Latest Server related questions

I would like to implement automated deployment for software updates. Any CLI command I can use to automate the task?

1. Revert to clean snapshot
2. Save current

Why does htop show two instances of my GUI app TradeClient?

while I started only one instance?

System: Ubuntu 22.04 VPS with X11 (I connect with VNC)

What is its CPU usage?

EDIT1

htop -t

EDIT2

without gdb:

I'm trying to set tolerations values in Terraform Helm for the occm chart in the following way:

set {
  name = "tolerations"
  value = yamlencode([
    {
      key    = "node.kubernetes.io/test"
      value  = "true"
      effect = "NoSchedule"
    }
  ])
}

And it fails with the following error:

... invalid type for io.k8s.api.core.v1.PodSpec.tolerations: got "string", expected "array"

I tried also wi ...

I'm not sure if the GracefulNodeShutdown feature gate is enabled in EKS 1.27.

I know that for regular vanilla Kubernetes 1.27 is set to true by default GracefulNodeShutdown since 1.21.

But I can't find in the AWS documentation what feature gates are enabled in which EKS versions.

I have a K8s cluster running across 2 VM hosts, with the 6 k8s nodes and 3 masters split across both. We recently had an issue where one of the servers went down leaving me with only one master and 3 nodes. All my services are still running but I can't access the API. Looking at the remaining master the kube API server container does not come up as it seems it's unable to register itself.

Api Ser ...

I'm running 2 node cluster with DRBD (active/passive) managed by the drbd systemd service and a small script that mounts volumes whenever a resource becomes primary.

I want to configure the DRBD in such a way that it will always resolve any split brain and always have at least one node which is primary and able to serve in any case as long as not both machines are down.

I tried the following configu ...

I have a log file log.log that is created by the application, I want to have any new line added to this file continuously being added to another log file historical_log.log. How can I do that? I am using RHL7 at the moment.

Thank you

My goal is to let the master server still be able to process write request while standby is in failure. I have noticed synchronous_commit = can be manually set to off and then reload the primary server.

Other configuration includes repmgr.conf for repmgr: use_replication_slots=yes

Therefore the standby server created by repmgr request the primary server to reserve wal-logs for it while it is in failur ...

My Ubuntu got broken because UUID isn't correct, and I try all the ways but not fix it, so I decided to reinstall Ubuntu again. However, I need the old files in Ubuntu, is there any way for me to copy it without booting Ubuntu, namely, can I copy my files from initramfs? Thanks!

I have an Ansible playbook with roles that I want to execute from Terraform.

site.yaml

---

- hosts: cluster
  gather_facts: yes
  become: yes
  roles:
    - role: prereq

roles/prereq/tasks/main.yml contains the tasks.

With Ansible, first I create the inventory:

inventory/hosts

[bastion]
192.168.2.1

[node]
192.168.2.2
192.168.2.3

[cluster:children]
node

[cluster:vars]
ansible_ssh_common_args='- ...

Using apache2 on Ubuntu server 22.04.

0-default.conf

<VirtualHost *:80>
    //ServerName and ServerAlias undefined
</VirtualHost>

0-default-ssl.conf

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        //ServerName and ServerAlias undefined
    
        Redirect permanent / "http://my_ip_address/"
    
        SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
        S ...

I want to host both an ordinary unrestricted Wi-Fi network and a more restricted guest Wi-Fi network on the same OpenWrt router. The problem is that my ISP only delegates one /64 subnet to me. Obviously the ideal solution would be to switch to an ISP that delegates a /56 to each customer to allow up to 256 publicly addressable VLANs within the customer's network. Alas, I can't change ISPs or convince mi ...

This is my box: Linux mediacenter 5.15.122-1-MANJARO #1 SMP PREEMPT Tue Jul 25 07:09:46 UTC 2023 x86_64 GNU/Linux

I am trying to follow https://wiki.archlinux.org/title/Wake-on-LAN

But I am failing to make the changes persistent.

I have tried the link solution, the systemd, and the udev rule one. Every time I reboot things look like:

sudo ethtool enp1s0 | grep Wake-on
    Supports Wake-on: pumbg
    Wak ...

A few days ago I connected to an open Wi-Fi network "NETGEAR" the problem was that someone entered my Google account and configured it by making it public. I want to infect the server either from email or my account and expose the data of anyone who connects to it or my account.

I am planning to have a postfix smtp relay that will send emails to an O365 tenant.

Is this possible through port 25 without using SASL?

It seems i somehow have two installations of Nginx on a server, Nginx Amplify reports two installations (see screenshot), one of them not sending updates of course, and occasionally when restarting Nginx it fails complaining ports 80 and 443 are already in use which i am guessing is the other installation starting to run somehow, at this point the only way i know how to solve it is restarting the server ...

Working on a variation on the Windows 11 WiFi issues.

