Latest Server related questions

Disclaimer: my AWS networking skills are basic.

I have an EC2 Windows server instance in a private subnet. I connect via a VPN. FOR TESTING I put it in a Security Group that allows all IPV4 TCP traffic. I turned off Windows Defender Firewall. I can surf the web, so I can use port 80/443 going out. Now I want to connect to email-smtp.us-east-1.amazonaws.com on port 25.

In Powershell this times  ...

Just learning basic NGINX. I am trying to rewrite some clean URLS so they redirect to files in a subdirectory called on the server called views.

The below config accomplishes this. However, whenever I return to the index page, it returns a 404 error.

As you'll see below, I define my index as index.html. I assumed this would ensure that the index.html be treated as the index file. However, it appears ...

I'm trying to connect a cisco 931 (with VPN license enabled) to a Palo Alto (PA) Global Connect VPN Server by trying to create an IPSec VPN Tunnel.

I feel I'm missing something here:

The following example shows how to configure IPsec remote-access type with RSA authentication on the router:

Below are the examples I'm trying with no success to connect the router to the PA.

The following example sho ...

I have a server running Server 2016 and the C drive is getting full. This server's only role is to run an accounting program (MRI) that requires SQL Server. I have two SQL Server files in the download folder and I was wondering if I can move these. These were extracted from ZIP folders that were downloaded. The larger one is 5Gb and the folder name is SQL 2012 Full X64. Eventually I'll need to upgrade  ...

I have trouble with postfix sending e-mails to any destination (Relay access denied) And yes, I googled a lot, tried a bunch of things but with no luck. Here is the thing: I am trying to use Mailman3 as a listserver with Postfix to deliver e-mails to any destination. If I am requesting access to a list, normally an e-mail is sent to the given e-mail-address. This fails with a 454-error.

NOQUEUE: re ...

Nginx sets the x-fastcgi-cache header to EXPIRED a few hours after the page was first cached, whereas the cache validity is 1 week.

Nginx Config:

fastcgi_cache_path /usr/share/nginx/fastcgi_cache levels=1:2 keys_zone=phpcache:500m max_size=30g inactive=1w use_temp_path=off;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_cac ...

I have a MySQL 5.7 database that requires two-way SSL/TLS for any clients attempting to connect to it. I have the requisite keys and certs for the connection, however I do not know how to configure the Nessus Scanner to use them. The only documentation that I have been able to find thus far regarding this issue involves deploying Nessus-Core which for me is not an option. Is there a way to accomplis ...

So I have spent the past two weeks learning about ECS and trying to setup a very basic task with an nginx container and and a PHP app in another container. It seems like I'm very close, but I'm now getting this connection refused error from nginx: **[error] 29#29: *9 connect() failed (111: Connection refused) while connecting to upstream, client: 172.31.16.34, server: , request: "GET / HTTP/1.1",  ...

I am having a bit of an issue and I believe I need some help. We have an On-prem SFTP server which will be deprecated soon, so in the mean time I need to set up another SFTP option in AWS running on EC2. I have looked at AWS Transfer Family, but the older cipers and Keys are not accepted on AWS Transfer Family.

Anyways I have the need for two users to use this SFTP server for automated backups. O ...

Deploying helm chart of jenkins giving error as invalid image name, even it is correct. How to fix that?

kubectl get po -n jenkins
NAME        READY   STATUS                  RESTARTS   AGE
jenkins-0   0/2     Init:InvalidImageName   0          46s

My values.yaml file:

#https://github.com/jenkinsci/helm-charts/blob/main/charts/jenkins/values.yaml
controller: # renamed from master
  image: jenkins ...

We use SVN with SSH because it is better than anonymous access and the HTTP setup looked complicated and difficult to use when I was setting up authenticated SVN.

Subversion uses a custom port because it is running in a docker image and we use the default SSH port for SSH access to the host.

We use the .ssh/config file to automatically select the correct port.

As a result, all our SVN externals do not  ...

So I´m currently trying to implement caching on my NGINX webserver. For now I have a single conf file in my sites-enabled directory linked, which looks like this:

proxy_cache_path /var/cache/nginx levels=1:2 inactive=120s keys_zone=custom_cache:10m;

server {

        root /var/www/html;

        server_name _;

        location / {
                proxy_cache custom_cache;
                proxy_c ...

microsoft.visualstudio in my Resource provider list is stuck in "Registering" status.

Unregister-AzResourceProvider -ProviderNamespace "microsoft.visualstudio"

is returning the error "Unregister-AzResourceProvider: The subscription cannot be unregistered from resource namespace 'microsoft.visualstudio'. Please delete existing resources for the provider."

Then I thought of removing and installing it  ...

I recently cloned my 250GB disk, installed with Fedora37, encrypted with LUKS. Currently approx. 20 GB disk space is used, the rest is free.

I went ahead and booted from a fedora-live-usb and cloned the disk with dd to an external drive, plus, ive added gzip so i do not end up with an unnessesary big image. Example:

dd if=/dev/sda | gzip -c  > /mnt/<external-disk>/image.img.gz

The cloning+compre ...

i want to redirect a subdomain to a suborder of my apache server if i go over the domain

webmail.mydomain.com/plugins/xcalendar/caldav/index.php/calendars/oahfvkpdb2/oxntxubf1d/

it works but if i go to the domain

caldav.mydomain.com/calendars/oahfvkpdb2/oxntxubf1d/

it does not work I have made the following configuration in nginx proxy manager

location ~/(.*)$ {
    proxy_set_header X-Real-IP  $remote_ad ...

