Latest Server related questions

I can't get over the nginx 60s timeout. If I access the node server directly at 8000 it works, through nginx as reverse proxy it always times out after 60s. I have tried every timeout setting I have read on my google journey regarding this problem...

Anyone can help me out here?

Cheers

Minimal steps to reproduce:

   server {
     listen 80;
     server_name someserver.net;
 
     location / {
     ...

The controller doesn't let me convert drives to JBOD for some reason, so I can't reach them with hdparm to send --security-erase-enhanced ATA command. So I decided to use MegaCli for which I found two different commands but both fail:

MegaCli -PDInstantSecureErase -PhysDrv[32:1] -Force -a0

Adapter 0: Secure Erase is not allowed on device at Enclosure - 32, Slot - 1.

Exit Code: 0x00

MegaCli -SecureEras ...

I have noticed that there is a "security" release listed in the Debian security tracer.

Some of the vulnerabilities are only fixed in the "security" release, which might be still present in a different version like plain "bullseye" for example.

What exactly is the difference between plain bullseye and "bullseye (security)"?

Is there an official Docker image, where all the security patches of "bul ...

I have come here to ask a question that is bothering me. What is the best way to virtualize Active Directory when I have two physical servers and a disk array. I know that I need at least two domain controllers. To achieve this, I need to put two virtual servers on hyper-v.Then i can to do: Run both virtuals on a disk array where the hyper-v service is in a failover cluster? Should I put these VMs outsi ...

What is the design reason for uniquely identifying mail on a folder by folder basis rather than on a server wide basis?

IMAP specifies that mail is uniquely identified by a folder name, a UIDValidity (32bits) and a UID(32bits). Why not just uniquely identify mail server wide by a single 64bit UID?

I need to run a command passing the flag --privileged to the underlying docker run, is there a way to pass it using dokku run?

I can disable ipv6 as su in /etc/sysctl.conf on my GNU/LINUX Debian 11 with

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

and restart with

/sbin/sysctl -p

when i try to disable ipv4 in /etc/sysctl.conf and restart with

net.ipv4.conf.all.disable_ipv4 = 1
net.ipv4.conf.default.disable_ipv4 = 1

i get error message

sysctl: cannot stat ....

there is no disable_ipv4 in / ...

I am configuring Nginx (not in docker) to redirect a web service provider on localhost:9333 (which are placed in two docker containers). I could reach service through ssh, but when using the domain name on a web browser (I can ping with the domain name and it connects to the correct IP), the browser says "connection time out".

The nginx error.log says :"...[notice] 175385#175385: signal process sta ...

Sorry if its trivial question. I do not have experience with linux terminal.

I am trying to install RedisJSON on ubuntu 22 on Windows.

https://redis.io/docs/stack/json/#build-from-source

When I run command

> :~/RedisJSON$ ./sbin/setup

I keep getting error

sudo bash -l -c 'apt-get -qq update -y'
# readies version: d3ba34e
sudo bash -l -c 'apt-get -qq install --fix-missing -y ca-certificates'
sud ...

I have configured cloud foundry in Kubernetes using cf-for-k8s github repo(https://github.com/cloudfoundry/cf-for-k8s.git) While configuring the Api endpoint am getting server misbehaving error and unable to use cf login command. Please find the error screenshot below

Get "https://login.vcap.me/login": dial top: lookup login.vcap.me on 127.0.x.xx:xx: server misbehaving. FAILED

Initially had the pod ...

We have Ubuntu server on the remote location that may or may not have an Internet access. It will run several applications and we want to make sure that if something goes wrong on OS or app level, we can automatically recover to the previous working version.

First we were thinking to go with Timeshift, but after some testing it doesn't feel like it is robust enough.

Now we are thinking to make an ad ...

Hi I am trying to create an access point in ideal case virtual access point in Fedora server 37. I can create a simple AP for wifi to LAN(wlp7s0 -> enp1s0 in my case) using these commands and I can connect to this and also have internet access on this AP.

nmcli con add type wifi ifname wlp7s0 con-name MyHotspot autoconnect yes ssid MyHotspot
nmcli con modify MyHotspot 802-11-wireless.mode ap 802 ...

Last week I set up Pi-hole mainly for blocking ads and handling a few internal DNS requests. This works fine, when OCD kicked in. I thought it would be nice to add Unbound to the mix to not have to use external DNS server and this hiding my traffic from those who doesn't concern. After some struggles, this is now running fine, except for a few things.

I have set my router to hand out the DNS serv ...

I recently setup a new linux machine, running Ubuntu 22.04.1 LTS, I installed Docker on it, and Portainer to make viewing easier.

I am attempting to install a mysql image, however when running the command docker pull, either in portainer, or via CLI, I am met with the following error:

Error response from daemon: Get "https://registry-1.docker.io/v2/": dial tcp: lookup registry-1.docker.io: Temporary fai ...

I am trying to allow all incoming connections from my local network, and http/https connections from anywhere while blocking all other traffic.

Here are my current rules:

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  192.168.0.0/16       anywhere
ACCEPT     tcp ...

I have a Kubernetes cluster with 1+1 configuration .

