Latest Server related questions

I have two DB servers and backup which is configured by pg_basebackup. You can see whole command below.

pg_basebackup -h $PGHOST -p $PGPORT -U $PGUSER -w -D $backup_dir/psql_base_backup_$(date +"%d-%m-%y") -l "$(date)" -F tar -z -R -P &>> $backup_dir/status.log

Below you can see my prod DB which I want to backup:

postgres=# \c sks-api
You are now connected to database "sks-api" as user  ...

i got a remote mysql database connection to work on my on ubuntu 22.04. I see on the website that i setup that data gets into the database as users are active in the website but when i check phpmyadmin the values in the database wont change, it's like it's frozen in time with the same values in the tables and rows that wont update in phpmyadmin itself.

I have had the website run for an hour now a ...

I configured nginx 1.18 to push an image with the preload.

This i the nginx configuration
        location / {
             proxy_pass http://miosito;

             proxy_http_version 1.1;
             proxy_set_header Connection "";
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

             http2_push_preload on;
   ...

I'm trying to setup squid proxy in a kubernetes environment as a caching server with 3 replicas. I wanted to know whether all three replicas can share the same disk storage, or I'll have to assign separate storage to each. Currently all three of them have this in the config:

cache_dir ufs /var/spool/squid 100 16 256

All three replica mount the same volume, so /var/spool/squid/ is shared among the thre ...

Scenario:

1. I have my computer [C] at home which has public ipv6 address but only private ipv4 address.

2. My mobile phone [P] has ipv6 address and can visit ipv6 sites.

3. Now I'm running an ipv4 only VPN on [C] and I want to connect [P] with [C] through ipv6 tunnel so that [P] can visit ipv4 resources through VPN on [C].

the network layout would be [P]---(ipv6)---[C~~~VPN(ipv4 only)]---(ipv4)---[Remote]. ...

I often need to compress archives in Linux. is there a simpler way instead of always building such complicated commands?

tar zcvf /tmp/mybackup.tar.gz /home/important

I have 2 HA Proxy servers with Keepalived configured with them, and have 2 backend servers to which traffic is routed by HA Proxy, am writing a shell script that will sync a directory between backend servers based on which server is currently set as active using osync (I dont want activity status about the HA Proxy servers but the backend servers) (HA is configured as Active-Passive, switches to availab ...

I am running Hyper-V on a physical Windows 2019 server with a dual NIC. NIC #1 is connected to my office network, which is in turn, is connected to the internet. NIC #2 is connected to a separate physical desktop switch that has other physical PCs connected to it.

On the Hyper-V Server I am running a single VM which will act as DHCP, DNS and a Web Server for the Test Network. We are running multi ...

I have a backend application behind an nginx ingress controller in a GKE cluster and I want to whitelist a certain IP only to access it. I added to the associated ingress this annotation:

nginx.ingress.kubernetes.io/whitelist-source-range: "my-ip/32"

I also have the externalTrafficPolicy set to Local in the ingress controller service.

The issue is that when I hit my application it always return

Summary: Verifying installation of Placement API with OpenStack Zed under Debian 11 Bullseye gives error msg "Unable to establish connection", errno 111.

Details:

I'm new to OpenStack.

I have used these guides:

OpenStack Installation Guide documentation https://docs.openstack.org/install-guide/

Installation — openstack-placement 8.0.0.0rc2.dev2 documentation https://docs.openstack.org/placement/z ...

I have set up a DNS Server within my company's LAN.

Local nameservers works correctly, however those outside such as google.com are not resolved...

By running dig google.it I get this result:

; <<>> DiG 9.10.6 <<>> google.it ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 5354 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHOR ...

iptables can limit connections per ip at the same time with the --connlimit command .
but I want to know is there a way to limit connected IPs at the same time?
for example, if you limit connections to 30, then multiple IPs can connect to port, but any IP can create max 30 connections, but I want to create a rule that limits IPs, not every IP connections. for example, I want to set a rule that only 2 ...

I got a big ipset and I want to capture networking packages related/not-related to these IPs.

Is there a way to capture packages by using tcpdump with ipset as param?

We have a number of computers based on the old HP ProLiant Gen1 blades, and we are going to get rid of that. It is impossible to reinstall the software which is licensed and support requirement are quite tough, we decided to virtualize is's system as is. We know that software will still work; it's Oracle based, and in particular we support the life of this system by moving hard disks into another simila ...

Does the official alpine docker image bundle OpenSSL.

I created a new container locally and I can't find the openssl command.

Is there an official doco with everything that's installed by default? I couldn't find it on the alpine website?

