<\/p>\n\n\n\n
We are building a clean Docker gateway VM inside Proxmox.<\/p>\n\n\n\n
This VM will later run:<\/p>\n\n\n\n
Docker\nTraefik\nPortainer\nn8n\nPostgreSQL\nCloudflare wildcard SSL\n<\/code><\/pre>\n\n\n\nImportant design rule:<\/p>\n\n\n\n
Do not install Docker, Traefik, directly on the Proxmox host.\nKeep the Proxmox host clean.\nRun services inside VMs.\n<\/code><\/pre>\n\n\n\n
\n\n\n\nArchitecture<\/h1>\n\n\n\nHetzner Dedicated Server\n \u2193\nProxmox Host\n \u2193\nVM 100: docker-gateway\n \u2193\nDocker Engine\n \u2193\nTraefik container\n \n<\/code><\/pre>\n\n\n\nVM 100 uses a private network:<\/p>\n\n\n\n
Proxmox vmbr1: 10.10.100.1\/24\nVM 100: 10.10.100.100\/24\nGateway: 10.10.100.1\n<\/code><\/pre>\n\n\n\nTraefik runs inside VM 100, not on the Proxmox host.<\/p>\n\n\n\n
\n\n\n\nSecurity Strategy<\/h1>\n\n\n\n
For the first setup:<\/p>\n\n\n\n
Hetzner firewall: ON\nProxmox firewall: OFF\nTraefik: reverse proxy only\nPublic TCP 80\/443: do not open until Traefik is ready\n<\/code><\/pre>\n\n\n\nTraefik will later control:<\/p>\n\n\n\n
HTTP 80\nHTTPS 443\ndomain routing\nSSL certificates\nredirects\nmiddlewares\ndashboard protection\n<\/code><\/pre>\n\n\n\nTraefik does not<\/strong> control:<\/p>\n\n\n\nSSH\nProxmox firewall\nHetzner firewall\nJitsi UDP 10000\nTURN ports\nLinux kernel firewall\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 1 \u2014 Create VM 100 in Proxmox<\/h1>\n\n\n\n
Recommended VM settings:<\/p>\n\n\n\n
VM ID: 100\nName: docker-gateway\nOS: Debian 13 minimal\nCPU: 4 cores\nRAM: 8 GB\nDisk: 200 GB\nStorage: local-zfs\nNetwork: vmbr1\nModel: VirtIO\nFirewall: OFF\n<\/code><\/pre>\n\n\n\nUse Debian minimal install.<\/p>\n\n\n\n
During install, select only:<\/p>\n\n\n\n
standard system utilities\n<\/code><\/pre>\n\n\n\nIf there is no DHCP, continue without network and configure static networking later.<\/p>\n\n\n\n
\n\n\n\nStep 2 \u2014 Create Private Bridge vmbr1<\/code> on Proxmox<\/h1>\n\n\n\nIn Proxmox UI:<\/p>\n\n\n\n
pve1 \u2192 System \u2192 Network \u2192 Create \u2192 Linux Bridge\n<\/code><\/pre>\n\n\n\nUse:<\/p>\n\n\n\n
Name: vmbr1\nIPv4\/CIDR: 10.10.100.1\/24\nGateway: blank\nBridge ports: blank\nAutostart: checked\nVLAN aware: unchecked\nComment: Private VM NAT network\n<\/code><\/pre>\n\n\n\nDo not edit vmbr0<\/code>.<\/p>\n\n\n\nApply configuration.<\/p>\n\n\n\n
\n\n\n\nStep 3 \u2014 Connect VM 100 to vmbr1<\/code><\/h1>\n\n\n\nIn Proxmox:<\/p>\n\n\n\n
VM 100 \u2192 Hardware \u2192 Network Device \u2192 Edit\n<\/code><\/pre>\n\n\n\nSet:<\/p>\n\n\n\n
Bridge: vmbr1\nModel: VirtIO\nFirewall: OFF\n<\/code><\/pre>\n\n\n\nReboot VM 100.<\/p>\n\n\n\n
\n\n\n\nStep 4 \u2014 Configure Static IP inside VM 100<\/h1>\n\n\n\nRUN THIS ON: VM 100 console<\/h2>\n\n\n\n
Become root:<\/p>\n\n\n\n
su -\n<\/code><\/pre>\n\n\n\nEdit network config:<\/p>\n\n\n\n
nano \/etc\/network\/interfaces\n<\/code><\/pre>\n\n\n\nUse:<\/p>\n\n\n\n
auto lo\niface lo inet loopback\n\nauto ens18\niface ens18 inet static\n address 10.10.100.100\/24\n gateway 10.10.100.1\n dns-nameservers 1.1.1.1 8.8.8.8\n<\/code><\/pre>\n\n\n\nSave:<\/p>\n\n\n\n
