JustToThePoint English Website Version
JustToThePoint en español
Colaborate with us

Proxmox VM Arch Linux III. Creating and configuring a Python deployment container in Proxmox.

Irony is wasted on the stupid, Oscar Wilde

Complex Analysis

We want to automate the entire process of setting up a Python development environment within an Arch Linux container on Proxmox, making it easier to transfer from our local machine, manage, and deploy Python applications.

This is the third article, you may want to read the first Proxmox VM Arch Linux Hyprland. Get information from Ollama, tldr, myripgrep and second one Proxmox VM Arch Linux Hyprland. Search for information

Creating and configuring a Python deployment container in Proxmox

Step 1. Create and configure the container, install Python, and create the environment.

sh /home/nmaximo7/homelab/mydockers/custom-arch-python.sh

#!/bin/bash

# Variables
CTID=308 # Container ID
OSTEMPLATE="archlinux-base_20240911-1_amd64.tar.zst" # Arch linux template file
TEMPLATE_STORAGE="local" # Storage location for the template
CONTAINER_STORAGE="mypool" # Storage location for the container's disk
DISK_SIZE="80" # size of the container's disk in GB
PASSWORD="YOUR-PASSWORD" # Root password
MEMORY=4096 # Amount of memory allocated to the container (in MB)
CORES=2 # Number of CPU cores allocated to the container
BRIDGE="vmbr0"  # Network bridge configuration
IPADDRESS="192.168.1.38" # Static IP address for the container
GATEWAY="192.168.1.1" # LAN Gateway for network configuration
CIDR="/24" # CIDR notation for the subnet
# Adjust if not 255.255.255.0
HOSTNAME="ArchPython" # Hostname for the container

# 1. Check if the container already exists; if it does, stop and remove it
if pct status $CTID &>/dev/null; then
	echo "Container $CTID exists. Stopping the container."
	pct stop $CTID
	sleep 2 # Wait for 2 seconds to allow for a graceful stop
	echo "Proceeding with deletion of container $CTID."
	pct destroy $CTID
else echo "Container $CTID does not exist."
fi

# 2. Download the Arch Linux template if it's not already present
if ! pveam list $TEMPLATE_STORAGE | grep -q $OSTEMPLATE; then
  echo "Downloading Arch template..."
  pveam download $TEMPLATE_STORAGE $OSTEMPLATE
else
  echo "Arch template already exists."
fi

# 3. Create a privileged container using the specified Arch template and settings.
# The pct create command sets up the container with the specified resources, including disk size, hostname, memory, CPU cores, and network settings.
pct create $CTID $TEMPLATE_STORAGE:vztmpl/$OSTEMPLATE \
  --storage $CONTAINER_STORAGE \
  --rootfs $CONTAINER_STORAGE:$DISK_SIZE \
  --password $PASSWORD \
  --hostname $HOSTNAME \
  --memory $MEMORY \
  --cores $CORES \
  --net0 name=eth0,bridge=$BRIDGE,ip=$IPADDRESS$CIDR,gw=$GATEWAY \
  --unprivileged 0 # Set to 1 for unprivileged containers

# Set the container not to start automatically on boot
pct set $CTID --onboot 0

# (Optional) Unconfine AppArmor for additional flexibility
echo "lxc.apparmor.profile: unconfined" >> /etc/pve/lxc/$CTID.conf

# 4. Start the container
pct start $CTID

# Wait a few seconds for the container to boot up
sleep 5

# Initialize the pacman keyring and update the package repository
pct exec $CTID -- pacman-key --init
pct exec $CTID -- pacman -Sy archlinux-keyring --noconfirm
pct exec $CTID -- pacman-key --populate archlinux
# Force a refresh of all package databases:
pct exec $CTID -- pacman -Syy

# Install reflector and update mirror list for faster downloads
pct exec $CTID -- pacman -S --noconfirm reflector
pct exec $CTID -- reflector --country Spain,France,Germany \
    --latest 20 \
    --protocol http,https \
    --save "/etc/pacman.d/mirrorlist" \
    --sort rate

# Install base development packages and essential tools
pct exec $CTID -- pacman -Syu --noconfirm base-devel git

# Install additional tools for productivity
pct exec $CTID -- pacman -S --noconfirm eza zoxide fd bat ripgrep bc

# Install system utilities, help (tldr), and fuzzy finder (fzf)
pct exec $CTID -- pacman -S --noconfirm fzf wl-clipboard lazygit jq rsync man-db tldr unzip plocate glibc sudo wget curl

# Install various system utilities for enhanced functionality
pct exec $CTID -- pacman -S --noconfirm fastfetch vim bpytop cmatrix starship figlet fortune-mod

# Install glibc and glibc-locales for locale generation support
pct exec $CTID -- pacman -S --noconfirm glibc glibc-locales

# Set up the locale configuration
pct exec $CTID -- sed --in-place=.bak 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
pct exec $CTID -- locale-gen
pct exec $CTID -- echo "LANG=en_US.UTF-8" >> /etc/locale.conf

