Introduction
In my last article, Deploying Proxmox 7 behind a firewall VM, I discussed moving away from several VPS providers to a bare-metal server running as a hypervisor with Proxmox. After I moved all of my virtual servers over to Proxmox, I needed to change the host on each of the virtual servers’ Portainer Edge Agents, and there wasn’t an easy way to do that since it’s encoded.
First, let’s look at the Docker-Compose file that I have provisioned on one of the virtual servers. I have a file like this on each server for running the Portainer Edge Agent, and the difference between each of the files are the environment variables EDGE_ID and EDGE_KEY:
/etc/docker/compose/portainer/docker-compose.yaml
---
# Load balancer 3
version: "3.5"
services:
portainer_edge_agent:
container_name: portainer_edge_agent
image: portainer/agent:latest
restart: always
environment:
- EDGE=1
- EDGE_ID=111-222-333-444-555
- EDGE_KEY=aHR0cHM6Ly8xLjIuMy40Ojk0NDN8MS4yLjMuNDo4MDAwfEZpbmdlcnByaW50fEFnZW50SUQ
- EDGE_INSECURE_POLL=1
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /:/host
- /srv/portainer:/data
labels:
- "diun.enable=true"
The EDGE_KEY environment variable is the one that we want to decode in order to change the server. The data contains 4 fields that are separated with the pipe symbol (|):
- Portainer Web Server on port 9443.
- Portainer SSH Tunnel Server on port 8000.
- SSH fingerprint.
- Edge Agent ID stored internally on the Portainer Host.
To decode the data, run this shell script at the command line:
{
read -p "Portainer Edge Key: " PORTAINER_KEY
echo ${PORTAINER_KEY:0:${#PORTAINER_KEY}&-4} | basenc --base64url --decode; echo;
}
If you entered the Edge Key that I used in the above example, the data will be decoded to:
https://1.2.3.4:9443|1.2.3.4:8000|Fingerprint|AgentID
Update the Portainer Host’s IP/DNS to your new server and run this command to encode it:
{
read -p "Portainer Edge Data: " PORTAINER_KEY
echo -n "${PORTAINER_KEY}" | basenc --base64url --wrap=0; echo;
}
Suppose that I changed from 1.2.3.4 to example.com, then my unencoded data would be:
https://example.com:9443|example.com:8000|Fingerprint|AgentID
The result would be:
aHR0cHM6Ly9leGFtcGxlLmNvbTo5NDQzfGV4YW1wbGUuY29tOjgwMDB8RmluZ2VycHJpbnR8QWdlbnRJRA==
Get rid of any equals signs at the end and paste that as your new EDGE_KEY into the Docker Compose file from above:
/etc/docker/compose/portainer/docker-compose.yaml
---
# Load balancer 3
version: "3.5"
services:
portainer_edge_agent:
container_name: portainer_edge_agent
image: portainer/agent:latest
restart: always
environment:
- EDGE=1
- EDGE_ID=111-222-333-444-555
- EDGE_KEY=aHR0cHM6Ly9leGFtcGxlLmNvbTo5NDQzfGV4YW1wbGUuY29tOjgwMDB8RmluZ2VycHJpbnR8QWdlbnRJRA
- EDGE_INSECURE_POLL=1
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /:/host
- /srv/portainer:/data
labels:
- "diun.enable=true"
Now restart the Portainer Edge Agent:
docker compose down && docker compose up -d
External links
References
Did this article save you time or money? I'd love a coffee!
Did you find this useful?
Please share with those who you believe would find this useful too!