CTRL + O\nEnter\nCTRL + X\n<\/code><\/pre>\n\n\n\nReboot:<\/p>\n\n\n\n
reboot\n<\/code><\/pre>\n\n\n\nTest private gateway:<\/p>\n\n\n\n
ping -c 3 10.10.100.1\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
3 packets transmitted, 3 received\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 5 \u2014 Add Proxmox NAT for VM Internet<\/h1>\n\n\n\nRUN THIS ON: Proxmox host over SSH<\/h2>\n\n\n\n
From Mac Terminal:<\/p>\n\n\n\n
ssh proxmox\n<\/code><\/pre>\n\n\n\nThen on Proxmox:<\/p>\n\n\n\n
sysctl -w net.ipv4.ip_forward=1\n<\/code><\/pre>\n\n\n\niptables -t nat -A POSTROUTING -s 10.10.100.0\/24 -o vmbr0 -j MASQUERADE\n<\/code><\/pre>\n\n\n\niptables -A FORWARD -i vmbr1 -o vmbr0 -s 10.10.100.0\/24 -j ACCEPT\n<\/code><\/pre>\n\n\n\niptables -A FORWARD -i vmbr0 -o vmbr1 -d 10.10.100.0\/24 -m state --state RELATED,ESTABLISHED -j ACCEPT\n<\/code><\/pre>\n\n\n\nTest from VM 100:<\/p>\n\n\n\n
ping -c 3 1.1.1.1\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
3 packets transmitted, 3 received\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 6 \u2014 Fix DNS inside VM 100<\/h1>\n\n\n\n
Important lesson learned:<\/p>\n\n\n\n
The correct file is:<\/p>\n\n\n\n
\/etc\/resolv.conf\n<\/code><\/pre>\n\n\n\nNot:<\/p>\n\n\n\n
\/etc\/resolve.conf\n<\/code><\/pre>\n\n\n\nIf DNS fails, check:<\/p>\n\n\n\n
RUN THIS ON: VM 100 console<\/h2>\n\n\n\nls -la \/etc\/resolv.conf \/etc\/resolve.conf 2>&1\n<\/code><\/pre>\n\n\n\nCorrect DNS file:<\/p>\n\n\n\n
nano \/etc\/resolv.conf\n<\/code><\/pre>\n\n\n\nUse:<\/p>\n\n\n\n
nameserver 1.1.1.1\nnameserver 8.8.8.8\n<\/code><\/pre>\n\n\n\nTest:<\/p>\n\n\n\n
ping -c 3 deb.debian.org\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
3 packets transmitted, 3 received\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 7 \u2014 Fix Debian APT Sources<\/h1>\n\n\n\n
Because Debian was installed without a network mirror, fix:<\/p>\n\n\n\n
RUN THIS ON: VM 100 console<\/h2>\n\n\n\nnano \/etc\/apt\/sources.list\n<\/code><\/pre>\n\n\n\nUse:<\/p>\n\n\n\n
# deb cdrom:[Debian GNU\/Linux 13.5.0 _Trixie_ - Official amd64 NETINST with firmware]\/ trixie contrib main non-free-firmware\n\ndeb http:\/\/deb.debian.org\/debian trixie main contrib non-free-firmware\ndeb http:\/\/deb.debian.org\/debian trixie-updates main contrib non-free-firmware\ndeb http:\/\/security.debian.org\/debian-security trixie-security main contrib non-free-firmware\n<\/code><\/pre>\n\n\n\nRun:<\/p>\n\n\n\n
apt update\n<\/code><\/pre>\n\n\n\nThen:<\/p>\n\n\n\n
apt upgrade -y\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 8 \u2014 Install Basic Tools<\/h1>\n\n\n\nRUN THIS ON: VM 100 console<\/h2>\n\n\n\napt install -y sudo openssh-server curl ca-certificates gnupg qemu-guest-agent\n<\/code><\/pre>\n\n\n\nEnable services:<\/p>\n\n\n\n
systemctl enable --now ssh\nsystemctl enable --now qemu-guest-agent\nusermod -aG sudo dockeradmin\n<\/code><\/pre>\n\n\n\nReboot:<\/p>\n\n\n\n
reboot\n<\/code><\/pre>\n\n\n\nLog in again and test:<\/p>\n\n\n\n
sudo whoami\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
root\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 9 \u2014 SSH into VM 100<\/h1>\n\n\n\n
