Nov 27, 2024

AntMedia Server : Install and Configure in Ubuntu Server

AntMedia Server (AMS) is an Open-Source, Self-Hosted Video Streaming Platform. It supports steaming of pre-recorded videos to supported website such as Youtube, Twitch, HTML etc.

For more information, visit their official website at (https://antmedia.io/)


1. Ensure that you already have Ubuntu installed and updated with the latest packages. Also you need to have Apache2 web server pre-installed, up and running.


2. First, download the latest version of AntMedia Server Community Edition.


sudo wget https://github.com/ant-media/Ant-Media-Server/releases/download/ams-v2.11.3/ant-media-server-community-2.11.3.zip



3. Next is to download Installer Script file from AntMedia.


sudo wget -O install_ant-media-server.sh https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh



4. Now change the installer file to executable format.

sudo chmod +x install_ant-media-server.sh


5. To install the Community Edition, run the following command.

sudo ./install_ant-media-server.sh -i ant-media-server-community-2.11.3.zip


6. Configure the Apache Web Server.

sudo nano /etc/apache/sites-available/[domain.com].conf

Add the following configuration


<VirtualHost *:80>
   ServerAdmin webmaster@localhost
   ServerName [domain.com]

   ErrorLog /var/log/apache2/[domain.com]/error.log
   CustomLog /var/log/apache2/[domain.com]/access.log

   ProxyRequest off
   ProxyPass / http://127.0.0.1:5080/
   ProxyPassReverse / http://127.0.0.1:5080/

</VirtualHost>



7. Enable Apache modules accordingly.

sudo a2enmod proxy proxy_http


8. Enable the new virtual site.

sudo a2ensite [domain.com].conf


9. Enable SSL for AntMedia Server.

cd /usr/local/antmedia

sudo ./enable_ssl.sh -d [domain.com]


10. Ensure the following ports is accessible to the server.

Port Number

Protocol

Descriptions

80

TCP

SSL

5080

TCP

HTTP

5443

TCP

HTTPS

4200

UDP

SRT

1935

TCP

RTMP

50000 - 60000

UDP

WebRTC

5000

TCP

Multi-Nodes Cluster (optional)



11. Restart Apache Server.

sudo systemctl restart apache2


12. Open your favorite browser (eg. Google Chrome), browse the following URL.

http://[domain.com]:5080


13. Once the page have been loaded, you will be prompted to create the first administrator account. Procced to create the admin account and login afterward.


!!! HAPPY COMPUTING !!!

Nov 21, 2024

Proxmox Backup Server (PBS) : Setup No Subscription Repository

For the Proxmox Backup Server (PBS), to use it as a Community Edition. We need to setup the "No Subscriptions" repository.

This methods is only for Hobbyist, Developer and alike, not recommended for Production environment.


1. Login to PBS WebUI and select "Console", then type the following command.

nano /etc/apt/sources.list.d/pve-enterprise.list


2. Comment out the Enterprise Repository by adding a "#" sign at the front.


3. Then add the following line for the No Subscription Repository.

deb http://download.proxmox.com/debian/pbs bookworm pbs-no-subscription

* The "bookworm" is the debian release code name and may change, thus change the name accordingly.


4. Next, is to run the Update.

apt update && apt upgrade -y


5. Finally, restart the server.

reboot



!!! HAPPY COMPUTING !!!

Nov 18, 2024

NextCloud Install in Ubuntu Server

NextCloud is an Open Source, Self-Hosted or Cloud Hosted, File Sync and Sharing Platform. It's Secure, Private and Easy to use. Compatible with Windows, Linux, Android and Apple iOS devices.

This is assuming that you already have Ubuntu Server installed, patched and updated.

1. Download the latest version of NextCloud.

sudo wget https://download.nextcloud.com/server/releases/latest.zip


2. Install some required packages.


sudo apt install libmagickcore-6.q16-6-extra php php-apcu php-bcmath php-cli php-common php-curl php-gd php-gmp php-imagick php-intl php-mbstring php-mysql php-zip php-xml -y



3. Install Marid DB Server.

sudo apt install mariadb-server -y


4. Secure Marid DB installation, follow on-screen prompt and instructions.

sudo mysql_secure_installation


5. Configure Maria DB Server.


CREATE DATABASE nextcloud;

SHOW DATABASES;

GRANT ALL PRIVILEGES ON nextcloud.* TO 'ncuser'@'localhost' IDENTIFIED BY 'ncpass';

FLUSH PRIVILEGES;

