Environment Variables

Environment variables provide the most flexible way to configure container deployments. They override all other settings and can be used for both interactive and automated deployments.

Basic Usage

Set variables before running any installation script:

var_cpu=4 var_ram=4096 var_disk=30 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/debian.sh)"

Or export them for multiple deployments:

export var_cpu=4
export var_ram=4096
export var_hostname=myserver

bash debian-install.sh

Resource Allocation

var_cpu

integer

default:"1-4 (app-specific)"

Number of CPU cores allocated to the container

var_cpu=4  # 4 CPU cores

var_ram

integer

default:"512-4096 (app-specific)"

RAM allocation in megabytes (MB)

var_ram=2048  # 2GB RAM
var_ram=4096  # 4GB RAM

var_disk

integer

default:"2-20 (app-specific)"

Disk size in gigabytes (GB)

var_disk=20  # 20GB disk
var_disk=100 # 100GB disk

var_unprivileged

boolean

default:"1"

Container privilege level

1 = Unprivileged (more secure, recommended)
0 = Privileged (required for Docker/Podman)

var_unprivileged=1  # Unprivileged container
var_unprivileged=0  # Privileged (for Docker)

Operating System

var_os

string

default:"debian"

Operating system template

debian - Debian Linux
ubuntu - Ubuntu Linux
alpine - Alpine Linux

var_os=debian
var_os=ubuntu
var_os=alpine

var_version

string

default:"13"

OS version number

Debian: 12, 13
Ubuntu: 22.04, 24.04
Alpine: 3.19, 3.20, 3.21

var_version=13      # Debian 13
var_version=24.04   # Ubuntu 24.04
var_version=3.21    # Alpine 3.21

Network Configuration

var_brg

string

default:"vmbr0"

Network bridge interface

var_brg=vmbr0  # Default bridge
var_brg=vmbr1  # Alternative bridge

var_net

string

default:"dhcp"

Network configuration method

dhcp - Automatic IP via DHCP
192.168.1.100/24 - Static IP with CIDR
192.168.1.100/24-192.168.1.200/24 - IP range scan (auto-assign first free IP)

var_net=dhcp                                      # DHCP
var_net=192.168.1.100/24                         # Static IP
var_net=192.168.1.100/24-192.168.1.200/24        # IP range scan

IP Range Scanning: When you specify a range, the system pings each IP and automatically assigns the first available one. Perfect for automated deployments without manual IP tracking.

var_gateway

string

default:""

Default gateway (required for static IP)

var_gateway=192.168.1.1

var_ipv6_method

string

default:"none"

IPv6 configuration method

none - Disable IPv6
auto - Automatic via SLAAC
dhcp - DHCPv6

var_ipv6_method=none  # Disable IPv6
var_ipv6_method=auto  # Auto-configure

var_ipv6_static

string

default:""

Static IPv6 address with prefix

var_ipv6_static=2001:db8::1/64

var_mtu

integer

default:"1500"

Maximum Transmission Unit size

var_mtu=1500   # Standard
var_mtu=9000   # Jumbo frames

var_vlan

integer

default:""

VLAN tag ID

var_vlan=100

var_mac

string

default:"auto"

MAC address (auto-generated if not specified)

var_mac=AA:BB:CC:DD:EE:FF

var_ns

string

default:""

DNS nameservers (comma-separated)

var_ns=8.8.8.8,1.1.1.1

var_searchdomain

string

default:""

DNS search domain

var_searchdomain=example.com

Container Identity

var_hostname

string

default:"[app-name]"

Container hostname

var_hostname=production-web
var_hostname=dev-database

var_ctid

integer

default:"auto"

Container ID (auto-assigned if not specified)

var_ctid=100

Ensure the ID is unique across your cluster before setting manually

var_tags

string

default:"community-script"

Container tags (semicolon-separated)

var_tags="production;web;nginx"
var_tags="development;testing"

var_timezone

string

default:"host timezone"

Container timezone

var_timezone=America/New_York
var_timezone=Europe/London
var_timezone=Asia/Tokyo

Security & Access

var_ssh

boolean

default:"no"

Enable SSH server

yes - Install and enable OpenSSH
no - No SSH access

var_ssh=yes

var_ssh_authorized_key

string

default:""

SSH public key(s) for root access (newline-separated for multiple keys)

var_ssh_authorized_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ... user@host"

var_pw

string

default:"auto-generated"

Root password (auto-generated if not specified)

var_pw="SecurePassword123"

Avoid storing passwords in defaults files. Use SSH keys instead.

var_protection

boolean

default:"no"

Enable container deletion protection

yes - Prevent accidental deletion
no - No protection

var_protection=yes

Container Features

var_nesting

boolean

default:"1"

Enable container nesting (required for Docker, Podman, LXC inside LXC)

1 = Enabled
0 = Disabled

var_nesting=1  # Enable Docker support

var_fuse

boolean

default:"no"

Enable FUSE filesystem support (required for rclone, mergerfs, AppImage)

yes = Enabled
no = Disabled

var_fuse=yes  # Enable for rclone

var_tun

boolean

default:"no"

