Latest Server related questions

I've deployed promtail, Grafana, Loki and AlertManager using Helm charts on k3d cluster on my local machine. I would like to have some rules in Loki such that if something will happen, AlertManager should be informed. Now I tried only with some simple rule, just to check if it works.

My Loki version: {"version":"2.6.1","revision":"6bd05c9a4","branch":"HEAD","buildUser":"root@ea1e89b8da02","buildDate" ...

I am trying to get NAT hairpinning working on my router. I cannot access my local website host on my LAN (192.168.1.3). I am using nftables with the following config:

enp1s0 = WAN enp2s0 = LAN

#!/sbin/nft -f
flush ruleset
table ip nat {
        chain prerouting {
                type nat hook prerouting priority -100; policy accept;
                iifname "enp1s0" tcp dport { 80, 443 } dnat to 192.16 ...

Considering this setup:

ESXi 6.5 on HP ProLiant BL460c G7 in an HPE BladeSystem c3000
2 x Intel Xeon CPU E5645 @ 2.4GHz
96 GB Memory
Partnered with SB40c Storage Blade (6 x 240 GB SSD) with HP Smart Array P400 256 MB RAID Storage Controller

The objective is to run a combination of Win10 and Win2k12 servers on this server. My questions are:
1- What kind of VM performance can I expect when it comes to dis ...

I have a virtual machine (running on a QNAP NAS) which is configured for 8GB of memory. But my Debian only uses 4GB of them. See outputs:

root@backuppc:/# lshw | grep "*-memory" -A 40
*-memory               
     description: System Memory
     physical id: 1000
     size: 8GiB

So the (virtual) hardware offers 8GB as you can see. But Debian does only use 4GB of them:

root@backuppc:/etc/grub.d# ca ...

I have several web apps running in docker on a ubuntu host. Each app is listening on a different port. When inside any container in the docker network, I can connect and receive data from the service, however, when running a request from the host, I can connect successfully, but no data is received. Why aren't the services returning any data when I connect to them from outside the container???

Do ...

We have on Azure several Windows Server 2019 virtual machines whose data disks are configured with Storage Spaces.

How can we extend a virtual disk configured for simple redundancy (NumberOfDataCopies is set to 1) on those machines without wasting physical storage?

I have just changed my Netgear GS108e (8x1Gb) switch with a GM110mx (8x1Gb + 2x10Gb), and noticed that I have now some rx_csum_offload_errors and rx_length_errors errors on my Intel x550T2 NIC stats of my NAS. Those errors don't increase very often, but more quickly under heavy transfer loads.

     rx_errors: 692
     tx_errors: 0
     rx_over_errors: 0
     rx_crc_errors: 0
     rx_frame_errors: 0 ...

Is this possible to restrict access to all users, who try to connect to my web server using TOR or VPN? I'd like to geoblock some users and also want to avoid them accessing my website even if they are using anonymization tools.

I'm new at ipsec. Using libreswan 3.25-9.1.el7_8 on CentOS7.

I'm able to get a connection working, and follow the documentation, but cannot find how to silence the pluto process so it doesn't respond to external scans. the symptom is:

Dec 08 23:41:43 me-beta-51 pluto[29699]: packet from x.x.x.x:500: initial parent SA message received on x.x.x.x:500 but no suitable connection found with IKEv2 policy
De ...

Customer would like to check e-mail content (including attachment parsing) from a list of accounts and, in case of some detected trigger words, to send a copy of the mail to a person who has to be aware.

A fast head-on solution was to send copies of all received mails to an in-between address, which is monitored by the parsing script developed in Python. However it is an additional load for the E ...

I have an EKS cluster that I inherited (no documentation). The cluster hadnt been upgraded in years. I was tasked to upgrade it. The version on nginx-ingress was from quay.io which is no longer maintained. I was able to upgrade the cluster to 1.23 and installed the official nginx-ingress version. I got the helm values before deleting the old Ingress and I applied the same values to the new ingress. ...

I have a mail server that was configured with ISPConfig (amavisd, spamassasing, dovecote, etc) and a few non-standard tweaks from the tool's default tutorial (ISPConfig). The server itself works beautifully.

However, I have a problem delivering e-mail using an external service called SendPulse.

I use the sendpulse SMTP tool to send invoices to my clients, however when the client has an email hosted  ...

I am very new to the world of server and networking, I hope the questions is clear and won't be so trivial. I recently came across the following scenario:

1. There was a Root cert A, which is going to expire a few months later. There was another new Root cert B, which intended to be replacement of A. Both A & B are self-signed. The CA of A is trusted by old and new browsers / OS, while the CA of ...

I am able to configure HAProxy to to present itself as an HTTP/3 server by following instruction here: https://www.haproxy.com/blog/announcing-haproxy-2-6/

bind :443 ssl crt server.pem alpn h2,http/1.1
http-response set-header alt-svc "h3=\":443\";ma=900;"

But what do I need to put in haproxy.cfg to to indicate to HAProxy that the backend server supports HTTP/3 and it should use QUIC protocol to connec ...

I am trying to install different applications (odoo, apache) on oracle instance, Apache is working perfectly on port 80, while odoo is not working neither on the default port (8069) nor on other ports (tried port 80 after stopping apache service)

I have opened both ports in the Ingress rules in oracle, and flushed all rules on iptable (iptable -F)

I always made sure that the services for the applica ...

