Latest Server related questions

I'm currently setting up an Ubuntu server to run an Apache Guacamole RDP Gateway, and for some reason, when I try to login to the web client, it's giving me an invalid login error when I use the default admin login credentials (according to Apache Guacamole documentation, being guacadmin for both username and password). I've looked at the logs, and I confirmed that it is indeed throwing invalid login. I ...

I have a router (with iptables support) with 2 WAN interfaces (wan0 and wan1) and I am trying to redirect calls of specific IPs (for ex: 8.8.8.8) over second interface (wan1) using ip tables. Traffic is coming from single LAN interface (eth0). I tried to mark the network packets like this:

iptables -t mangle -I PREROUTING -d $PUBLIC_IP -p tcp --dports 80,443 -j MARK --set-mark 0x77

and then create a ...

Im having the following SNMP coming in from the snmptrap.fallback. I want to create a trigger which should do the following

2023-07-10 05:38:47 2023-07-10 05:38:45 
09:38:45 2023/07/10 PDU INFO:
  receivedfrom                   UDP: [10.22.11.72]:52862->[10.22.5.22]:162
  messageid                      0
  transactionid                  299
  requestid                      0
  notificationtype   ...

I have a k8s cluster with the following problem: We have a stateful set with filebeat, which collects logs of our microservices locally on the nodes via volumes and pushes them to our open search. The problem is that not all services write these logs, more precisely only services with the pod label type: microservice. Thus, the filebeat pods run completely pointlessly on many nodes. My idea was to restr ...

As of last week I am struggling connecting my squarespace site to my domain managed by godaddy. I Have various other sites for which this process went just well.

My new domain: pawfectstay.be is purchased via godaddy. We have a site created via squarespace.
First I tried connecting the squarespace site using the standard connector squarespace suggested. This did not work.
I figured I would add the  ...

I'm using the latest promtail and loki and trying to use your static_configs example.. but I'm not getting the labels pushed to Loki.. all I see below

Discovered labels
__address
__path
job

I do not see labels of facility and hostname am I doing something wrong ?

here is my promtail

server:
  http_listen_port: 9080
  grpc_listen_port: 0

positions:
  filename: C:\loki\tmp\promtail\positions.yam ...

I have a Terraform script that is cloning a RedHat 8 VM on vSphere V7.

The VM is successfully cloned, but the user in my userdata is not created when the VM starts. If I reboot the VM after it is cloned, the user specified in the userdata is then created successfully.

I am not sure if this is a problem or feature of cloud-init and RedHat 8, or if there is something I need to do with the VM I am clo ...

My network is isolated into a few different VLANs but I am struggling a little with the best way to achieve isolation of some docker containers running inside a custom bridge network. For the sake of simplicity lets say the network looks like this and there are two VLANs (Trusted traffic is untagged and non-trusted traffic is on VLAN 10). Untagged traffic is on a 192.168.x.0/24 subnet and VLAN 10 is ...

I am getting code error in Ansible as below. please advise on this.

ERROR! We were unable to read either as JSON nor YAML, 
these are the errors we got from each:
JSON: Expecting value: line 1 column 1 (char 0)

Syntax Error while loading YAML.
  did not find expected key

The error appears to be in '/root/ansible_code/roles/sample_exercise/tasks/main.yml': 
                           line 10, c ...

I'm creating a squashfs file using dd to create a pseudo file - like described here ("under Streaming Compression" heading):

mkdir empty-dir
mksquashfs empty-dir squash.img -p 'sda_backup.img f 444 root root dd if=/dev/sda bs=4M'

But I would like to see the progress of how much of the drive has been copied, eg like this would:

dd if=/dev/sda bs=4M | pv > sda_backup.img

It's similar in my mind to ...

Im trying to boot a proxmox that was abruptly rebooted due a power lost. When trying to boot it stops with a kernel panic. The error it shows is "Initramfs unpacking failed: no cpio magic". I attached a picture. Have no idea how to solve this :(

Is there any guides/best practices/manuals describing how to organize periodical backup (and of course restore if needed) of entire organization's GitHub, preferably with metadata?

I have a small server that authenticate users as root using their ssh-keys stored in authorized_keys file. I also run fail2ban.

I made a convention to have a nickname written after the public_key of each user in the authorized_keys file.

I would like to know if it would be possible to have fail2ban to scan for accepted connections and, instead of jailing the user, to write a line with his nickname t ...

I recently came across a High Availability scenario that the maintenance program needs to bind a virtual IP to the server it sits and then broadcast it over the network. To do so it runs ip and arp command respectively. However, I noticed that any such maintenance program needs sudoer privilege to run ip or arp. I do not give such root like privilege to it but want it still able to run these two commands. ...

The command to open a particular glassfish domain is

./asadmin start-domain domain_name

Say, I want to start domain1, domain2, domain3 all at once, how'd I do it?

If it's not possible, why?

Nowhere I can find such info, to interpret the following number:

PTP Hardware Clock: 1

Most documentation I can find (e.g. from RedHat it shows 0). What does it mean?

Working with Sun Fire X4170 Server.

Now it have three RAIDs, all is on level 1. Every logical volume (every RAID) contains one Proxmox VM, idk does it matter in my case. The first RAID recognizes that there is no second drive, while the second RAID sees it as if one drive is degraded. And third RAID has two 128 GB drives.

The company has purchased new drives, and I need to replace all the old drives ...

I’m trying to elevate from CentOS 7.9 to Alma8. I’m following the official guide, but I’m stuck at leapp upgrade. I have the following error :

STDERR:
No matches found for the following disable plugin patterns: subscription-manager
Repository extras is listed more than once in the configuration
Warning: Package marked by Leapp to install not found in repositories metadata: python3-nss easymoc ...

Podman containers can be started with --network=none to deny any network access. Running containers can be denied network access by disconnecting all networks according to podman-network-disconnect(1). However, for rootless containers this fails due to slirp4netns not being supported. This article says the podman network commands are for rootful containers only. (podman-network(1) does not.)

Ho ...

I have a scenario where the client has no on-premises AD and wants to use Azure AD. Now my first question is, should I use one account like [email protected] to join all the computers to Azure AD and once joined get other users to login with their own email address?

Second question, So, here admin keeps the local admin account and newly signed in user cannot make changes without admin's email account ...

I had set the below properties in zoo.cfg to enable TLSv1.3 on zookeper 3.8.0 , but in the logs I see that zookeeper is connected to other zookeeper node on TLSv1.2 that is the default version. I want to know how can I enable TLSv1.3 on zookeeper 3.8.0

zookeeper.ssl.protocol=TLSv1.3 zookeeper.ssl.quorum.protocol=TLSv1.3

Tried to set the TLSv1.3 protocol in zoo.cfg file and was expecting ZK nodes com ...

How to activate the remote desktop services after activating its stopped running 0 licence and befor activating it was running i have attached screenshot for the reference remote desktop trouble remote desktop licence

does it automatically add the license of each user i had selected per user in group policy

DNS newbie here trying to understand the DNS setup for one of our domains.

Will call it example.com.

So the DNS host is Azure DNS. And there is an A record in Azure that points to a Cloudflare server as follows:

Type          Name           Value
A             example.com    104.xxx.xxx.xxx (Cloudflare server)

And in Cloudflare for the example.com domain, we have the following record that points t ...

I have a third party application that our pipeline runs on a a build server, within a dedicated Docker container, spun up fresh each time, just for this job. The application is very memory & CPU intensive, spawns many processes, and runs for ~20 minutes. When run once-at-a-time (non-concurrently) it runs successfully to completion, every time.

The problem occurs when the pipeline tries to run ...

Able to get Kerberised NFSv4 export mounted once, not subsequently. 'Access denied by server while mounting'; 'Additional pre-authentication required'

Hi,

I'm new to Kerberos, but have some experience with NFS without security.

I'm trying to set up NFS with krb5p security on two hosts running Ubuntu 22.04: the server — enya.colonelpanic.local — is running a fresh install of Ubuntu Server 22.04 ...

I am quite desperate. I am trying to get my site-to-site vpn setup working, but no luck so far. Please don't judge me, I am quite new to the routing problematic.
I have a VPS with a public IP 123.456.789 and on there a docker stack running with the linuxserver swag container and some other containers. Because I don't have a IPv4 Address at my home network just a DS-Lite connection from my ISP I want to ...

I'd like to set up a very basic EC2 instance, connect it to a MySQL RDS database, and install Wordpress. I'm currently using this guide, and I've created both an EC2 instance and an RDS instance. However, when I try to use the GUI to connect the EC2 instance to RDS, I get a message that "The EC2 instance is not found."

What I've checked so far:

• Both the EC2 and RDS instances are using a test sec ...

Windows Server 2019 with IIS 10.

Used these scripts to disable TLS 1.0 and 1.1

New-Item -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -Force ` | Out-Null

New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

New-ItemPrope ...

Last year, a question was posted about how to add capabilities to an ACI. The accepted answer was that it wasn't possible: How to add capabilities to Azure container instances?

However, the documentation for the CLI has a parameter to do so, but I cannot find what capabilities are supported. https://learn.microsoft.com/en-us/cli/azure/container?view=azure-cli-latest#az-container-create

--add-capabilities ...

I started to run a self-hosted mail server which I want to be reachable via a subdomain only. I have an A record for mail.sub.domain.tld and an MX record for sub.domain.tld /edit: which points to mail.sub.domain.tld. (I also set up spf, dkim and dmarc TXT records for sub.domain.tld, dkim._domainkey.sub.domain.tld and _dmarc.sub.domain.tld respectively)

I have a couple of servers which I want to use  ...