Latest Server related questions

Getting this error:

Dec 15 07:40:39 example.com postfix/local[116804]: E5DFC9CD1: to=<[email protected]>, relay=local, delay=0.02, delays=0/0/0/0.01, dsn=4.3.0, status=deferred (temporary failure. Command output: lda(root): Error: net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied )

# ls -ld /run/dovecot/stats-writer /run/dovecot /run
drwxr-xr-x 25 root  root  720 Dec 15 06:29 /r ...

I have just installed kubeadm, kubelet, kubectl, docker, docker-ce on Ubuntu 22.04 and they all are working fine. I am wondering how I shut them all down without making them corrupted?

Also how can I start them all up again?

Furthermore I like to know if I shut them down and startup again whenever I want to put my Laptop on suspend? (I am using Kubernetes locally on my laptop).

I have a site running on my computer using Apache 2.4 which I can easily access by using my local ipv4 address and respective port 80. The port 80 is bound to port 22*** using portmap.io and is configured with OpenVpn/tcp on my computer.I have allowed access to Apache HTTP server and Apache Server Monitor through the firewall.I have also increased keepAlive timeout in apche server to 600s, max connectio ...

I am new to server stuff, i want to host multiple rest service using docker and nginx.

Let's say i have three service that runs on 8180, 8181 and 8182. I am able to forward request to one port but i have no idea how to tell nginx to forward to specific ports based on the url.

Lets say:

https://testsite.com/api/v1/products -> access product service

https://testsite.com/api/v1/orders -> access ord ...

Hello I setup a mikrotik openvpn server I am able to successfully login into router my problem is it doesn't route anything and this problem only appears on ovpn l2tp and pptp works fine.when I search what is my IP I see my own IP not the routers IP . Here is my client config:

client
dev tun
proto tcp
remote <ip> <port>
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
ci ...

I've been working on this since 2 days ago, but no luck.

So, basically, I want to bypass the varnish cache for a specific incoming request URL.

I've defined this rule:

sub vcl_recv {
     if (req.url ~ "/en/reading-books/") { return(pass); }
}

But when I refresh the page, it's still being cached, the response headers return these:

via: 1.1 varnish-v4
x-varnish: 2

and this background-running comm ...

If I own a domain name (for example: mydomain.com), and I setup my own ns server ns1.mydomain.com with a public IP (for example: 1.2.3.4), I registered the ns1.mydomain.com to the registrar's system.

I have a record in my ns server: www.mydomain.com which points to a IP (for example: 1.2.3.5), if someone from Internet wants to access my www.mydomain.com, how do they know the ns server of my domai ...

I have tried to map the custom domain to my App Engine app snd it has been in failed status for weeks. Message shows Google will auto retry to generate SSL but seems it is not succeeding.

The exact error is: "DNS records could not be found. Certificate activation will retry automatically."

I own the domain and bought it from Google domains.

I have configured routers/firewalls several times in the past with nftables. I'm now setting up a Linux router that will be managed by other people with less experience, so I figured Webmin would be a good choice.

I'm having trouble correlating what the UI presents with the requirements of setting up a router/firewall. Some things seem to be missing from the UI:

• Configuring rules for incoming vs outgoi ...

How to allow SSH when the network is blocked on all ports except HTTP and HTTPS?

I'm curious to know how I can create a SSH tunnel which allows me to SSH via 443 and will work even after the server is rebooted?

I'm trying to use Laravel Forge to configure the server. However if the SSH ports are blocked, Laravel forge will not work. Hence, I'm trying to find a way to allow SSH for Laravel Forge via  ...

I have a WordPress site that is working on an older version of Kubernetes. I updated the Kubernetes cluster and the nginx-ingress controller. After the update the main page works, but when we attempt to login WordPress keeps trying to 302 redirect to wp-login.php. I have checked the WordPress pod logs and all I am seeing is a whole bunch of redirects (NO Error messages) or anything that would point m ...

How is it possible to perform an instance refresh within an autoscaling group without any downtime?

Running two ec2 instances with 3 public facing services running 2 tasks each. The services have an order placement strategy set to spread instanceId, which from my understanding should split the containers between the two instances. When running an instance refresh I am setting Minimum healthy percentage ...

I have installed kubelet 1.26.0 on Ubuntu 22.04 using apt install kubelet command, but when I try journalctl -xeu kubelet I get the following result:

░░ 
░░ The unit kubelet.service has entered the 'failed' state with result 'exit-code'.
Dec 14 15:41:16 a systemd[1]: kubelet.service: Scheduled restart job, restart counter is at 86.
░░ Subject: Automatic restarting of a unit has been sche ...

I have setup

stunnel on server

pid = /var/run/stunnel4/stunnel.pid
output = /var/log/stunnel4/stunnel.log
setuid = root
setgid = root
[openvpn]
cert=/etc/stunnel/cert.pem
options = NO_SSLv2
options = NO_SSLv3
options = NO_TLSv1
options = NO_TLSv1.1
sslVersion = TLSv1.2
key=/etc/stunnel/key.pem
accept = 0.0.0.0:8080
connect = 127.0.0.1:1194

stunnel on client

output = /Volumes/HDD/Users/steve/Deskto ...

I am trying to do sudo kubeadm init of kubeadm 1.26.0 on an Ubuntu 22.04 machine. But I get the following result:

[init] Using Kubernetes version: v1.26.0
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action ...