QUIT;



6. Enable PHP Modules.

sudo phpenmod apcu bcmath gmp imagick intl


7. Install Unzip Apps.

sudo apt install unzip -y


8. Unzip the downloaded NextCloud file.

sudo unzip latest.zip


9. Copy and Rename the extracted NextCloud folder.

sudo cp nextcloud demo.com


10. Move the renamed folder to Apache server path.

sudo mv demo.com /var/www/


11. Grant permissions to NextCloud folder.

sudo chwon -R www-data:www-data /var/www/demo.com


12. Create Apache configuration file for NextCloud.


<VirtualHost *:80>
   ServerAdmin webmaster@local.com
   ServerName demo.com
   DocumentRoot /var/www/demo.com

   <Directory /var/www/demo.com>
     Options MultiViews FollowSymlinks
     AllowOverride All
     Order allow,deny
     Allow from all
   </Directory>

   ErrorLog /var/log/apache2/demo.com/error.log
   TransferLog /var/log/apache2/demo.com/access.log

  <IfModule mod_headers.c>
     Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
   </IfModule>

</VirtualHost>



13. Configure and modify PHP file. Modify the value according to your requirements.


memory_limit = 512M

upload_max_filesize = 512M

max_execution_time = 360

post_max_size = 512M

date.timezone = Asia/Kuala_Lumpur

opcache.enable = 1

opcache.interned_strings_buffer = 16

opcache.max_accelerated_files = 10000

opcache.memory_consumption = 128

opcache.save_comments = 1

opcache.revalidate_freq = 1



14. Enabled Apache modules for NextCloud use.

sudo a2enmod dir env headers mime rewrite ssl


15. Enable APCU module in PHP.

sudo nano /etc/php/8.3/mods-available/apcu.ini

add the following line :-

apc.enable_cli = 1


16. Open your favorite browser, such as Google Chrome browser. And type the URL of NextCloud server (eg. http://demo.com). At the main screen, you need to configure the NextCloud Database (eg. nextcloud) created earlier including its username (eg. ncuser) & password (eg. ncpass). You also need to create the First Administrator account with a valid email address too.


17. NextCloud screen will auto refresh upon successful connection to the database, now login with the new administrator account created in earlier step.


18. Secure NextCloud with Let's Encrypt SSL.

sudo certbot --apache


19. Fix missing Indices in NextCloud.

sudo chmod +x /var/www/demo.com/occ

sudo /var/www/demo.com/occ db:add-missing-indices

sudo chmod -x /var/www/demo.com/occ


20. Change permissions of NextCloud config file.

sudo chmod 660 /var/www/demo.com/config/config.php

sudo chown root:www-data /var/www/demo.com/config/config.php


21. Modify NextCloud configuration file.

sudo nano /var/www/demo.com/config/config.php

Modify the following lines according to you needs :-


'memcache.local' => '\OC\Memcache\APCu',

'default_phone_region' => 'MY',

'maintenance_window_start' => 1,

'filelocking.enabled' => true,

'memcache.locking' => '\OC\MemCache\APCu',



22. Restart Apache server.

sudo systemctl restart apache2


23. Configure Crontab.

sudo crontab -u www-data -e

Add the following line :-

00 * * * 1 php -f /var/www/demo.com/cron.php



OPTIONAL STEPS

24. Remove Skeleton Files and Folders when User account is created.

sudo rm -R /var/www/demo.com/core/skeleton/Templates


25. Remove Work Flow Engine, to prevent User from installing WorkFlow.


sudo /var/www/demo.com/occ config:app:set workflowengine user_scope_disabled --value yes



26. Install "Redis" as MemCache for NextCloud.

sudo apt install redis php-redis -y

sudo systemctl enable redis

sudo systemctl start redis

sudo nano /var/www/demo.com/config/config.php


'memcache.local' => '\OC\Memcache\Redis',

'memcache.locking' => '\OC\Memcache\Redis',

'redis' => array(
     'host' => '/var/run/redis/redis.sock'.
     'port' => 0,
     'timemout' => 0.0,
     ),


sudo nano /etc/redis/redis.conf


unixsocket /var/run/redis/redis.sock

unixsocketperm 660


sudo usermod -aG redis www-data

sudo systemctl restart redis


27. If Redis is distributed, add following line into NextCloud config file :-

'memcache.distributed' => '\OC\Memcache\MemCached',


28. To clear all NextCloud log entries.

sudo -u www-data truncate /var/www/demo.com/data/nextcloud.log --size=0



!!! HAPPY COMPUTING !!!


