Latest Server related questions

My Debian 12 Bookworm VPS was running firewalld 1.3.0-1 without problems. Due to unrelated issues, I had to rebuild the server, and now firewalld fails.

I use ansible, so the configuration should be identical to before. Maybe some apt dependencies have changed in the interim.

To troubleshoot more easily, here is a reproduction:

• I created a brand new VPS with my hosting company; debian 12
• I logged in  ...

I'm in a strange scenario where I have a server with NodeJS backend and ReactJS frontend that does record keeping where the customer wants to use user certificates to ID who visits this internal site. The problem is they have a very large network, with convoluted PKI, and the public cert I have been given to assign to the site doesn't necessarily match all the clients that could visit it.

I have  ...

Sorry to repeat a question that has been asked a dozen times before, but I have read each and every answer to those questions without being able to solve my problem.

I am trying to setup an nginx docker container as a reverse proxy to be able to access resources on a local network through an easy to remember domain name, as well as provide SSL encryption.

The domain name is amars.no, a domain that I ...

I have an Ubuntu VM hosted in HyperV server and a pair of usb enclosures (one SSD, one spinning metal) successfully passed through as SCSI hard drives in my Linux VM.

Issue: whenever booting the VM, partitions aren’t mountable. They aren’t shown when running lsblk. When I open the devices in fdisk, and then press ‘w’ to write the table, the drives then appear in lsblk, and become mountabl ...

I have set up OpenStack with Kolla-Ansible Zed. However, I noticed that there is no enable_plugin option in the /etc/kolla/global.yml file. Now, I am trying to install FWaaS (Firewall-as-a-Service) following the instructions provided in this OpenStack's Firewall-as-a-Service (FWaaS) v2 scenario documentation.

The documentation states, On Ubuntu and CentOS, modify the [fwaas] section in the /etc/ne ...

This is a question about MariaDB (mostly) and a replication that I am considering.

For this replication, the Primary database is updated every minute by a process which can take about 15 seconds to complete, each time. During these 15 seconds, the Primary database may not be completely consistent on each tables.

I want to set a Replica for this database on another server. On the Replica server, I ex ...

I have a working postfix mail server. It is registered under two DNS names: mail.xxxx.de and xxxx.no-ip.org. I use SASL via dovecot for relay authorisation. It works flawless when the client uses the latter name to access the mail server. However, it fails when the first is used.

Aug 06 14:53:37 mail postfix/smtpd[73670]: NOQUEUE: reject: RCPT from unknown[xx.xx.xx.xx]: 554 5.7.1 [email protected]: Relay access ...

I installed a mail server with Postfix and Dovecot on Debian. I can send emails without worries to Outlook, Yahoo, ...BUT I can't receive emails from outside.

I use my internet box (free) as a router. I redirected flows comes on 993, 143, 25 and 587.

I use NOIP as DNS. I added the records needed for the MX part.

yacine@mezianeyacine:~$ nslookup -type=mx mezianeyacine.sytes.net
Server:         192.168.1.2 ...

My domain has 2 DC's and when I run dciag on one I get this error:

Starting test: SystemLog
         An error event occurred.  EventID: 0x00002716
            Time Generated: 08/06/2023   08:05:37
            Event String:
            DCOM got error "2147944122" from the computer domctl.MYDOMAIN.COM when attempting to activate the server:
         An error event occurred.  EventID: 0x00002716
      ...

I'm newbie about NGINX, I'm trying to put two services inside the same Docker Container. Every services has his domain.

I found this answer that solve my problem but there is another problem that I'm not be able to solve.

If I use the default.conf below, both services works fine:

server {
    listen 80;
    listen [::]:80;
    #server_name  domain.me www.domain.me;
    server_name  127.0.0.1; # FOR S ...

Steps to reproduce this issue:

1. Glassfish domain called domain1 goes down.

2. Now, start that domain again.

Assume there are multiple domains, around 8 of them And different servers have varying amount of domains. Also there are some domains that either are named "backup" or named with "*_bak" should not be started. Also the domains that have numbers in it should be avoided to start. Also the domains that ...

I have Windows Server 2019. By default, hibernation is disabled. To enable it i tried:

powercfg -h on, powercfg -h -size 75%, and powercfg -h -size on.

Nothing worked. I Also tried to edit the registry:
HKLM\SYSTEM\CurrentControlSet\Control\Power

by setting HibernateEnabled to type REG_DWORD and a value of 0. That didn't enable hibernation. the command powercfg \a gives the following result:

The fo ...

I have a master backup system that rsync's with windows servers and does incremental backups with the --link-dest flag. Works great. Each day it looks at the previous day and only backs up what changes with hard links.

I have spun up another server that on a weekly basis I want to replicate off these backups and then take offline. My first attempt at just doing a basic rsync yielded a full array  ...

I have Debian 12 box on Hetzner running Cowmail and Nginx. Cowmail runs under mail.mydomain.com subdomain (mydomain.com is placeholder) on ports 8069 and 44369.

What I am trying to do is:

1. Serve static html when visiting mydomain.com (served by nginx).
2. Redirect ports 443, 80 to 44369, 8069 respectively when vising mail subdomain.

Currently when I try to vising mydomain.com it still redirects ports.

I (want to) have a Google Cloud server running a Gunicorn server, however it refuses to bind to port 80, despite it being free.