We have Group Policy and a CA server issuing certificates to users and computers. Windows 10 machines I can automatically join the secured WiFi network with no problem.

Windows 11 machines display "Can't connect to this network" message and an accompanying log entry on the NPS RADIUS server that claims that "Reason: The certificate chain was issu ...

so I have wireguard setup on my linux server and im trying to connect to it on my windows machine. Here is the config i am using to connect to it on my windows machine.

[Interface]
PrivateKey = hidden
Address = 10.66.66.2/32,fd42:42:42::2/128
DNS = 1.1.1.1,1.0.0.1

[Peer]
PublicKey = hidden
PresharedKey = hidden
Endpoint = 149.102.148.225:64071
AllowedIPs = 0.0.0.0/0,::/0

When i press activate on my w ...

We have an on-prem Xeon server running Ubuntu LTS that is shared across few developers. Each developer logs in with his on user and run various workloads on it. The problem we experience is when sometime runs a CPU or storage extensive workload, the other users can't actually work on the machine, the shell becomes non-responsive.

We tried to ask the user to limit their CPU utilization when buildi ...

acl servers src 10.10.11.0/23
http_access allow servers
...    
http_access deny all

Now i change /23 to /24 and my client on 10.10.11.130 gets Forbidden 403
I have tried 10.10.11.130/32 aswell

Theres nothing other named "servers" or something like this in the config.

What am i doing wron ...

I'm having an issue at some coffee shops that use comcast wifi. These shop only allow ipv6 and it's causing websites to not load with the error ERR_ADDRESS_UNREACHABLE. Some websites work (google.com, gmail.com, etc.) and others fail (BBC.com, reddit.com, etc.)

Let's focus on BBC.com

I can get the IP address

C:\Users\uname>nslookup bbc.com
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Non-au ...

I have cuckoo running on Debian 10 with an Ubuntu guest VM. I submit a file for analysis, it runs and says "reported" but the report loads a 404 page. I see the following on the cuckoo server:

Traceback (most recent call last):
  File "/home/cuckoo/venv/local/lib/python2.7/site-packages/cuckoo/core/scheduler.py", line 755, in run
    self.launch_analysis()
  File "/home/cuckoo/venv/local/lib/python ...

-1

I am taking a Coursera class for CKA Prep and as part of that we are provisioning an instance of a node on Amazon EC2, installing the container runtime (which is containerd in this case) and now I am at the step where I need to install kubeadmn and kubectl. When I run this command:

sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

I get this:

Error: Package: kubeadm-1.28.1-15050 ...

I have a GPO that gives my Win10 workstations two scheduled tasks.

Task one runs C:\Program Files\Windows Defender\MpCmdRun.exe -removedefinitions -dynamicsignatures

Task two runs C:\Program Files\Windows Defender\MpCmdRun.exe -SignatureUpdate

Both are run with SYSTEM with Highest Privliges and whether the user is logged in or not:

Workstations successfully get both tasks from this GPO. Task 1 runs a ...

Using fresh Debian 11.7 installation I’m trying to setup RSpamd using configwizard, but in the last step of building the private key I got the following error:

Do you want to create privkey /var/lib/rspamd/dkim/domain.tld.2023.key[Y/n]: y call to rspamadm lua script failed (2): /usr/share/rspamd/lualib/rspamadm//configwizard.lua:382: attempt to call field 'generate_keypair' (a nil value); trace ...

Checked SMB Service Status: Ensured that the Server service (LanmanServer) was running on the server where you're experiencing the issue. You can check this by opening the Services management console (services.msc) and verifying that the Server service is set to "Automatic" startup and is currently running.

Windows Firewall Configuration: Turned off in group policy management

Anti-Virus or Security  ...

most file server systems like TrueNAS or Proxmox, when using their software raid, will cache files in system memory to increase performance. also, they will use as much ram as available. this has obvious performance gains. windows server, i think, will do the same thing when using their storage spaces setup.

my question is, is it possible to have windows server do the same thing when it is being  ...

I have a very specific use case in which I need to cache EVERYTHING. Including 302s. I know it's technically against the HTTP RFC, but I know those redirects will always be the same and I need them to never be retransmitted more than once.

Is there any way to make squid cache 302 responses?

I've been tasked with setting up an old application on a RHEL 7 server. It has an Angular front-end (I'm unsure of the version, but it's old) with a PHP backend. However, in the browser console I can see the Angular files such as angular.min.js and angular-route.min.js all return an error on line 1, column one: "Unexpected token", referring to the <!DOCTYPE html> directive. Then the last me ...

Our original problem

Last year we had a problem where a rogue piece of software on one server spammed our central Graylog Server with so many messages that it caused problems for other applications.

The main problem was older useful messages from other applications being purged earlier than normal, with the index filled up with the useless messages from the rogue application.

My suggested fix was to  ...