From your Mac:<\/p>\n\n\n\n
RUN THIS ON: Mac Terminal<\/h2>\n\n\n\nssh proxmox\n<\/code><\/pre>\n\n\n\nThen:<\/p>\n\n\n\n
RUN THIS ON: Proxmox host over SSH<\/h2>\n\n\n\nssh dockeradmin@10.10.100.100\n<\/code><\/pre>\n\n\n\nSuccess prompt:<\/p>\n\n\n\n
dockeradmin@docker-gatway:~$\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 10 \u2014 Install Official Docker Engine<\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\nsudo apt update\n<\/code><\/pre>\n\n\n\nsudo apt install -y ca-certificates curl gnupg\n<\/code><\/pre>\n\n\n\nsudo install -m 0755 -d \/etc\/apt\/keyrings\n<\/code><\/pre>\n\n\n\ncurl -fsSL https:\/\/download.docker.com\/linux\/debian\/gpg | sudo gpg --dearmor -o \/etc\/apt\/keyrings\/docker.gpg\n<\/code><\/pre>\n\n\n\nsudo chmod a+r \/etc\/apt\/keyrings\/docker.gpg\n<\/code><\/pre>\n\n\n\nAdd Docker repo:<\/p>\n\n\n\n
echo \\\n \"deb [arch=$(dpkg --print-architecture) signed-by=\/etc\/apt\/keyrings\/docker.gpg] https:\/\/download.docker.com\/linux\/debian \\\n $(. \/etc\/os-release && echo \"$VERSION_CODENAME\") stable\" | \\\n sudo tee \/etc\/apt\/sources.list.d\/docker.list > \/dev\/null\n<\/code><\/pre>\n\n\n\nUpdate:<\/p>\n\n\n\n
sudo apt update\n<\/code><\/pre>\n\n\n\nInstall Docker:<\/p>\n\n\n\n
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin\n<\/code><\/pre>\n\n\n\nTest:<\/p>\n\n\n\n
sudo docker run hello-world\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
Hello from Docker!\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 11 \u2014 Use Docker Without Sudo<\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\nsudo usermod -aG docker dockeradmin\n<\/code><\/pre>\n\n\n\nRefresh session:<\/p>\n\n\n\n
newgrp docker\n<\/code><\/pre>\n\n\n\nTest:<\/p>\n\n\n\n
docker ps\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n<\/code><\/pre>\n\n\n\nTest Compose:<\/p>\n\n\n\n
docker compose version\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 12 \u2014 Create Docker Folder Structure<\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\nsudo mkdir -p \/opt\/docker\/{traefik,portainer,n8n,postgres}\n<\/code><\/pre>\n\n\n\nsudo chown -R dockeradmin:dockeradmin \/opt\/docker\n<\/code><\/pre>\n\n\n\nCreate Traefik network:<\/p>\n\n\n\n
docker network create proxy\n<\/code><\/pre>\n\n\n\nConfirm:<\/p>\n\n\n\n
docker network ls\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
proxy\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 13 \u2014 Make Proxmox NAT Persistent<\/h1>\n\n\n\nRUN THIS ON: Proxmox host over SSH<\/h2>\n\n\n\n
Create sysctl file:<\/p>\n\n\n\n
cat > \/etc\/sysctl.d\/99-vmbr1-nat.conf << 'EOF'\nnet.ipv4.ip_forward=1\nEOF\n\nsysctl --system\n<\/code><\/pre>\n\n\n\nCreate NAT script:<\/p>\n\n\n\n
