Skip to content

Deployment Overview of Proxmox Backup Server on Server

Prerequisites and Basic Requirements

The following requirements must be met before deploying Proxmox Backup Server:

  • Operating System: Debian 12 (Bookworm) with contrib and non-free-firmware repositories enabled.

  • Privileges: Root access or sudo privileges are required to manage system packages and services.

  • Domain: The server must be configured to resolve the domain hostkey.in.

  • Ports:

  • Port 8007 is used for internal communication between the proxy and the application.

  • Port 443 is used for external HTTPS access.

FQDN of the Final Panel

The fully qualified domain name for accessing the Proxmox Backup Server panel on the hostkey.in domain follows this format:

  • proxmox-backup-server<Server ID>.hostkey.in:443

Where <Server ID> is replaced by the specific identifier assigned to the server instance.

File and Directory Structure

The deployment utilizes the following directory paths for configuration and data storage:

  • Apt Repository Configuration: /etc/apt/sources.list.d/pbs.list

  • GPG Key: /etc/apt/trusted.gpg.d/proxmox-release.gpg

  • Nginx User Configuration: /data/nginx/user_conf.d/

  • Docker Compose Configuration: /root/nginx/compose.yml

  • Docker Environment File: /data/nginx/nginx-certbot.env

  • SSL Secrets Volume: Mounts to /etc/letsencrypt within the container.

Application Installation Process

The Proxmox Backup Server is installed directly on the host operating system using the APT package manager. The installation process involves the following steps:

  1. Update and upgrade existing APT packages.

  2. Install required utilities including curl, wget, ca-certificates, and gnupg.

  3. Enable the contrib and non-free-firmware repositories in /etc/apt/sources.list.

  4. Import the Proxmox repository key from https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg to /etc/apt/trusted.gpg.d/proxmox-release.gpg.

  5. Add the Proxmox PBS repository (http://download.proxmox.com/debian/pbs) for the bookworm release with the pbs-no-subscription component to /etc/apt/sources.list.d/pbs.list.

  6. Install the proxmox-backup-server meta-package.

  7. Install zfs-dkms and linux-headers-amd64 for ZFS support.

  8. Start and enable the proxmox-backup systemd service.

Docker Containers and Their Deployment

A Docker container running Nginx and Certbot is deployed to handle reverse proxy and SSL termination. The deployment is managed via docker compose using the following configuration:

Compose File Location: /root/nginx/compose.yml

Service Configuration:

  • Image: jonasal/nginx-certbot:latest

  • Restart Policy: unless-stopped

  • Network Mode: host

  • Environment:

  • CERTBOT_EMAIL is set to [email protected].

  • Additional environment variables are loaded from /data/nginx/nginx-certbot.env.

  • Volumes:

  • nginx_secrets (external) mounted to /etc/letsencrypt.

  • Host path /data/nginx/user_conf.d mounted to /etc/nginx/user_conf.d.

Deployment Command: 

docker compose up -d
This command is executed from the /root/nginx directory.

Proxy Servers

An Nginx container manages the reverse proxy for the application.

  • Internal Path: /

  • External Path: /

  • Internal Port: 8007

  • External Port: 443

  • Proxy Configuration: The Nginx configuration file located at /data/nginx/user_conf.d/proxmox-backup-server<Server ID>.hostkey.in.conf is modified to forward requests. The proxy_pass directive is set to: 

    proxy_pass http://127.0.0.1:8007;

  • SSL: Managed automatically by the nginx-certbot container, storing certificates in the nginx_secrets volume.

Access Rights and Security

  • Firewall: External traffic is directed to port 443 for HTTPS access. Internal traffic to the application occurs on port 8007.

  • User Permissions: The Nginx configuration files and Docker compose files are owned by root with permissions set to 0755 for directories and 0644 for files.

  • Repository Restrictions: The enterprise subscription repository is disabled by commenting out entries in /etc/apt/sources.list.d/pbs-enterprise.list.

Starting, Stopping, and Updating

Systemd Service Management: The core Proxmox Backup Server application is managed via the proxmox-backup systemd service.

  • Start Service: 

    systemctl start proxmox-backup

  • Enable Service on Boot: 

    systemctl enable proxmox-backup

  • Check Status: 

    systemctl status proxmox-backup

Docker Container Management:

  • Start/Update: 

    cd /root/nginx
docker compose up -d

  • Stop: 

    cd /root/nginx
docker compose down

Package Updates: Updates for the Proxmox Backup Server are handled via the standard APT package manager: 

apt update
apt install proxmox-backup-server

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×