--:--:-- (Europe/Zurich) blog main site rss

Setting up Proxmox for self-hosting

proxmoxself-hostinglxc

Proxmox VE is a free, open-source hypervisor built on Debian. It lets you run virtual machines and LXC containers side by side, managed through a web UI. For self-hosting personal services it’s a solid choice — mature, well-documented, and doesn’t get in your way.

Why LXC instead of VMs

LXC containers share the host kernel. That makes them much lighter than full VMs — a container running nginx with a static site sits at around 20–30MB RAM. A full Debian VM doing the same would need ten times that just to boot.

The trade-off is that containers share the kernel, so kernel-level isolation is weaker than a VM. For personal services on a home server that’s a fine trade. I use VMs when I need to run a different kernel or do something that requires full isolation.

The setup

Each service gets its own container:

CT 100 — nginx (main landing page)
CT 101 — YouTube Downloader (Node.js)
CT 102 — Pastebin
CT 103 — blog build environment (not needed with Cloudflare Pages)

Keeping them separate means one broken service doesn’t affect the others. It also makes updates and rollbacks easier — you can snapshot a container before an upgrade and roll back in seconds.

Cloudflare Tunnels

I don’t want to expose ports on my home router. Cloudflare Tunnels solve this cleanly.

The idea: a cloudflared daemon runs inside each container, opens an outbound connection to Cloudflare’s network, and Cloudflare routes traffic from your domain to that connection. No inbound ports needed. No DynDNS hacks.

Setup is straightforward:

  1. Create a tunnel in the Cloudflare Zero Trust dashboard
  2. Copy the tunnel token
  3. Install cloudflared and run cloudflared service install <token>
  4. Add a public hostname pointing to http://localhost:<port>

Traffic flows: browser → Cloudflare edge → cloudflared daemon in container → service.

Provisioning with scripts

I wrote shell scripts styled after the community-scripts project that create and configure each container interactively. One command on the Proxmox host, a few whiptail prompts, done.

Updates work the same way — a excg-update or ytdl-update command inside the container pulls from GitHub, syncs files, and restarts the service.

The goal is that adding a new service or updating an existing one is a one-liner.

← all posts