Latest Server related questions

I created a web server which can run code for 4 web apps being developed, based on Ubuntu 20.04. At first, Github was going to be the way to go for handling code between the coders, as it can be synced with our environment (Visual Studio Code in this case) but we want to store code directly in the server instead of dealing with Github repositories because of security concerns and easiness to upload from ...

I need help to redirect URLs with multiple language codes to one with .htaccess. The following URLs should redirect:

• https://example.com/cp/cart.php?a=add&pid=7&language=us

• https://example.com/cp/cart.php?a=add&pid=5&language=de

• https://example.com/cp/cart.php?language=nl

• https://example.com/cp/home.php?language=uk&test=a

to

• https://example.com/cp/cart.php?a=add&pid= ...

Nginx and Exim on same host, Nginx runs as smtp proxy for exim. Nginx v1.22.0 config fragment:

mail {
...
  server {
    listen    25;
    protocol  smtp;
    proxy_protocol on;
    smtp_auth none;
    starttls on;
  }
...
}

(Exim v4.96, compiled with SUPPORT_PROXY). Exim config:

hostlist hosts_proxy = <; 127.0.0.1; 192.46.111.11

But PROXY protocol seems to be not recognised by exim, Exim logs: ...

Following the indications found here: https://switch2osm.org/serving-tiles/manually-building-a-tile-server-ubuntu-22-04-lts/ I'm trying to install Tile Server in Ubuntu 22.04

but I'm getting this error:

raphy@pc:~$ sudo -u _renderd osm2pgsql -d gis --create --slim  -G --hstore --tag-transform-script ./OSM_src/openstreetmap-carto/openstreetmap-carto.lua -C 2500 --number-processes 1 -S ./OSM_src/open ...

I'm trying to redirect outbound traffics to a specific ip address and port to another server in LAN.

I used the following command on my router:

iptables -t nat -A PREROUTING -p tcp --dport 1080 -d 130.83.xx.xx -j DNAT --to-destination 192.168.1.34:1080

Which should redirect the traffic bound for 130.83.xx.xx:1080 to 192.168.1.34:1080

However when I tried to use nc to connect to 130.83.xx.xx:1080 ...

i have setup an outline server on my first server lets call it outline server; and i have successfully connected to that server via outline client application. but i need to redirect all that traffic from my outline server to another server via proxy or tunnel. i have another server at different location which i want to accept the traffic from outline server.

below diagram shows what i want:

client  ...

I'm new to linux and have set up my own Lubuntu 20.04 box. So far I've disabled IPV6, setup firewall rules, configured groups, users and sudoers file, mounted network shares and installed ssh, xrdp, Plex, NordVpn and deluged with web UI.

What I want to do now is make my deluged install only able to access the internet through tun0 which is the interface listed using ifconfig when my VPN is connected. ...

I have 2 ubuntu 20.04 VPS running in different locations with root privileges. in my location internet access is available only for specific hours per day and it become intranet for rest of the day.

Server A is inside my country and connected to a limited and highly censored internet, I have full access to it all the times, it's running an OpenVPN service working properly. tor network (even with bri ...

I have a log management system in which the Clickhouse database has been used alongside metrico/qryn, rsyslog on all the servers (Debian 11) send gathered logs from the system and applications to promtail for labeling and then promtail sends them to qryn, qryn then inserts the logs in the Clickhouse DB and has an API compatible with LogQL.

I'm trying to find a relationship between the Clickhouse system  ...

I have a very restricted user in my ssh server created with --no-create-home and --shell /bin/false. I know I can define authorized_keys file in sshd_configs for the user's public key. But how can I allow public key authentication for this user without requiring to access any files on OS?

I'm trying to create a virtual host in my vps server but I'm receiving "HTTP Status 404 - Not found". My Virtual Host:

vi /etc/httpd/conf.d/demonstracao.itcmedbr.com.conf

<VirtualHost *:80>
        ServerName demonstracao.itcmedbr.com
        ServerAlias www.demonstracao.itcmedbr.com
        DocumentRoot /var/www/demonstracao.itcmedbr.com/html
    ErrorLog /var/www/demonstracao.itcmedbr.com/l ...

I have a cluster of Pis that I'm using to experiment with Hadoop. masternode is set to .190, p1 to 191 ... p4 to 194. All nodes are up and running. start-dfs.sh, stop-all.sh, etc from the master successfully start and stop the datanodes. However, on start, the datanodes cannot connect back to the master node. The datanodes are trying to use "hostname/ip_address:9000" to try and reconnect.

hadoop- ...

I has been search here, BUT no topic about my question (they just ask for their email was rejcted, but this time, not my email was been reject), it seem someone try to send spam out via my server, however this one is very annoying, it start to try over 1000 times like this:

2022-10-02 08:15:01 H=(DESKTOP-K89KQBI) [212.191.80.243] [email protected] rejected RCPT [email protected]: r ...

I have website on test.cz and this website using api on api.test.cz. I want disable for users access to website api.test.cz but allow access if user ar on test.cz.

When the user annoys test.cz, the information is subsequently downloaded via the api.

• i using cloudflare

I using nginx, is possible?

