Fix no-subscription-hack

Update postinstall

README.md

@@ -1,30 +1,50 @@
 # proxmox-zfs-postinstall
 
-This script installs and configures basic tools for running a Proxmox Server.
+This script installs and configures essential and advanced tools for a new Proxmox Server (Version 8+), with ZFS storage. All settings are made interactively via Dialog/Whiptail.
-Following settings are made:
+
-- Install and configure zfs-auto-snapshot
+> [!IMPORTANT]  
-- Switch pve-enterprise/pve-no-subscription/pvetest repo
+> Please download the updated version of this script and re-run, if your Proxmox WebUI doesn't show up after update to 8.4.5 or 9.0.0 beta
-- Switch ceph repo between quincy/reef and enterprise/no-subscription/test or remove it
+
-- Disable "No subscription message" in webinterface in no-subscription mode
+## Features
-- Add pve-enterprise subscription key
+- Configure ZFS ARC Cache (optimizes RAM usage for ZFS)
+- Configure vm.swappiness (kernel swap behavior)
+- Install and configure zfs-auto-snapshot (automatic ZFS snapshots, individually configurable)
+- Switch between pve-enterprise, pve-no-subscription, pvetest repositories
+- Switch Ceph repo between quincy/reef and enterprise/no-subscription/test or remove it
+- Disable "No subscription message" in web interface (for no-subscription)
+- Add pve-enterprise subscription key (optional)
 - Update system to the latest version
-- Install common tools
+- Install common tools (curl, git, htop, etc.)
 - Install Proxmox SDN Extensions
-- Configure automatic backup of /etc Folder
+- Configure automatic backup of /etc folder (ZFS + cron)
-- Configure locales
+- Configure locales (language and region settings)
-- SSH server hardening
+- SSH server hardening (new host keys, restrictive algorithms, disable root login with password)
 - Install checkzfs
 - Install bashclub-zsync
+- Install virtio-win ISO (including automatic cleanup of old versions)
 - Create zfspool storage for swap disks if not exists
-- Adjust default volblocksize for Proxmox zfspool storage
+- Adjust default volblocksize for Proxmox zfspool storages
-- Configure proxmox mail delivery with postfix
+- Configure Proxmox mail delivery and notifications (SMTP, Auth, TLS/StartTLS)
-- Daily check (and download) for new stable virtio-win iso and prune old (unused) versions
+- Remove old virtio-win-updater
+- Set content of proxmox storage "local" (remove ability to save backups)
+- Enable autotrim on all supported ZFS pools
+- Enable autoexpand on all ZFS pools
+
+## Workflow
+- The script guides you step by step through all important configurations.
+- All settings are queried interactively and can be customized.
+- After the summary, all selected options are automatically applied.
+
+## Requirements
+- Proxmox VE 8.x (tested with Bookworm)
+- Root privileges required
+- Internet connection for package installation
 
 # Usage
 
 Just download and execute the script, all settings are made interactively.
 ```
-wget -O ./postinstall --no-cache https://github.com/bashclub/proxmox-zfs-postinstall/raw/dev/postinstall
+wget -O ./postinstall --no-cache https://github.com/bashclub/proxmox-zfs-postinstall/raw/main/postinstall
 bash ./postinstall
 ```
 