# Configure the keyboard layout
pct exec $CTID -- echo "KEYMAP=es" >> /etc/vconsole.conf

# Install additional libraries for GUI applications
pct exec $CTID -- pacman -S --noconfirm alsa-lib gtk3 libcups libxss libxtst nss ttf-liberation xdg-utils geany

# Install extra tools for various tasks
pct exec $CTID -- pacman -S --noconfirm cowsay ripgrep bat eza htop neofetch feh gedit curl
pct exec $CTID -- pacman -S --noconfirm ranger ddgr surfraw sudo

# Set up environment variables for language and locale settings
pct exec $CTID -- echo "export LANG=es_ES.UTF-8" >> /home/nmaximo7/.bashrc
pct exec $CTID -- echo "export LANGUAGE=es_ES:es" >> /home/nmaximo7/.bashrc
pct exec $CTID -- echo "export LC_ALL=es_ES.UTF-8" >> /home/nmaximo7/.bashrc

# Create a backup directory for storing Python files (if it doesn't already exist)
pct exec $CTID -- sh -c "[ ! -d "/home/nmaximo7/backup" ] && mkdir -p /home/nmaximo7/backup"

# Create the user 'nmaximo7' and set its password using 'chpasswd'
pct exec $CTID -- useradd -m -G wheel nmaximo7
pct exec $CTID -- echo "nmaximo7:Anawim" | chpasswd
pct exec $CTID -- echo "nmaximo7 ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

# Install Python and essential libraries are installed,
# along with virtualenv for creating isolated Python environments
pct exec $CTID -- pacman -S --noconfirm python python-pip python-requests python-beautifulsoup4 python-pytz
pct exec $CTID -- pip install virtualenv

# Create a directory for Python projects
pct exec $CTID -- sh -c "cd /home/nmaximo7 && mkdir myNewPython"
# Initializes a virtual environment for Python development.
pct exec $CTID -- sh -c "cd /home/nmaximo7/myNewPython && python -m venv .venv && source .venv/bin/activate && pip install --upgrade pip"
pct exec $CTID -- sh -c "cd /home/nmaximo7/myNewPython && source .venv/bin/activate && pip install python-dotenv && pip install requests"
pct exec $CTID -- sh -c "chown -R nmaximo7:nmaximo7 /home/nmaximo7/myNewPython"

# Install SSH and rsync for file transfer capabilities from Proxmox node to the container
pct exec $CTID -- pacman -S --noconfirm openssh rsync
pct exec $CTID -- systemctl enable sshd
pct exec $CTID -- systemctl start sshd

# Enable root login (if needed) in /etc/ssh/sshd_config
pct exec $CTID -- sed -i 's/#\?PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
# Modify the SSH configuration on our Proxmox container to enable password authentication
pct exec $CTID -- sed -i 's/#\?PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
# After running these commands, don't forget to restart the SSH service inside your container to apply the changes.
pct exec $CTID -- systemctl restart sshd

# Display welcome message and system information
pct exec $CTID -- echo "Welcome master"
pct exec $CTID -- neofetch
pct exec $CTID -- echo "=============DISK USAGE================"
pct exec $CTID -- df -h | grep "^/dev/"
pct exec $CTID -- echo "=============MEMORY USAGE=============="
pct exec $CTID -- free -h
pct exec $CTID -- echo "=========TOP 5 CPU PROCESSES==========="
pct exec $CTID -- ps -eo pid,comm,%mem,%cpu --sort=-%cpu | head -n 6
pct exec $CTID -- sh -c "fortune | cowsay"

# Fetch weather information
pct exec $CTID -- curl -s 'wttr.in/Malaga?format=3'

# Display current date and time
pct exec $CTID -- date '+%d/%m/%Y %H:%M:%S'

# Display calendar
pct exec $CTID -- cal
echo "Client (NixOS Desktop Computer)"
echo "scp -r /home/nmaximo7/dotfiles/proxmox/myNewPython root@192.168.1.38:/root/terraform/"
echo "Proxmox. Post Installation"
echo "sh /home/nmaximo7/homelab/mydockers/post-custom-arch-python.sh "

Set up password-less SSH access to the Proxmox server

Step 2. Allows password-less access to ProxMox (192.168.1.33) from our NixOS computer: ssh-copy-id root@192.168.1.33.

Using ssh-copy-id is an effective way to set up password-less SSH access. By copying your public key to the Proxmox server, you ensure that your NixOS computer can connect (SSH) without requiring a password each time.