Oct 3, 2024

Command : Rename Multiple Files via Batch Script

Rename multiple files via batch script. Some times you need to rename multiple files and instead of renaming each file individually or relying on some 3rd party apps, you can now just use a simple batch script to achieve the same results.




@echo off
setlocal enabledelayedexpansion

set prefix="[Filename]"
set count=1

for %%f in (*.[Extension]) do (
    set formattedCount=00!count!
    set formattedCount=!formattedCount:~2!

    ren "%%f" "!prefix!!formattedCount!.[Extension]"
    set /a count+=1
)

echo Done renaming files.
pause



!!! HAPPY COMPUTING !!!

Aug 16, 2024

Windows : Microsoft Edge Browser with Script

Sometimes we just need to create a shortcut that run Microsoft Edge browser to a specific URL or Website. This could be achieved easily if your "Default" browser is configured to Microsoft Edge, but what if your computer have 2 or more browsers like Google Chrome ?

This is especially true if the "Default" browser is configured to Google Chrome and that specific URL or Website only works with Microsoft Edge.

Thus by simply creating a shortcut to open that specific URL will only opens up Google Chrome instead of Microsoft Edge which is a bummer.

Let's get started :-

1. First you will need to create .vbs file with the following code.


Set Edge = CreateObject("WScript.Shell")
Edge.Run "msedge.exe https://demo.com"


* Replaced https://demo.com with your specific URL.

2. Save the above file as "edge.vbs", you can of course name it whatever filename you want.


3. Then create the shortcut to that "edge.vbs" on your desktop or any location you preferred.


4. If you want Microsoft Edge to open up with "Maximized" screen, just add the following line into .vbs file.


Set Edge = CreateObject("WScript.Shell")
Edge.Run "msedge.exe https://demo.com", 3, false



Now Microsoft Edge will open that specific website in maximized screen.


!!! HAPPY COMPUTING !!!

Jul 29, 2024

Ubuntu : Install Samba Server

How to install Samba Server in Ubuntu Server v.22.04.4

1. As usual, update Ubuntu's repositories.

sudo apt update && sudo apt upgrade -y


2. Install the Samba server.

sudo apt install samba -y


3. To verify the Samba installation.

sudo whereis samba

OR

sudo samba -v

OR

sudo systemctl status smbd


4. Make a backup of Samba's configuration file.

sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak


5. Edit the Samba's configuration file.

sudo nano /etc/samba/smb.conf


6. Browse to the end of the file and add in the following configurations.

[global]
   server string = [Hostname]

[samba_share]
   comment = Samba Shared Folder
   path = /mnt/samba_share
   browsable = yes
   writable = yes
   read only = no
   guest ok = no
   valid users = [Samba Username]




7. Assign the proper permissions to the shared folder.

sudo chmod -R 755 /mnt/samba_share


8. Create a new Samba user.

sudo smbpasswd -a [Username]
*Note : you will be prompted to key-in the user's password.


9. Enable the created User for Samba access.

sudo smbpasswd -e [Username]


10. Test the Samba configuration.

sudo testparm


11. Restart Samba service for the new configurations.

sudo systemctl restart smbd


12. Test the Samba connections using another computer and with the credentials created.


!!! HAPPY COMPUTING !!!

Jul 28, 2024

HP Z800 Workstation : Update Firmware for LSI 1068E Controller

The LSI 1068E SAS/SATA RAID Controller is an embedded controller available in HP Z800 Workstation system. But the supported RAID level on this controller is RAID-0, RAID-1 and RAID-1E which is not suitable, due to the hardware designed you are not able to do RAID-5.

As such it makes sense to just update the firmware to IT Mode (Initiator-Target Mode) so that you can make use of ZFS that mostly found in TrueNAS, UnRaid, Proxmox VE etc.

The problems is that the LSI 1068E firmware are custom and specially made for HP Z series and there are no download available to change the controller to IT Mode. However someone on the Internet managed to find out that the 1068E chip is the same chip as 3081E (or compatible).


Pre-requisites :-
  1. A 4GB or larger USB Flash drive.
  2. LSI 3081E Firmware and MPT ROM files (https://www.broadcom.com/support/download-search?pg=Legacy+Products&pf=Legacy+Host+Bus+Adapters&pn=LSI+SAS+3081E-R&pa=Firmware&po=&dk=&pl=&l=false).
  3. Rufus Utility (https://rufus.ie/en/).