Here's the command I'm using to start it:

gunicorn -w 4 -b 0.0.0.0:80 app:app

But I get the following error:

[2023-08-05 22:52:35 +0000] [8093] [INFO] Starting gunicorn 21.2.0
[2023-08-05 22:52:35 +0000] [8093] [ERROR] Retrying in 1 second.
[2023-08-05 22:52:36 +0000] [8093 ...

I have installed btrbk and I would like hourly snapshots to be taken. However, only daily snapshots are done. I wonder what goes wrong.

Pleas help me out.

Environment: OS: Ubuntu 23.04 64bit / Linux 6.2.0-26-generic btrbk version: 0.32.5

$ cat /etc/btrbk/btrbk.conf
transaction_log            /var/log/btrbk.log
timestamp_format           long

snapshot_dir               _btrbk_snapshots
snapshot_create    ...

I have asked this question on SuperUser but the only response was from someone who I was unable to understand

I have a WireGuard VPN Server running on a Debian 12 host with no problems, listening on a specific UDP port, and all is working great with no issues. I can connect from my phone WireGuard client while on 5G etc and all works as intended.

However I want to temporarily allow somebody access  ...

Can Apache reverse proxy with HTTPS pages?

                       client
                          |
                  Apache reverse proxy
                  https://example.com
                  https://example.net 
                  https://example.org
                      192.0.2.1
                          |
         -----------------------------------------
         |                |         ...

Cannot configure replication delay. I have 2 domain controllers (DC1 and DC2, Windows Server 2019), both in the same site. I set the replication delay time in the Server Manager snap-in "AD Sites and Services" on DC2, but this setting does not help, yet controllers instantly exchange information about adding new users. I can’t figure out why this is happening. Please tell me what I’m doing wrong.

we want to use AppArmor for pod and container security. we have Kyverno and it's possible to add some capabilities using that. I want to know if it is possible to replace AppArmor with Kyverno for our needs in kubernetes? I mean is it possible to create policies to add or remove any capabilities from containers?

My process uses more memory when executed on Ubuntu 22.04 than when executed on Oracle Linux 8. Is it something to do with the operating system or with the compiled program?

Details:

The process I am running is the one you get when you download Minecraft (Bedrock Edition) from the Minecraft website. In the file downloaded, it's called bedrock_server, and you're instructed to run it with the command

I have the following config:

error_page 502 =200 @proxy_down;
error_page 503 @maintenance;

location / {
    proxy_pass http://proxy;
    proxy_redirect off;
}

location @proxy_down {
    root /path/to/folder/;
    try_files $uri =503;
}

location @maintenance {
    root /path/to/another/folder/;
    try_files /maintenance.html =503;
}

What I want to accomplish: normally I pass all requests to my reve ...

I'm having this strange issue. I have a local network running a server with my gitlab instance and some webpages. The configuration of my reverse proxy is following:

server {
   server_name my.website.com;
   location / {
proxy_pass http://127.0.0.1:8086;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

listen ...

I have issues running sshd on a new windows 11 install. Get-service shows both sshd and ssh-agent running. Defender firewall is turned off. I generated keys with: ssh-keygen -t rsa -b 4096.

The error is:

kex_exchange_identification: Connection closed by remote host Connection closed by 127.0.0.1 port 22

Isn't something badly screwed up if an ssh to localhost fails? -vvv output follows.

OpenSSH_for ...

I have googled and tried all the solutions I can find to this. An admin somehow broke yum trying to install an mssql package by adding the repo, then tried different way to fix, as did I. I deleted all repos and need to start over. Different Stack solutions have suggested trying

rpm -Uvh --force http://mirror.centos.org/centos-7/7/os/x86_64/Packages/centos-release-7.3.10.1160.88.1.el7.centos.x ...

So I've been pulling my hair out for the last 24 hours to sort this out.

Long-story-short, my home internet runs over a 4G Mobile network, so this means I cannot Port Forward through my main Router. I have a few services internaly that I want to make available like a HTTP Server, RD Gateway, etc.. All kinds of stuff.

Diagram Ultimately, my end goal is to utilize a VPS I have in the cloud to forward por ...

I have a workstation connected to a domain. A user logs on the machine with low privileges (currently running a local user in Kiosk mode). Due to the nature of the application this user has access to, it is necessary for the user to auto logon when the machine is turned on and for the screensaver not to appear or lockout the user after a set period of inactivity. However, there may be times when i need  ...

I'm about to replace a single SSD in a 4 SSD RAID 1 & RAID10 system. My webhoster will only do the drive replacement, but not help with adding it back to the array after. I've not done this before, so I'm researching and making a plan to execute after the drive is replaced.

There seem to be 3 arrays in the system, md0 (raid 1), md1 (raid 1) and md2 (raid 10)

[root@w1 ~]# cat /proc/mdstat
Personali ...

I am having trouble understanding why iptables is blocking my loopback interface traffic.

Here is the scenario:

1. I set the default policy of the INPUT chain to DROP.
2. I allow traffic to port 8080.
3. My filter tables look like this (NAT and MANGLE tables are empty):

#Make the default policy of the INPUT chain DROP
root@debian10:~#iptables -P INPUT DROP

#Allow traffic to port 8080
root@debian10:~#iptables -A ...

I want to ask what web interface could be used for isc dhcp server on Ubuntu 22.04 server. I want to create dhcp server on ubuntu, I installed and configured isc dhcp but now i want to manage it from web ui(see statistics, clients, etc.). I found only this UI https://github.com/Akkadius/glass-isc-dhcp/. It looks like it is not maintained anymore(last commit 4 years ago) and have a lot of vulnerabilites. ...