Latest Server related questions

I am trying to route my webpage based on url and not port.

My haproxy.cfg is like this :

    frontend website-in-2345

        bind *:80
        bind *:2345
        acl website-in-2345 dst_port 2345
        acl website-in-443 dst_port 443
        acl website-in-80 dst_port 80
        use_backend website-out-2345 if { path_beg /monitorpage/ }
        #use_backend website-out-2345 if website-in-2345
    ...

I want to redirect connections to localhost:5353 on my PC to remoteserver:53 (udp).

However, the connection to the remote server is restricted and must be made through a socks5 proxy.

So I have to redirect the connection through socks5 proxy.

I have heard that it can be done using ssh.
But I will be using a small server with few resources,
so I think I need a way to do it without using ssh.
(a lightwe ...

I run a hypervisor with multiple PCI devices that get passed into the hosted Virtual Machines.

I recently encountered an issue with one of the physical cards which caused it to stop responding, and this seems to have caused many parts of my system to hang, including shutdown / reboot commands.

Concern: To recover from this fault, I had to physically smother the machine by holding the power button. The  ...

A user is running a 3rd party program on a Windows11 VM on Azure. Because the program isn't a service, whenever the instance reboots (e.g. after a system update), user has to RDP into an instance and login, which causes the software to start. This is annoying, because it's important that it runs 24/7, or close.

Has to be Windows11, can't be Windows Server, because program relies on Docker Desktop ...

I had tftpf-hpa working on my Ubuntu server to send/receive images and configs from my Cisco devices.

Today it is not working. The service won't start, even if I try it manually. It does not tell me why it won't start. If I run the start-stop-daemon with strace I get a lot of output, but I cannot see what the problem is.

I tried switching to atftpd, but that core dumps when it tries to write a fi ...

The Goal: A VPN chain

I'm attempting to achieve a VPN chain. The first server is my own VPS, while the second one is from Mullvad VPN. I use my VPS for multiple purposes and I would like to only redirect the WireGuard traffic. All of the remaining traffic is not supposed to go through Mullvad.

Client to VPN Server 1

The connection between the client and my VPS already works. This is the WireGuard confi ...

the protocol http2 is not working and I cannot see exactly where the error is.

server { listen 80 ; listen [::]:443 ssl http2; listen 443 ssl http2; ... }

curl:

* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: XXXXXXXXXXXXXXXXXXX
*  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN),  ...

Ubuntu 22.04
Nginx/1.23.2
ModSecurity-nginx v1.0.3
CRS 3.3.2

I found out today that my server froze up because ModSecurity created tons of log files 10GB each and the server ran out of disk space. The Audit Log is set to "Relevant Only" to show Warning and Errors. I found there are just too many Warnings showing up.

After investigating, I am seeing that 99% of the vast majority of the warnings are all ...

I'm running centos 7 with mySQL 5.7.xxx. mysql -V shows Ver 14.14 Distrib 5.7.26-29, but mysqld -V shows Ver 5.7.11-4. systemctl status mysql and systemctl status mysqld both show the same running database. SELECT @@version in the client shows 5.7.11-4-log. The database acts like it is running the previous version (some differences in JSON functions, for instance).

Some background: when we started  ...

I appear to have a issue with my mappings in my NGINX configuration.

The first mapping handles UserID or Username.

The second mapping overrides the first mapping, and is forcing token in place of id or username. This second mapping should only handle two types of string hashes we use to authenticate.

Both mappings allow 2 types of parameters each.

First Mapping Expected

example.com/user/1/   *OR*   ...

I have a VirtualBox VM running Ubuntu 22.04 in Bridged mode. It has Rails 7.0.4 with Ruby 3.1 installed. It has a basic crud website on it at the moment. The VM can be accessed via SSH from a different Windows system. The VM, clearly, can also install software from the internet. However, when I attempt to access the aforementioned Rails site, Wireshark is showing the response as "Destination unreac ...

I have 2 MacOS computers on the same LAN: 192.168.1.201 and 192.168.1.202. The 3proxy config that looks like this:

socks

When I run it, I can see using lsof that it listens on all interfaces:

3proxy    64544   a1    4u  IPv4 0xeae00056baed30d3      0t0  TCP *:1080 (LISTEN)

And it works fine from localhost (both work):

curl -x socks5h://192.168.1.201:1080 ifconfig.co
curl -x socks5h://127.0.0.1:1 ...

I updated my Ubuntu server this morning from 20.04 to 22.04. Apache2, PHP, Mysql all got updated in the process. I have Cacti installed on this server to monitor a few of our switches and firewall. After the OS update, when I try to visit the Cacti site, Edge, Safari, Firefox, etc etc, all try to download a file called.. "download". It the index.php of the cacti directory.

Thinking PHP wasn't ins ...

I'm trying to create an Email Server Profile as described in this article:

https://learn.microsoft.com/en-us/previous-versions/dynamicscrm-2016/administering-dynamics-365/mt703269(v=crm.8)?redirectedfrom=MSDN

When I go to Settings --> There is no Email Configuration tab/icon, etc. showing in this area

What's missing? or is there some other configuration that needs to be changed to show it? I have b ...

I have setup proxmox mail gateway in front of exim with many domains. But only some domains in exim are enabled for mail gateway. But sometimes, those domains recieve spam mails bypassing mail gateway. Because spammers are directly deliverying mails to exim ip.

