This video series explains step-by-step how to create a complete website, from domain acquisition to WordPress configuration and a personalized email address.
🔹Episode 0: The Foundation. Proxmox Cluster and High Availability (HA)
“If it is not on a solid foundation, a website is just a sandcastle waiting for the first system error.”
Welcome to the beginning of a fascinating journey. Before buying domains or installing WordPress, we need to talk about where your future project will live. Most tutorials teach you to put a site on cheap hosting and hope it works. In this series, we do things differently: we build our own Enterprise-grade infrastructure.
Why start with a Cluster?
Imagine your server has a hardware problem in the middle of the night. In a standard setup, your site disappears. In a Proxmox Cluster with a Quorum Device (QDevice), the other server takes over immediately.
What you will learn in this preface:
Transforming ordinary hardware: How to link two mini-PCs (NUCs) into a single intelligent entity.
The Power of the Arbiter (QDevice): How a third device (even an old laptop with Ubuntu) can decide who stays online in case of failure.
Real-world troubleshooting: I won’t just show you the “perfect” version, but also how to overcome SSH permission errors, locked repositories, and network configurations that give even professionals a headache.
Author’s note: This episode is the foundation. It might be the most technical part of the series, but once you are finished, you will have a peace of mind that no $5 hosting service can offer: the certainty that your site tech.renuka.ro stands on indestructible infrastructure.
Guide: Configuring a Quorum Device (Arbiter) in Proxmox 8/9
When you have a cluster consisting of only two Proxmox nodes, you need a third vote to maintain a majority (Quorum) in case one server goes down. This role is fulfilled by a QDevice (a simple container or Linux PC).
a. Preparing Proxmox nodes (PVE1 and PVE2)
By default, Proxmox comes with “Enterprise” repositories enabled. For the free version, we must clean the apt sources to be able to install the corosync package.
Commands for cleaning and enabling No-Subscription sources:
Bash
# Removing enterprise sources (.list and .sources formats)
rm -f /etc/apt/sources.list.d/pve-enterprise.list
rm -f /etc/apt/sources.list.d/pve-enterprise.sources
rm -f /etc/apt/sources.list.d/ceph.sources
# Adding free sources
echo "deb http://download.proxmox.com/debian/pve trixie pve-no-subscription" > /etc/apt/sources.list.d/pve-no-sub.list
echo "deb http://download.proxmox.com/debian/ceph-squid trixie no-subscription" > /etc/apt/sources.list.d/ceph-no-sub.list
# Updating and installing the QDevice package
apt update && apt install corosync-qdevice -y
b. Preparing the Arbiter (Ubuntu / Debian – IP: 192.168.1.101)
The Arbiter needs the corosync network package and relaxed SSH access for initial configuration.
On the Arbiter:
Bash
sudo apt update && sudo apt install corosync-qnetd -y
Unlocking access for Proxmox (Solution for “Permission Denied”): Proxmox forces the connection through the root user. If we use another user (e.g., bogdan), we must move the keys:
Bash
# Execute on Ubuntu to allow root access with the user's key
sudo mkdir -p /root/.ssh
sudo cp /home/bogdan/.ssh/authorized_keys /root/.ssh/authorized_keys
sudo chmod 700 /root/.ssh
sudo chmod 600 /root/.ssh/authorized_keys
# Ensure SSH allows root login
sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sudo systemctl restart ssh
c. Linking the Cluster (The Great Union)
This command is executed only on the first Proxmox node (PVE1). It will generate the certificates and distribute them throughout the cluster.
On Proxmox (PVE1):
Bash
# Synchronizing SSH keys (if not already done)
ssh-copy-id [email protected]
# Final QDevice configuration
pvecm qdevice setup 192.168.1.101
d. Status Verification
To confirm that we now have 3 votes, use:
Bash
pvecm statusDesired result:
Total votes: 3
Quorum: 2
Flags: Quorate Qdevice
🔹 Episode 1: Choosing and buying a cheap domain – Namecheap –
1. Understanding the “Upselling” process (Avoiding unnecessary costs)
- Namecheap will suggest SSL, VPN, or Premium DNS in your cart. Do not check them! In the following episodes, I will show you how to get the same benefits (and even better) using Cloudflare and our own server. Why pay an annual subscription when you can have total control and zero costs?
2. “Privacy Protection” (WhoisGuard)
- While others charge you $10-15 a year just to keep your home address and phone number private, Namecheap offers this protection for FREE, for life.
⚠️ Watch out for “Renewal Price” and Auto-Billing
Even though Namecheap is one of the fairest platforms, you must be an informed buyer. Here are the two golden rules:
- Check the year 2 price
Many promotions (for example, .com domains at $5-6) are only valid for the first year. Before paying, look under the current price; you will see “Retail price” or “Renewal price”. Usually, this jumps to $14-16.
Tip: If your project is long-term, calculate your budget starting from the renewal price, not the promotional one.
- Turn off “Auto-Renew”
If you are just testing an idea and don’t want to find money taken from your card in 12 months, you must disable automatic renewal.
🔹 Episode 2: Configuring the Domain in Cloudflare + Free SSL
PREAMBLE
1. Why Cloudflare and not the paid SSL from Namecheap?
- In the previous episode, we refused the $10-15/year SSL offers. Why? Because Cloudflare offers us the same thing (and much more) for FREE. Cloudflare is not just an SSL certificate provider; it is a security shield (WAF), a site acceleration system, and a DNS manager much faster than the standard one.
2. “DNS Propagation” (Patience is key)
- After you change the Nameservers in Namecheap (https://www.google.com/search?q=ns1.cloudflare.com, https://www.google.com/search?q=ns2.cloudflare.com), you might panic if the site doesn’t work immediately. DNS Propagation can take anywhere from 5 minutes to 24 hours. Don’t start changing settings ten times; just check the status in Cloudflare until the green label appears: “Great news! Cloudflare is now protecting your site.”
⚠️ Pay Attention to SSL Configuration: “Full” vs “Flexible” Mode
Cloudflare offers several encryption options. Here’s what you need to know to avoid “Too many redirects” errors:
- Flexible Mode: Encrypts only the traffic between the visitor and Cloudflare. (Useful if your server has no SSL at all).
- Full / Full (Strict) Mode: Encrypts the entire path, from the visitor to your Proxmox/CyberPanel server.
Tip: Since we will be installing our own control panel in Episode 3, I recommend setting the Full mode now. It is the security standard for 2026.
Two “Must-Have” Settings in Cloudflare
Immediately activate these two options from the SSL/TLS -> Edge Certificates tab:
- Always Use HTTPS: Automatically redirects any visitor who types http:// to the secure https:// version. Zero effort, maximum security.
- Automatic HTTPS Rewrites: Fixes “Mixed Content” issues (when you have old images or scripts loading over insecure links).
🔹 Episode 3: Proxmox Installation and CyberPanel Container Creation
Installing Proxmox on a local server and configuring a container with CyberPanel.
🔹 Episode 4: Adding Domain to CyberPanel and WordPress Installation
Domain configuration in CyberPanel, WordPress installation with SSL.
🔹 Episode 5: Setting up a custom email address on the domain
Creating a [email protected] address and using it in webmail and external clients.
🔹 Episode 3: Installing Proxmox and Creating a Container for CyberPanel
Installing Proxmox on a local server and setting up a container with CyberPanel
🔹 Episode 4: Adding a Domain in CyberPanel and Installing WordPress
Configuring the domain in CyberPanel, installing WordPress with SSL.
🔹 Episode 5: Setting Up a Custom Email Address on the Domain
Creating the address [email protected] and using it in webmail and external clients.