Getting a new host setup
- set the host name
- set the host in
/etc/hosts
IP FQDN hostname- set the host in
/etc/hostname
hostname- set hostname in
/etc/postfix/main.cf
- reboot
- copy the contents of
/var/lib/rrdcached/db/pve2-{node,storage}/old-hostname to/var/lib/rrdcached/db/pve2-{node,storage}/new-hostname- remove the old directory
- under datacenter -> ACME
- add a new acme account
- add a new acme plugin for OVH
- in bitwarden look for OVH account
- update the OVH API key allowed IPs
- update DNS zone with
- FQDN IP
- cat
/etc/pve/priv/acme/OVH
- CAA for
0 issue letsencrypt.org; accounturi={account from pve}
- order cert for FQDN from node -> certificates
- setup WebAuthn in detacenter -> options (use auto-fill)
- in datacenter -> firewall
- add alias for home, MaydenTOD and Nagios
- add rule for HTTP port 8006 from home and MaydenTOD
- add rule for SSH port 22 from home and MaydenTOD
- add rule for PING from everywhere
- add rule for PING6 from everywhere
- add rule for UDP 161 (SNMP) from nagios
- in options, set firewall to
Yes
- add 2FA for root WebAuthn for yubikeys (both blue and black)
- add 2FA for root WebAuthn for browsers
- add 2FA for root recover codes
- add API token for root with name
ansible-build
- add new user for ansible testing
ansible-molecule
- add API token for
ansible-molecule with name ansible-molecule
- in the node
- in network
- add bridge vmbr1 for internal LAN
- update ansible
- duplicate the
proxmox-pve02.yml to new host
- edit vault with new host and token
- duplicate the OVH invetory that your replacing
- edit the hosts with new region and dedi name
- duplicate the proxmox host play and update for new host