Disclaimer: I am new to networking.

I ran a arp -a command on Terminal to establish what devices are currently active on the network. I was returned a number of devices with Host ID's that were not in succession. For example, I had 1, 18, 19, 24, 40 etc.

I used ping on random host ID's that I cannot see on the arp list, for example 16, 35 and received a request timeout. I'm assuming that these devices ...

I have a small VPS running WireGuard. However, I would like to set up an IP redirection with nftables. The problem is that I've been trying for days but I can't get ahead. It is probably a simple mistake on my part. When I call curl 10.3.10.24, I still get to 10.3.10.24 and not 10.3.10.1. Both IPs are behind the WireGuard tunnel. Below is my config. I am grateful for any answer :)

net.ipv4.ip_for ...

Domain for my web application let's say domain.com exists in AWS account A, which is where production environment is hosted. I want to create multiple QA environments in AWS account B for security reasons. I'm trying to have env1.qa.domain.com, env2.qa.domain.com etc in account B. I know it is possible to delegate a subdomain to another hosted zone that resides in different account than apex HZ, but I do ...

We have a new environment containing 6 Esxi hosts, and we need to change the LUN format from VMFS6 to VMFS5.

there's no data on the servers, so what is the correct process?

Dismount the LUN (VMFS6) and creating a new one using VMFS5 format, or deleting the datastore and creating a new one?

(I know for the Netapp guys it's an easy question, i just want to do this thing right and learn the difference bet ...

i have a debian server with apache and mysql installed there.

i have more visitors from 8pm to 22 pm and apache server to slow and lot of times page cant open on this period.

error: This site can’t be reache www.example.com took too long to respond.

i check htop and i see low cpu usage , also bandwidh is 1gbps but im not using that much

CPU - htop command screenshot

iostat disk write read sc ...

My webserver running Debian Bullseye has been running for years without any problems. Everything is up to date. The apache version is 2.4.54. Yesterday I noticed none of my websites were up so I logged in to my server and noticed Apache wasn't running anymore. I restarted Apache and checked its log file to see what happened. the log file showed this:

[Tue Dec 13 23:46:50.629635 2022] [mpm_prefork:e ...

I have a server with MariaDB 10.6. The mysqld process uses 100% of DSK with very high I/O.

I tried to set these values but it didn't have any affect:

innodb_io_capacity = 100
innodb_io_capacity_max = 100

look at atop output

Any solution?

How do mail servers (i.e. MS Exchange) handle the ?all option at the end of an SPF record?

I know from RFC 7208 that ? results in a neutral response. It means the SPF explicitly doesn't state whether an IP address is authorized or not. But what do mail servers do with this information? Do they just fallback to something else like FCrDNS?

I'm moving a site to another server. Both are running MariaDB. The old one is:

mysql  Ver 15.1 Distrib 10.5.8-MariaDB

The new one:

mysql  Ver 15.1 Distrib 10.6.11-MariaDB

On the old server in my.cnf, I put:

[mysqld]
...otherlines
sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

This allowed me to run the commands I wanted. ...

I am using Roundcube v1.6.0, and I am trying to get the Password Plugin to work properly.

However, I am getting the following error message (in browser):

Could not save new password.
Encryption function missing.

Why does Roundcube want to access my private key?

I am using Postfix/Dovecot configured for virtual users with Postfixadmin.

Configuration

/srv/live/php/roundcubemail-1.6.0/logs/errors.lo ...

I am using docker-compose to set up umami.But it seems that umami is not up. I have checked log file umami. Here it is what looks like.

yarn run v1.22.19
$ npm-run-all check-db update-tracker start-server
$ node scripts/check-db.js
✓ DATABASE_URL is defined.
✗ Unable to connect to the database.
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentati ...

My apache error log shows:

AH01972: could not resolve address of OCSP responder ocsp.usertrust.com

Main reason is my server's nftables blocks any requests to the Internet.

In my opinion web server not should to initiate any connections to the Internet to be as security as possible. But OCSP stapling requires DNS connection and http(s) traffic from server to my CA's servers.

Is it possible to allow ...

How to get the scope function to get the sum of data of each day for a month or between 2 dates. I tried this but it did not work.

public function scopeEachDayInPeriod($query, array $dates){

    $period = CarbonPeriod::create($dates[0], $dates[1]);
    foreach ($period as  $date) {
     
        $day = $date->format('Y-m-d');
        $days30[] =$day;
        $kwh30days[] = Charge::whereDate('st ...

When I do the same with resolver and set grpc_pass it fails:

    `server {
        listen 443 http2:
        server _name opc.org.com;
        ssl....;
        location / {
            resolver 127.0.0.11 valid=30s;
            set $https_webui https://dev_webui;
            proxy_pass $https_webui;
        }  
        location /App.Room.Api.Contract.ApiService/UpdateOpcDaTags {
            resolve ...

On a mysql server, I made a mistake and changed the wrong user's password, like this:

SET PASSWORD FOR username@'10.1.%' = PASSWORD('newpassword');

Before changing the password, I used "SHOW GRANTS FOR username@'10.1.%'" and noted the password hash displayed. How can I used the hashed password to reset the current password back to the original? I tried using the same "SET PASSWORD" command with ...