Latest Server related questions

I'm looking for a setup where I'd like to have SSL client certificates for all but one source IP.

My idea is to set

 ssl_verify_client optional;

and to add an elaborate if statement to the locations. However I don't know how to write such an if statement.

  # this requires ssl client certificates for all locations
  location / {
    if ($ssl_client_verify != "SUCCESS") { 
       return 403; 
    ... ...

I have a site on IIS where the auth is being done by having a header included in all (classic ) asp pages, if session variables is not set, user is redirected to login page, setting the session variables if user is in sql table. However, this does not protect ressources like images and javascripts which are without that header file.

So is it possible to use basic authentification to perform a sql ...

I use Puppet with r10k and a custom External Node Classifier.

The need is to write the commit hash value into a templated ERB file on each managed node.

I added a script (https://github.com/puppetlabs/control-repo/tree/production/scripts), declared in the environment.conf file that retrieves this hash in the .r10k-deploy.json file. I get the hash value in the puppet logs and on PuppetBoard.

However, ...

On a CentOS 4 IBM x3650 server, ipmitool -v sensor | grep -A 14 "PECI" gets me this:

Sensor ID              : CPU 1 PECI tics (0x7c)
 Entity ID             : 3.1
 Sensor Type (Analog)  : Temperature
 Sensor Reading        : -55 (+/- 0) unspecified
 Status                : ok
 Lower Non-Recoverable : -64.000
 Lower Critical        : na
 Lower Non-Critical    : 64.000
 Upper Non-Critical    : 0.000
 Upper C ...

First of all, yes I have contacted Invision Community support. Yes, I am a paying user with an active license. We went back and forth for several hours and all they have to say is there's nothing wrong with their software, and I need to fix my server.

I'm using CentOS 7.9.2009, PHP 8.0.7, Apache 2.4.6, and Exim 4.94.2.

When Invision Communtiy sends emails the From: value says Apache or Root instead  ...

• I'm trying to write a correct command line that will ping to all hosts that are detailed in my inventory file
• my dockerfile:

FROM centos:7

RUN yum check-update; \
    yum install -y gcc libffi-devel python3 epel-release; \
    yum install -y python3-pip; \
    yum install -y wget; \
    yum clean all

RUN pip3 install --upgrade pip; \
    pip3 install "ansible"; \
    wget -q https://raw.githubus ...

Looking for some assistance on a memory leak issue wherein the RAM consumption keeps gradually increasing day by day and within a span of 6 to 7 days, it reaches 100%. (I have to reboot then). Ram consumption graph

The RAM drop is due to reboot. Each reboot is in 5-7 days to time frame. The containers hosted on the node shouldn't be of concern since I migrated them from old server where everything was st ...

I have created one vpc with three different subnets and I am facing issue while doing ssh from instances. getting check public key error but succeed before.

tarun@eu-vm:~$ ssh 192.168.0.3
Linux web-server-gqnt 4.19.0-16-cloud-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are ...

On a shared hosting server (centos8), thousands of websites are hosted. They all use single DNS service running as local recursive resolver (BIND 9).

We observe random overload events with no clear culprit.

One hypothesis is that some website (unix user) is attacking local DNS resolver.

In the context of locally running bind daemon, what is the best way to make it log not only the DNS query, but also t ...

Original fault:

pool: datastore7
state: DEGRADED
status: One or more devices could not be used because the label is missing or
invalid.  Sufficient replicas exist for the pool to continue
functioning in a degraded state.
action: Replace the device using 'zpool replace'.
see: http://zfsonlinux.org/msg/ZFS-8000-4J
scan: resilvered 72K in 0 days 00:00:00 with 0 errors on Tue Feb  2 14:12:50 2021
confi ...

I'm running fail2ban on RHEL 8 using firewalld. According to the fail2ban log (with DEBUG level) it blocks IP addresses without any error, but in fact there are no such rules in firewalld and nftables.

In the jail.local config file I have set banaction as firewallcmd-ipset and banaction_allports as firewallcmd-ipset[actiontype="<allports>"].

I do not see any error message in the fail2ban nor the fi ...

I have a wildcard SSL for my website, I want to access my site using any subdomain like abc.immersive.com,xyz.immersive.com etc. I tried to ping these sites, its pinging successfully and pointing to my site IP but I cannot access it through this URL. I have added DNS record for wildcard subdomain (*.immersive.com).

P.S. My domain/SSL is through MyDomain.

I tried to tag all packets from a certain program with Group Policy - QOS. But only UDP packets were tagged and all TCP still has tag value of 0.

Is this caused by Windows 10 or DSCP just does not work on TCP ?

I have a Seafile server installation on a server machine. I have also purchased a domain name for the server, and issued a certificate for it. Seafile is served using Apache 2.

The main Seafile site is working fine, the domain name stays in the url bar as I browse it, and the certitificate is in effect. However, when I try to access the seafile fileserver, e.g. by trying to download a file from  ...

I'm trying to reverse proxy the sub.domain.com/gogs to localhost:3001 - GOGS port. I tried creating a new application on the default web site

The folder that it points to is the main gogs folder. I downloaded URL Rewrite and with that created a reverse proxy that goes to localhost:3001 when there is /gogs in the URL.

But this gives me an error:

In the custom/conf/app.ini I set the domain to my sub- ...