So I need to set a rule in exim-filter (I think), to accept mails from only mailgateway hostname and reject the rest. But must be able to ...

I have a remote BIND9 server with an IPv4 address that clients use for their DNS queries. This is mainly a forwarding server where most queries get forwarded to Google’s DNS servers. This works perfectly fine when the client making the request is on an IPv4 network. However, if the client is on an IPv6 network then my BIND9 server ignores the queries.

Is there anything I can do on the BIND9 ser ...

I want to have a default folder when the folder does not exist in the VirtualDocumentRoot, I have this code:

<VirtualHost *:80>
    ServerAlias *.development

    UseCanonicalName Off
    VirtualDocumentRoot /usr/local/apache2/sites/htdocs/subdomains/%1/public_html

    # Something like
    VirtualDocumentRootFallback /usr/local/apache2/sites/htdocs/subdomains/default/public_html

</VirtualHost&g ...

I cannot understand how systemd timers are supposed to behave when the host is suspended:

Here is a simple service: foo.service

[Unit]
Description=Test timer

[Service]
Type=simple
ExecStart=echo "TEST TIMER"

And the corresponding timer: foo.timer

[Unit]
Description=Run foo every day

[Timer]
OnCalendar=Mon..Sun 17:47:00

If I start the timer, suspend the host with systemctl suspend a few seconds bef ...

I need to redirect a search url.

wrong url https://casadeaustin.pe/advanced-search/?check_in=2022%2F12%2F14&check_out=2022-12-15&wpestate_regular_search_nonce=5163c60432&_wp_http_referer=%2F&submit=Search

Correct url (I need to replace the "%2F" with "-" in the url) https://casadeaustin.pe/advanced-search/?check_in=2022-12-14&check_out=2022-12-15&wpestate_regular_search_nonce ...

Sorry if this question is answered. It my first time using Docker in web dev. Im setting up Nginx - PHP - MariaDB for my projects . And get stuck when my Nginx show 404 error when everytime i access to php file

docker-compose.yml

version: '3'
# Nginx
services: 
  web:
    image: nginx:latest
    restart: "always"
    volumes:  
      - ./web.conf:/etc/nginx/conf.d/default.conf
      # Index
      - / ...

The pkg and port listed for Jackett on FreeBSD is Version v0.20.989 however, the most up to date version is v0.20.2189. This version difference is causing some of my trackers to fail and will not consistently work. Is there any way to manually update this to the latest version even if pkg does not have the latest version?

I'm trying to grab some information from the output of a playbook and save in a file for review. tor.j2 is just a list of expected lines in the config: logging , ntp, spanning-tree, etc.

 tasks:
 - name: Check the config 
     nxos_config:
       src: ./tor.j2
       defaults: true
     check_mode: yes

After running the code with a -vvv verbosity the last item in there is the differences: "updat ...

I am using selenium standalone chrome image to run selenium automation scripts on a docker container. All the websites I am trying to automate have the option to sign in using google. But in order to do that I will need to be logged in to chrome session created by selenium. The brute force way to do that would be to enter my email address and password for my google account and disable 2FA. But I don't wan ...

I've set up an OpenVPN gateway that provides access to a large cloud of IoT devices. Each device has a unique certificate, and upon connection, I grab the "common name" from the cert to make a local DNS name, and publish that via dnsmasq. And for a while, it looks great.

   default via 10.6.64.1 dev ens5 proto dhcp src 10.6.64.15 metric 100
   10.6.0.0/18 dev tun0 proto kernel scope link src 10 ...

I've tried multiple solutions to proxy arbitrary URLs through NGINX. By that, I mean requesting http://myhost/proxy/http://someurl.com?whatever=foo and getting http://someurl.com?whatever=foo served. I need this to add CORS headers to the response. One solution I've tried is this, the other one I found in this answer, and both return a 404 instead of the content I need proxied.

Here is my (standar ...

I have configured SSSD with AD as ID and Auth providers. I am not caching credentials, so I expect connections to AD for authentication when I ssh to the host, but I do not see any. The user account is created:

# sssctl user-checks ams
user: ams
action: acct
service: system-auth

SSSD nss user lookup result:
 - user name: ams
 - user id: 1000
 - group id: 1000
 - gecos: Aaron Stromas
 - home direct ...

Common hypervisors (Proxmox, Vmware, KVM..) do not prevent the sum of allocated virtual resources (such as vCPU) to exceed the number of physical ones, even if some of them (OpenStack) do limit the overcommittment ratio (virtual_resources/physical_resources) to a configurable value.

I'm confused about this paragraph from this article

XenServer previously allowed overcommitting vCPUs. However, thi ...

I kind of new to Linux/Centos world, is there any way to set the permissions on all the files and folders within a directory. I know chmod 777 will set permissions on the directory, but if it already has contents, I need to know how to set that too. In windows, you propagate the permission down, must be a way to do that in Linux. Thanks.

Background

I currently run an ecommerce platform and at this moment in time when setting up a new domain the automated script runs. It starts by verifying the DNS records, generates an Nginx config file, then generates the SSL certificate using LetsEncrypt.

However this seems quite long-winded and not very efficient because if I need to make a change (like upgrading to a newer version of php) I then ha ...

I am trying to create Zabbix items using Ansible and Zabbix API. The problem is that preprocessing params must have a newline between them, that cannot be in a valid JSON value.

The JSON I tried first is as follows:

{                                                                                                                                                                                             ...