Installation

ProxCenter is deployed self-hosted on your own infrastructure using Docker.

Self-Hosted with Docker

Deploy ProxCenter on your own server for full control over your data and configuration.

Prerequisites

Before you begin, make sure you have:

Requirement	Details
Operating System	Linux server (Ubuntu 22.04+, Debian 12+, or any Docker-compatible distribution)
Docker	Docker Engine 24+ and Docker Compose v2+
Database	PostgreSQL 15+ (the official Docker install provisions PostgreSQL automatically)
RAM	Minimum 2 GB
Disk Space	Minimum 10 GB (more recommended for database growth)
Ports	`3000` (ProxCenter web interface)
Network	Connectivity to your Proxmox nodes on port `8006` (PVE) and/or `8007` (PBS)

Step 1: Run the installer

Get the current installation command from https://proxcenter.io, then run it on the server that will host ProxCenter:

curl -fsSL https://proxcenter.io/install/community | sudo bash

The installer provisions the Docker Compose stack, persistent volumes, PostgreSQL, and the ProxCenter application services.

Step 2: Access the dashboard

Open your browser and navigate to:

http://your-server-ip:3000

On the first launch, you will be prompted to create your admin account. This account has full access to ProxCenter and cannot be deleted.

Updating ProxCenter

For v1.4.x and later, update an existing PostgreSQL-based deployment with:

docker compose pull
docker compose up -d

info

ProxCenter uses PostgreSQL for all supported production deployments. Schema migrations run automatically on startup.

Upgrading from SQLite

SQLite support was removed in v1.4.0. Existing deployments from v1.3.x or earlier need a planned cutover to a PostgreSQL-backed v1.4 stack. See Upgrade to v1.4 before updating image tags.

Reverse Proxy and Public URL

If you expose ProxCenter behind a reverse proxy (nginx, Traefik, Caddy, HAProxy), you must tell ProxCenter what its public URL is. The frontend uses NEXTAUTH_URL from /opt/proxcenter/.env to:

build OIDC / SSO redirect_uri values sent to your identity provider,
set the Secure flag on session and CSRF cookies (auto-enabled when the URL starts with https://),
generate absolute links in emails and webhooks.

The installer writes NEXTAUTH_URL based on the address used at install time. If that address was the server's internal IP, the variable will hold the IP and external integrations (DUO, Okta, Entra ID, Authentik, etc.) will receive the IP as the callback URL.

Set the public URL

Edit /opt/proxcenter/.env and replace the NEXTAUTH_URL line with the public FQDN that users will reach in their browser:
```
NEXTAUTH_URL=https://proxcenter.example.com
```
Restart the stack so the new value is picked up:
```
cd /opt/proxcenter && docker compose up -d
```

Nginx example

server {
    listen 443 ssl http2;
    server_name proxcenter.example.com;

    # ssl_certificate / ssl_certificate_key ...

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

The Upgrade / Connection headers are required for the noVNC and xterm.js console WebSocket streams to flow through the proxy.

tip

Always set NEXTAUTH_URL before configuring OIDC. The Redirect URI displayed on the OIDC settings page is derived from it. If you flip the URL afterwards, you also have to update the Redirect URI in your identity provider so they match exactly (scheme, host, port, no trailing slash mismatch).

Production Checklist

Before exposing ProxCenter to users, verify:

The server can reach Proxmox VE on port 8006 and Proxmox Backup Server on port 8007.
PostgreSQL data is stored on a persistent volume or managed database.
Docker logs are collected by your monitoring system.
Backups cover the PostgreSQL volume and ProxCenter configuration.
A reverse proxy handles TLS if the web UI is exposed outside a trusted network.
The first admin account is stored in your access management process.
Enterprise deployments have the license key available during bootstrap.

Service Layout

A standard Docker deployment contains:

Service	Purpose
Frontend	Web UI and API routes exposed on port `3000`
Orchestrator	Background jobs, Proxmox polling, alerts, reports and automation
PostgreSQL	Application database for users, settings, tenants, vDCs and operational metadata
WeasyPrint	PDF rendering sidecar for report generation

Uninstalling

To stop and remove ProxCenter (data is preserved in the Docker volume):

docker compose down

To remove everything including data:

docker compose down -v

Post-Installation Steps

After installation:

Create your admin account on first login
Connect your Proxmox infrastructure -- Add your PVE and PBS instances
Activate your license (optional) -- If you have an Enterprise license key, go to Settings > License and enter it
Create tenants and vDCs (Enterprise, optional) -- For MSP / IaaS deployments, configure tenants, quotas, networks, and backup isolation
Explore the dashboard -- Head to First Steps for a guided tour

Next Steps

Once ProxCenter is up and running, the next step is to connect your Proxmox infrastructure.

Self-Hosted with Docker​

Prerequisites​

Step 1: Run the installer​

Step 2: Access the dashboard​

Updating ProxCenter​

Reverse Proxy and Public URL​

Set the public URL​

Nginx example​

Production Checklist​

Service Layout​

Uninstalling​

Post-Installation Steps​

Next Steps​