共计 4804 个字符,预计需要花费 13 分钟才能阅读完成。
RT |
网友回复:
注册: iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT –to-ports 8006 复制代码 看起来这个最简单了 参考 安装 proxmox 后注意事项 https://cloud.tencent.com/developer/article/1622344 https 的默认端口是 443,但 proxmox 默认端口是 8006 且无法修改。可以使用 iptables 来帮我们实现端口转发 iptables -t nat -I PREROUTING -d
zxxx: 或者使用 Nginx 代理,比较复杂 Web Interface Via Nginx Proxy https://pve.proxmox.com/wiki/Web_Interface_Via_Nginx_Proxy apt install nginx rm /etc/nginx/conf.d/default rm /etc/nginx/sites-enabled/default nano /etc/nginx/conf.d/proxmox.conf 复制代码 upstream proxmox {server “YOUR.FQDN.HOSTNAME.HERE”;} server {listen 80 default_server; rewrite ^(.*) https://$host$1 permanent; } server {listen 443; server_name _; ssl on; ssl_certificate /etc/pve/local/pve-ssl.pem; ssl_certificate_key /etc/pve/local/pve-ssl.key; proxy_redirect off; location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection “upgrade”; proxy_pass https://localhost:8006; proxy_buffering off; client_max_body_size 0; proxy_connect_timeout 3600s; proxy_read_timeout 3600s; proxy_send_timeout 3600s; send_timeout 3600s;} }复制代码 systemctl restart nginx 复制代码 After nginx service restarts you should be able to reach the web interface https://your.fqdn.goes.here https://your.ip.address.goes.here ensure that nginx gets only started after the certificates are available systemctl edit nginx.service 复制代码 [Unit] Requires=pve-cluster.service After=pve-cluster.service 复制代码 and save + exit. Enjoy the web interface on HTTPS port 443
zxxx: 你能不能用百度搜下 tencent.com https://cloud.tencent.com › developer › article 2020 年 4 月 28 日 — 用你的域名证书替换 pve 自带的自签名证书。https 的默认端口是 443,但 proxmox 默认端口是 8006 且无法修改。可以使用 iptables 来帮我们实现端口转发. Proxmox VE 7.2 变更默认访问端口 – CSDN 博客 csdn.net https://blog.csdn.net › article › details 2022 年 7 月 22 日 — 将 443 端口的数据转发到 8006 端口 iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT –to-ports 8006## 可选————禁止访问 8006 端口 iptables …
zxxx: Chatgpt 都知道 老哥整个 我就不转发了
椰子: 如果您在 /etc/pve/nodes/
557: PVE(Proxmox Virtual Environment)使用 8006 端口作为 Web 界面的默认端口,但是您可以将其更改为其他端口,例如 443,以便通过 SSL 加密保护 Web 界面的通信。要将 PVE 的 8006 端口更改为 443 端口,可以按照以下步骤进行操作:登录到 PVE 节点的命令行界面。编辑 PVE 的 Web 服务器配置文件 /etc/pve/nodes/
557: 反代或者防火墙转发
557: 没有这个文件 /etc/pve/nodes/
笑花落半世琉璃: 找个机器反代就行了
zxxx: 防火墙玩不转。。玛德。转发后要么两个都能访问,要么两个都不能访问。chatgpt 给我写了七八个规则都不行。。老哥防火墙转发解决了给我说一下。。原理就是 1 端口转发 2 端口(内部),然后屏蔽 2 端口的外部访问。
注册 : 或者使用 Nginx 代理,比较复杂 Web Interface Via Nginx Proxy https://pve.proxmox.com/wiki/Web_Interface_Via_Nginx_Proxy apt install nginx rm /etc/nginx/conf.d/default rm /etc/nginx/sites-enabled/default nano /etc/nginx/conf.d/proxmox.conf 复制代码 upstream proxmox {server “YOUR.FQDN.HOSTNAME.HERE”;} server {listen 80 default_server; rewrite ^(.*) https://$host$1 permanent; } server {listen 443; server_name _; ssl on; ssl_certificate /etc/pve/local/pve-ssl.pem; ssl_certificate_key /etc/pve/local/pve-ssl.key; proxy_redirect off; location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection “upgrade”; proxy_pass https://localhost:8006; proxy_buffering off; client_max_body_size 0; proxy_connect_timeout 3600s; proxy_read_timeout 3600s; proxy_send_timeout 3600s; send_timeout 3600s;} } 复制代码 systemctl restart nginx 复制代码 After nginx service restarts you should be able to reach the web interface https://your.fqdn.goes.here https://your.ip.address.goes.here ensure that nginx gets only started after the certificates are available systemctl edit nginx.service 复制代码 [Unit] Requires=pve-cluster.service After=pve-cluster.service 复制代码 and save + exit. Enjoy the web interface on HTTPS port 443
注册: 这样转发后小鸡就不能链接 ssl 了