postinstall

@@ -130,12 +130,8 @@ arc_suggestion(){
     ZFS_ARC_MAX_MEGABYTES=$(roundup $(($ZPOOL_SIZE_SUM_BYTES / 1024 / 1024 / 1024)))
     ZFS_ARC_MIN_MEGABYTES=$(roundoff $(($ZPOOL_SIZE_SUM_BYTES / 2048 / 1024 / 1024)))
     if [ $ZFS_ARC_MIN_MEGABYTES -eq 0 ]; then
-        # Setze Min als Fallback auf die Hälfte von Max.
         ZFS_ARC_MIN_MEGABYTES=$(($ZFS_ARC_MAX_MEGABYTES / 2))
-
+        if [ $ARC_MIN_DEFAULT_MB -gt $ZFS_ARC_MAX_MEGABYTES ]; then
-        # Prüfe, ob der RAM-basierte Default-Min-Wert eine bessere Option ist,
-        # ABER nur, wenn dieser Wert auch kleiner als der Max-Wert ist.
-        if [[ $ARC_MIN_DEFAULT_MB -gt $ZFS_ARC_MIN_MEGABYTES && $ARC_MIN_DEFAULT_MB -lt $ZFS_ARC_MAX_MEGABYTES ]]; then
             ZFS_ARC_MIN_MEGABYTES=$ARC_MIN_DEFAULT_MB
         fi
     fi
@@ -311,37 +307,17 @@ select_pve_repo(){
     pveenterprise=OFF
     pvenosubscription=OFF
     pvetest=OFF
-    if [[ $VERSION_CODENAME == "bookworm" ]]; then
+    if [ -f /etc/apt/sources.list.d/pve-enterprise.list ]; then
-        if [ -f /etc/apt/sources.list.d/pve-enterprise.list ]; then
+        if grep -v '#' /etc/apt/sources.list.d/pve-enterprise.list | grep "pve-enterprise" > /dev/null ; then
-            if grep -v '#' /etc/apt/sources.list.d/pve-enterprise.list | grep "pve-enterprise" > /dev/null ; then
-                pveenterprise=ON
-            else
-                if [ -f /etc/apt/sources.list ]; then
-                    if grep -v '#' /etc/apt/sources.list | grep "pve-no-subscription" > /dev/null ; then
-                        pvenosubscription=ON
-                    elif grep -v '#' /etc/apt/sources.list | grep "pvetest" > /dev/null ; then
-                        pvetest=ON
-                    else
-                        pveenterprise=ON
-                    fi 
-                fi
-            fi
-        fi
-    elif [[ $VERSION_CODENAME == "trixie" ]]; then
-        echo "Ensuring all apt sources are modernized"
-        apt -y modernize-sources
-        if [ -f /etc/apt/sources.list.d/pve-enterprise.sources ] && ( [[ $(grep Enabled /etc/apt/sources.list.d/pve-enterprise.sources) == *"Yes"* ]] || ! grep Enabled /etc/apt/sources.list.d/pve-enterprise.sources > /dev/null ) ; then 
             pveenterprise=ON
         else
-            if [ -f /etc/apt/sources.list.d/proxmox.sources ]; then
+            if [ -f /etc/apt/sources.list ]; then
-                if [[ $(grep Enabled /etc/apt/sources.list.d/proxmox.sources) == "Yes" ]] || ! grep Enabled /etc/apt/sources.list.d/proxmox.sources > /dev/null ; then
+                if grep -v '#' /etc/apt/sources.list | grep "pve-no-subscription" > /dev/null ; then
-                    if grep "pve-no-subscription" /etc/apt/sources.list.d/proxmox.sources > /dev/null ; then
+                    pvenosubscription=ON
-                        pvenosubscription=ON
+                elif grep -v '#' /etc/apt/sources.list | grep "pvetest" > /dev/null ; then
-                    elif grep "pvetest" /etc/apt/sources.list.d/proxmox.sources > /dev/null ; then
+                    pvetest=ON
-                        pvetest=ON
+                else
-                    else
+                    pveenterprise=ON
-                        pveenterprise=ON
-                    fi
                 fi 
             fi
         fi
@@ -387,68 +363,37 @@ select_ceph_repo(){
     quincyenterprise=OFF
     quincynosubscription=OFF
     quincytest=OFF
-    squidenterprise=OFF
-    squidnosubscription=OFF
-    squidtest=OFF
     reefenterprise=OFF
     reefnosubscription=OFF
     reeftest=OFF
-    if [[ "$VERSION_CODENAME" == "bookworm" ]]; then
+    if [ -f /etc/apt/sources.list.d/ceph.list ]; then
-        if [ -f /etc/apt/sources.list.d/ceph.list ]; then
+        if grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "quincy" | grep "enterprise" > /dev/null ; then
-            if grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "quincy" | grep "enterprise" > /dev/null ; then
+            quincyenterprise=ON
-                quincyenterprise=ON
+        elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "reef" | grep "enterprise" > /dev/null ; then
-            elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "reef" | grep "enterprise" > /dev/null ; then
+            reefenterprise=ON
-                reefenterprise=ON
+        elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "quincy" | grep "no-subscription" > /dev/null ; then
-            elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "quincy" | grep "no-subscription" > /dev/null ; then
+            quincynosubscription=ON
-                quincynosubscription=ON
+        elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "reef" | grep "no-subscription" > /dev/null ; then
-            elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "reef" | grep "no-subscription" > /dev/null ; then
+            reefnosubscription=ON
-                reefnosubscription=ON
+        elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "quincy" | grep "test" > /dev/null ; then
-            elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "quincy" | grep "test" > /dev/null ; then
+            quincytest=ON
-                quincytest=ON
+        elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "reef" | grep "test" > /dev/null ; then
-            elif grep -v '#' /etc/apt/sources.list.d/ceph.list | grep "reef" | grep "test" > /dev/null ; then
+            reeftest=ON
-                reeftest=ON
-            else
-                none=ON
-            fi        
         else
             none=ON
         fi        
-        ceph_repo_selection=$(whiptail --title "SELECT PVE REPOSITORY" --backtitle "$PROG" \
-        --radiolist "Choose Ceph repository" 20 76 7 \
-        "none" "No Ceph repository" "$none" \
-        "quincyenterprise" "Ceph Quincy Enterprise repository" "$quincyenterprise" \
-        "quincynosubscription" "Ceph Quincy No Subscription repository" "$quincynosubscription" \
-        "quincytest" "Ceph Quincy Testing repository" "$quincytest" \
-        "reefenterprise" "Ceph Reef Enterprise repository" "$reefenterprise" \
-        "reefnosubscription" "Ceph Reef No Subscription repository" "$reefnosubscription" \
-        "reeftest" "Ceph Reef Testing repository" "$reeftest" 3>&1 1>&2 2>&3)
-
     else
-        if [ -f /etc/apt/sources.list.d/ceph.sources ]; then
+        none=ON
-            if [[ $(grep Enabled /etc/apt/sources.list.d/ceph.sources) == "Yes" ]] || ! grep Enabled /etc/apt/sources.list.d/ceph.sources > /dev/null ; then
-                if grep "enterprise" /etc/apt/sources.list.d/ceph.sources > /dev/null ; then
-                    squidenterprise=ON
-                elif grep "no-subscription" /etc/apt/sources.list.d/ceph.sources > /dev/null ; then
-                    squidnosubscription=ON
-                elif grep "test" /etc/apt/sources.list.d/ceph.sources > /dev/null ; then
-                    squidtest=ON
-                else
-                    none=ON
-                fi
-            else
-                none=ON
-            fi
-        else
-            none=ON
-        fi
-
-        ceph_repo_selection=$(whiptail --title "SELECT PVE REPOSITORY" --backtitle "$PROG" \
-        --radiolist "Choose Ceph repository" 20 76 4 \
-        "none" "No Ceph repository" "$none" \
-        "squidenterprise" "Ceph Squid Enterprise repository" "$squidenterprise" \
-        "squidnosubscription" "Ceph Squid No Subscription repository" "$squidnosubscription" \
-        "squidtest" "Ceph Squid Testing repository" "$squidtest" 3>&1 1>&2 2>&3)
     fi
+    ceph_repo_selection=$(whiptail --title "SELECT PVE REPOSITORY" --backtitle "$PROG" \
+    --radiolist "Choose Ceph repository" 20 76 7 \
+    "none" "No Ceph repository" "$none" \
+    "quincyenterprise" "Ceph Quincy Enterprise repository" "$quincyenterprise" \
+    "quincynosubscription" "Ceph Quincy No Subscription repository" "$quincynosubscription" \
+    "quincytest" "Ceph Quincy Testing repository" "$quincytest" \
+    "reefenterprise" "Ceph Reef Enterprise repository" "$reefenterprise" \
+    "reefnosubscription" "Ceph Reef No Subscription repository" "$reefnosubscription" \
+    "reeftest" "Ceph Reef Testing repository" "$reeftest" 3>&1 1>&2 2>&3)
 }
 
