Latest Server related questions

I have a bunch of servers which build various different programs for various different systems.

Once a build has completed, it gets archived into a single file and compressed, then an md5sum is created of the file. One server might build multiple different versions, resulting in multiple archive files and archive.md5 files.

Finally, a script runs on various other servers that checks the md5sums of each  ...

This is the first time I've really dug into PMMs (Intel Optane), so bear with me if I'm a little slow on the uptake.  It looks like you can configure these in either cache- or disk-mode, depending on your system.  As one who wants to add disk-mode PMMs to their environment but has concerns about redundancy, what happens in the event of a PMM failure?  It seems as though there's no way to set up somet ...

I would like to know your expertise for high traffic site to choose a sever with backend.

I am familiar with PHP, NodeJS and Go programming languages. Also these days more popular HTTP servers are Apache and NGINX. I am happy to know your experience with following combinations in performance and features like load balance, low overhead, security. for high traffic site.

• NGINX + PHP
• NGINX + NodeJS

We have an RHEL 9 server. We cloned it's disk drive to a new disk. (dd if=/dev/olddrive of=/dev/newdrive bs=4096)

It has a couple LVM partitions (as shown on /etc/fstab on the cloned disk):

However when booting from the new disk, we got an error:

Here is what lvs reported for example:

I resolved the error by first checking what ID is present in cat /etc/lvm/devices/system.devices(which I figured is w ...

I'm not really sure how to short and precisely describe my problem. Thus, I was unable to find a solution or at least a hint via google.

We have a Microsoft AD domain and are currently planning to use an external developed software on a third party managed server. It is planned to utilize our AD for authentication and authorization, but our information security department does not like the idea o ...

We have a jenkins instance using ephemeral agents in gcp. We use container image to build in. Our existing pipeline (scripted and setup via gui) takes about 5-10 seconds to spin up an agent and start building.

Now we created and equivalent declarative pipeline in git. It works as expected but it takes about 3-5 minutes to get the agent running and start building.

Unfortunately I have limited access  ...

I've got a RRAS VPN setup using IKEv2 and certs issued by the domain's CA. It has a cert for the public domain and I know this is getting presented to the client.

How ever it seems that either the server is sending the wrong cert, or is sending all its server authentication certs which includes one issued by MS-Organization-P2P-Access [2022]. This of course isn't trusted by the clients who then kick ...

I'm currently working on a Django project that utilizes Docker, and I recently set up an SSL certificate using a containerized version of Certbot in order to secure my Django app through HTTPS. However, after implementing the SSL certificate and updating my nginx configuration, I began to experience the 'CSRF verification failed' error, which was not an issue before the setup. Previously, I was a ...

I'm not a pro with nginx. Please bear with me. I couldn't find a working how-to anywhere in the net. Only old stuff with nginx versions not able to pre-read anything. So this is my last resort, kind of.

I want to connect to some servers by http/https and ssh through nginx via subdomains from outside.

• www.mydomain.com -> 192.168.1.1:443
• ssh ssh2.mydomain.com -> 192.168.1.2:22
• ssh ssh3.mydom ...

I have a reverse proxy that returns only the javascript and css in some encoding. I do not know if it is encoded or just not decompressed.

This is wat the server returns: ���^style.css��;ks�:��;S��d�y�WMjIB2�3I

this is what I expect: *{margin:0;padding:0}

My html loads in just fine it's only the css and js files. I already tried turning on/off gzip and brotli. I also tri ...

I have a docker ecosystem running. Multiple containers need to communicate with each other. For reasons of my own I do not use the docker-supplied inter-container-communication but ordinary http/https URLs. My containers run on a pre-configured Digital Ocean droplet (which works very well). This comes with a pre-configured ufw firewall. The standard rules are:

root@sc-testserver:~# ufw status verbo ...

I created 5 VMs for my project vagrant status

Current machine states:

master-1                  running (virtualbox)
master-2                  running (virtualbox)
master-3                  running (virtualbox)
node-1                    running (virtualbox)
node-2                    running (virtualbox)

I can do

vagrant ssh master-1
vagrant ssh master-2
vagrant ssh master-3

vagrant ssh-config shows ...

Using Modsecurity, I write the catched requests in a log, in a JSON format. The body field is too verbose for my ELK index, and generates a lot of parsing errors.

Can I disable the presence of the body in the JSON log ?

I'm using the "standard" way that I found everywhere on the internet (including ServerFault) to try and limit the bandwidth of a process, using cgroups & tc.

What I see in practice is that the limits I set through tc will be about 10 times more in practice, see this screenshot:

I set rate and ceil to 100kbit (NOT 100kbps), so I expect to see my wget below to show about 10 kilobytes per second. In ...

I have recently migrated my server from Centos 6.9 to a new server with Centos 7.9 and I faced numerous issues owing to drastic change in OS, Version Changes in Perl, Python, PHP and Apache. I have sorted them out.

Except that the Postfix/Dovecot servers continue to cause deep anguish. For example: [email protected], [email protected] and [email protected] - all land up in the admin account of the ...

I have a program that when given SIGUSR2 it would fork and create a new process gracefully (passing all existing parent socket to child, and kill parent), without downtime, so normally without systemd it would be something like this:

cp newbinary coredns
kill -s USR2 oldpid

Systemd only have ExecReload wich according to this answer

In other words, systemd wants you to only implement "reload" if th ...

Currently, I have multiple android users connected to my server through TCP connection.

Each authorized users have an interface and an unique IP address between 10.0.0.0 … 10.255.255.255.

Whole user’s traffic as raw IPv4 data will pass to server from TCP connection then server will pass that data to a tun device then the data will forward through eth0, till now every thing is fine, Inside server ...

I have installed a new gitlab runner and am getting an error.

ERROR: Job failed: prepare environment: Process exited with status 1. Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information

my file /home/gitlab-runner/.bash_logout is empty. My config:

concurrent = 1
check_interval = 0
shutdown_timeout = 0

[session_server]
  session_timeout = 1800

[[runner ...

I have set my segment retention via (log.retention.ms) for topic to 2h. However I still have a lot of old messages in the message queue and some of the segment data files (data/topic-0/00000000000000658568.log) are older than two months. I was expecting kafka to roll these over, but it doesn't. Why?

I'm duplicating my question from superuser, but I want to know why it doesn't work. Let me explain, I have a server on Ubuntu 22 where I have MongoDB running. In this server I created a vagrant vm where Ubuntu run with nginx and a python program. I set the VM like this

Vagrant.configure("2") do |config|

    config.vm.hostname = "nginx"

    config.vm.box = "ubuntu/focal64"

    config.vm.network " ...

When we try to add the additional servers 0f 6 004,005,006,104,105 & 106.to the existing server of primary 001, 002 & 003 Secondary 101,102 & 103.

crm configure show

node 1: pbh001
attributes hana_pbh_site=PBH001
attributes hana_pbh_gra=2.0 hana_pbh_srmode=syncmem node 10: pbh106
attributes hana_pbh_site=PBH101
attributes hana_pbh_gra=2.0 hana_pbh_srmode=syncmem
attributes hana_pbh_ ...

It seems that I can not use the rwx mode of PV and PVC in GKS autopilot cluster, it reports the error when I create more than one pod as following: Should I use 1T filestore or NFS insead? thank enter image description here

Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12 mod_wsgi/4.9.4 Python/3.11 Server at localhost Port 80

I am trying to run my django project on my windows machine.. in apache this the configuration i have added in httpd.conf file . i have installed mod_wsgi. and everything is correct . but iam getting the error error 403 forbidden LoadFile "C:/Program Files/Python311/python311.dll" LoadModule wsgi ...

I'm trying to setup my frontend, backend and my DB using docker. Here are the conditions where only my frontend container should make request to backend and not to the public. I have written a conf file but that still I'm able to access the backend with postman. Also I'm moving the frontend build files to a volume and mounting it in /usr/share/nginx/html where then the frontend container will stop an ...

I am not sure if I should use console to apply the config/secret in GKS autopilot cluster?

My website is at https://www.example.com and I have a CMS Panel at

https://www.example.com/administrator -> 301 ->
https://www.example.com/administrator/ -> 302
https://www.example.com/administrator/Login.aspx?Session=Out

And I am trying to restrict the access to /administrator but this is not working - Can someone please help?

location ~*/administrator {
allow 10.0.0.0/8;
deny all;
}

he ...

I want to log http status 200 data in my user directory with Apache2.4.

the current

SetEnvIf Request_URI "~data” ssl_datalog nolog
CustomLog ${APACHE_LOG_DIR}/ssl_data_log combined env= ssl_datalog

As, the directory can be restricted, but please tell me how to filter by http status.

CustomLog ${APACHE_LOG_DIR}/ssl_data_log combined env=ssl_datalog "expr=%{REQUEST_STATUS} <= 210"

but got an error.

Okay, to start off with I'm new to all of this and still learning. I've got Nginx set up, and my standard reverse proxies work both inside of and outside my network. I've set up certbot and generated a wildcard SSL cert, I'm trying to get my proxies set up to use it. Now, they work ON my network, but outside of my network we get "Cannot open the page because too many redirects occured". Can anyone more  ...

So, I see these Apache access.log entries coming in every minute:

mydomain.com:80 95.211.199.153 - - [19/Apr/2023:23:34:28 +0000] "GET /index.html HTTP/1.1" 200 1425 "-" "Leaf/52 CFNetwork/1402.0.8 Darwin/22.2.0"

So I like to deny that IP address.

My Debian ("… 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux") uses ufw, and uwf status shows:

# ufw status
Status: active

To        ...

I have > 100 million image files (book covers) as a flat list of files under a single "directory":

/images/000000093e7d1825b346e9fc01387c7e449e1ed7
/images/000000574c67d7b8c5726f7cfd7bb1c5b3ae2ddf
/images/0000005ae12097d69208f6548bf600bd7d270a6f
...

A long time ago, these were stored on Amazon S3, and are now on Backblaze B2 (which is S3-compatible).

So far, this worked fine:

• storing a new file is  ...