Latest Server related questions

Is it possible to set CPUAffinity=0 for a specific process (lets say httpd.service) in its systemd service unit file?

When deploying rancher onto a downstream cluster the cattle-cluster-agent- pods appear and they show running. The issue is (1) when I try to access the cluster via the UI, the UI displayed " Cluster agent is not connected" and I cannot manage the clutser. (2) Using the kubectl, I run the command kubectl get cattle-cluster-agent-*********-***** and the following error shows (some info in the log entr ...

I am working on an eBPF/XDP application running on a server with Intel 10G X550T NICs, using the ixgbe driver.

I need precise control over how the work is distributed between cores, so I'm disabling irqbalance and setting IRQ affinity manually. I wrote a brief python script to read /proc/interrupts and /proc/irq/X/smp_affinity to show which CPU cores should be handling the interrupt for each queu ...

I was wondering how to predict how much memory s3cmd is going to use to upload a given file. I'm concerned that for large files it could use too much system memory. And if I increase the chunk size, will it use more memory per chunk/multipart?

I checked the documentation

https://s3tools.org/s3cmd

but couldn't find anything related to memory management.

I've experimented and tried to upload a 200GB file  ...

I am trying to use podman/docker secrets for ssl certificates but i keep getting SSL errors.

Here is the command i am using:

podman run \
  --detach \
  --restart on-failure:5 \
  --network some_network \
  --name postgres \
  --hostname postgres \
  --publish 5432:5432 \
  --mount type=volume,src=postgres,dst=/var/lib/postgresql/data \
  --secret SUPERUSER \
  --secret SUPERPASS \
  --secret server_k ...

I tested the last few days OpenSSH as connection method for windows hosts in Ansible, because we are a mixed environment and I want a similar approach for linux and windows.

I tested for windows 10 and 11 hosts and it is working mostly as expected. The thing which bothers me: If I run a playbook against an inventory where not all windows machines are running I will get an [WARNING]: Failed to collect ...

I want to delete the Windows Defender History in Windows 11 22H2 22621.2215. In particular, accessing the folder C:\ProgramData\Microsoft\Windows Defender\Scans is not possible. It seems that Microsoft has specially secured access to this folder. How to clear Defender history anyway? A PowerShell script would be nice.

All previously published Howtos are not succesfull. eg https://techviral.net/cle ...

I have configured postfix SMTP server for mail sending only with below configurations, I've used cyrus-sasl to authenticate with openLDAP, I want to achieve SMTP port 25 to use insecure connections while on port 587 to make secure TLS connections

here's my master.cf file snippet

# ==========================================================================
# service type  private unpriv  chroot  wakeup  ...

I have installed self service password application on my debian server. This application is connected to active directory via ldaps. LDAPS is configured in conf.php file. Now, I want to have hashed bind_password for ldaps connection in this file (for more security). Do you know, ho to do it please? Thank you

I have set up a nginx reverse proxy with Ubuntu Server 22.04 LTS. The Abacus web application should be accessible with https://abacus.contoso.com from the internet. The internal server name is srv06. My current config looks like this (that's basically the official template from Abacus):

server {
    listen 443 ssl;
    server_name abacus.contoso.com;

    ssl_certificate /etc/nginx/ssl_certs/cert.pem;
    ...

There are two servers in the local network, and iredmail is installed on both (I don't think this is important, since Postfix is here). There is one domain example.com and one IP, and also two subdomains here: servermail.example.com and mail.example.com. There is a Mikrotik router in front of them, which holds a local network and communicates with the world.

Roughly speaking, explicitly specify the s ...

I am a bit confused with the Options for load balancing between different AZs for redundancy. I have an application which requires network load balancing and should optimally not depend on DNS to do the load distribution and selection of endpoints. (some clients will not use DNS resolution but connect directly to IPs)

Now I see three primary ways to do this:

1. Global Accelerator - this would enable me  ...

I have 2 VLANs on ETH1 port on Synology DSM 7.2. I use the MACVLAN driver, so my containers look like "seperate computers" on the network. I can reach the container from the network and I can reach the network from the container. I can even reach the container from the host, but I cannot reach the host from inside the container.

#!/bin/bash:

docker network create -d macvlan --subnet=10.1.40.0/24 --gat ...

I am trying to change/remove a domain in Windows Server 2022 to a new domain. I keep on getting problems. It is either the existing domain is greyed out or gives me the message can't change the certificate installed. What am I doing wrong or what can I do?

I have a server that hosts a website delivered via https on port 443. The website is not directly open to the public internet, but traffic is routed via a VPN from an EC2 instance that has a public facing IP.

The website can be accessed from the host server, computers on the same internal network and computers on the VPN, that are not the EC2 instance.

Issuing the command openssl s_client -connect www.m ...

I wrote a script fetching the RAID configuration of the latest VirtualDisk.

On one server I get :

# omreport storage vdisk controller=0 -fmt ssv | awk '-F;' '/^ID/{print}/Virtual\s*Disk\s*[0-9]+;/{line=$0;value=$7}END{print line;print value}'
ID;Status;Name;State;Hot Spare Policy violated;Encrypted;Layout;Size;T10 Protection Information Status;Associated Fluid Cache State ;Device Name;Bus Protocol;Med ...

first time writer here.