 set_locales(){
@@ -465,9 +410,7 @@ set_locales(){
 set_ceph_repo(){
     log "Setting Ceph package repositories to $ceph_repo_selection"
     if [[ "$ceph_repo_selection" != "none" ]]; then
-        if [[ "$ceph_repo_selection" == *"squid"* ]]; then
+        if [[ "$ceph_repo_selection" == *"quincy"* ]]; then
-            generation=squid
-        elif [[ "$ceph_repo_selection" == *"quincy"* ]]; then
             generation=quincy
         elif [[ "$ceph_repo_selection" == *"reef"* ]]; then
             generation=reef
@@ -482,84 +425,48 @@ set_ceph_repo(){
             selection=test
             server=http://download.proxmox.com
         fi
-        if [[ "$VERSION_CODENAME" == "bookworm" ]] ; then
+        echo "deb ${server}/debian/ceph-${generation} $(lsb_release -cs 2>/dev/null) ${selection}" > /etc/apt/sources.list.d/ceph.list
-            echo "deb ${server}/debian/ceph-${generation} $(lsb_release -cs 2>/dev/null) ${selection}" > /etc/apt/sources.list.d/ceph.list
-        else
-            cat << EOF > /etc/apt/sources.list.d/ceph.sources
-Types: deb
-URIs: http://download.proxmox.com/debian/ceph-${generation}
-Suites: $VERSION_CODENAME
-Components: ${selection}
-Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg
-EOF
-        fi
     else
-        if [[ "$VERSION_CODENAME" == "bookworm" ]] ; then
+        rm -f /etc/apt/sources.list.d/ceph.list
-            rm -f /etc/apt/sources.list.d/ceph.list
-        else
-            rm -f /etc/apt/sources.list.d/ceph.sources
-        fi
     fi
 }
 
