Latest Server related questions

I have 4 disks in a raid10 array into a dell server. 2 drives are failed right now. The failed drives are not in the same group (1+2 and 3+4), drives failed are 2 and 3. The server is still running, but the array is degraded. I'm waiting the new drives to arrive.

What is the best way to replace drives? Can I replace both disks at the same time or it's better to rebuild the first group first then  ...

I have installed Visual C++ 2015 for Linux. What this does is, it takes a server name, a port number, a username, and a password, then connects to the remote machine, compiles a C++ program inside that machine, and then returns the result to my local PC.

Now, the problem I am facing is, I have to connect to the remote PC through a bastion-host machine.

Suppose, the IP address and port number of t ...

I have been trying to install nginx web server on my local machine (Ubuntu 20.04 LTS). But the installation could not be completed. It's giving error that systmd is not found.

Is it possible to install the server (nginx) on local machine like Ubuntu 20.04 LTS. If yes, please how can I resolve this?

I try to set up vsftpd using MySQL database for login users via pam.d

I have this config in /etc/pam.d/vsftpd:

# Standard behaviour for ftpd(8).
auth    required        pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.

# Standard pam includes
@include common-account
@include common-session
@include c ...

My Terraform Git repository ended-up having some unreconciliable data error and I couldn't push a recent change. I exported my commit to a patch, recloned, applied the patch, and then realized I just blew-away all of my local state. I used AWS CLI to sync-down the whole tree of state files, copied the one into/as the .terraform/terraform.tfstate of the path that I wanted to apply, ran init, and am now g ...

There are no issues connecting to it from any other environment (local works fine, as does from the Cloud), and the security group is currently totally open. An actual PostgreSQL instance, hosted in AWS, had no issue. It's just an Aurora thing. I've created several instances with different configurations. SSL authentication is turned off, and SSL itself is configured to be optional.

"Sorry, we enc ...

(Update with more info May 16, see end of post for journalctl messages)

I've created a systemd timer and service with the purpose of running a handful of bash scripts. In particular I'm aimed at mounting an external hdd at a given time, then mounting an veracrypt volume, in order to run some offsite backup actions.

Each of the scripts works correctly when run by my own admin user e.g.

sudo /path/ ...

Running php8.2 with fpm - I have rebooted server, I have restarted both php8.2-fpm and apache2. I am 100% certain I've changed the correct php.ini file - infact I have changed all 3, apache2, cli and fpm. I have also tried to disable fpm and enable apache2 php - same result except it's reads the /etc/php/8.2/apache2/php.ini

I managed to ruin a server drive by trying to clone it to another drive with dd. In the process, the original boot and sda1 partitions were overwritten.

I immediatly stopped using the drive,I made an image of the damaged drive with ddrescue then attempted to recover the lost partition with testdisk. Running a deepscan I found what seemed to resemble my lost sda1 partition so I restored.

After running  ...

Assume having a host with single, IPv4 only connection, named ens192, which has statically configured network settings (IP, DNS, gateway), named vm1.example.invalid. NetworkManager will add the following string to /etc/resolv.conf:

search example.invalid

Sometimes you don't want that or want to replace search domain with some other domain. When you do

nmcli connection modify ens192 ipv4.dns-search foo.i ...

I have a Docker swarm of two machines, and started a service with two replicas:

$ docker service create --replicas 2 --name myservice --network ingress alpine:latest sleep 1d

Now I've got two containers myservice.1.<some_nonce> and myservice.2.<other_nonce> on different machines that can communicate through the overlay network, as expected.

The problem is how to make the instances disco ...

My RADIUS Server is configured for EAP-TLS. I have a valid Server Certificate, Private Key and Fullchain file. When testing the authentication with a Client Certificate using eapol_test i get the error message:

(10) eap_tls:   ERROR: SSL says error 20 : unable to get local issuer certificate
(10) eap_tls: >>> send TLS 1.2  [length 0002] 
(10) eap_tls: ERROR: TLS Alert write:fatal:unknown CA
tls:  ...

I have a GPO with this WMI filter: SELECT Name From Win32_ServerFeature WHERE Name = 'Web Server (IIS)'

The GPO has a startup script meant to modify a file to instruct the load balancer that the server is OK to send traffic to.

Normally, when rebooting, the startup script runs. However, after installing patches, I noticed the server never went back into the load balancer. The startup script creat ...

Is it possible to proxy all requests to another server saving corresponding ports and protocols?

I have a homeserver (without public ip) and VDS (with public ip).
I also established connection between them using VPN (openVPN).
So now, my homeserver has 10.8.0.5 ip address in virtual network.

So i am looking for an opportunity to proxy all requests coming to the VDS to homeserver (through nginx

If I change the network device config in /etc/netplan/00-installer-config.yaml and then reboot will it apply the changes, or must I explicitly do "netplan apply"?

(Ubuntu 22.04)

I am trying to disable syslog messages from showing in my cisco 1kv tty. The conundrum is terminal monitor has a single command to set the logging level #logging terminal <severity>, and if I choose anything above informational I will get all of the syslog messages showing in the tty output once I execute #terminal monitor. Long story short: I want to have all of the debug messages showing o ...

We have Apache 2.4 setup with over 1000 vhosts, and multiple instances of logger in each :

CustomLog "|/usr/bin/logger -t apache-access -p local6.notice -n x.x.x.x" access_log

Restarting httpd takes 90+ seconds because it's opening thousands of connections to the rsyslog server.

Any advices on how to make it more efficient ?

Since having suffered a hack twice on my email server, the last one VERY severe, I have been VERY proactive in monitoring my logs and taking appropriate action when I see attacks. I've installed MalwareBytes for servers and this software has been very effective in stopping about 95% of the brute force password attacks (among other types) and I've reported any who have gotten through. Given that I've bee ...

I am trying to remove the Certificate Authority role from a Windows 2019 AD domain controller and am stuck at Step 5, Item 4 "Delete the private key that is associated with the CA" of the following MS KB article:
How to decommission a Windows enterprise certification authority and remove all related objects
I can't get passed the following error:
CertUtil: -delkey command FAILED: 0x80090016 (-2146893802 ...

Hi i'm trying to retreive some infos about hosts with ansible about mount points and device attached and a got an error . about the list object..

- name : Inventory
  hosts: localhost
  tasks:
    
    - name: display infos from host
      ansible.builtin.debug:
        var: ansible_facts

    - name: store disks infos
      ansible.builtin.lineinfile:
        path: "tmp/inventory.log"
        line ...

I need to set a configuration for SSH keys related to the same domain but different subpath. I'd like to have something like:

Host                domain.com/sub1
    Hostname        domain.com/sub1
    User            user1
    IdentityFile    ~/.ssh/key1

Host                domain.com/sub2
    Hostname        domain.com/sub2
    User            user2
    IdentityFile    ~/.ssh/key2

so that when I do ...

I'm running Windows Server 2016 on an Intel S1200SPLR board. I try to run it with IPV6, but so far, it does not bind to any adapter, only ipv4 works. I only got a virtual DC to keep its DNS server address.

I want to use nginx load balancer. The domain servers used in the upstream section use a shared IP. Suppose the domain name of the load balancer server is load-balancer.com

upstream test_upstream {
      server upstream1.com;
      server upstream2.com;
}

and

location / {

              proxy_redirect off;
              proxy_http_version 1.1;
              proxy_set_header Upgrade $http_upgrade;
       ...

port 80 on the web server destination serer 192.168.0.43 works in every way: gateway and inside the lan. Perfect.

I have the certbot certs on the gateway 192.168.0.60 generating perfectly

the domain points to the gateway outward facing ip i.e. 192.168.0.60 has an outward facing IP and listens on port 80 and port 443 for the domain madeupexample.com

this is the gateway nginx conf on 192.168.0.60

server{
#  ...

I have a MinIO server that I have set up as follows (docker compose):

services:
  minio:
    image: minio/minio
    ports:
      - "9000:9000"
      - "9001:9001"
    environment:
      MINIO_ACCESS_KEY: <your-access-key>
      MINIO_SECRET_KEY: <your-secret-key>
    volumes:
      - ./data:/data
    command: server /data --console-address :9001

As far as I can see, so far so good. I have  ...

I know there is a way to view the power consumption in Watts for a specific VM, but is there a way to view or output the total power consumption for a set of VMs over a given period?

I try to set up a connection to a openLDAP server running on NetBSD 10 via TLS and SASL. When I try ldapsreach -Y EXTERNAL I get ldapsearch: not compiled with SASL support and ldd /usr/bin/ldapsearch shows also no info about sasl-Libs. This site says, that NetBSD has its own SASL-implementation for openLDAP, but I guess this will not fix the "not compiled whith SASL" thing (and until now, I'm unable to ...

I am using Wireguard (interface wg0) for a VPN on a server, where all connected clients have IPv6 addresses assigned by the server (controlled by AllowedIPs).

Let's say we have three clients:

• Client A, with 7767:1::a
• Client B, with 7767:2::b
• Client C, with 7767:2::c

I want to configure the server (i.e. using something like iptables) to allow forwarding between client B and C (since they are on the sam ...

I extended the bashrc file of my linux user. This file contains extra aliases, functions, whatever is useful. It's synchronized with a playbook across our 100+ servers.

When i'm working on linux I often escale to the sudo user. this is frustrating bc when I escalate to this user I lose my bashrc settings. Is there any way to keep these when I change to sudo.

Addendum:

1. Also we work with multiple l ...

I have custom template with attached template PostgreSQL by Zabbix agent 2. There is an Item with key pgsql.custom.query. But I can't edit item key in new custom template.

Custom template image

Item key

How can I edit it (item key) only for custom template? Or how to add new custom query?

Thanks!