Proxmox VE installed on cloud server? Secure the management UI?

[oguruma]

I have a small MSP company. I have several VMs, most of them on Vultr, a couple on AWS. It would be much more efficient for me to migrate these VMs to KVMs or LXC containers in Proxmox on a bare metal server.

How common is it for users to install Proxmox VE on bare metal cloud servers?

If I do so, how do I go about securing the management interface? Is restricting the IPs with the firewall that can access that port the best method? Would something like nginx proxy manager be a practical way to do it (since I would like to be able access the UI from home and on the road where I have dynamic IPs).

 

[bbgeek17]

I have a small MSP company. I have several VMs, most of them on Vultr, a couple on AWS. It would be much more efficient for me to migrate these VMs to KVMs or LXC containers in Proxmox on a bare metal server.

I trust that you weighed all pros and cons. Currently your CSP is responsible for backup/recovery/failover of your VMs. With a single bare-metal server that falls on you. Making a cluster in CSP may not be as efficient. In the end its your choice.

If I do so, how do I go about securing the management interface? Is restricting the IPs with the firewall that can access that port the best method? Would something like nginx proxy manager be a practical way to do it (since I would like to be able access the UI from home and on the road where I have dynamic IPs).

Your best approach is to block everything, create a VPN tunnel with trusted software (i.e. OpenVPN), and/or use SSH tunnel.

Good luck

---

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox