So, you have installed Proxmox and when you login you see:

PVE provides free version. The Paid versions offer support and are highly recommended if you are using Proxmox for production. To see the paid version go here:https://www.proxmox.com/en/proxmox-ve/pricing

So, to remove the popup run the following:

Backup the file /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js

cp /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js.backup

Now lets edit the file.

nano proxmoxlib.js

Look around line 512 for the following string. You can use crtl-w if using nano to search.

if (res === null || res === undefined || !res || res
                        .data.status.toLowerCase() !== 'active') {
                        Ext.Msg.show({
                            title: gettext('No valid subscription'),

Replace the following string with the string below:

if (res === null || res === undefined || !res || res
                        .data.status.toLowerCase() !== 'active') {

Replace with this:

if (false) {

Here is what it should look like:

 if (false) {
                        Ext.Msg.show({
                            title: gettext('No valid subscription'),

Restart Proxmox service

systemctl restart pveproxy.service

Log out of Proxmox, clear the browser cache and restart the browser then login again. The popup should be gone.

Switching Between Desktop Environments

To switch between desktop environments on a Debian based distro run the following command:

sudo update-alternatives --config x-session-manager

Then you should be presented with the desktop environments you have installed on your system so you can choose one of them:

There are 7 choices for the alternative x-session-manager (providing /usr/bin/x-session-manager).

Selection Path Priority Status
————————————————————
* 0 /usr/bin/mate-session 50 auto mode
1 /usr/bin/cinnamon-session 50 manual mode
2 /usr/bin/gnome-session 50 manual mode
3 /usr/bin/mate-session 50 manual mode
4 /usr/bin/startplasma-x11 40 manual mode
5 /usr/bin/startxfce4 50 manual mode
6 /usr/bin/xfce4-session 40 manual mode
7 /usr/libexec/gnome-flashback-metacity 40 manual mode

Press to keep the current choice[*], or type selection number:2
update-alternatives: using /usr/bin/gnome-session to provide /usr/bin/x-session-manager (x-session-manager) in manual mode

Then you can fill in the number corresponding to the desktop environment that you want and press enter.

Then you can logout and log back in, and the desktop launched should be the one that you selected.

In Ubuntu 21.04, you will not see and files at /etc/network/interfaces. Also, in checking /etc/neteplan/01-network-manager-all.yaml there is a message:

# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager

Change to static IP address if you use Ubuntu as a server. The interface name [enp1s0] is different on each environment, replace it to your own one.

Rename to disable default setting

# mv /etc/netplan/00-installer-config.yaml /etc/netplan/00-installer-config.yaml.org

Create new

root@localhost:~# vi /etc/netplan/01-netcfg.yaml

Edits:

network:
  ethernets:
    # interface name
    enp1s0:
      dhcp4: no
      # IP address/subnet mask
      addresses: [192.168.0.45/24]
      # default gateway
      gateway4: 192.168.0.1
      nameservers:
        # name server to bind
        addresses: [8.8.8.8,1.1.1.1]
      dhcp6: no
  version: 2

# apply changes

root@localhost:~# netplan apply

Check networking

root@localhost:~# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:37:5a:11 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.30/24 brd 10.0.0.255 scope global enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe37:5a11/64 scope link
       valid_lft forever preferred_lft forever

A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. It was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache Struts, Apache Solr, Apache Druid, Elasticsearch, Apache Dubbo, and VMware vCenter. Since then, it has been disclosed that in certain non-default conditions, the original patch was incomplete; this was designated as CVE-2021-45046 and a new version of Log4j, 2.16.0, has been released.

Read More

The installation of a supported Proxmox VE server should be done via bare-metal ISO installer. In some cases it makes sense to install Proxmox VE on top of a running Debian Bullseye 64-bit, especially if you want a custom partition layout. For this How-To any official Bullseye installation medium should work.

For this Demo, I am installing 3 KVM VM’s. As you can do VM nesting. Also, you can do this on Vmware or Hyper V. Here is the Architecture.

Read More

Install clamav

$ sudo apt-get install clamav clamav-daemon

Install this script to run a scan daily. Change the varables as needed.

#!/bin/bash
LOGFILE="/var/log/clamav/clamav-$(date +'%Y-%m-%d').log";
EMAIL_MSG="Please see the log file attached.";
EMAIL_FROM="clamav-daily@example.com";
EMAIL_TO="username@example.com";
DIRTOSCAN="/var/www /etc /root /home";

for S in ${DIRTOSCAN}; do
 DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);

 echo "Starting a daily scan of "$S" directory.
 Amount of data to be scanned is "$DIRSIZE".";

 clamscan -ri "$S" >> "$LOGFILE";

 # get the value of "Infected lines"
 MALWARE=$(tail "$LOGFILE"|grep Infected|cut -d" " -f3);

 # if the value is not equal to zero, send an email with the log file attached
 if [ "$MALWARE" -ne "0" ];then
 # using heirloom-mailx below
 echo "$EMAIL_MSG"|mail -a "$LOGFILE" -s "Malware Found" -r "$EMAIL_FROM" "$EMAIL_TO";
 fi 
done

exit 0

Removes all but config files:

$ sudo apt-get remove nginx nginx-common

or remove everything:

$ sudo apt-get purge nginx nginx-common

After using any of the above commands, use this in order to remove dependencies used by nginx which are no longer required:

$ sudo apt-get autoremove

At first, let’s update the packages:

# apt update

Next, download MySQL from the offical page or use wget command: Get the repo package

wget https://dev.mysql.com/get/mysql-apt-config_0.8.20-1_all.deb
dpkg -i mysql-apt-config_0.8.20-1_all.deb
apt install  gnupg
dpkg -i mysql-apt-config_0.8.20-1_all.deb

When you attempt to install the package, it will ask you what product and version you want to install. Here you can select The MySQL version, Tools, Connectors (like MySQL Workbench), and preview packages. To select the version, hit the first option:

Select the version you will use. Once selected, it will bring you to the previous menu — press Ok button:

apt-get update

Install the MySQL Server using the command:

sudo apt-get install mysql-community-server

When apt finishes downloading, the installer will ask for a root password:

You have two options:

  1. Leave the password blank: the server will use unix sockets authentication. It means you can only access the server as a root user or as a user with sudo
  2. Set a password: the authentication method will be the same for other users.

If you set a password, the installer will ask which authentication plugin to use, strongly encrypted password (MySQL 8.x), or legacy method (MySQL 7.x and earlier).

Now, check the service status with systemctl:

systemctl status mysql.service
# systemctl status mysql.service
● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-11-17 09:57:21 CST; 38s ago
       Docs: man:mysqld(8)
             http://dev.mysql.com/doc/refman/en/using-systemd.html
    Process: 4290 ExecStartPre=/usr/share/mysql-8.0/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
   Main PID: 4325 (mysqld)
     Status: "Server is operational"
      Tasks: 38 (limit: 2341)
     Memory: 358.6M
        CPU: 736ms
     CGroup: /system.slice/mysql.service
             └─4325 /usr/sbin/mysqld

Nov 17 09:57:19 redis-004 systemd[1]: Starting MySQL Community Server...
Nov 17 09:57:21 redis-004 systemd[1]: Started MySQL Community Server.

Next, run the command as a root user to safely configure the SQL service:

mysql_secure_installation

Output:

Securing the MySQL server deployment.
Enter password for user root:

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No:
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) :

 ... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done!

Login and Check the version

# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 8.0.27 MySQL Community Server - GPL

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

Installing Nginx

sudo apt update
sudo apt install nginx
systemctl status nginx

Output:

nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-11-17 10:09:21 CST; 18s ago
       Docs: man:nginx(8)
    Process: 5735 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 5736 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 5951 (nginx)
      Tasks: 2 (limit: 2341)
     Memory: 5.9M
        CPU: 34ms
     CGroup: /system.slice/nginx.service
             ├─5951 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             └─5954 nginx: worker process

Nov 17 10:09:21 redis-004 systemd[1]: Starting A high performance web server and a reverse proxy server...
Nov 17 10:09:21 redis-004 systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invalid argument
Nov 17 10:09:21 redis-004 systemd[1]: Started A high performance web server and a reverse proxy server.

Check Nginx by IP address – http://192.168.0.33

When using the Nginx web server, server blocks (similar to virtual hosts in Apache) can be used to encapsulate configuration details and host more than one domain on a single server. We will set up a domain called your_domain.

Install and configure Zabbix server for your platform
Install Zabbix repository

# wget https://repo.zabbix.com/zabbix/5.4/debian/pool/main/z/zabbix-release/zabbix-release_5.4-1+debian11_all.deb
# dpkg -i zabbix-release_5.4-1+debian11_all.deb
# apt update

Install Zabbix server, frontend, agent

# apt install zabbix-server-mysql zabbix-frontend-php zabbix-nginx-conf zabbix-sql-scripts zabbix-agent2

c. Create initial database
Run the following on your database host.

# mysql -uroot -p
password
mysql> create database zabbix character set utf8 collate utf8_bin;
mysql> create user zabbix@localhost identified by 'Stx12WsaB';
mysql> grant all privileges on zabbix.* to zabbix@localhost;
mysql> quit; 

On Zabbix server host import initial schema and data. You will be prompted to enter your newly created password.

# zcat /usr/share/doc/zabbix-sql-scripts/mysql/create.sql.gz | mysql -uzabbix -p zabbix

Configure the database for Zabbix server. Edit file /etc/zabbix/zabbix_server.conf

DBPassword=Stx12WsaB

Configure PHP for Zabbix frontend
Edit file /etc/zabbix/nginx.conf, uncomment and set ‘listen’ and ‘server_name’ directives.

nano /etc/zabbix/nginx.conf
# listen 80;
# server_name example.com;

Start Zabbix server and agent processes and make it start at system boot.

# systemctl restart zabbix-server zabbix-agent2 nginx php7.4-fpm
# systemctl enable zabbix-server zabbix-agent2 nginx php7.4-fpm

Configure Zabbix frontend
Connect to your newly installed Zabbix frontend: http://server_ip_or_name