I used the following steps to install Calico

curl https://docs.projectcalico.org/manifests/calico-typha.yaml -o calico.yaml
kubectl apply -f calico.yaml

But the pods are not running

an001@mastercal:~$ kubectl get pods -A
NAMESPACE      NAME                                       READY   STATUS       RESTARTS   AGE
kube-flannel   kube-flannel-ds-dz ...

I am running Docker from a KVM:

Docker --- (hosted on) ----> KVM Guest ---- (hosted on) ----> KVM host

I created a docker bridge network with the following command:

docker create test

user@ubuntu-vm:~$ docker network inspect test
[
    {
        "Name": "test",
        "Id": "1dc0198e46d04e506a9b98b41bf9bdbd94673dbbb6a184874717cba89166946a",
        "Created": "2023-02-01T08:23:54.773507123Z ...

We have 2 Azure VM's, each on different VNET's. They both run Sql Server.

I can connect to to both VM's from my home office/IP using Azure Data Studio. My home office has a static IP. I've made sure those VM firewalls are allowed to accept my connection.

Now, VM_A cannot connect to VM_B using Sql Server Management Studio (because that's provided by default when Sql Server is installed). VM_A can conn ...

I am trying to make Google authentication enable for my web app. It works fine locally. But after I published it into my host, it failed at the callback.

I have been trying several ways for five days but not succeed. No coding issues. I am guessing the redirect call from Google is not accept my server or my DNS.

I am using Contabo VPS as my server with Nginx. DNS is handled by Cloudflare.

The URL of th ...

I am using crontab (on Ubuntu Server 20.04) to automatically create daily backups of a text file and storing them on an external hard drive. I am using the following crontab to create my backups:

@daily cp ~/myfile.txt /mnt/usb/backups/$(date +\%Y\-\%m\-\%d)_myfile.txt

This effectively creates a daily backup file on my external hard drive with the date and time (year/month/day) of creation prefaced in ...

I have deployed a multinode deployment of OpenStack using kolla ansible (deployed following the openstack deployment guide) on 2 rocky linux 9.1 machines. When attempting to migrate one instance between nodes, it fails and the instance enters the error state. I get the following error in the logs:

2023-01-30 14:52:49.767 7 ERROR oslo_messaging.rpc.server   File "/var/lib/kolla/venv/lib/python3.9/si ...

I just been able to setup this old greyed hair machine to be accessible with the same external IP, iLO and server itself (shared port).

But i just tried to use the IPMI directyly accessible from iLo WebGUI, but that throw me this error while opening it.

There's no more informations, i mean, i just can't understand where i f*d up. I can even SSH ILO, and bring me to their HPE CLI. Is this something r ...

We have an RDS instance that is not publicly accessible. We have a VPN and VPC with 172.X addresses that connects to it.

In our RDS logs, I'm seeing a LARGE number of failures, which has blocked our instance.

2023-02-01 22:14:05 1351320 [Warning] IP address '100.69.187.97' could not be resolved: Name or service not known
2023-02-01 22:14:05 1351320 [Warning] Access denied for user 'metabase_ro'@'100.6 ...

It's probably easiest to just show by example where I'm hitting issues, so I'll jump right in...

This snippet will work as-is for Nginx with rewrite/auth modules enabled. So hopefully this issue is quick & easy reproduce on pretty much any Nginx install...

server {
  listen 8081;
  add_header x-user bar;
  return 200;
}

server {
  listen 8080;

  location = /auth {
    internal;
    proxy_pass ht ...

I have two networked voxls which I am trying to synchronize using chrony. The voxls boot up with vastly different system times, like years apart. I would expect chrony to synchronize the times when the service starts using makestep, but after starting chrony, I still observe a large difference in system time.

The configurations are as follows:

#server 10.0.0.102
                                      ...

I have a windows VM set up with UTM on my M1 mac but cannot access it event though it is set on shared network in the preferences.

I've tried localhost:5432, 127.0.0.1:5432... with no success.

We are experiencing issues with ARR configuration when trying to proxy requests to an external web site. Our server configuration is as follows:

1. Web server with IIS 7.5 that we control. It runs a few web sites, all via HTTPS only

• https://customer1.muciacio.net
• https://customer2.muciacio.net

2. Our customer's web site, which we cannot control and whose configuration we cannot change. Their domain name, f ...

When i type sudo iptables --list i get this line appearing in my chain rules:

DROP all -- 172-0-0-0.lightspeed.brhmal.sbcglobal.net/8 anywhere

When i type sudo iptables -n --list i get this line instead:

DROP all -- 172.0.0.0/8 0.0.0.0/0

How come iptables tries to resolve this ip 172.0.0.0 to 172-0-0-0.lightspeed.brhmal.sbcglobal.net ?

I have tried to check 172.0.0.0 in th ...

I've certainly made a few rookie mistakes when setting up my first ZFS from a 4 drive array (14tb platters), mainly forgetting to change the block size from default. However I am missing space in my summary and I 'think' I know what is happening but trying to get clarification.

I have a container allocated at 300Gb using ~30Gb of space. I setup two containers at 5000Gb but destroyed them after re ...

I'm trying to move my VirtualBox and Docker workflow to QEMU.

On those other systems, I would boot a public linux vm/container, edit to my liking. shut it down, and create a snapshot to then boot and discard changes. So i always have a pristine image to run my tests on.

On QEMU, I can't get to the exact the same workflow or find a good adaptation.

Instead of always saving layers of snapshots and having ...