Enable TUN/TAP device support (required for VPN apps: WireGuard, OpenVPN, Tailscale)

yes = Enabled
no = Disabled

var_tun=yes  # Enable for VPN

var_keyctl

boolean

default:"0"

Enable keyctl syscall (required for Docker containers and systemd-networkd)

1 = Enabled
0 = Disabled

var_keyctl=1  # Enable for Docker

Automatically enabled for unprivileged containers

var_mknod

boolean

default:"0"

Allow device node creation (experimental, requires kernel 5.3+)

1 = Enabled
0 = Disabled

var_mknod=1

var_gpu

boolean

default:"no"

Enable GPU passthrough (auto-detects Intel/AMD/NVIDIA GPUs)

yes = Enable hardware acceleration
no = No GPU access

var_gpu=yes  # For Plex, Jellyfin, AI/ML

var_mount_fs

string

default:""

Mount host filesystem paths (comma-separated)

var_mount_fs="/mnt/data,/mnt/media"

Storage

var_container_storage

string

default:"local"

Storage location for container root filesystem

var_container_storage=local
var_container_storage=local-lvm
var_container_storage=pve-thin

var_template_storage

string

default:"local"

Storage location for OS templates

var_template_storage=local
var_template_storage=nfs-templates

Package Management

var_apt_cacher

boolean

default:"no"

Use APT Cacher-NG proxy (speeds up package downloads)

yes = Use caching proxy
no = Direct downloads

var_apt_cacher=yes

var_apt_cacher_ip

string

default:""

APT Cacher-NG server IP address

var_apt_cacher_ip=192.168.1.50

Debugging

var_verbose

boolean

default:"no"

Enable verbose output during installation

yes = Show detailed logs
no = Standard output

var_verbose=yes

Complete Example

Here’s a production-ready deployment with commonly used variables:

#!/bin/bash
# Production Debian container with all features

var_unprivileged=1 \
var_cpu=4 \
var_ram=4096 \
var_disk=30 \
var_os=debian \
var_version=13 \
var_hostname=production-app \
var_brg=vmbr0 \
var_net=192.168.1.100/24 \
var_gateway=192.168.1.1 \
var_ipv6_method=none \
var_ssh=yes \
var_ssh_authorized_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ... admin@workstation" \
var_nesting=1 \
var_fuse=yes \
var_tun=yes \
var_tags="production;web;automated" \
var_timezone=America/New_York \
var_protection=yes \
var_verbose=no \
  bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/debian.sh)"

Common Patterns

Docker Host

var_unprivileged=0 \
var_nesting=1 \
var_keyctl=1 \
var_cpu=4 \
var_ram=8192 \
var_disk=50 \
var_hostname=docker-host \
  bash docker-install.sh

VPN Gateway

var_tun=yes \
var_cpu=2 \
var_ram=1024 \
var_disk=10 \
var_hostname=wireguard \
var_tags="vpn;network" \
  bash wireguard-install.sh

Media Server with GPU

var_gpu=yes \
var_unprivileged=1 \
var_cpu=6 \
var_ram=8192 \
var_disk=100 \
var_hostname=plex \
var_tags="media;transcoding" \
  bash plex-install.sh

High-Availability Web Server

var_cpu=4 \
var_ram=4096 \
var_disk=20 \
var_hostname=web-prod-01 \
var_net=192.168.1.50/24 \
var_gateway=192.168.1.1 \
var_protection=yes \
var_tags="production;web;ha" \
  bash nginx-install.sh

Variable Validation

Only whitelisted variables are accepted for security reasons. Setting unknown variables will have no effect.

Allowed Variable Prefixes:

All variables must start with var_
Custom variables are ignored
See the complete list above for all supported variables

Defaults System

Save variables as reusable defaults

Unattended Deployment

Automate deployments with variables

Getting Started

Core Concepts

Using Scripts

Configuration

Guides

Troubleshooting

Basic Usage

Resource Allocation

Operating System

Network Configuration

Container Identity

Security & Access

Container Features

Storage

Package Management

Debugging

Complete Example

Common Patterns

Docker Host

VPN Gateway

Media Server with GPU

High-Availability Web Server

Variable Validation

Defaults System

Unattended Deployment

Build docs developers (and LLMs) love

Getting Started

Core Concepts

Using Scripts

Configuration

Guides

Troubleshooting

​Basic Usage

​Resource Allocation

​Operating System

​Network Configuration

​Container Identity

​Security & Access

​Container Features

​Storage

​Package Management

​Debugging

​Complete Example

​Common Patterns

​Docker Host

​VPN Gateway

​Media Server with GPU

​High-Availability Web Server

​Variable Validation

​Related Resources

Defaults System

Unattended Deployment

Build docs developers (and LLMs) love

Basic Usage

Resource Allocation

Operating System

Network Configuration

Container Identity

Security & Access

Container Features

Storage

Package Management

Debugging

Complete Example

Common Patterns

Docker Host

VPN Gateway

Media Server with GPU

High-Availability Web Server

Variable Validation

Related Resources