 set_pve_repo(){
     log "Setting Proxmox package repositories to $repo_selection"
-    if [[ "$VERSION_CODENAME" == "bookworm" ]]; then
+    nosub=$(grep pve-no-subscription /etc/apt/sources.list)
-        nosub=$(grep pve-no-subscription /etc/apt/sources.list)
+    enterprise=$(grep pve-enterprise /etc/apt/sources.list.d/pve-enterprise.list)
-        enterprise=$(grep pve-enterprise /etc/apt/sources.list.d/pve-enterprise.list)
+    test=$(grep pvetest /etc/apt/sources.list)
-        test=$(grep pvetest /etc/apt/sources.list)
+    if [[ $repo_selection == "pve-enterprise" ]]; then
-        if [[ $repo_selection == "pve-enterprise" ]]; then
+        echo "deb https://enterprise.proxmox.com/debian/pve $VERSION_CODENAME pve-enterprise" > /etc/apt/sources.list.d/pve-enterprise.list
-            echo "deb https://enterprise.proxmox.com/debian/pve $VERSION_CODENAME pve-enterprise" > /etc/apt/sources.list.d/pve-enterprise.list
+        if [[ $nosub != "" ]] && [[ $nosub != *"#"* ]]; then
-            if [[ $nosub != "" ]] && [[ $nosub != *"#"* ]]; then
+            sed -i "s|$nosub|# $nosub|g" /etc/apt/sources.list
-                sed -i "s|$nosub|# $nosub|g" /etc/apt/sources.list
-            fi
-            if [[ $test != "" ]] && [[ $test != *"#"* ]]; then
-                sed -i "s|$test|# $test|g" /etc/apt/sources.list
-            fi
-        elif [[ $repo_selection == "pve-no-subscription" ]]; then
-            if [[ $nosub == "" ]]; then
-                echo -e "\ndeb http://download.proxmox.com/debian/pve $VERSION_CODENAME pve-no-subscription\n" >> /etc/apt/sources.list
-            elif [[ $nosub == *"#"* ]]; then
-                sed -i "s|$nosub|$(echo $nosub | cut -d' ' -f2-)|" /etc/apt/sources.list
-            fi
-            if [[ $enterprise != "" ]] && [[ $enterprise != *"#"* ]]; then
-                sed -i "s|$enterprise|# $enterprise|g" /etc/apt/sources.list.d/pve-enterprise.list 
-            fi
-            if [[ $test != "" ]] && [[ $test != *"#"* ]]; then
-                sed -i "s|$test|# $test|g" /etc/apt/sources.list
-            fi
-        elif [[ $repo_selection == "pvetest" ]]; then
-            if [[ $test == "" ]]; then
-                echo -e "\ndeb http://download.proxmox.com/debian/pve $VERSION_CODENAME pvetest\n" >> /etc/apt/sources.list
-            elif [[ $test == *"#"* ]]; then
-                sed -i "s|$test|$(echo $test | cut -d' ' -f2-)|" /etc/apt/sources.list
-            fi
-            if [[ $nosub != "" ]] && [[ $nosub != *"#"* ]]; then
-                sed -i "s|$nosub|# $nosub|g" /etc/apt/sources.list
-            fi
-            if [[ $enterprise != "" ]] && [[ $enterprise != *"#"* ]]; then
-                sed -i "s|$enterprise|# $enterprise|g" /etc/apt/sources.list.d/pve-enterprise.list
-            fi
         fi
-    else
+        if [[ $test != "" ]] && [[ $test != *"#"* ]]; then
-        if [[ $repo_selection == "pve-enterprise" ]]; then
+            sed -i "s|$test|# $test|g" /etc/apt/sources.list
-            rm -f /etc/apt/sources.list.d/proxmox.sources
+        fi
-            cat << EOF > /etc/apt/sources.list.d/pve-enterprise.sources
+    elif [[ $repo_selection == "pve-no-subscription" ]]; then
-Types: deb
+        if [[ $nosub == "" ]]; then
-URIs: https://enterprise.proxmox.com/debian/pve
+            echo -e "\ndeb http://download.proxmox.com/debian/pve $VERSION_CODENAME pve-no-subscription\n" >> /etc/apt/sources.list
-Suites: $VERSION_CODENAME
+        elif [[ $nosub == *"#"* ]]; then
-Components: pve-enterprise
+            sed -i "s|$nosub|$(echo $nosub | cut -d' ' -f2-)|" /etc/apt/sources.list
-Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg
+        fi
-EOF
+        if [[ $enterprise != "" ]] && [[ $enterprise != *"#"* ]]; then
-        elif [[ $repo_selection == "pve-no-subscription" ]] || [[ $repo_selection == "pvetest" ]]; then
+            sed -i "s|$enterprise|# $enterprise|g" /etc/apt/sources.list.d/pve-enterprise.list 
-            rm -f /etc/apt/sources.list.d/pve-enterprise.sources
+        fi
-        cat << EOF > /etc/apt/sources.list.d/proxmox.sources
+        if [[ $test != "" ]] && [[ $test != *"#"* ]]; then
-Types: deb
+            sed -i "s|$test|# $test|g" /etc/apt/sources.list
-URIs: http://download.proxmox.com/debian/pve/
+        fi
-Suites: $VERSION_CODENAME
+    elif [[ $repo_selection == "pvetest" ]]; then
-Components: $repo_selection
+        if [[ $test == "" ]]; then
-Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg
+            echo -e "\ndeb http://download.proxmox.com/debian/pve $VERSION_CODENAME pvetest\n" >> /etc/apt/sources.list
-EOF
+        elif [[ $test == *"#"* ]]; then
+            sed -i "s|$test|$(echo $test | cut -d' ' -f2-)|" /etc/apt/sources.list
+        fi
+        if [[ $nosub != "" ]] && [[ $nosub != *"#"* ]]; then
+            sed -i "s|$nosub|# $nosub|g" /etc/apt/sources.list
+        fi
+        if [[ $enterprise != "" ]] && [[ $enterprise != *"#"* ]]; then
+            sed -i "s|$enterprise|# $enterprise|g" /etc/apt/sources.list.d/pve-enterprise.list
         fi
     fi
 }
@@ -567,18 +474,8 @@ EOF
 set_bashclub_repo (){
     if [ $bashclub_repo -gt 0 ]; then
         log "Configuring bashclub apt repositories"
+        echo "deb [signed-by=/usr/share/keyrings/bashclub-archive-keyring.gpg] https://apt.bashclub.org/release bookworm main" > /etc/apt/sources.list.d/bashclub.list
         wget -q -O- https://apt.bashclub.org/gpg/bashclub.pub | gpg --dearmor > /usr/share/keyrings/bashclub-archive-keyring.gpg
-        if [[ "$VERSION_CODENAME" == "bookworm" ]]; then
-            echo "deb [signed-by=/usr/share/keyrings/bashclub-archive-keyring.gpg] https://apt.bashclub.org/release $VERSION_CODENAME main" > /etc/apt/sources.list.d/bashclub.list
-        else
-            cat << EOF > /etc/apt/sources.list.d/bashclub.sources
-Types: deb
-URIs: https://apt.bashclub.org/release/
-Suites: $VERSION_CODENAME
-Components: main
-Signed-By: /usr/share/keyrings/bashclub-archive-keyring.gpg
-EOF
-        fi
     fi
 }
 