Steps-By-Steps :-

1. Prepare the USB Flash drive with Rufus, at the "Boot Selection" dropdown, select --> FreeDOS option.



2. Once completed, extract the downloaded firmware file into the USB flash drive, you might want to create a simple and short folder name for it (eg. SAS3918E).

You need to copy "sasflash.exe" from "SASflash_DOS_rel" folder and replace the existing file in the main folder. This is because the existing file in the main folder is for Windows use and not for DOS use, thus replacing the file is IMPORTANT.


3. Then plugin the USB flash drive to HP Z800 Workstation and boot the computer via the USB flash drive. You might need to press --> [F9] key to invoke the "Boot menu selection".


4. Once booted up, type the following command --> sasflash.exe -list

You should see the result something similar as below screenshot. Take note on the "Controller" where the "(B3)" is the type of the controller version. And also the "SAS Address" displayed, you might need this info at a later stage. Write it down or take a screenshot of the information.



5. Next is to run the batch file to update it, type --> hbaFlash.bat

The batch file will prompt you multiple questions, just follow the on-screen instructions. Below are just an example of my run :-


     Welcome to LSI Logic Integrated SAS Flash Utility
     This Utility will upgrade your LSI SAS HBA 


            !!!             WARNING              !!!
            !!! LSI strongly recommends you save !!!
            !!!  the existing firmware and BIOS  !!!
            !!!    currently installed on your   !!!
            !!!          SAS Controller          !!!


     Your existing firmware will be saved as Firmware.fw
     Your existing BIOS will be saved as     BIOS.rom
     in the current directory


     press y or n     (yes or no) ? Y

     Saving old firmware and BIOS

sasflash -ufirmware Firmware.fw
sasflash -ubios BIOS.rom



TO FLASH  3080     press  1
TO FLASH  3081     press  2
TO FLASH  3800     press  3
TO FLASH  3801     press  4
TO FLASH  3442     press  5
TO FLASH  3041     press  6
TO FLASH  3444     press  7
TO FLASH  31601    press  8

TO EXIT press 9

press 1 to 9 ? 2



The HBA is PCI-X or PCIe
For PCI-X press  X or x
For PCIe  press  E or e

To Exit press    Q or q

press X, E or Q ? E



IR or IT Firmware

For Integrated RAID (IR) press   R or r
For Initator-Target (IT) press   T or t

TO EXIT press   q

press R, T or q ? T



Which Chip Version?
For A3  press  1
For A4  press  2
For B0  press  3
For B1  press  4
For B2  press  5
For B3  press  6

To Exit press  7

press 1 to 6 (or 7 to quit) ? 6



You have selected 3081PCI-e T firmware with chip B3

sasflash -f 3081ETB3.fw -b MPTSAS.ROM

OK to Flash  press  F or f

TO EXIT press       q

TO EXIT press       q ? F

sasflash -o -f 3081ETB3.fw -b MPTSAS.ROM



6. Once the Flash have completed, type --> sasflash.exe -list 
to confirm the results of the flash, it should have the results as per screenshot below.



7. If for some reasons, the "SAS Address" displaying an error or have a "xxxxxxx-x-xxxx-xxxx" as a results, then you will need to change the address manually.

Type --> sasflash.exe -o -sasadd [your SAS Address]

Example:
sasflash.exe -o -sasadd 5001458007d1e026


8. Type --> sasflash.exe -list to confirm the changes of the "SAS Address", if the results is the same as per mine then you are good to go.


9. Reboot the computer and unplug the USB flash drive. During the normal boot-up process, you should see the new firmware version, new BIOS version and the new Mode displayed during the initialization of the HDDs.


!!! HAPPY COMPUTING !!!

Proxmox : Graphics Issues During Installation

During the installation of Proxmox VE, you may or may not encounter issues with graphics card. Some graphics card tends to run at a very high resolutions thus your existing Monitor may not able to support such high resolutions.

The solutions is to run Proxmox VE installation in "Terminal Mode" and modify the boot configurations prior to the boot-up process.


1. At the Main Menu screen, select --> Install Proxmox VE (Terminal UI) and press --> E




2. Find the following line "linux" and add "nomodeset" at the end of the line.




3. Press --> [CRTL] + [X] to continue boot.


Now your display should match your monitor's supported resolutions and the installation will continue.


!!! HAPPY COMPUTING !!!


Jul 18, 2024

Windows : DISM Error "0x800f081f"

Fixing the DISM Error "0x800f081f". Depending on what you are trying to achieve, in my case is the failure of installing .NET Framework 3.5 in Windows Server 2012 R2 Std 64-bit.