On an Ubuntu machine, I need to forward TCP port 443 to a remote machine port 443 through a socks5 proxy running on 127.0.0.1:10808

I need to accept other machines requests on forwarded port 443.

Is there any decent solution?

running nginx-proxy as a container for several years now. Perfect smooth, no problems. Docker-compose.yml I am using for that:

    services:
  nginx-proxy:
    image: jwilder/nginx-proxy:alpine
    container_name: nginx-proxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx-certs:/etc/nginx/certs:ro
       ...

I am installing latest minio on ubuntu 18.04 following the minio installation instruction from here.

after the installation, try to run it with sudo systemctl start minio.service

but it didn't work with message.

...skipping...
● minio.service - MinIO
   Loaded: loaded (/etc/systemd/system/minio.service; disabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2022-12-08 17:03:4 ...

I have migrated to another server many times but never had this problem. None of the possible solutions work and utf-8 characters appear incorrectly in PHP-FPM.

What I tried:

ALTER DATABASE database2 CHARACTER SET utf8;

Edited my.conf file and added lines:

[mysqld]
collation-server = utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server = utf8

Tried to change charsets for the database, table ...

I performed an OWASP ZAP on my website and it raised a proxy disclosure alert amongst other things.

Proxy Disclosure alert https://www.zaproxy.org/docs/alerts/40025/

OWASP description 1 proxy server(s) were detected or fingerprinted. This information helps a potential attacker to determine

• A list of targets for an attack against the application.

• Potential vulnerabilities on the proxy servers that ser ...

I try to configure bind9 as an authority server for several domains. Entries of some domains are CNAME of another domain.

/etc/bind/named.conf

options{
  dnssec-validation no;
  directory "/var/cache/bind";
  auth-nxdomain no;    # conform to RFC1035
  listen-on { any; };
  listen-on-v6 { any; };
  allow-update { none; };
  allow-recursion { none; };
  recursion no;
  notify yes;
  allow-transfer { n ...

I'm trying to migrate a site from a super ancient server (6 or 7 years old!), and it uses AuthFormProvider file to log the user in. This seems to work, apart from the fact it doesn't pass along REMOTE_USER into %ENV{} in my Perl script. The trimmed down is:

<VirtualHost 123.123.123.123:8443>

    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin [email protected]
    DocumentRoo ...

Some time back I created 2x VHDX files to attach later to Virtual Machines.

When I tried to add the disks today, I got an error stating the files are in use by another process.

I also cannot delete the files. Not from a remote session nor directly from the host.

I tried using handle tool to see where it may be stuck, also used Task Manager > Performance > Resource Monitor > CPU > Associat ...

I'm configuring an SFTP server and having some issues with logs ending up in different places, depending on a group membership. This is on RHEL 8 but the same issue exists on an old RHEL 6 machine. Most users are SFTP only and have no shell access, this is configured by membership in the ftpnoshell group. Some users have a shell and can ssh to the server as well.

Here's the operative part of /etc/ ...

I'm having issues with Windows Admin Center and the user interface doesn't really help troubleshooting them; thus I'd like to have a closer look at what WAC is actually doing with the servers it manages.

I know WAC uses WinRM and Remote PowerShell to manage systems; is there any way to get a full trace of the commands it sends and the answers and/or errors it receives back?

Is it possible to get a l ...

My jenkins installation on Debian was upgraded (using apt) - and now jenkins refuses to start. I can see the following in the log:

Exception in thread "main" java.lang.IllegalArgumentException:
     Unrecognized option: --ajp13Port=-1

My jenkins version is 2.381. Unfortunately, I now don't know which version was installed prior to this, but it definitely worked and no config changes have been made.

I have set up an Apache Server on an a VMWare hosted Linux Mint 21 Server, I have followed the instructions at this blog to run multiple PHP versions (7.4 and 8.1).

Apache is running fine and serving pages on localhost ok but the Virtual Servers just time out with "DNS_PROBE_FINISHED_NXDOMAIN". I'm stumped as to what I'm doing wrong.

Here is the config file for the PHP 7 version:-

<VirtualHost *: ...

Assume this artitecture

                             ................................................
                             .                                              .
                             .                                              .
                             .                                              .
                             .                                    ...

I want to share the following procedure that we did on lab (RHEL 7.2 machine) in order to increase The root file system (XFS filesystem) from 130G to 150G

Details from VM RHEL 7.2 machine are

df -h /
Filesystem                Size  Used Avail Use% Mounted on
/dev/mapper/VolumeG_lab-lv-ROOT 130G   18G  113G  14% /

lsblk
NAME               MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda                  8:0    0  ...

simple question:

10 4 * * * rm -rf ~/code/rehlds/build/ && ~/code/rehlds/build.sh --compiler=gcc --jobs=4 > /dev/null 2>&1

I checked an there is no /build folder which indicates that the build.sh did not execute.

crontab -e

10 4 * * * rm -rf ~/code/rehlds/build/ && ~/code/rehlds/build.sh --compiler=gcc --jobs=4 > /dev/null 2>&1

pgrep cron 658 1232359

so here I c ...