloud VPS For WHMCS
Virtuozzo Hybrid Server For WHMCS

Proxmox Proxy Installation For Console Connection

1. Create a new VPS server, which you may run on a Proxmox server.

It is advised to use the KVM virtualization type.

Warning! The used VPS may NOT have any services running, such as: PHP, WebServer (e.g. apache, nginx) or MySQL server.

2. Configure the network on the virtual machine, and make sure the network works correctly, to do so you may use the below command:
ping modulesgarden.com

If everything is fine, ensure that basic server security settings have been established.
You may turn off login with a password and turn on login with a key, change the SSH port, set up firewalls, etc.

3. Log into the machine on which you are going to set up proxy.
4. Install the docker engine and the docker compose:

https://docs.docker.com/engine/install/
https://docs.docker.com/compose/install/

5. Upload the application files into a proper directory, eg: /root/proxmox-proxy (create if needed).

Then unzip the files.

6. Move to the following catalog:
cd /root/proxmox-proxy  

Note that the exact directory depends on the previous step where you uploaded the files.

7. Purchase or generate your own SSL certificate, and then use the certificate to overwrite the following files: 'nginx/localhost.crt' and 'nginx/localhost.key' .
8. Find the 'example.env' file and rename it to '.env'.

Then open the just renamed '.env' file and provide a random set of signs to create the database and root passwords: DB_PASSWORD and MYSQL_ROOT_PASSWORD
These data will be automatically used when creating the database.

9. Run the below command:
docker-compose up --build -d
10. Move to docker container:
docker exec -it proxyphp bash 

and run the installation script:

php -q /var/www/html/installer.php install 

When ready, find the API Key and keep it safe, you will need it later on when pasting the data into the module addon, see point 12 for details.

11. Check if the MTU of the docker interface (usually docker0) is lower or equal to the MTU of the main network interface (usually eth0) with the following command:
ifconfig

If the MTU of the docker is higher than the MTU of the main network interface, create a new file:

/etc/docker/daemon.json

and include the MTU value that is lower than the MTU of the main network interface, like this:

{
 "mtu": 1400
}
12. Next, copy your machine IP address to WHMCS. You may check the IP address using the below command:
ip a

Note: Remember to check the IP address in your virtual machine, not in the proxyphp container.

13. Configure all the required data in the module addon in your WHMCS.
Below we will illustrate the proxy configuration based on the Proxmox Addon example. For other modules, this section may look slightly different.

Move to 'Addons' → 'Proxmox Addon' → 'Settings'. At the bottom you will find section 'Console Proxy' with 'Host' and 'API Key' fields.
Note that the Host field may include either an IP address or a domain. It is extremely important that you paste here the same data as the ones used in the SSL certificate.
The below screen shows an example with an IP address which is not the only correct possible option here.

Provide the necessary data and confirm the changes.

PX3 4 2.png
13. Make sure the server works. In order to do so, please open the address: https://{vmip}:8443.

Remember to replace {vmip} with a valid virtual machine IP address, for example: https://192.168.8.113:8443/
When you see {"errors":["Invalid API Endpoint"]} it means that the server correctly responds.

14. Finally, try to open the noVNC console on your WHMCS Proxmox product to check if the proxy configuration is working properly.
Important: If your certificate expires in the meantime, you will need to buy/generate a new one and follow the below steps:
  • move to the '/root/proxmox-proxy catalog (the directory may differ depending on your setup)
  • replace the nginx/localhost.crt and nginx/localhost.key files
  • run the following command:
docker-compose up --build -d
Note: If you ever encounter an iconcube error while rerunning the 'docker-compose up' command, delete all local docker images related to your docker file using the following command and try again.
$ docker rmi -f $(docker images -a -q)

Proxmox Proxy Update

Updating the Proxmox Proxy Application - by ModulesGarden

When a new version of the proxmox proxy application is released, follow these steps to complete the update process:

  • Download the updated files and upload them into a proper directory, eg: /root/proxmox-proxy.
    Important: Please ensure it is a clean installation with only the operating system and Docker installed.
    There must be no other services, such as MySQL or Apache, running on the server.
  • Execute the following commands sequentially:
 docker-compose pull
 docker-compose down
 docker-compose up -d --build
Container Update - by Third-Party Vendor

The Proxmox proxy is an application developed by ModulesGarden, relying on Docker containers provided by third-party vendors.
To ensure your proxy stays updated with the latest Docker images, we recommend executing the following commands occasionally:

 docker-compose pull
 docker-compose down
 docker-compose up -d --build

Important: In case of container update, there is no need to configure anything in the proxmox proxy application itself.

Proxmox Proxy Management

To understand how the Proxmox Proxy application operates, consider the following steps:
  1. The module (such as Proxmox VE VPS For WHMCS or Proxmox VE Cloud VPS For WHMCS) connects to the Proxmox server to generate a ticket, granting access to the Proxmox panel.
  2. The ticket is then forwarded to the Proxmox Proxy application, which in turn returns a token.
  3. The user uses the token to establish a connection with the Proxmox Proxy.
  4. Finally, the Proxmox Proxy utilizes the provided token, along with the associated data (such as the server's IP address and the ticket), to establish a connection with the Proxmox server.

Increased Security

To enhance the security of your infrastructure, we recommend implementing the following measures:
  • Restrict access to the Proxmox servers by permitting connections only from WHMCS and the proxy application itself, blocking all other connections.
  • Ensure that the server hosting the Proxmox proxy restricts remote access to ports exclusively to 8443.
Navigation
WHMCS Modules
WHMCS Widgets
Tools And Applications
Translations
cPanel Modules
General
FAQ
Community