All communication between hosts is already encrypted as they are connected with the Nebula overlay network (or i.e wireguard). Would you also use ssl encryption between services or plain unencrypted http?

I have a server that has two transport implementations, they are implemented on Qt. Secure and insecure. Secure transport uses QSslSocket, other QTCPSocket. One transport is secure, the other is not.

Both work fine when you connect locally, over VPN or local network. But when you create SSH tunnel to this server on remote machine:

ssh -vvvvv -N -C -p 22 [email protected] -L 2506:localhost:2506

... this is w ...

• OpenVPN version is: OpenVPN 2.4.8 x86_64-w64-mingw32
• Topology is: Machines at VirtualBox, server and client

I know there are many posts about this question, but so far, I could not find the answer.

• OpenVPN it does work in LAN flawlessly
• Port forward on the router has been done.
• the firewall has been disabled at the server and client

Those are the logs

**from the server: ** [LOG FROM SERVER] 1 ...

rsyslog audit logs are not getting forwarded from Amazon Linux 2 (koji linux)

what are the known rsyslog issues related to this amazon linux 2 system?

Also, what is the significance of below two line

#FileCreateMode

$FileCreateMode 0640

#Configure logs to remote host

. @@loghost.example.com

(should this be removed if . @@IP:Port is added at the end)

I have installed 3 x RHEL 8.4 Servers and have also installed the latest version of Percona XtraDB Cluster. I have left the my.cnf file pretty basic, wsrep also basic with just the required changes to node name, gcomm addressing and cluster name. The Primary Node starts perfectly. It has no addressing in gcomm as it will be learned as nodes are added. Just to confirm, I did try adding addressing and res ...

I try to rsync between 2 local disks, thus there is no compression. the sparse file has apparent size of 50GB, actual size of 16GB. I tried rsync -a -P --sparse, it did generate sparse file on destination at the end. However, it is not as sparse as the source file. The generated file is 27GB instead of 16GB. I can use fallocate -d <filename> to shrink it more. It became around 18GB. However, ...

My main work machines are Macs these days, but I still have a Linux VPS running for tinkering purposes. For convenience, I use Termius

There are 2 accounts on my Linux VPS: root and anta40. To login, I use SSH keys instead of password. Login as root works fine. There is trouble login as anta40, though. Here's the log, which says " Authentication that can continue: publickey" :

 Starting a new conne ...

I'm trying to implement mosquitto broker with InfluxDB.

My concern is that the data won't be stored properly, because InfluxDB is a "real-time" database and the MQTT protocol is asynchronous. So the values might be stored in the incorrect order.

Are my concerns valid? Can a "real-time" database be used with the MQTT protocol when the original sequence of values needs to be preserved?

I have add a new node to my k8s cluster, but I found some allocated to this node cannot show logs like this:

$ kubectl logs -n xxxx xxxxx-6d5bdd7d6f-5ps6k

Unable to connect to the server: EOF

Using Lens gives error logs like this:

Failed to load logs: request to http://127.0.0.1:49271/api-kube/api/v1/namespaces/xxxxxxx/pods/xxxx34-27736483--1-hxjpv/log?tailLines=500&timestamps=true&conta ...

I have 2 Raspberry Pi's running and want to be able to access them externally. I have DynDNS running to link my public IP to mydomain.com. The goal is to be able to use host1.mydomain.com to ssh into host1 and host2.mydomain.com to ssh into host2.

I was able to almost realize this by using port forwarding in my router settings but then I always needed to specify the port when connecting via ssh.  ...

I am using a J2EE app deployed on Tomcat8 to delete a file on Windows (Desktop location). From a code side, the file is deleted and the returned code is OK. But when i check the file in the folder after that, i see it is locked, and can neither be deleted or renamed. In addition i noticed that if i closed Tomcat instance, the file gets removed automatically shortly after (1second). in my catalina. ...

I setup a shared samba folder on ubuntu 20.04 It appears on the Windows 8.1 machine on the same subnet but if I try to write to the folder I get a permission denied error

I want to send the DN field from the client certificate ($ssl_client_s_dn), but I want to send it encrypted.

In the question nginx append query parameter to a react application it is explained how to add a parameter to a react application using rewrite and try_files, and how to prevent the infinite rewrite redirecting loop.

But I don't know how to encrypt this variable ($ssl_client_s_dn).

My conf ...

For active domain I can do virsh blockpull --domain ... --path ... --base ... I would expect the blockpull should also work with inactive domain since it should be even easier (there is no write operation from guest os interfering the merge operation.). However, I get error: Requested operation is not valid: domain is not running. Why? Is there any reason that blockpull cannot work with inactive d ...

I am trying to boot temporary Linux via UEFI network boot, and I need it 32-bit x86. Only 32-bit live distribution I know is RescueCD which seem to have no EFI stub in kernel to boot. I was trying to boot it via iPXE efi loader, which I am used to use. Is there a way to boot non-EFI kernel from iPXE or from other network-bootable bootloader? Or perhaps there are some 32-bit live linux distribution I mis ...

I have a working vpn connection but it's imported in WireGuard and I need to use that same config on a OpenVPN client and import it there . Is there anyway to convert wireguard .conf files into .ovpn file and use it on OpenVPN client ?