Skip to content

Instantly share code, notes, and snippets.

@numericOverflow

numericOverflow/Proxmox-install-Nvidia-driver.md

Forked from ngoc-minh-do/Proxmox-install-Nvidia-driver.md
Created January 11, 2026 20:35
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save numericOverflow/0a7be5e735631c17663b485d2d21cf71 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save numericOverflow/0a7be5e735631c17663b485d2d21cf71 to your computer and use it in GitHub Desktop.
Download ZIP
Install Nvidia driver on Proxmox
Raw
Proxmox-install-Nvidia-driver.md

Install NVIDIA Driver on Proxmox with Secure Boot

This guide walks you through installing the NVIDIA driver on Proxmox with Secure Boot enabled, including automatic signing of DKMS modules and troubleshooting tips.

1. Check Secure Boot Status

mokutil --sb-state

If Secure Boot is enabled, all kernel modules (including DKMS-built NVIDIA modules) must be signed.

2. Blacklist Nouveau Driver

Check if nouveau is loaded:

lsmod | grep nouveau

Blacklist it:

cat <<EOF | sudo tee /etc/modprobe.d/blacklist-nouveau.conf
blacklist nouveau
options nouveau modeset=0
EOF

update-initramfs -u -k all
reboot

3. Remove Existing NVIDIA / CUDA Drivers

If installed via .run

sudo /usr/bin/nvidia-uninstall

If installed via APT or DKMS

dkms remove -m nvidia -v 580.95.05 --all || true
apt purge -y --auto-remove '^nvidia.*'

Confirm cleanup:

dpkg -l | grep -E 'nvidia|cuda'
apt list --installed | grep -E 'nvidia|cuda'
dkms status

4. Install Required Packages

apt update
apt install -y build-essential dkms software-properties-common
apt install -y proxmox-default-headers
apt install -y proxmox-headers-$(uname -r)
Package Purpose
build-essential Includes gcc, needed for building modules
dkms Dynamically rebuilds kernel modules
software-properties-common Enables add-apt-repository
proxmox-default-headers Auto-track kernel headers
proxmox-headers-$(uname -r) Kernel headers for current kernel

5. Generate and Enroll a Machine Owner Key (MOK)

Create a dedicated directory under /root:

mkdir -p /root/module-signing
chmod 700 /root/module-signing

Generate key + certificate:

openssl req -new -x509 \
  -newkey rsa:2048 \
  -keyout /root/module-signing/module-signing.key \
  -outform DER \
  -out /root/module-signing/module-signing.der \
  -nodes -days 36500 \
  -subj "/CN=Nvidia Driver Kmod Signing MOK"

Enroll the key:

mokutil --import /root/module-signing/module-signing.der
# You'll be prompted to create a password. Enter it twice.

Reboot and follow on-screen MOK Manager prompts to enroll the key.

  • "Enroll MOK"
  • "Continue".
  • "Yes".
  • Enter the password you set up just now.
  • Select "OK" and the computer will reboot again.

After reboot, verify:

cat /proc/keys | grep asymmetri
mokutil --list-enrolled

6. Configure DKMS Automatic Module Signing

Create DKMS config:

cat > /etc/dkms/framework.conf.d/nvidia-signing.conf <<EOF
mok_signing_key=/root/module-signing/module-signing.key
mok_certificate=/root/module-signing/module-signing.der
EOF

Any enrolled MOK can sign kernel modules. DKMS will automatically sign modules during build.

7. Download and Install NVIDIA Driver

Download from Download The Official NVIDIA Drivers | NVIDIA

curl -O https://us.download.nvidia.com/XFree86/Linux-x86_64/580.95.05/NVIDIA-Linux-x86_64-580.95.05.run
chmod +x NVIDIA-Linux-x86_64-580.95.05.run

Install:

./NVIDIA-Linux-x86_64-580.95.05.run --dkms

Installer choices (important)

  • Kernel module type: MIT/GPL
  • Sign kernel module: Yes
  • Use existing key: Yes
  • Ignore X libraries: Yes (headless host)
  • Register DKMS module: Yes
  • Run nvidia-xconfig: No

Reboot:

reboot

8. Verification

nvidia-smi
uname -r
dkms status

Verify signing:

modinfo nvidia | grep -i signer

To view loaded NVIDIA Modules

lsmod | grep nvidia

Reference:

9. Troubleshooting DKMS or Secure Boot Failures

Check kernel version

uname -r
dkms status

Check DKMS log

less /var/log/apt/term.log

Search with /dkms

Check Secure Boot rejections

dmesg | grep -Ei 'nvidia|dkms|key|sign|secureboot'

Force rebuild

sudo dkms remove nvidia/580.95.05 -k $(uname -r)
sudo dkms install nvidia/580.95.05 -k $(uname -r)

Then reload the module:

modprobe nvidia

Verify

nvidia-smi

Remove unused kernel headers

uname -r
apt list --installed | grep header
sudo apt purge proxmox-headers-<old-kernel-version>

Remove DKMS module for the old kernel

dkms status
sudo dkms remove nvidia/580.95.05 -k <old-kernel-version> --force

10. Upgrade NVIDIA Driver

Remove the old driver and install the new driver

11. Optional: NVIDIA Persistence Mode

Create /etc/systemd/system/nvidia-persistenced.service:

[Unit]
Description=NVIDIA Persistence Daemon

[Service]
Type=forking
ExecStart=/usr/bin/nvidia-persistenced --verbose
ExecStartPost=/usr/bin/nvidia-smi
ExecStopPost=/bin/rm -rf /var/run/nvidia-persistenced

[Install]
WantedBy=multi-user.target

Enable

systemctl enable --now nvidia-persistenced

Verify

systemctl status nvidia-persistenced
ls -lah /dev/nvidia*
nvidia-smi --query-gpu=persistence_mode --format=csv
nvidia-smi -q | grep -i "Persistence Mode"

13. Optional: Enable DRM Kernel Mode Setting

Useful if you plan to run a GUI in LXC container.

Method 1: modprobe config

echo 'options nvidia-drm modeset=1' > /etc/modprobe.d/nvidia-drm.conf
update-initramfs -u -k all
reboot

Method 2: GRUB config

Edit /etc/default/grub, append bellow value to GRUB_CMDLINE_LINUX_DEFAULT variable:

nvidia-drm.modeset=1

Then:

update-grub
reboot

Confirm DRM is active:

cat /sys/module/nvidia_drm/parameters/modeset
# Should return: Y

Reference:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment