Latest Server related questions

Score: 2
Krystian avatar
How to create .env multiline variable
id flag

The title may be a bit confusing, so a little explanation. I need to configure an application by passing a PKCS1 PEM encoded key using environment variable. The App is configured using a .env file

Locally I just export MY_ENV_VAR=$(cat my_key.pem), but on the server, it needs to be inside the .env file and needs to contain the value, not a command.

I've tried

echo MY_ENV_VAR=`awk 'NF {sub(/\n/, ""); print ...
Score: 0
Jeff Lawlor avatar
Unable to Write to Log Analytics Custom Table Using Data Collector API
cl flag

We're using a custom table in Log Analytics for application error logging. The setup is: Serilog -> Azure Analytics Sink -> Data Collector API (used in sink) -> Log Analytics Workspace -> Custom Table. There seems to be a secret I'm missing in setting up the custom tables. I have two tables working beautifully. We're not seeing entries in all subsequent tables we've created, even though th ...

Score: 0
ninjab3s avatar
Planning nodegroups for Gitlab with EKS cluster
in flag

I am in the process of building an infrastructure for my gitlab instance using AWS EKS. I have already created an EKS cluster, added a managed node group and installed the gitlab-runner in the cluster. In this node group I can now run my pipelines as usual. In my gitlab instance, I have several projects that each have an MR pipeline. In addition, I run another pipeline overnight in each project. These p ...

Score: 0
Sacha Yunusic avatar
How can I translate my old rsyslog rules?
ba flag

I had this rule in previous rsyslog versions:

if $fromhost-ip == 'xxx.yyy.zzz.www' then /var/log/name_of_the_server.log
& stop

And I translate it as:

template (name="dinamico" type="string" string="/var/log/%HOSTNAME%.log")
if $inputname == 'imudp' then { action(type="omfile" dynaFile="dinamico") stop }

And works like a charm... but if I want to translate this old rule:

if $fromhost-ip == ' ...
Score: 1
Sabre avatar
Still having DNS forwarding issue
cn flag

I asked this question a while back and it got bumped to chat because a lot of subjective opinions.

Original message here for reference: https://chat.stackexchange.com/rooms/139176/discussion-on-question-by-sabre-dns-forwarding-issue

And I found a seemingly similar issue, unanswered as well. Conditional Forwarding intermittent failures

So I figured I would try to consolidate it to basic information  ...

Score: 0
nicolasassi avatar
Can a server certificate from a CA not have CRL URLs?
cz flag

I'm trying create a validation for server certificates and one of the things I need to do is to check if the certificate is revoked, but the server certificates from a specific server seems to not have a CRL URL which I would use to retrieve the CRL to check. Is this supposed to be possible? In the case of no CRL URLs should I just consider the certificate not revoked or stale?

Score: 0
Dean Benson avatar
vSphere 6.7 AD Group Start/Stop/Deploy from Template to specific datastore
co flag

Environment is vSphere 6.7 three hosts in a cluster and AD authentication enabled for HTML5 client.

Problem : Assign AD group with limited permission to allow management of: power, console access and deploy from a template into a specific datastore.

I've spent several hours searching the documentation and examples I've found refer to Role permissions that do not correlate to the administration withi ...

Score: 0
Amir avatar
Registrar doesn't allow to set dedicated IP as nameserver
mk flag

I have registered a .website domain, and I want to point it directly to my VPS (without using a CDN). I've done it before, with other registrars. But when I try to set the nameservers to my dedicated IP, the registrar's control panel gives me an error, saying:

DNS (XX.XX.XX.XX) is not in correct format

Is there anything I can do? Or should I just cave in and use a CDN?

P.S.: This is my registra ...

Score: 0
Plouff avatar
Which one to learn: Nagios or Zabbix?
wf flag

I need to answer a network administrator student which tool is more useful in terms of "employability" at the moment : Nagios or Zabbix. But this is not my field.

I've heard that Nagios had its glory in the past and that today Zabbix is more used. Is it true?

More over, do they offer the same features? I've read that Nagios is continuous and Zabbix is not? Is it true?

Many thanks for your insights :)!

Score: 2
DGideas avatar
Does SSH key with type ecdsa-sk or ed25519-sk need passphrase?
vn flag

OpenSSH 8.2 introduced new public key types "ecdsa-sk" and "ed25519-sk", and the key file contains a reference to the private key credential stored on the FIDO/U2F hardware. Should I still need enter a passphrase when create these types of SSH key? It's seems useless if one attacker get the private key file without FIDO/U2F hardware access.

Score: 0
leonp avatar
fail2ban doesn't react to multiple ip's in log file, while fail2ban-regex - does
us flag

Several days of fighting. My configuration is SME server 10 and fail2ban version 0.11.2. I run:

fail2ban-regex /var/log/httpd/access_log apache-get-dos.conf :

Running tests
Use failregex filter file : apache-get-dos, basedir: /etc/fail2ban
Use datepattern : {^LN-BEG} : Default Detectors
Use log file : /var/log/httpd/access_log
Use encoding : UTF-8

Results
Failregex: 373 total
|- #) [# of hits] ...
Score: 2
Jorg busch avatar
SSH authenticate with publickey,password or publickey,none
pn flag

On my SFTP-Server I want to allow only login via public key AND password OR (if and ONLY IF user has no password) by only public key

I set the following in the the sshd_config:

AuthenticationMethods publickey,none publickey,password
PubkeyAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords yes

But I'm always promptet for a password. When the user has no password it sa ...

Score: 0
jayaprakash R avatar
Why the Kubernetes pods are creating infinitely and created pods are evicted with memory pressure error in AKS cluster while deploying the ML model?
ng flag

To deploy the ML models, we are use the AKS cluster. To deploy the models inside the AKS cluster, we are using airflow.

Two days prior, we manually renewed the AKS cluster's certificate. Nodes, disks, and scale sets are redeployed as per this doc(https://learn.microsoft.com/en-us/azure/aks/certificate-rotation)

After the certificate renewal, two deployments create pods indefinitely, and then all t ...

Score: 1
guettli avatar
I get a Certificate Signing Request every 15 minutes (Kubernetes)
cn flag

I get a Certificate Signing Request every 15 minutes

❯ kubectl get csr -A --sort-by=.metadata.creationTimestamp

csr-r2dwb   3h      kubernetes.io/kubelet-serving   system:node:host-cluster-control-plane-2hhtt   <none>              Pending
csr-kcj2m   165m    kubernetes.io/kubelet-serving   system:node:host-cluster-control-plane-2hhtt   <none>              Pending
csr-h4k8j   149m     ...
Score: 0
willdashwood avatar
CentOS 7 - disable all services, except ssh and networking
cn flag

This is a follow up question to Disable all services, except ssh. I want to achieve the same thing on CentOS 7 but I'm having trouble getting it to work.

I've created /usr/lib/systemd/system/maintenance.target and the contents are as follows:

[Unit]
Description=Maintenance Mode with Networking and SSH
Requires=maintenance.target systemd-networkd.service sshd.service
After=maintenance.target systemd- ...
Score: 1
andrew avatar
move-vm not working : Could not find VirtualMachine with name
in flag

I am trying to cross migrate VM across two Vcenters ( from 6.5 to 7.0) with move-vm command, but something is wrong, couldn't find my test-vm, even basic get-vm find it.

$global:DefaultVIServers

Name                           Port  User
----                           ----  ----
host1.. 443   x.LOCAL\Admini...
host2.. 443   y.LOCAL\Admini...

$destination = 'new-host'
get-vm test-vm

Name           ...
Score: 0
alex.dev avatar
Why only a few TCP packets arrive at destination on port 3306 through an IPsec VPN tunnel?
ky flag

This question was off-topic on Networkengineering and the recommendation was to post it here. So, here we go...

When connected to a network via a VPN tunnel (IPsec/L2TP), I can normally access a MySQL server host via SSH on port 22, but have critical connection problems when building a MySQL connection to the server on the default port 3306. I realised that only a very, very few number of packets get thro ...

Score: 1
GalSuchetzky avatar
setting up a mail server for my domain
kr flag

Learning about how mailing works in general and I have the following question:
If I own the domain bigmoon.com and I want to have a mail address that looks like [email protected], as I understand it I can do the following:

  1. Setup a mail server on a hosted machine A.
  2. Create an A record that points mail.bigmoon.com to machine A.
  3. Create an MX record that points bigmoon.com to mail.bigmoon.com.

Assuming I ha ...

Score: 0
Neji Soltani avatar
dpkg-maintscript-helper: basename: Too many levels of symbolic links
bt flag

I am having this error each time I run an apt-get command, I dont know what caused this but I tried every solution I found related to this but still no hope

root@vmi575272:/# sudo apt-get autoremove
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  debconf
Suggested packages:
  debconf-doc debconf-u ...
Score: 0
JanBoehmer avatar
Laravel App on Server takes high CPU
ag flag

I have a larvel app that runs very smooth and quick on my localhost, but when I push it to my server and run the deployment environment there (same as on my localhost), sometimes the app is very slow and in htop I see:

/us/bin/php8.1 -S 0.0.0.0:80 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Console/../resources/server.php

The path /var/www/html/ does not exist in my host - I ...

Score: 0
Cray avatar
Use EasyCron to make cURL request with cronjob
io flag

I want to make a cURL request every 12 hours and trigger the request with a cronjob. Unfortunately I'm a total newbie in cURL and cronjobs.

This is the request I want to make:

curl --location --request POST 'https://example.com/wp-admin/admin-ajax.php' \
--form 'action="algolia_re_index"' \
--form 'index_id="searchable_posts"' \
--form 'p="1"'

The request should be triggered by a cronjob via EasyCron. I  ...

Score: 0
сергей прудников avatar
Nginx cache for frequent and different requests

I have a service. This service has a GET handle(/api/v1/retrieve_blocks). This handle's requests and responces are small, no more than 1024 characters.

regular situation:

  • this handle is constantly under 500rps.
  • Almost all requests are different by url's parameters. for example:
    host/api/v1/retrieve_blocks?entity_id=1111
    host/api/v1/retrieve_blocks?entity_id=2222
    host/api/v1/retrieve_blocks?entit ...
Score: 1
kype avatar
Only 2 cipher suites are offered by Powershell Invoke-WebRequest
mn flag

I am performing a Invoke-WebRequest to a site using Powershell. And i'm facing error "Could not create SSL/TLS secure channel"

PS C:\Users\admin> Invoke-WebRequest -URI https://myexternalsite.com -Proxy 'http://myproxy.com:8080'
Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel.
At line:1 char:1

I did a packet capture and found that there is a Client Hello followe ...

Score: 1
Teamcity does not clean-up logs when clean-up rules are adjusted
il flag

So I have a project with large amount of build logs which previously inherited "delete after 91 days" rule from grandparent project.

I am adding the specific "delete after 31 days" rule to this project via Kotlin DSL configuration and it is displayed in this project's Clean-up Rules section.

However, after pushing Administration -> Clean-up Settings -> Start clean-up now, the disk space is n ...

Score: 0
Fraŋkini avatar
windows client can't join samba domain anymore
at flag

DISCLAMER:
I'm still trying to fully learn and understand how to properly maintain a samba domain controller.

The Problem:

I had a working samba installation with AD controlle but now, just a month after my last computer join, it won't work anymore. On Windows it says "unknown user or password" but I've checked them to be correct.

I tried setting the log level to 3 in "smb.conf" and while trying to j ...

Score: 1
AquaL1te avatar
Loop through variables in state file and use the vars in the target template as well
us flag

In Ansible I can loop through a list of dicts/lists and then use the loop vars in the Ansible task, but also in the template I call on.

I'm trying to do the same in Salt, but it seems like it's not possible. At least not in the way I'm used to.

I have the following in my Pillar.

routes:
  ens4f0np0:
    - address: 192.168.1.0
      netmask: 255.255.255.192
      gateway: 172.18.48.1
    - address: 172.16 ...
Score: 1
william00179 avatar
NAT'ing a specific port not working on Ubuntu, works correctly on Fedora
lr flag

We have previously been running Fedora instances but for a few reasons we have needed to move over to Ubuntu based distros.

Previously, we have used the following firewalld rules in order to NAT specific ports and it worked flawlessly.

sysctl -q -w net.ipv4.ip_forward=1 net.ipv4.conf.ens5.send_redirects=0
firewall-cmd --permanent --direct --passthrough ipv4 -t nat -A POSTROUTING -p tcp --dport 587 -s  ...
Score: 0
JimmyTheCuck avatar
Resize a persistent disk for Linux (MBR partition) on Google Cloud Compute Engine
ls flag

I want to expand my disk capacity for my Google Cloud machine and have been following the tutorial that's located here.

However, I'm fairly certain that the tutorial assumes the user has a GPT partition table but I have MBR. I only need 20GB so this shouldn't be a problem.

Anyway, I followed the tutorial up to step 4a and everything seemed to execute just fine including everything involved with t ...

Score: 0
Globe avatar
Access a Docker container remotely using my domain
ms flag

I have a computer running Debian 11 and I’m trying to set up Supabase self-hosting. The Supabase official documentation only goes as far as starting the Docker containers and accessing them from http://localhost:8000. I can also visit http://{docker_container_IP}:8000 on the host machine to access what I want. All of the other information online goes further but doesn’t show how to use the databas ...

Score: 0
Joppe avatar
BIND9 local reverse lookup with public IPs - is the setup broken or is the setup faulty?
mw flag

We are having a prelaunch-site to test DNS (and other services) before going hot. I've never involved public IPs here previously and it may not work as I've intended. We have a /29-net from our ISP that are public IPs. 121.24.124.144/29. To test our DNS for different "view"s we have set up the LAN side of a router to emulate this net; with the router as the GW to our ISP. Apart from not being able to ac ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.