cat > \/usr\/local\/sbin\/vmbr1-nat.sh << 'EOF'\n#!\/bin\/sh\nset -eu\n\nLAN_CIDR=\"10.10.100.0\/24\"\nLAN_IF=\"vmbr1\"\nWAN_IF=\"vmbr0\"\n\ncase \"${1:-start}\" in\n start)\n sysctl -w net.ipv4.ip_forward=1 >\/dev\/null\n\n iptables -t nat -C POSTROUTING -s \"$LAN_CIDR\" -o \"$WAN_IF\" -j MASQUERADE 2>\/dev\/null || \\\n iptables -t nat -A POSTROUTING -s \"$LAN_CIDR\" -o \"$WAN_IF\" -j MASQUERADE\n\n iptables -C FORWARD -s \"$LAN_CIDR\" -i \"$LAN_IF\" -o \"$WAN_IF\" -j ACCEPT 2>\/dev\/null || \\\n iptables -A FORWARD -s \"$LAN_CIDR\" -i \"$LAN_IF\" -o \"$WAN_IF\" -j ACCEPT\n\n iptables -C FORWARD -d \"$LAN_CIDR\" -i \"$WAN_IF\" -o \"$LAN_IF\" -m state --state RELATED,ESTABLISHED -j ACCEPT 2>\/dev\/null || \\\n iptables -A FORWARD -d \"$LAN_CIDR\" -i \"$WAN_IF\" -o \"$LAN_IF\" -m state --state RELATED,ESTABLISHED -j ACCEPT\n ;;\n\n stop)\n iptables -t nat -D POSTROUTING -s \"$LAN_CIDR\" -o \"$WAN_IF\" -j MASQUERADE 2>\/dev\/null || true\n iptables -D FORWARD -s \"$LAN_CIDR\" -i \"$LAN_IF\" -o \"$WAN_IF\" -j ACCEPT 2>\/dev\/null || true\n iptables -D FORWARD -d \"$LAN_CIDR\" -i \"$WAN_IF\" -o \"$LAN_IF\" -m state --state RELATED,ESTABLISHED -j ACCEPT 2>\/dev\/null || true\n ;;\n\n *)\n echo \"Usage: $0 {start|stop}\"\n exit 1\n ;;\nesac\nEOF\n\nchmod +x \/usr\/local\/sbin\/vmbr1-nat.sh\n<\/code><\/pre>\n\n\n\nCreate service:<\/p>\n\n\n\n
cat > \/etc\/systemd\/system\/vmbr1-nat.service << 'EOF'\n[Unit]\nDescription=Persistent NAT for Proxmox private VM network vmbr1\nAfter=network-online.target\nWants=network-online.target\n\n[Service]\nType=oneshot\nExecStart=\/usr\/local\/sbin\/vmbr1-nat.sh start\nExecStop=\/usr\/local\/sbin\/vmbr1-nat.sh stop\nRemainAfterExit=yes\n\n[Install]\nWantedBy=multi-user.target\nEOF\n<\/code><\/pre>\n\n\n\nEnable:<\/p>\n\n\n\n
systemctl daemon-reload\nsystemctl enable --now vmbr1-nat.service\n<\/code><\/pre>\n\n\n\nCheck:<\/p>\n\n\n\n
systemctl status vmbr1-nat.service --no-pager\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
Active: active (exited)\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 14 \u2014 Create Traefik YAML Files<\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\nmkdir -p \/opt\/docker\/traefik\/data\n\ntouch \/opt\/docker\/traefik\/docker-compose.yaml\ntouch \/opt\/docker\/traefik\/data\/traefik.yml\ntouch \/opt\/docker\/traefik\/data\/config.yml\ntouch \/opt\/docker\/traefik\/data\/acme.json\n\nchmod 600 \/opt\/docker\/traefik\/data\/acme.json\n<\/code><\/pre>\n\n\n\nConfirm:<\/p>\n\n\n\n
ls -la \/opt\/docker\/traefik\nls -la \/opt\/docker\/traefik\/data\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 15 \u2014 Create traefik.yml<\/code><\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\ncat > \/opt\/docker\/traefik\/data\/traefik.yml << 'EOF'\napi:\n dashboard: true\n\nentryPoints:\n http:\n address: \":80\"\n https:\n address: \":443\"\n\nproviders:\n docker:\n endpoint: \"unix:\/\/\/var\/run\/docker.sock\"\n exposedByDefault: false\n file:\n filename: \/config.yml\n watch: true\n\nlog:\n level: INFO\n\naccessLog: {}\nEOF\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 16 \u2014 Create config.yml<\/code><\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\ncat > \/opt\/docker\/traefik\/data\/config.yml << 'EOF'\nhttp:\n middlewares:\n security-headers:\n headers:\n frameDeny: true\n contentTypeNosniff: true\n browserXssFilter: true\n referrerPolicy: \"strict-origin-when-cross-origin\"\n customRequestHeaders:\n X-Forwarded-Proto: \"https\"\n\n https-redirect:\n redirectScheme:\n scheme: https\n permanent: true\nEOF\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 17 \u2014 Create Traefik docker-compose.yaml<\/code><\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\ncat > \/opt\/docker\/traefik\/docker-compose.yaml << 'EOF'\nservices:\n traefik:\n image: traefik:v3.6.2\n container_name: traefik\n restart: unless-stopped\n security_opt:\n - no-new-privileges:true\n networks:\n - proxy\n ports:\n - \"80:80\"\n - \"443:443\"\n volumes:\n - \/etc\/localtime:\/etc\/localtime:ro\n - \/var\/run\/docker.sock:\/var\/run\/docker.sock:ro\n - .\/data\/traefik.yml:\/traefik.yml:ro\n - .\/data\/config.yml:\/config.yml:ro\n - .\/data\/acme.json:\/acme.json\n\nnetworks:\n proxy:\n external: true\nEOF\n<\/code><\/pre>\n\n\n\nValidate:<\/p>\n\n\n\n
cd \/opt\/docker\/traefik\ndocker compose config\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
No YAML error\n<\/code><\/pre>\n\n\n\n
\n\n\n\nStep 18 \u2014 Start Traefik<\/h1>\n\n\n\nRUN THIS ON: VM 100 over SSH<\/h2>\n\n\n\n
Make sure you are inside:<\/p>\n\n\n\n
\/opt\/docker\/traefik\n<\/code><\/pre>\n\n\n\nRun:<\/p>\n\n\n\n
docker compose up -d\n<\/code><\/pre>\n\n\n\nCheck:<\/p>\n\n\n\n
docker ps\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
traefik Up\n<\/code><\/pre>\n\n\n\nCheck logs:<\/p>\n\n\n\n
docker logs traefik --tail=50\n<\/code><\/pre>\n\n\n\nSuccess:<\/p>\n\n\n\n
Traefik version 3.6.2\nStarting provider *file.Provider\nStarting provider *traefik.Provider\nStarting provider *docker.Provider\n<\/code><\/pre>\n\n\n\n
\n\n\n\nImportant Issue We Hit<\/h1>\n\n\n\n
Using:<\/p>\n\n\n\n
traefik:v3.0\n<\/code><\/pre>\n\n\n\ncaused this error:<\/p>\n\n\n\n
client version 1.24 is too old. Minimum supported API version is 1.40\n<\/code><\/pre>\n\n\n\nFix:<\/p>\n\n\n\n
sed -i 's\/image: traefik:v3.0\/image: traefik:v3.6.2\/' \/opt\/docker\/traefik\/docker-compose.yaml\n<\/code><\/pre>\n\n\n\nThen:<\/p>\n\n\n\n
cd \/opt\/docker\/traefik\ndocker compose pull\ndocker compose up -d\n<\/code><\/pre>\n\n\n\nAfter switching to:<\/p>\n\n\n\n
traefik:v3.6.2\n<\/code><\/pre>\n\n\n\nTraefik started cleanly.<\/p>\n\n\n\n
\n\n\n\nCurrent Status<\/h1>\n\n\n\nVM 100 installed\nPrivate NAT works\nPersistent NAT service active\nDNS works\nAPT works\nDocker installed\nDocker Compose installed\nDocker works without sudo\nTraefik files created\nTraefik running as container\nTraefik v3.6.2 works cleanly\n<\/code><\/pre>\n\n\n\nTraefik is listening inside VM 100 on:<\/p>\n\n\n\n
80\n443\n<\/code><\/pre>\n\n\n\nBut it is not publicly exposed yet because we have not opened public TCP 80\/443 in Hetzner firewall.<\/p>\n\n\n\n
\n\n\n\nNext Steps<\/h1>\n\n\n\n
After this tutorial stage:<\/p>\n\n\n\n
1. Install Portainer with YAML\n2. Add protected subdomain: portainer.[DOMAIN]\n3. Add protected subdomain: traefik.[DOMAIN]\n4. Add n8n with PostgreSQL\n5. Add Cloudflare DNS challenge\n6. Add wildcard SSL certificate\n7. Open TCP 80\/443 in Hetzner firewall only when ready\n8. Add WireGuard later for private admin access\n<\/code><\/pre>\n\n\n\nRecommended subdomains:<\/p>\n\n\n\n
traefik.[DOMAIN]\nportainer.[DOMAIN]\nn8n.[DOMAIN]\n<\/code><\/pre>\n\n\n\nDo not expose dashboards publicly without protection.<\/p>\n\n\n\n