The error message :


Error: 0x800f081f

The source files could not be found.
Use the "Source" option to specify the location of the files that are required to restore the feature. For more information on specifying a source location, see http://go.microsoft.com/fwlink/?LinkId=243077.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log



1. Check the Windows Protected files scan.

sfc /scannow

Results with error :


Beginning system scan. This process will take some time.

Beginning verification phase of the system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently not supported in offline servicing scenarios.



2. Scan the image with dism.

dism /online /cleanup-image /scanhealth

Results with error :


Deployment Image Servicing and Management tool
Version: 6.3.9600.19408

Image Version: 6.3.9600.19397

[==============================100.0%============================]

Error: 0x800f081f

The source files could not be found. Use the "Source" option to specify the location of the files that are required to restore the feature. For more information on specifying a source location, see http://go.microsoft.com/fwlink/?LinkId=243077.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log



3. Repairing the files.

dism /online /cleanup-image /restorehealth /source:D:\sources\install.wim /limitaccess


4. Once completed, restart the computer and proceed to install the .NET Framework 3.5

dism /online /enable-feature /featurename:NetFX3 /All /Source:D:\sources\sxs /LimitAccess


5. Once done, restart the computer again and the new features is already installed.


!!!HAPPY COMPUTING !!!


Windows 11 : Classic Context (Right-Click) Menu

No idea what Microsoft is thinking when they designed the Windows 11 OS, the additional "clicks" required to just access the "Context (Right-Click) Menu" is so inconvenience and troublesome to Users.

To resolve this, a simple registry modification is required :-

1. Open --> regedit.exe

2. Browse --> HKEY_CURRENT_USER\Software\Classes\CLSID

3. Create a new "Key" --> {86ca1aa0-34aa-4e8b-a509-50c905bae2a2}

4. Then create a "Sub" key under the newly created key --> InprocServer32

5. Under the "InprocServer32" key, modify the string value of --> (Default) = [Blank]

Before :-

After :-



6. Once done, close all applications and restart the computer.

The old / classic context menu is now available automatically.


!!! HAPPY COMPUTING !!!

Jul 2, 2024

Proxmox : Delete Existing HDD with Data

Sometimes we just added or swapped a faulty HDD in Proxmox, but the data that resides in that HDD is preventing Proxmox from using it.

This also happens if the HDD was previously used by another Proxmox VE server, as data inside the HDD already marked/flag with that Proxmox server.

To make use of that HDD, we need to first clear the flag.

1. Open --> Shell


2. Run the disk manager.

fdisk /dev/sda

* Assuming the device you wanted to remove the partitions is [sda].


3. It will display a list of available options, press the corresponding number (eg. Delete --> D).


4. To Save and Exit, press --> W


5. Now to remove the flags.

sgdisk --zap-all /dev/sda


6. Reboot the host server.


7. Login back Promox VE WebUI, goto --> Node --> Disk.


8. Select the HDD and click --> Wipe Disk button.


9. Then click --> Initialize GPT button.


10. Now the HDD is ready for use.



!!! HAPPY COMPUTING !!!

Jul 1, 2024

Proxmox : Let's Encrypt SSL Certificate

How to install the FREE Let's Encrypt SSL Certificate for Proxmox VE host.

Pre-requisites.
1. Ensure that your router or firewall have port forwarding to the Proxmox VE server with the following ports :-

        a) 80/tcp
        b) 443/tcp
        c) 8006/tcp

2. You also need a valid or working email account, any free email account will work. The purpose of the email is for Let's Encrypt to send you email notification for the renewal of the SSL certificate after 90 days.


Let's Get Started.

1. Login to your Proxmox server, and select the primary host/node.

2. Browse to --> System --> Certificates.

3. Click --> Add ACME Account.

4. Fill-in the required information :-

        a) Account Name: [Any valid Name will do, such as "demouser"]
        b) E-Mail: [must be a valid email address]

5. Next, click --> Add.

        a) Challenge Type: HTTP
        b) Domain: [a valid Domain name or Dynamic Domain Name]

6. Then, click --> Order Certificates Now.

7. Once all done, close all browsers.

8. Open back the browser but this time use the new domain URL with "HTTPS" protocol, and you should now be able to see the new certificates was installed and active.


!!! HAPPY COMPUTING !!!

Edit : 3-Jul-2024 : I've noticed that after installing the SSL Certificate, any new VM creation will caused the installation to failed. Unsure what is the problems, maybe VLAN issue ?

But after removing the SSL Certificate & restarted the Host server, everything seems to be working back to normal.





Jun 27, 2024

Proxmox : PCIe Passthrough

How to passthrough a PCIe or On-Board device/controller in Proxmox VE v.8.2.4.

At times you might want to passthrough certain devices or controller to a VM Guest for full access and control. This can be a GPU, RAID Controller, NIC etc. This is very useful in scenario such as testing a NAS (TrueNAS).

Pre-requisites :-

1. System CPU must support IOMMU (I/O Memory Management Unit) interrupt remapping. Usually this is called Intel VT-d or AMD-Vi or similar names. Most newer Mainboard and CPU already have such features.

2. This passthrough methods means the entire device or controller is no longer in use by Proxmox VE itself and only manage by the VM Guest. This means you cannot passthrough a controller where the "Boot-Pool" is connected. It must be a separate controller or device.


Scenario :-

My test system or home lab system is a HP Z800 WorkStation series with the following hardware configurations, if your system is newer than mine then most probably it will works too :-

  • Dual Intel Xeon X5660 2.80Ghz, 6-Cores, 12-Threads, 12MB-Cache.
  • 96GB DDR3 1333Mhz ECC RAM.
  • Intel 5520 Chipset.
  • On-board Intel Matrix 6-ports SATA/RAID Controller.
  • On-board LSI 1068E 8-ports SAS/SATA Controller.
  • LSI 9212-4i SAS/SATA 4-ports PCIe Controller.

The "LSI 9212-4i SAS/SATA 4-ports PCIe Controller" is where Proxmox VE is installed, thus I cannot passthrough this controller.


Let's Get Started :-

1. Login to the Proxmox VE's WebUI.


2. Select the Node, in this case I have only a single node.


3. Open --> Shell


4. Verify that your system have IOMMU enabled.

 dmesg | grep -e DMAR -e IOMMU -e AMD-Vi

The results should shows "DMAR: IOMMU enabled" OR "DMAR: Intel(R) Virtualization Technology for Directed I/O". If either of these is missing then you need to check your BIOS/UEFI whether those virtualization technology are enabled.


5. Edit the "Kernel" file.

nano /etc/kernel/cmdline

Add the following line to the file.

root=ZFS=rpool/ROOT/pve-1 boot=zfs intel_iommu=on

If your CPU is and AMD type, then add "amd_iommu=on" to it.


6. Next is to edit the "Modules" file.

nano /etc/modules

Add the following into the file.

vfio
vfio_iommu_type1
vfio_pci
vfio_virqfd


7. Now we also need to edit the "GRUB" file.

nano /etc/default/grub

Look for the following line and append the line as shown.

GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on"

If your CPU is and AMD type, then add "amd_iommu=on" to it.


8. Once all done, we need to refresh the "Proxmox" boot.

proxmox-boot-tool refresh


9. Update the "initfamfs" also.

update-initramfs -u -k all


10. Next is to update "GRUB" also.

update-grub


11. Finally, we need to REBOOT the Proxmox VE host server.


12. After reboot, verify the "IOMMU" configuration.

dmesg | grep -e DMAR -e IOMMU -e AMD-Vi

Results :-
DMAR: IOMMU enabled OR DMAR: Intel(R) Virtualization Technology for Directed I/O


13. Verify "vfio" configuration.

lsmod | grep vfio

Results :-
vfio_pci          49152    0
vfio_virqfd          16384    1 vfio_pci
irqbypass                  16384    2 vfio_pci,kvm
vfio_iommu_type1   32768    0
vfio                           32768    2 vfio_iommu_type1,vfio_pci


14. Verify "Interrupt Remapping" configuration.

dmesg | grep 'remapping'

Results :-
AMD-Vi: Interrupt remapping enabled OR DMAR-IR: Enabled IRQ remapping in 2xapic mode (only for older CPU model)

If you encounter an error message on the remapping interrupts, type the following command and reboot the Proxmox server again.

echo "options vfio_iommu_type1 allow_unsafe_interrupts=1" > /etc/modprobe.d/iommu_unsafe_interrupts.conf



15. Now you can create a VM and passthrough a PCIe device to that VM. Take note you need to ensure the "Machine = q35" else it will not work.

Also note that the device must not be in the same IOMMU Group, if the device is in the same group of another device then high chances it will not work or the entire group will also be passthrough to the VM.


For more information :-
!!! HAPPY COMPUTING !!!