Transferring Python Project from Local Machine to Proxmox VM

Step 3. When your Proxmox (at 192.168.1.33) is reachable directly (i.e., you can SSH into 192.168.1.33 from your NixOS Desktop computer), copy from your destop/laptop to Proxmox (192.168.1.33) the necessary Python files (Python code files .py, .env (environment variables), requirements.txt, assets dictory, and any other necessary files from your NixOS setup to your Proxmox server): scp -r /path/on/NixOS/myNewPython/ root@192.168.1.33:/path/on/Proxmox/backup/, e.g., scp -r /home/nmaximo7/dotfiles/proxmox/myNewPython root@192.168.1.33:/root/terraform/

The scp (secure copy) command is a great way to transfer files between your NixOS Desktop and your Proxmox server. -r stands for recursive, which is used to copy directories and their contents. Make sure you’ve already set up password-less SSH access, as this will streamline the process.

Transferring Python Project from ProxMox to your VM

Step 4. Copy from ProxMox the necessary files to your VM: scp -r /root/terraform/myNewPython/ root@192.168.1.38:/home/nmaximo7/backup/

Remote Host Identification Has Changed

You may find this problem. This means that the SSH host key for the remote server has changed (e.g., the server was reinstalled or its SSH configuration was modified) since the last time you connected. SSH uses host keys to verify the identity of the server you are connecting to, preventing man-in-the-middle attacks

scp -r /root/terraform/myNewPython/ root@192.168.1.38:/home/nmaximo7/backup/
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:tOrb9W2PZlmu8fegrEZVrZbXGvfz7NKuAFrj6PpV0MA.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:9
  remove with:
  ssh-keygen -f "/root/.ssh/known_hosts" -R "192.168.1.38"
Host key for 192.168.1.38 has changed and you have requested strict checking.
Host key verification failed.
scp: Connection closed

# SOLUTION
ssh-keygen -f "/root/.ssh/known_hosts" -R "192.168.1.38"
# This command will remove the entry for 192.168.1.38, allowing you to add the new key the next time you connect.

Post-installation configuration

Step 5. Post-installation configuration in the VM (192.168.1.38): sh /home/nmaximo7/homelab/mydockers/post-custom-arch-python.sh

This script automates the post-installation configuration for a Python project running within a Proxmox container. It handles the setup of SSH keys for secure access, transfers the project files, and prepares the Python environment for development.

#!/bin/bash
# nvim post-custom-arch-python.sh

CTID="308" # Container ID for reference
VM_IP="192.168.1.38" # IP address of the Container
SOURCE_PATH="/root/terraform/myNewPython/" # Local path of the source directory
DEST_PATH="/home/nmaximo7/backup/" # Destination path on the container

# 1.  Generate an SSH key if it does not already exist
if [ ! -f ~/.ssh/id_rsa ]; then
    ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
     # Create a new RSA key without a passphrase
fi

# 2. Copy the public key to the VM (you'll be asked for the VM's root password once) - It's already done!-
ssh-copy-id -i ~/.ssh/id_rsa.pub "root@${VM_IP}"
# Install the public key on the Container for passwordless SSH login

# 3. Transfer the directory (This step is marked as already done!)
scp -r "${SOURCE_PATH}" "root@${VM_IP}:${DEST_PATH}"
# Securely copy the entire (-r) source directory ("/root/terraform/myNewPython/") from the local system (ProxMox) to the container's destination path ("/home/nmaximo7/backup/")

# After the file transfer, the script prints a message confirming that the files were copied successfully from Proxmox to the destination on the container.
echo "Done. Files from ${SOURCE_PATH} copied to ${DEST_PATH} on VM ${VM_IP}."

# Copy the necessary files (Python source files *.py, environment file .env, requirements file (requirements.txt), and assets directory) from the VM's backup directory to the specified directory in the container.
pct exec $CTID -- sh -c "cp /home/nmaximo7/backup/myNewPython/*.py /home/nmaximo7/myNewPython"
pct exec $CTID -- cp /home/nmaximo7/backup/myNewPython/.env /home/nmaximo7/myNewPython
pct exec $CTID -- cp /home/nmaximo7/backup/myNewPython/requirements.txt /home/nmaximo7/myNewPython
pct exec $CTID -- cp -r /home/nmaximo7/backup/myNewPython/assets /home/nmaximo7/myNewPython

# Activate the virtual environment and install required Python packages listed in requirements.txt
# The command ensures that the latest version of pip is installed before installing the project dependencies.
pct exec $CTID -- sh -c "cd /home/nmaximo7/myNewPython && source .venv/bin/activate && pip install --upgrade pip && pip install -r /home/nmaximo7/myNewPython/requirements.txt"

Step 6. Activate our Python environment and run our code.

# Navigate to the project directory
cd /home/nmaximo7/myNewPython/
# Activate the virtual environment
source .venv/bin/activate
# Run the Python script
python greeting.py
Bitcoin donation

JustToThePoint Copyright © 2011 - 2025 Anawim. ALL RIGHTS RESERVED. Bilingual e-books, articles, and videos to help your child and your entire family succeed, develop a healthy lifestyle, and have a lot of fun. Social Issues, Join us.

This website uses cookies to improve your navigation experience.
By continuing, you are consenting to our use of cookies, in accordance with our Cookies Policy and Website Terms and Conditions of use.