Use:<\/p>\n\n\n\n
strong app passwords\nbasic auth where needed\nCloudflare protection if desired\nVPN\/IP allowlist later\n<\/code><\/pre>\n\n\n\n
\n","protected":false},"excerpt":{"rendered":"the Goal We are building a clean Docker gateway VM inside Proxmox. This VM will later…<\/p>\n","protected":false},"author":1,"featured_media":3284,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kadence_starter_templates_imported_post":false,"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"above","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[28,31,32,30],"tags":[],"class_list":["post-3283","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-docker","category-linux","category-proxmox","category-server"],"taxonomy_info":{"category":[{"value":28,"label":"Docker"},{"value":31,"label":"Linux"},{"value":32,"label":"proxmox"},{"value":30,"label":"Server"}]},"featured_image_src_large":["https:\/\/muhammadsoliman.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-29-2026-01_55_32-AM-1024x1024.png",1024,1024,true],"author_info":{"display_name":"Muhammad Soliman","author_link":"https:\/\/muhammadsoliman.com\/author\/muhmmad-soliman\/"},"comment_info":0,"category_info":[{"term_id":28,"name":"Docker","slug":"docker","term_group":0,"term_taxonomy_id":28,"taxonomy":"category","description":"","parent":0,"count":2,"filter":"raw","cat_ID":28,"category_count":2,"category_description":"","cat_name":"Docker","category_nicename":"docker","category_parent":0},{"term_id":31,"name":"Linux","slug":"linux","term_group":0,"term_taxonomy_id":31,"taxonomy":"category","description":"","parent":0,"count":2,"filter":"raw","cat_ID":31,"category_count":2,"category_description":"","cat_name":"Linux","category_nicename":"linux","category_parent":0},{"term_id":32,"name":"proxmox","slug":"proxmox","term_group":0,"term_taxonomy_id":32,"taxonomy":"category","description":"","parent":0,"count":1,"filter":"raw","cat_ID":32,"category_count":1,"category_description":"","cat_name":"proxmox","category_nicename":"proxmox","category_parent":0},{"term_id":30,"name":"Server","slug":"server","term_group":0,"term_taxonomy_id":30,"taxonomy":"category","description":"","parent":0,"count":2,"filter":"raw","cat_ID":30,"category_count":2,"category_description":"","cat_name":"Server","category_nicename":"server","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/posts\/3283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/comments?post=3283"}],"version-history":[{"count":3,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/posts\/3283\/revisions"}],"predecessor-version":[{"id":3288,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/posts\/3283\/revisions\/3288"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/media\/3284"}],"wp:attachment":[{"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/media?parent=3283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/categories?post=3283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/muhammadsoliman.com\/index.php\/wp-json\/wp\/v2\/tags?post=3283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}