Latest Server related questions

Score: 0
Holy_diver avatar
Cache Images centrally
ng flag

Application: Serve responsive and optimized images on the fly by cropping/resizing/compressing master images

Current Load: 10k request per minute, ~60MBps traffic.

Current Config : NginxPlus LB sits at the top. Multiple app servers with nginx->tomcat. On each app server images are cached in the nginx

Current Problems:

  • Poor cache hit ratio as cache is decentralized, probability of same request hitti ...
Score: 3
Melissa Boiko avatar
Why not shorten a single :0000: field in IPv6
jp flag

rfc5952, section 4.2.2 "Handling One 16-Bit 0 Field" goes:

The symbol "::" must not be used to shorten just one 16-bit 0 field. For example, the representation
2001:db8:0:1:1:1:1:1 is correct, but
2001:db8::1:1:1:1:1 is not correct.

The kawamura-03 draft has a hint as to why:

4.2.2. One 16 bit 0 Field

"::" should not be used to shorten just one 16 bit 0 field for it would tend to mislead that there ...

Score: 0
OttoEisen avatar
NAT64 on Debian
br flag

Update 2: I wrote a quick&dirty tutorial for Jool on Debian 11, since their website is very thorough, but also slightly confusing and the examples too complex for most cases.

I'm looking to go IPv6 native and need a NAT64 implementation on my Debian routers. Is tayga still the way to go, as it's in the user space and all? Is there no kernel equivalent to "iptables ... -j MASQ" for NAT64?

Also with t ...

Score: 0
Tom Johnson avatar
RFC5321 and multiple RCPT TO
br flag

After analyzing https://datatracker.ietf.org/doc/html/rfc5321 I've got impression that some of its fragments contradict each other.

A single notification listing all of the failed recipients or separate notification messages MUST be sent for each failed recipient. For economy of processing by the sender, the former SHOULD be used when possible.

seems to contradict:

Addresses that do not appear ...

Score: 0
p3scobar avatar
Export Mailbox as PST in Exchange Admin Center
cn flag

I am trying to export a few mailboxes as .pst files in Microsoft's Exchange Admin Center:

https://docs.microsoft.com/en-us/exchange/recipients/mailbox-import-and-export/export-procedures?view=exchserver-2019

Under Roles > Admin Roles > Organization Management (role group) – The admin user is assigned, and the permissions include Mailbox Import Export.

I have logged in and out multiple times ...

Score: 1
Migrating git-based site workflow to new server
pe flag
Ian

I have a production site that uses a hub/master git setup like this: http://joemaller.com/990/a-web-focused-git-workflow/

Looking to migrate to a new server/host and I'm wondering how I migrate the git setup so as to maintain the development history.

Thanks.

Score: 0
handygaber avatar
Connecting though WireGuard to VPN connected server
cn flag

I'm trying to connect to a VPN connected server, right now it only accepts LAN connections but not from outside the network.

My ultimate goal is that the server is always connected to PIA VPN (WireGuard protocol) and I'll be able to connect to this server via WireGuard hosted on this server. I know I'll need to do some routing but I don't know where to start.

Chart

It's a Debian 10.10 server LAN inte ...

Score: 0
nginx sub-request authentication not working as expected
ws flag

I want to add access controls to an entire vhost on a reverse proxy. I am using nginx sub-request authentication to do this. The expected interaction is that the user will either get an error message with a link to the login page or have the login page rendered at the requested URL. On completion of the login process, there should be some mechanism for the user to navigate / reload the originally reques ...

Score: 0
Severus Snape avatar
User Statistics from PBS
nl flag

Is there a way to check on the usage-statistics of the Portable Batch System (PBS), i.e. check how many real-time or CPU hours were consumed by one particular user or the users themselves?

qstat --version results in:

Version: 5.1.3

Greetings and Salutations

Score: 0
Glorfindel avatar
Apache's mod_speling works for GET requests, not for POST
cn flag

My setup:

  • Raspberry Pi 4 Model B Rev 1.4, 8 GB version

  • Raspbian 10 / buster, kernel version 5.10.17-v7l+

  • Apache 2.4.38

  • mod_speling enabled with a2enmod

  • the following lines in the configuration file of my site:

    CheckSpelling On
    CheckCaseOnly On
    
  • a simple index.php file in the root of my website.

GET calls (via a browser or curl) to both https://www.example.com/index.php and https://www.exampl ...

Score: 0
Can a VoIP or an L2 switch prevent a PC from accessing a network printer under 2 VLAN circumstances?
br flag

My organization's network topology goes like this:

PC -- VoIP -- L2 switch (no IP address, only performs L2 switching)--Network Printer

Also, the same L2 switch is connected to an L3 switch for access to the outside network.

Furthermore, the VoIP is set such that VoIPs share a separate VLAN, while PCs and other devices use 'untagged' VLAN 1.

The problem is that with this topology, the PC cannot even find  ...

Score: 0
How to prevent unauthorized mails sent from my mail server?
bo flag

I have Postfix server that serves several domain names with SPF, DMARC, DKIM correctly set and tested many times. So no spoofing is taking place. However, despite all my efforts to tweak the Postfix configuration, outgoing spam messages like below regularly slip through the server:

Aug  5 08:37:38 mail postfix/error[9631]: BC96418C10: to=<avciuffo@comcast.net>, relay=none, delay=161913, delay ...
Score: 0
MTPL avatar
Page redirection not working
us flag
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) https://www.example.com/$1 [R=301,L]

with the help of the above code, I am able to redirect https://example.com/ to https://www.example.com/

but when I open https://example.com/page.html in the browser it doesn't redirect to https://www.example.com/page.html

I am using www in canonical tag, and sitemap.xml but Google still indexe ...

Score: 1
mon avatar
SageMaker Studio domain creation fails due to KMS permissions
ng flag
mon

Question

Please help understand the cause and solution for the problem.

Problem

SageMaker Studio domain creation fails due to KMS permissions. The IAM Role specified to the SageMaker arn:aws:iam::316725000538:role/SageMaker has the permissions for KMS required as specified in https://docs.aws.amazon.com/sagemaker/latest/dg/api-permissions-reference.html.

Domain creation failed
Unable to create Amazo ...

Score: 3
JonS avatar
Tune Linux & Nignx to handle 10k Connections @10Gbps Server
br flag

I just got a new 10Gbps server with 8 CPU Cores, 64GB RAM and 1TB NVMe

OS Centos 7.9 kernel 3.10.0-1160.36.2.el7.x86_64 also tried kernel-ml 5.13
SELinux is disabled.
firewalld and irqbalance stopped

I've done network test using iperf3, speed is confirmed around 9.5 Gbps.

Then another test using 10 x 1Gbps servers to download a static file from the server, the server was able to push almost the full 10Gb ...

Score: 2
David Owens avatar
How do I check a remote file systems mount permissions?
us flag

I'm mounting a test server to a shared filesystem at work. It's a cifs mount so im looking at this reference page: https://linux.die.net/man/8/mount.cifs

I want to try and mount in a "know as little as possible" manner to keep people from fudging with the shared filesystem from a test server. So in the docs I see:

uid=arg sets the uid that will own all files or directories on the mounted filesystem wh ...

Score: 0
Auditing specific route table operations
ge flag

Does Linux have a way to audit operations run against a specific route table?

I have the following config in my custom route table:

default dev tun0 scope link
192.168.100.0/28 dev eth0 scope link

for an unknown reason some processes remove the default entry. I would like to find out the guilty.

Is there a way to audit operations run against a route table?

Score: 1
psycoma avatar
HAproxy single-arm loadbalancing
eg flag

I am trying to setup a loadbalancing lab for HAproxy in single-arm mode (when actual frontend IP and backend servers reside in same subnet, while actual clients are always remote). Another request is to make client source IPs visible to backend nodes. As we load-balance custom tcp-based app, it seems that option 'source 0.0.0.0 usesrc clientip' is a right choice here. Also, I have configured backends to ...

Score: 1
apt-get throwing warning: "W: --force-yes is deprecated, use one of the options starting with --allow instead"
pk flag

I'm running on Ubuntu 20.04 on Circle CI "machine" executor. Today I see that:

sudo apt-get install -y pkg1 pkg2

is throwing this warning:

W: --force-yes is deprecated, use one of the options starting with --allow instead

I'm not using "--force-yes". Where is this coming from? Even

sudo apt-get update

throws the same warning.

Score: 0
Penge58 avatar
NGINX error: open_basedir
cn flag

I got this error from my NGINX server when I am running a script in Prestashop. I think this is something I can solve in the NGINX configuration or something, but I need some help to tell me what to do.

Warning: file_exists(): open_basedir restriction in effect. 
File(/www/wwwroot/panel_ssl_site/../app/etc/env.php) is not within 
the allowed path(s): (/www/wwwroot/panel_ssl_site/) in
/www/wwwroot/pane ...
Score: 0
Chris Ostmo avatar
nginx redirects users to backend address on rare occasions
cn flag

We have an pretty standard nginx, Apache and PHP-FPM reverse proxy setup on Ubuntu 20 installed through ServerPilot.

Our nginx location context is configured simply as this:

    proxy_pass      $backend_protocol://$backend_host:$backend_port;
    add_header      'Access-Control-Allow-Origin' '*';

Those variables resolve to http://127.0.0.1:81

The site has been working flawlessly for several weeks and tho ...

Score: 0
Raj K avatar
Shell Scripting - Multiple Process ID's instead of one
cn flag

I'm writing a simple bash script to shutdown tomcat, and if it doesn't stop gracefully then check if the tomcat's PID still exists and kill it.

I pass the tomcat name as a variable to the script as below. In some instances I pass two or three names of tomcat, which is why the use of FOR LOOP below

./shutdown.sh tomcat1

Content of the Shutdown.sh script

#!/bin/bash
for name in "$@"
do
    bash /opt/$name ...
Score: 0
Codemonkey avatar
Why did I suddenly gain 300GB on my server
ml flag

I've been working on my server all day, doing various things. I know, unquestioningly (found the evidence by scrolling up in one of my terminal sessions) that I had about 900GB of space 4 hours ago. It's been about that the last few days.

Now, I've noticed it's 1200GB.

I'm as certain as I can be that I've not accidentally (or intentionally) deleted 300GB of files. But I'm scared.

Is there a rational ...

Score: 0
Robyn H avatar
bulk removing direct access to a folder via PowerShell ACL
cn flag

On a number of the servers where I work the share folder permissions have become cluttered with direct permissions for some of our techs due to them needing to take ownership. I have figured out how to fix the ownership issue so it won't happen anymore but I am stuck on the cleanup of these permissions. unfortunately when I run this command nothing happens not even an error. I am guessing its a logic er ...

Score: 0
Harmonytalk avatar
Limit ARP to gateway IP only
in flag

My current network setup is as follows

auto lo
iface lo inet loopback
    dns-nameservers 8.8.8.8 8.8.4.4

auto eth0
iface eth0 inet static
address 104.244.72.242/32
gateway 107.189.30.113
pointopoint 107.189.30.113
netmask 255.255.255.255

I was having an issue before where ARP would end up connecting to 104.244.72.1 causing issues I fixed that by adding

net.ipv4.conf.all.arp_announce=1
net.ipv4.conf.al ...
Score: 0
Jamesthe1 avatar
Why does IIS PHP not recognize PhpRedis when it exists and is added correctly?
us flag

Before you read:

I currently have ...

Score: 0
Francesco avatar
How to force 1G speed for Juniper QFX5100 10G ports?
jp flag

I have available a Juniper QFX5100-48S switch (48 SFP 10G ports, 6 QSFP ports) that I cannot join into our network since an SFP DAC 10G cable connecting it to an SFP port on a HP V1810-48G switch does not work (the web panel on the HP switch says that on the connected port the link is down). The very same cable successfully negotiates a connection between the HP switch and a server with a 10G Ethernet p ...

Score: 0
Change Nginx proxy pass public path
in flag

I have a Python/Django API with a unique endpoint /videos running on my Debian server.

The Nginx vhost looks like this:

server {

    server_name example.com;

    location / {
        # Pass to Uvicorn/Gunicorn web server service
        proxy_pass http://upstream_name/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $ ...
Score: 0
Vincent Teyssier avatar
htop does not show the real memory usage
eh flag

I'm having a server running around 250 docker containers. Once they are all up and running, htop shows a 32-33% RAM usage as shown below: enter image description here

I've also installed netdata for a more granular monitoring, but then I get the following (after a restart and ramp up of the containers): enter image description here

From what I see in netdata there are about 20Gb of RAM which are marked as cached, however htop does not show them?

I had several ...

Score: 0
What Chromium Edge settings affect its ability to perform ClickOnce deployments from a LAN share on an ActiveDirectory network?
us flag
Tim

Chromium Edge (v92.xx -- the currently supported one as of this writing) is treating the ClickOnce setup.exe file on a LAN share as a "normal download" (intercepting it rather than executing it) even after Group Policy has been set to enable ClickOnce support in Edge. What are the Edge settings that need to be changed to support ClickOnce?

I suppose SmartScreen is involved, in particular the Allo ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.