I need to set address of my proxy(squid server) and related port to get traffic from FreeBSD or Linux in my browser box.
I have Internet in my squid box.
How do I configure my squid server?

Attempting to manually test creating an exact backup for a GCS bucket via Data Transfer Service in the GCP browser UI and getting error...

Couldn't read source object ACLs. Source bucket must not have storage.uniformBucketLevelAccess enabled and the service account must have storage.objects.getIAMPolicy on the source object.

Yet, my source bucket does not have uniform Access Control and I do have

I am using idrac9 virtualconsole (PowerEdge R440) with ubuntu 20.04 with kernel 5.4.0-65. The issue is, virtualconsole doesn't respond(across reboots) to keystrokes from virtual keyboard as well local keystrokes(my laptop) when the server is rebooted. If its rebooted couple of times the keyboard starts working again and if power cycled again the virtual console stops receiving keystrokes. I have tried l ...

I have a server running Debian 11. I installed Docker and have several containers running successfully. I also like the option of being able to spin up libvirt/qEMU VMs via Cockpit. (FWIW, I also have OpenVPN running on the host.)

I created a bridged interface with my NIC being a slave, and my VM is attached to the bridge. So my VM has a LAN IP address, which is pretty cool. The problem is that whi ...

I have a server using OS centos-7, but sometimes my server got slow with some processes. I want to check which service or process makes the system slow. how to check the percentage of CPU, ram, or disk consumption that make the server slow. So please help me to find open source tools which can store and analyze log with long term.

Thanks!!

from the new system engineer.

Many user client use TLS certificates in ccd, but how to ensure generated certificates is unique. Suppose I know your ccd name, I might generate a new certificate under your name. How to avoid this situation?

I am trying to automatically set the root password to random characters via bash script. The script is part of a Vagrant shell provisioner. If the script runs the password change only, I am able to login to the instance just fine. I can then reboot the instance. After the reboot, I am still able to login using that same password as root.

However, if I include a reboot at the very end of the shell ...

Trying to troubleshoot a customer. We have a service running on their AD domain controller. The service rotates passwords for certain accounts defined by customer at a predetermined timeout. The service works on every customer site so far.

However, new potential customer, it does not work.

The service is in .NET and calls UserPrincipal.SetPassword() with a new password. That call throws an E_ACCE ...

It seems the default modus operandi of OpenStack instances is to have then assigned a private IP via DHCP and associate a floating IP with that instance/private IP, when the instance shall be reachable via the internet.

OpenStack then seems to do NAT between those two.

Now that should be a showstopper for every service (running inside the instance) which needs to know its own global IP because it se ...

Consider the diagram on attached pic, which shows a typical DMZ Web server configuration. How can this architecture be upgraded by appropriately adding a VPN (Virtual Private Network) for dedicated users?

Pic showing: Typical DMZ Web Server Configuration enter image description here

I've got a Docker swarm hosted on Windows Server 2022. I've created a credentialspec file since I need the service to use a gMSA. I've also defined a compose file to launch my service:

version: '3.8'

services:
  agent:
    image: privaterepo.local/devops-agent-win-generic:latest
    hostname: '${AZPOOL}_Generic-{{.Task.Slot}}'
    user: "NT AUTHORITY\\NETWORK SERVICE"
    security_opt: 
      - "cred ...

I run a Jenkins server on Linux that has a number of agents connected to it, some Linux and some Windows. All the jobs on the controller are managed using the Jenkins DSL.

At the moment I have an overarching Jenkins job ("parent job") that simply calls a number of other downstream jobs in a particular order.

The point of these jobs is handling patch management for some Windows Jenkins on-demand agen ...

We're building a SaSS platform with support for integrations. Each client has multiple integrations. We'd prefer not to store these integration tokens in a centralized location, where there's a single point of access to all tokens for all clients.

Our current approach is to run separate servers for each client, with separate hosting accounts. This means in order to access all N clients accounts y ...

I state I'm not an expert I'm learning; said this.....

i can't configure nginx on host to pass requests in tomcat container;

So I installed:

1. tomcat in the container accessible (example ip) from internet 139.25.4.25:8080 and the example tomcat page is displayed
2. nginx 139.25.4.25:80 and the sample nginx page is displayed

"tomcat and nginx are on the same machine with the only difference that tomcat is ins ...

This is the configuration of default.conf:

server {
#listen 80 default_server;
listen [::]:80 default_server ipv6only=off;

server_name localhost;

deny all; # DO NOT REMOVE OR CHANGE THIS LINE - Used when Engintron is disabled to block Nginx from becoming an open proxy

# Set the port for HTTP proxying
set $PROXY_TO_PORT 80;

include common_http.conf;

location = /nginx_status {
    stub_status;
  ...