Sorry I appreciate this is basic. I'm trying to run a docker image via a docker file but running into issues. This is my dockerfile:

FROM valeriansaliou/sonic:v1.4.0
COPY --chown=1000:0 config/sonic.cfg /etc/sonic.cfg
RUN docker run -p 1491:1491 valeriansaliou/sonic:v1.4.0
USER 1000:0

error: failed to solve: process "/bin/sh -c docker run -p 1491:1491 valeriansaliou/sonic:v1.4.0" did not complete succ ...

On Debian, my Influxdb2 v2.6 instance runs with systemd and writes the logs to stdout. But I want to send the logs to a dedicated logfile like /path/to/influxdb.log.

How can I change this behavior? The Docs says, I have to change the startup parameter to influxd 1> /path/to/influxdb.log. But where is this config located? I assume somewhere inside the /usr/lib/influxdb/scripts/influxd-systemd-s ...

I have 3 hosts: AAA, BBB, CCC.

1. Host AAA is an OpenVPN server with IP 172.17.10.1 and mask 255.255.255.0.
2. Host BBB has 2 tun interfaces: • an OpenVPN server with IP 172.16.10.1 and mask 255.255.255.0 • an OpenVPN client with IP 172.17.10.50 (connected to OpenVPN server AAA)
3. Host CCC is an OpenVPN client with IP 172.16.10.50 (connected to OpenVPN server BBB). It has routing to 172.17.10.0/24 via 172.16 ...

I have an openvpn server running on 10.8.0.0/16 that pushes the subnet 10.10.0.0/16 (a docker network) to the client.

I can ping 10.10.0.0/16 from the client but I cannot curl from the client.

This is my openvpn server config file:

port 1194
proto udp
dev tun

ca ca.crt
cert cert.crt
key key.key
dh dh.pem
crl-verify /etc/openvpn/crl.pem

topology subnet

server 10.8.0.0 255.255.0.0
push "route 10.10.0.0  ...

I would like something simple like everything to redirect to ssl and from there cached I guess no?

How can I get non www version to redirect to www version as well

PS. I am using ssl strict comunication with cloudflare on the system nginx and fastcache cgi you can see my nginx configuration bellow and php-81.fpm.

The current configuration is the default one I would like to have a more simple less text ea ...

I've just installed the Nvidia drivers using the instructions here on our Threadripper workstations, https://docs.nvidia.com/cuda/cuda-installation-guide-linux/index.html#rhel-9-rocky-9

However, I'm getting this error after a reboot

modprobe: ERROR: could not insert 'nvidia': Key was rejected by service

[root@athos ~]# nvidia-smi                                                                            ...

I am new to grafana & prometheus. I want to graph the change in a value (here disk space used), but as a percentage of the initial value, which one commonly sees for inflation charts.

For example, this chart of inflation has every line starting at 100% at the left, and then each point is the value at that time, as a percentage of the initial value. I want to make a chart like that in grafana. Whe ...

since I'm sadly not getting any responses in rspamd's GitHub discussion board, maybe someone here has experience with rspamd prefilter mode.

I'm trying to get rspamd to accept any mail coming from a given list of domains, no matter how much it thinks it's spam. Sadly, this is necessary as too many people think it's a good idea to manipulate senders or do other shady things, usually used by people ...

kubeadm init [init] Using Kubernetes version: v1.26.2 [preflight] Running pre-flight checks error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR CRI]: container runtime is not running: output: time="2023-03-01T08:28:38Z" level=fatal msg="validate service connection: CRI v1 runtime API is not implemented for endpoint "unix:///var/run/containerd/containerd.sock": rpc error: code ...

I wonder if someone has encountered this issue with nginx after upgrade ubuntu from 20.04 to 22.04.

In nginx log file this appears. Seems to be something wrong with SSL.

2023/03/01 08:42:31 [emerg] 600#600: cannot load certificate key "/home/lars/ssl/_.(domain).se.key": PEM_read_bio_PrivateKey() failed (SSL: error:1E08010C:DECODER routine s::unsupported:No supported data to decode. Input type: PEM)

We observe extremely high slab memory usage on a long running CentOS7(mount Lustre) server. With total 187G RAM, the slab cache used 110+G and most part is SUnreclaim.

Since slab = SUnreclaim + SReclaimable, we think the SUnreclaim memory should be actually used and cannot be free up. But after executing echo 2 > /proc/sys/vm/drop_caches, we found the SUnreclaim size also be greatly decreased. The d ...

How can I get non www version to redirect to www version

But to not affect my subdomains

PS. I am using ssl strict comunication with cloudflare on the system nginx and fastcache cgi you can see my nginx configuration bellow.

The current configuration is the default one I would like to have a more simple less text easier to understand one not this mess.

NGINX ESSENTIAL CONFIG:

server {
    if ($host = vg ...

I am relatively new to AWS so I wanted to reach out to the gurus in the community to get some advice on architecture, and I thought I would share my thoughts.

I am building out cloud infrastructure for a Video Management Software for a Body Worn Camera system. We are talking lots of video footage being uploaded to the cloud.

So my initial thoughts are:

1. EC2 8 vCPUs, 32 GB RAM, 512 GB storage, Debi ...

I'm working with Windows Server 2016 Essentials. Someone in the organization installed a Linksys mesh network into the router that our server was once plugged into. The Linksys parent node's DHCP is now assigning IP addresses. When the mesh network was installed, it obviously messed up the DNS server because it was configured to use a static IP so they went in and changed the local server to use DHCP in ...

I have two GCEs in the same VPC but in different subnets. Both are GCEs are dual nic and everything is accessible over nic0.

VM-1
    nic0    172.16.132.4
    nic1    192.168.132.2
VM-2
    nic0    172.16.154.202
    nic1    192.168.154.202

However for nic1, I can't ping VM-2 from VM-1 on VPC-2. The following doesn't work

ping 192.168.154.202 (doesn't work)
sudo ping -I eth0 8.8.8.8 (works!)
sudo ...