Latest Server related questions

I have a docker server behind a firewall, so I cannot pull images directrly from any registry besides internal servers.

I have configured two registry mirrors (registry-1.docker.io and mcr.microsoft.com), following docs.

My daemon.json looks like:

{
  "registry-mirrors": [
          "https://registry_1_docker_io.example.com",
          "https://mcr_microsoft_com.example.com"
  ] 
}

I can successf ...

Used Proxmox 7.3 on a Hetzner baremetal server. Configured ZFS Encryption using following steps:

zpool import -f rpool
zfs snapshot -r rpool/ROOT@copy
zfs send -R rpool/ROOT@copy | zfs receive rpool/copyroot
zfs destroy -r rpool/ROOT

# Create a new zfs root, with encryption turned on
# OR -o encryption=aes-256-gcm - aes-256-ccm vs aes-256-gcm
zfs create -o encryption=on -o keyformat=passphrase rpo ...

I need to reproduce an issue using this image:

https://src.openvz.org/projects/OVZT/repos/ubuntu-22.04-x86_64-ez/browse

Is it possible to run this image locally on VirtualBox?

I want to make backups from Webmin, initially the configuration backups, to a remote server securely. I'm new to Webmin and to rush. This seems to be a config issue with Webmin, rush, or sshd.

My Backup storage server 10.20.0.130 (Ubuntu 20.04) has an account ftpsecure with shell /usr/sbin/rush.

/etc/rush.rc is as follows:

  acct on
  limits t10r20
  umask 002
  env - USER LOGNAME HOME PATH
  fall-throug ...

I am using a powershell script to read user firstname, lastname and email from AD by using Get-ADUser. As I understand, These cmdlets (AD powershell module) work with Active Directory Web Services on port 9389 (in the case of GC it is different).

The question is what protocol these cmdlets use and is it encrypted?

I could not find any info about it, would be great if you will point me to any resourc ...

networkmap

I'm trying to reach the CCTV camera feed remotely. By connecting to WireGuard VPN server in my home. The CCTV video server is also connected by VPN profile, its location is in my shop. The video server has wireless card which works as access point for wireless camera.

The problem is, I can access the video server IP and see footage/liveview/control panel. But I cannot ping or reach the  ...

MinIO Gateway used to provide S3 functionality where you could connect to both GCP and Azure to:

• Create/delete buckets in GCP/Blob containers in Azure
• Upload/download/delete files/folders
• Create pre-signed URLs
• ...

But MinIO Gateway was discontinued last year:

• https://blog.min.io/deprecation-of-the-minio-gateway/

Is there any alternative software that provides this functionality ?

Note: I want to  ...

After running fdisk -l on Ubuntu I get following error

GPT PMBR size mismatch (104857599 != 146800639) will be corrected by write.

I'm running Apache2.4 with php7.4 module on a virtual Windows Server 2019 system. Regularely at 01:00 AM the php module looses the ability to read includes, requires or fopen streams from the local file system (C:) - after a restart of the Apache or a reboot of the virtual machine everything turns to be ok. Apache is installed as Service and runs on a user account with write/read permissions to all dire ...

I have setup the latest version of iRedMail on an Ubuntu 22.04 machine, and have setup an alias and forwarding by directly adding records in the alias and forwarding tables in the vmail database. I have set accesspolicy to "public" for the alias. I am able to send mails to the alias from within the domain, from accounts in the same domain. But I'm unable to send mail to this alias from outside the ...

I have this GPO that works fine. I have Authenticated Users in the Delegation Tab with Read permission. Then I have user1 also in the Delegation Tab with Read & Apply permission. GPO (mapping of a printer) is being applied fine.

However, when I remove user1 and replace it with group1 (a global security group and user1 is member) the GPO is not being applied anymore for user1.

I don't get it ...  ...

At a site serving multiple domains (example.com, example.org, etc.), we would like to redirect a page depending on the domain:

https://www.example.com/page1 => https://www.example.com/page2
https://www.example.org/page1 => https://www.example.org/page3

using .htaccess, but the following:

Redirect "/page1" "https://www.example.com/page2"

will be applied to both domains. How can this be done?

First off let me start by saying I understand DMARC and SPF do not do the same thing.
However both have an option to tell the receiving servers what to do with mails that do not pass SPF (and DKIM in the case of DMARC).

Now let’s have a theoretical case with SPF set to v=spf1 include:… ~all (the important part being ~all) and a DMARC set to v=DMARC1; p=reject; rua=….

In this situation, if I  ...

I have a server where I want setup a reverse proxy with nginx to handle HTTPS traffic to an app in a docker container. Below is the config file in /etc/nginx/sites-enabled. It is based on this guide and the ssl setup done automatically by certbot for the default config file.

server {
   listen 80;
   server_name example.com;
   return 301 https://example.com$request_uri;
 }

server {
    listen [: ...

apache tomcat server local field to start on the old version 2018 and newer version 2022 I changed or mostly blocked the active pid ports in command windows so tom cat can run efficiently but after that, the same error but sometimes it works with an unreachable resource in page some times note with tath error

We would like to use NVMes (SAMSUNG MZ1LB1T9HALS-00007) as a cache-tier in a Ceph System (17.2.0). The problem is that the stored data has a lot of small files and if hot-tiering is set to ~70% on the NVMes many slow-ops show up. Therefore, we thought of increasing ​​nr_requests​​ on the NVMes, i.e., the maximum number of read and write requests that can be queued at one time. However, the li ...

Hello fellow Sysadmins.

A C220 M4 with the latest recommended firmware I am working on displays the following fault messages on latest version diagnostics at Server Health:

PSU1 PSU1_PWRGD: Power Supply sensor for PSU1, State Asserted

PSU2 PSU2_PWRGD: Power Supply sensor for PSU2, State Asserted

The server has two 770W PSU.

All other subsystems report healthy condition, including CIMC. I have read  ...

I have been having problems for several weeks on my Apache2 server with Ubuntu 22.04.1 + PHP 7.4

For no apparent reason, the server goes down on its own and the web is still under construction so it does not receive traffic.

The last log I got before the server crashed contains these lines:

[Fri Mar 03 10:42:44.687695 2023] [mpm_prefork:notice] [pid 756] AH00163: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2 conf ...

My setup is hybrid with all mailboxes in O365.

On-prem we have 2 x 2013 servers used for management and mail relay.

I would like to add 2 x 2019 servers to initially run concurrently with the 2013 ones then move all apps and services that use relay from 2013 to 2019.

My question is:

Can I configure the new 2019 boxes connectors, certs etc same as the 2013 > test email relay and mailbox management >  ...

In Denodo, I wanted to work with iso week. There were no functions or calculations that I could find. I wanted to use the following code: GETWEEK("ISO WEEK", ADDWEEK(CURRENT DATE(), 1)) returns the current week. There is, of course, no ISO WEEK function. Have you ever had a problem like this before?

Im setting up a replication database with postgres. and it seems there are much informations about how to setting up, but I still can't find how to operate it in application.

What I want is to 'select' only from the repl db, and 'insert/update/delete' from the source db. In this case, should I have to connect to repl db everytime I select, and connect to source db in other cases, "in application  ...

I'm getting a lot of error messages with the following:

Received From: server->/var/log/syslog
Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system."
Portion of the log(s):

Mar  6 09:18:20 server runcloud[628]: echo: http: TLS handshake error from 87.236.176.137:49883: EOF

I setup a failregex on my jail.local to ban the IP address if it got detected:

[sshd]
enabled = true
log ...

My website is available if I type the hostname ip in the broswer How to fix this and redirect it to my website or what to do?

I manage to found some info in previous similiar answers

server block with default_server in the listen directive. This block should only have return 404; or return 444;. You might want to turn off access_log in this block too.

server block with server_name example.com *.examp ...

$ find ./ -name "AABE*"  ## this returns nothing 
$ echo $? 
0

$ find ./ -name "AWGT*"  ## this returns locations of were files matching the criteria
./Atempt3A/AWGT-modified.txt
./Atempt3A/test_will_nov2022/AWGT-modified.txt
./Attempt5_Dec_2022/scripts/AWGT-modified.txt
./Attempt5_Dec_2022/scripts - added_morefrom_again_folder/AWGT-modified.txt
$ echo $?
0
    
$ find ./ -type f -name "AWGT*" -o -name " ...

From my understanding MS SSRS is a data warehouse product. Its data is only as new as the last refresh. However, 3rd party support insists that SSRS results are in real-time.

If I am using a SQL Server view as a data source, are the SSRS results in real-time (ie whenever someone reads a SSRS report, it pulls it from SQL Server); or is it stored within SSRS and only updated with a refresh?

I have a wildcard SSL cert from A CA that I am trying to get to work on my samba ADDC. Samba will fail on Samba restart when smb.conf looks like this:

    tls enabled  = yes
    tls keyfile  = tls/mycert.crt
    tls certfile = tls/thekey.p7b
    tls cafile   = tls/myca.ca-bundle
    # client ldap sasl wrapping = sign and seal
    ldap server require strong auth = allow_sasl_over_tls

It fails with a "T ...

I’m currently trying to get 3-4 servers for our business, situed in our office, but the main problem for us is IPv4, as in Canada, ISP charge basically ~15$/month for a single IP.

It not really a huuge problem as if that the only option, we will opt for IP from ISP, but i’ve heard about IP tunneling as a possible way to literally subscribe for VPN service (to get the IPv4), and use the VPN IP ...

I have been forcing HTTPS upgrade through mod_rewrite for years on Ubuntu 18.04 LTS servers. I recently upgraded a few of these servers to Ubuntu 22.04.1 LTS to ensure the latest security and Apache versions could be used.

Everything seemed fine until I discovered that every one of the different Apache configurations that ensures http:// is always upgraded to https:// no longer works.

Here are my ...

I have an internal Postfix server where bounces are intentionally discarded (not recommended in general but needed for my use case). I would like to enable it temporarily but only to the postmaster, not the sender.

Is that possible?

Currently when enabling bounces in master.cf it sends the bounce/NDR to both.

From the mail.log:

D93A53EDC2: sender non-delivery notification: DF0083EDCB
D93A53EDC2: p ...

On a Centos 8, I added a SetEnv into my VirtualHost conf:

<VirtualHost *:XXXX>
    Alias /static/ /opt/industrialisation/xxxx/xxxx/xxxx/
    <Directory /opt/industrialisation/xxx/xxxx/>
        Require all granted
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>
    WSGIDaemonProcess myproject python-home=/opt/venv/venv-xxxxx py ...