Latest Server related questions

I'm running a nginx container where it maps to another backend container. When I tried adding upstream block in nginx.conf which is like

upstream backend_servers {
    server backend:8000;
}

The error that is occuring is

[emerg] 1#1: host not found in upstream "backend:8000" in /etc/nginx/nginx.conf:2
nginx: [emerg] host not found in upstream "backend:8000" in /etc/nginx/nginx.conf:2

But If I place  ...

I understand from Google documentation that it's possible for google cloud storage to be accessed via the Simple Storage Service, which is just what I need for a program that supports this. The program only explicitly refers to Amazon S3 storage but in theory if Google Cloud Storage can support the Simple Storage Service, I imagine that my buckets should be accessible.

I'm prompted for the follow ...

I have this playbook that what I'm trying to do it's to install CentOS using Ansible and Redfish, I don't want to use any modules, I'll install the CentOS on multiple Dell iDRAC9 servers and I'm having one issue:

2)After the ISO it's mounted, the server has not entered automatically into ISO boot menu, and I'm trying to achieve this by the Set ISO as primary boot device task.

Can someone please help ...

Currently I'm trying to write a Python script to scan through my local network, and list all of the active IP addresses, and their corresponding MAC address and device name. Also all of the devices connected to my network are wireless devices. For example, if I had my phone, laptop and chromecast connected to the network, the script would show the following:

IP address: 192.168.1.3, MAC: xx:xx:xx ...

I'm encountering an issue with the Windows Defender Firewall every time I compile and run my Go program. It seems that the program's use of sockets is triggering the firewall each time a new version of the program is compiled and run as a new .exe file.

Here is what's currently happening :

1. I make some changes to my code
2. I compile, thus a new .exe is created
3. Run the new .exe
4. I'm getting annoyed by  ...

I have a python script that I wish to run at 5pm every Friday.
How can I achieve that ?

I understand I could do this through cron. However, as I have used relative file paths in the Python script and therefore must be run in the specific directory with the other files. I have seen I may be able to achieve this using the pipe operator however I have been unable to find an example.

I have server proxmox1 configured to send emails through GMail server. Here is the relevant part of my /etc/postfix/main.cf :

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = proxmox1
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
# p1 has an IP in the range 19 ...

The following error impeded the restart of opendkim

× opendkim.service - OpenDKIM Milter
     Loaded: loaded (/lib/systemd/system/opendkim.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Sat 2023-04-22 08:00:27 UTC; 2s ago
[...]    Process: 2295 ExecStart=/usr/sbin/opendkim (code=exited, status=78)
opendkim.service: Control process exited, code=exited, statu ...

I have configured a remote logging from one of my servers to the central log server via rsyslog TCP/SSL

Everything worked fine until yesterday where most of the files just stop being transmitted while some are still sent/updated in the log server.

I have this specific config inside my /etc/rsyslog.d/

$ModLoad imfile    #Load the imfile input module

# poll every 10s
$InputFilePollInterval 10

# myfile
$I ...

I was wondering if on HP Switches (2920 for example) is there something like storm control but for unicasts? Let's assume, we have a host in our network who bruteforces some random IP addresses. How to shut down this interface/MAC-Address? HP Switch provides only stormcontrol for broadcast and multicast, but none of them is a solution for 300pps for random IP's. How to handle it? I know we could do 'som ...

I have a Proxmox node with a bunch of VMs connected to a virtual bridged network. I have one VM on that bridged network that I want to connect to a Cloud VPS running OpenVPN. I then want to run an Nginx reverse proxy or directly port forward from the VPN host to the VMs on the client's subnet (the virtual bridge). Therefore I should be able to directly access these VMs from the broader internet (specifi ...

I'm running opendmarc with postfix under Debian linux. I did the standard Debian apt-based install of opendmarc, but later, I realized that it is apparenly configured by default to make use of opendmarc-import in order to save import data in a database.

I don't want to make use of the database, but I can't find any way to tell opendmarc to stop logging info into that database.

I see nothing in /etc ...

anyone knows if is possible to use only one rule to drop any UDP packet that contain a fixed characters followed by any number between 13 and 90. I tried string, hex-string, had a look at u32 but the offset inside the packet can be anything between 150-300...my understanding is that I can't do it if I don't have a specific one. No luck on setting numbers. At one point I just wanted to drop anything that ...

I am configuring an nginx server on Ubuntu 19.04. I want to have a location with BOTH modifiers ^~ AND ~* I want to stop looking at locations with the ^~ and want to be case insensitive. I have a requirement to stop searching for locations. Is this possible?

location ^~ /videos { // This works, but I also want this case insensitive.

}

I'm trying to setup a PRP connection between to Linux machines (Ubuntu 20-04 LTS) following the doc from TI.

The module hsr is present (modprobe hsr works), but when I tried to use iproute2, it seems that it was compiled without support of HSR/PRP.

$ ip link add name prp0 type prp slave1 eth1 slave2 eth2 supervision 45
Garbage instead of arguments "slave1 ...". Try "ip link help"

$ ip link add na ...

I've been using AWS SES as an SMTP relay (Postfix + Dovecot) for years and now am facing the pausing of sending emails for the second time. We use this combination as an email server for business email purposes.

After my email server has been hacked for the first time I enabled Multi-Factor Authentication. I didn't find out how the attacker managed to compromise the server and send emails. Everyt ...

I just realized that Windows server time (w32t service) has two default values limiting how much the offset of the time is allowed to be in negative and positive values. This value is huge by default and this allows for big time jumps if you dont correct the necessary regedit values.

On Ubuntu Server, I use chronyc for time sync. Is chronyc allowing this same fatal error or does it only allow sma ...

I'm trying to generate an SSL certificate with Ansible for *.rasp.example.com and rasp.example.com.

I already have a "working" solution (No errors when deploying), but when I try to compare it with certbot, I have some csr, crt, key whereas certbot only returns 2 pem files (key and cert).

When it comes to the browser, I have some issue, for example, https works for rasp.example.com but not for *.rasp.e ...

I have two KVM virtual machines created on RHEL9. I partitioned an SR-IOV-capable Physical NIC such that I was able to get Virtual NICs (Virtual Functions) from it. For each VM, I assigned it a VF.

Virtual Machines now have the VFs showing up as ethernet interfaces. Question is, how do I make a connection (basic ethernet link) between these virtual machines using these VFs?

What I want is VM1:vf_et1 & ...

I'm using a fresh install of the most recent build of RockyLinux 9. I'm trying to disable GSSAPI for SSH based login, along with passwords and permit only public key based login. Setting GSSAPIAuthentication no in sshd_conf doesn't appear to actually disable it, based on the output from the ssh client prompt. Are there any other configuration parameters necessary?

$ grep -i gss /etc/ssh/sshd_config
 ...

So I have a bit of an unusual situation -- I'm trying to use a EX4200-48-PoE juniper switch with our Aruba (HP) network in place -- just as a transitional move as we're doing some construction to give users connection in a temporary space...

I have a simple vlan setup, data is native untagged and voice is tagged. Phones pickup dhcp from CX on the voice network, and clients computers on static add ...

Problem

My debian server seems to lose network connection after a random amount of time (sometime after an hour, sometimes after a week, sometimes something in between). The server is hosted at a datacenter, so I do not have console access, except I order a KVM. When I restart the server remotely and boot in a rescue system, the server regains network connectivity.

At first I was not sure, whether ...

we haven't been able to figure this out whatsoever, and this data center has no real support that explain how this is working. This is an unfamiliar setup to us but they assure us it's standard for them.

We purchased a range of public IP addresses for our drop. They provided us this info:

• Fiber link

  • Block: 152.160.28.76/30
  • Subnet: 255.255.255.252
  • Gateway: 152.160.28.77
  • Usable: 152.160.28.78
  • DNS ...

When I run this query on a dataset

zfs list -d 1 -t all -o name,used,refer,written,compressratio sfg-backup/mx

I see the following stats:

zfs list -d 1 -t all -o name,used,refer,written,compressratio sfg-backup/mx
NAME                                           USED     REFER  WRITTEN  RATIO
sfg-backup/mx                                  300G      276G        0  1.80x
sfg-backup/mx@madcow_2023-04-1 ...

I'm having issues when deploying Openstack via kolla-ansible on virtual machines that are running inside Proxmox, across three nodes. Both "kolla-ansible -i multinode bootstrap-servers" and "kolla-ansible -i multinode prechecks" run successfully without errors, but "kolla-ansible -i multinode deploy" fails during the steps where MariaDB service port liveness is being checked, on all three controller MV  ...

I have successfully managed to configure my OpenLDAP (which is an Apple Open Directory variant, but that should not matter) to work with both, SSL (ldaps on port 636) as well as STARTTLS (on port 389).

However, it's still possible for a client to connect without any encryption, and I'm trying to disable that. Admittedly, I have only very limited knowledge of OpenLDAP.

Based on this this answer and

I have CentOS running on AMD and Ubuntu running on ARM services on Oracle cloud. Previously, I shared my private key (used for connecting SSH/Putty) with my freelance developer. However, over a month later, I noticed unauthorized login attempts.

Since the freelance developer has my private key, they can log in to my server at any time, which is a significant security risk. I have tried to contact the ...

I have an elaborate framework for autoscaling UNIX servers to configure their hostname with a script on launch (startup) using an NFS (EFS) where they look up what their hostname should be, then set hostname and move on.

When trying to do the same for Windows servers, I am stuck with the problem that changing the "computername" on Windows requires reboot. As soon as I reboot an autoscaled instanc ...

Use case: allow to pull selected (e.g. tagged as *-public) Docker Images anonymously. Otherwise credentials are required.

Given: latest Nexus 3.52.0, it works with a docker login and LDAP credentials without issues.

Tried:

• Selector + Privilege + Role (all named docker-images-public) > given to use "anonymous", "Anonymous Access" enabled, with same user and Local Authorizing Realm.
• Result: Error resp ...

It appears that Azure doesn't provide many DHCP options for new VMs. On a new client, I looked at the registry entry HKLM/System/ControlSet001/Services/TCPIP/Parameters/Interfaces and found only these options:

• Default gateway
• DHCPDomain (set to reddog.microsoft.com)
• Name Server
• Domain

I found a thread from 2018 stating that the only DHCP option admins can modify is the DNS server list. All other opt ...