My situation is as follows: we have an active directory, that is more or less organized. All users are in a single OU, and working on a Terminalserver (WINS 2012R2), lets call him "TS01". Now we are setting up a new TS, "TS02", with WINS 2019, and wanted to change a few details. One of which is instead of using userprofile disks we wanted each user to get their home direct ...

Using Apache/2.4.54 (Win64)

I have been requested to rewrite from old domain to new like this

• From https://oldtest.mydomain.com/company/customerpage/#/customer/<getThisNumber>/something
• To https://newtest.mydomain.com/company/something/customer/<getThisNumber>

It could have been fine, using regex to grab the number and pass it to the new and then just redirect using [L,R=301].

But ref. ...

We have a MikroTik router with 2 WANs, main (good and expensive bandwidth) and backup. main is for our day-to-day use, and backup has slow bandwidth.

We have a Synology NAS handling the downloads, I would like to force torrent downloads to be done via the backup interface on the gateway. Here is my current config:

/ip firewall filter add action=accept chain=forward comment="H2G2: Allow forward to ...

I create a Debian Bookworm machine to serve as LXC containers manager. I use unprivileged LXC containers started with lxc-unpriv-start command that create a systemd user scope. I create a service that start my containers on server start and launch a clean shutdown on service stop. Every container can take 2 or 3 minutes to shutdown. If I stop main service manually all works well. The problem arise when  ...

I have a server in OVH. My server is able to deliver 1gbps, I make sure it's actually can deliver this in their rescue mode. When the system is up to the Ubuntu layer, the performance drops to ~200mbps.

My first thinking is there is a driver issue. This is my card: Ethernet Controller X710 for 10GBASE-T This is my driver: driver=i40e driverversion=2.8.20-k

apparently it quite difficult to understa ...

I came up with the idea to run 2 different servers with both of them having the same app, but one is just 1 release behind.

Why would I want to do this?

Sometimes one of of our releases is faulty we want to instantly rollback any changes by changing the traffic from the new release to the other server where the 'not faulty' release is on.

Is there any term that describes this process?

I am trying ...

Let's imagine the following scenario.

I have an host key ABCDEF1234 for a given hostname, so my known_hosts file looks like this (unhashed version):

example.com ssh-rsa ABCDEF1234

Now I connect to it, and hostnames resolve to 10.11.12.13 I have a message like this

Warning: Permanently added the ECDSA host key for IP address '10.11.12.13' to the list of known hosts.

And my known_hosts looks like this ...

I have a cluster in VirtualBox to learn kubernetes. I have a deployment that contains MySQL and phpMyAdmin. I created a DemonSet that has the fluentd image and collects the logs to transmit them to elastics at ip 10.0.2.11.

I don't understand why it doesn't connect to elactic and this log appears:

2023-08-28 11:28:49 +0000 [warn]: #0 [in_tail_container_logs] pattern not matched: "2023-08-28T11:28:48.3 ...

I have Apache running on Ubuntu 20 and I keep getting this error in /var/logs/apache2/error.log:

[proxy:error] [pid 7064] (111)Connection refused: AH00957: http: attempt to connect to 127.0.0.1:4000 (127.0.0.1) failed

[proxy_http:error] [pid 7064] [client ...] AH01114: HTTP: failed to make connection to backend: 127.0.0.1

My virtual host is set up like this:

<IfModule mod_ssl.c>
<VirtualHost * ...

this rewrite rule is not hitting it's mark :(

    RewriteCond %{REQUEST_METHOD} ^(GET)$
    RewriteRule ^/wiki-search/(.+)$ NicerAppWebOS/index.php?app-wikipedia.org-search=$1 [L,END,PT,DPI]

apache log (with rewrite:trace6 set in apache sites-enabled config) :

[Tue Aug 29 06:30:46.281647 2023] [rewrite:trace3] [pid 2760088] mod_rewrite.c(480): [client 192.168.178.29:45136] 192.168.178.29 - - [192 ...

enter image description here

Whenever I tried to connect my nodejs project with mongodb in docker. This started to show .

Currently the latest version is 8.0.2, which requires account binding, which is very troublesome and there is no way to remove it. Versions after 7.4.5 (excluding 7.4.5) require mandatory cell phone number binding. Version 7.4.2 has a pma vulnerability. Versions before 7.2.0 are not recommended because the code has been changed too much and can't be used properly after downgrading.

I am recently upgraded Ubuntu Server 20.04 to Ubuntu Server 22.04. It is a LEMP server running the latest Mainline version of Nginx. After the upgrade, when I try modifying the /etc/nginx/nginx.conf file with nano editor, nano shows a warning in red that says

/etc/nginx/nginx.conf is meant to be read-only

What is this error about, and since when is my nginx.conf file meant to be read-only? Is this an n ...

I have ipv4 address 192.168.88.130 assigned by DHCP (cannot use static IP).

I have to access devices on 192.168.20.X by changing adapter settings to static and assigning some IP from 192.168.20.X, and then i can access any of devices there.

Is there a way to access the other network without changing the network adapter ipv4 address?