Latest Server related questions

I'm just bit curious if it is possible to install Webmin on a Plesk system for admin purposes. Yes I know this is like break the holy grail for many sysadmins which love the prompt, but we in our company actually like using the UI for managing our Linux server tasks as it is easier and faster in our opinion, so please kindly leave out the rant about "only use the prompt" talk.

Plesk is fine for a ...

I am having 7 servers with RHEL, I want to setup a cluster for those. We need cluster for:

1: high Perfomance 2: load balancing

I have NAS for shared storage. I want to setup 1 server as visulization Node, one will be a master node and rest 5 will be compute nodes. Can somebody help with how can this be setup.

The cluster will be used for computational purposes running simulations on Ansys/Fluent/CFX a ...

I am trying to support TLSv1.0 and TLSv1.1 with haproxy 2.4.18 (and OpenSSL 3.0.2) on Ubuntu 22.04.

I have followed Mozilla SSL Configuration Generator, "Old" configuration, slightly modified, adding :@SECLEVEL=1 and ssl-min-ver TLSv1.0

  ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20 ...

I have had troubles with Fail2Ban and was wondering if anyone else has seen this and been able to overcome it.

I have two Fail2ban rules in place for Zimbra, one for SMTP and the other for Webmail. The SMTP rule is working and banning IP's, but the webmail is not. I can see what I think are matches in to the filter in the logs, but they never get banned.

I have the following jail config:

[zimbra-smtp]
 ...

I have the issue, that the sql server always busy because of the parameter virtual_alias_maps always asks database for emails from [email protected] and from root.

Iam looking for away to write if statement for those 2 addresses to avoid ask database if the sender one of those 2 senders.

following is my config:

postconf -n

address_verify_map = proxy:btree:$data_directory/verify_cache
alias_database = has ...

TL:DR : I am building a network tap with a raspberry-pi that must remains stealth. I have a bridge (br0) between the switch interface (eth0) and the workstation (eth1).

Here is how i am building it (open to any suggestion):

# Create a bridge with the name br0
ip link add "$BRIDGE_INT" type bridge 
# Add the eth0 interface to the bridge
ip link set "$WORKSTATION_INT" master "$BRIDGE_INT" 
# Add the ...

I am new to apache2 I've followed every tutorial on the internet, I think I've seen every question but it didnt help. The problem is that

• My container contains flask app.
• Container listens to 45654 port.
• assume my hostname is "myuni.edu" which is hosting lots of php things though apache2 rn which are available

1. curl http://localhost:45654 from host machine works and returns html text.
2. curl http: ...

Good day to all!

First of all, i have to say i'm a Linux novice and new to StackExchange so i hope i'm asking my question the right way.

I would like to use nftables as firewall on a new AlmaLinux installation (v9.1, minimal install, headless management and security tools). To avoid getting firewalld in the way, i disabled firewalld with:

'''

    # systemctl disable firewalld
    # systemctl stop ...

This URL : How to upgrade Centos 7 to Rocky Linux 8 claims it should be possible to migrate directly from CentOS 7 to Rocky 8.

I created a local repository of RockyLinux 8 on one machine in my network, and made it available through Apache to the rest of the network. Did the same for the Elevate repository. I need to do this because I have to migrate a lot of servers that are not connected to the inte ...

Quite newbie, so sorry any unconnected data. I am creating a DKIM and SPF records to emulate DMARC as a workaround. An external vendor of us, want to send emails under our domain using a subdomain.

I have configured my TXT records as:

TXT    subdomain.domain.com     v=spf1 include:domain.com -all

TXT    subdomain.domain.com     "k=rsa; p=random_value"

Should I create two CNAMEs records for them right? ...

I am using systemd to mount a Windows share using Kerberos. To make this work, I first run kinit in a .service file to create a Kerberos credential cache (ccache). The .service runs as root as the ccache needs to be owned by root (journalctl -xe helped me with that), as mount.cifs requires root. The .mount (and .automount) use the ccache to do the Kerberized mount. When I create the ccache interac ...

I followed the common practice to only allow public key login with SSH into Debian, then somehow I accidentally changed the permission of ~/.ssh/ folder (I think it got owned by root), after that openSSH refused to log me in! (and server was in a different country, with no remote/KVM console)

I find this setup quite fragile. Is there a way to prevent this, and maybe just give me a warning on next ...

I did setup OpenLDAP server, but I need to implement ACL. I'm not linux admin and I'm not even sure if what I'm trying to achieve is possible.

I have 3 groups. These has users which are posixAccount and inetOrgPerson object classes. I want admin users to be able to edit everybody, users from group "B" be able to edit only users from group "C" and users from group "C" will not have access at all.  ...

Spamassassin has a feature to include the matching rules in the headers of mails flagged as spam, so one can see why the mail was classified as spam and possibly adjust or create mailbox filters that match in specific rules.

Can I configure rspamd to add a similar header? It doesn't have to match the spamassassin format, it just should contain the matching rules and possibly the scores generated  ...

I have an NGINX with a PHP-FPM instance behind it. OPTIONS requests for paths for which a file exists in the file system should be handled by NGINX. For those requests, NGINX should return Access-Control-* CORS headers. OPTIONS requests for which no file exists should be passed to PHP-FPM.

The logic should be something along those lines:

    location / {
        # In this case: Check if file exists
    ...

I am here, to ask for absolute input. I have setup a local Apache Server with PHP 7.2 (currently), I am aware newer PHP exists. I know PHP and Python, I also know Node.js (server/back-end).

With Node.js, I can get most of the packages through npm command line. I been reading, Node.js vs. PHP and it all depends on what you are going to develop. In addition, I know that Golang programming can also b ...

I have developed a website in PHP Laravel. It is working fine but there is some core web vitals issues. I have tried to fix it but it has not done all. LCP, FCP INP (interaction to next paint) and TTFB (time to first byte). These core web vitals factors are stills red and speed index value is also red.

I have reduced CSS and Javascript manually. There are no images in this website. I have put my  ...

I intend to log a python script output. Here what it looks like :

arm@stackoverflow > cat test.py
#!/usr/bin/python
from time import sleep
while True:
        print("Hello")
        sleep(1)

I try to use standard syslog way to handle logs, I therefore tried to configure JournalD & SystemD to send everything as Syslog:

arm@stackoverflow > cat /etc/systemd/journald.conf | grep -vP "^#"
[Journal] ...

The cronjobs on an AlmaLinux 9 64bit system are not running.

I added 2 simple jobs to the crontab, which run fine from the command line:

[root@sendy ~]# crontab -e

* * * * *       date > ~/cron.log 2>~/cron.log
* * * * *       env > ~/env.output

It doesn't matter if I change the schedule (every 5 mins, every hour) or if I only have 1 record in the crontab, they won't execute.

crond is ru ...

My spring boot application is deployed with 6 replicas on Kubernetes using Helm charts. It is currently deployed under load test with 6K TPS traffic. We wanted to test the behavior of ongoing traffic during upgrade of application using helm upgade. During upgrade window we see approximate 0.6 % of request failure. The upgrade strategy is set to rollingUpdate with maxUnavailable and maxSurge set to 25% ...

Good afternoon.
At the moment I'm using Debian 11 as the main system and Ubuntu 18.04 as the system for virtualization, I do all the management through Cockpit.
The server is connected via a router, the connection to the router is via DHCP.
Currently, I'm assigning an address IP for the virtual machine like this:
enter image description here
direct->eno1 - router network from the physical port.
 ...

I have a requirement for setting up slurm on one physical server, with 2 different partation and 2 main node so, need to have,

partation1 wihich need to have node1 and need to be used by group1 user partation2 wihich need to have node2 and need to be used by group2 user

in 1 physical server , if anybody could help on this, is this possible , if yes , how?

this is the website (the website also have subdomains)

nginx configuration:

# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStr ...

1. On my media subdomain (nice separation of concerns, also for rulesets)
2. I have files which are in Mixed-Case-intentionally (for maximum semantics, also for downloads)
3. which I want to serve case-insensitive (for maximum reliability, also when told media URL orally)

mod_speling with CheckSpelling on and CheckCaseOnly on (and CheckBasenameMatch off to be strict) would do the job perfectly for me! Only ...

I foolishly thought that it would be simple to move the source from a SCO server running RM 6.61 to the gnucobol 4.0 on Ubuntu 22.04, and just compile it to sort out the errors. Right off the bat the compiler complains that it cannot find the division headers. The code starts with an IDENTIFICATION DIVISION in the right place, followed by the PROGRAM-ID, ENVIRONMENT DIVISION, etc., but the compiler cann ...

on github i'm looking at this vpn project called dsvpn. it sets up some firewall rules by running iptables commands. One of them is (i hope the names are self-explanatory) :

iptables -t raw -I PREROUTING ! -i $IF_NAME -d $LOCAL_TUN_I -m addrtype ! --src-type LOCAL -j DROP

i've done some reading but still it's not quite clear to me what this rule does. I'd be grateful if someone could give a more or le ...

A client has an Azure DevOps subscription and they're looking to use it for automated builds and releases with their Salesforce app they're using. The previous dev team was only using Azure Repos as their code repository and the client was using Boards for ticket tracking. I believe the previous team used Salesforce DX/CLI to perform deployments using VS Code so no pipelines exist and they'd have t ...

We use Wine 7 on Ubuntu 22.10 to run multiple instances of a Windows executable that opens a socket connection and does various communications. Each instance of this Windows program connects to a different venue.

Occasionally all these instances will lock up at the exact same time. The program freezes and all threads stop running. (We added a thread which just pops a message in a log file every f ...

I'm using Squid Proxy for (DNS Filtering), I have configured squid proxy behind my GCP Cloud NAT in transparent mode to intercept HTTP and HTTPS Web Traffic, I have added only below rules to redirect HTTP and HTTPS traffic to squid.

iptables -t nat -A PREROUTING -s 0.0.0.0/0 -p tcp --dport 80 -j REDIRECT --to-port 3129
iptables -t nat -A PREROUTING -s 0.0.0.0/0 -p tcp --dport 443 -j REDIRECT --to-p ...

On my apache server, I need to pass full URLs as parameters to a php function. However, when I use something like:

RewriteRule ^(.*)$ ../image.php?url=$1

$1 ends up losing one of the slashes of the https. So, in other words, if I try using it to parse https://example.com/img01.jpg, $1 is only receiving https:/example.com/img01.jpg