@@ -674,7 +571,12 @@ harden_ssh(){
         mv /etc/ssh/moduli.safe /etc/ssh/moduli
 
         log "Writing hardened SSH config"
-        echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,gss-curve25519-sha256-,diffie-hellman-group16-sha512,gss-group16-sha512-,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\nHostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com" > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
+        if [[ $VERSION_CODENAME == "bookworm" ]]; then
+            echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,gss-curve25519-sha256-,diffie-hellman-group16-sha512,gss-group16-sha512-,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\nHostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com" > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
+        elif [[ $VERSION_CODENAME == "bullseye" ]]; then
+            sed -i 's/^\#HostKey \/etc\/ssh\/ssh_host_\(rsa\|ed25519\)_key$/HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config
+            echo -e echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\nHostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com" > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
+        fi
         systemctl restart ssh.service
     fi
 }
@@ -898,11 +800,6 @@ summary(){
 
 source /etc/os-release
 
-if [[ "bookworm trixie" != *"$VERSION_CODENAME"* ]]; then
-    echo "Your Proxmox VE version $VERSION_CONDENAME is unsuported. Please use Proxmox 8 (bookworm) or Proxmox 9 (trixie). Exiting"
-    exit 1
-fi
-
 # Calculate and suggest values for ZFS L1ARC cache
 arc_suggestion