Latest Server related questions

I'm using automation (ansible) to deploy a dockerised app (gitea). The app runs s6 in its docker entrypoint.

I want to run my own script:

• after the container's first load (so the files and db are ready)
• at most once

OPTION 1:
I thought to add a script /etc/s6/custom/run and place my stuff in there. But it would be restarted continuously, and there's no guarantee of order.

OPTION 2:
I read the do ...

I am using pure-ftpd with MariaDB to auth users. After upgrade to Debian 12 Bookworm it stopped working. Debian 12 includes new pure-ftpd 1.0.50, which has introduced the following change:

Support for MD5, SHA1 and the MySQL PASSWORD() function were removed for password hashing. You should now use scrypt, argon2 or the system crypt(3) function.

So I updated /etc/pure-ftpd/db/mysql.conf to reflect the cha ...

I am trying to understand the workings of the DNS. When I do dig electronics.stackexchange.com, I get the following response (truncated at the bottom for brevity):

; <<>> DiG 9.10.6 <<>> electronics.stackexchange.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2941
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 13, ADD ...

I'm trying to install the following on an EC2 instance and receiving the following error message:

[ec2-user@ip-172-30-0-7 ~]$ sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
Last metadata expiration check: 0:30:04 ago on Sat Jun 24 07:59:46 2023.
epel-release-latest-8.noarch.rpm                                                                    581 kB/s |  ...

I'm in need of creating a forward that will return an error message to whoever sends a message to an email address, the only problem is that I don't know how to that for specific emails and I haven't found a tutorial online teaching how to. Let's say I have a [email protected] email, which command line should I use to set a forward for that specific email address only? This way if someone sends a messa ...

I'm new to Nginx and Wordpress as a combo. I would love a sanity check on this server side caching code.

Specifically

1. Is the sequencing correct - esp. the location statements?
2. Is there anything redundant or critically missing?
3. If I wanted to set a different cache time for say .mp4 and png - eg 1d, not 1w, how would I do so?

Many thanks for your help.

fastcgi_cache_path /etc/nginx/cache levels=1:2 ...

I have an issue with one domain computer. A user is trying to log in and it says 'username or password incorrect'. I have to go there, and then log in with my credentials, which works. After I log in and log out, he is then able to log in just fine. Then after he goes away and the PC locks, he'll get the same error. I've reset the PC, rejoined it to the domain and changed his password (even though it wa ...

I've created a alldots.tar file mainly with dot config files from my local server. I then transferred it to my other (remote) server and there it is, cryptographed.

It didn't occur at the time of creating that I would need the private key there as well, when I tested all locally.

Now I have a big dilemma, because I don't want to send my private key over the web; and the other solution is to wait  ...

I have a nodejs https server running on my Raspberry Pi. It responses to ajax requests. When open the webpage with a desktop/laptop or an iPhone (Safari), the ajax call returns the proper result with a http 200 return code. However, when I do the same from a Firefox browser on an Android mobile phone, I get an empty result with 0 as http return code. The server side logs indicate that there is a problem ...

I am trying to achieve the below with nginx -

I have 2 docker containers running on a server once container runs nginx on port 80 & takes requests from AWS application load balancer. Then based on the path in the URL, it is supposed to redirect to one of 3 ports on the other docker container. The applications running in the second docker container serve content on their own paths.

Example - When ...

On Cisco switches with stacking cables, you can do:

#show switch stack-ports summary

Sw#/Port#  Port Status  Neighbor  Cable Length   Link OK   Link Active   Sync OK   #Changes to LinkOK  In Loopback
---------------------------------------------
1/1        OK           2         50cm           Yes       Yes           Yes       1                   No
1/2        OK           2         50cm           ...

It seems like redirect is not done.

If I put URL https://test2/static_page in browser it works but if I put https://test1 don't redirect

SERVER["socket"] == ":443" {

  $HTTP["host"] == "test1" {
    url.redirect = ("" => "https://test2/static_page"),
    url.redirect-code = 302
  }
}

I have 24 Samsung PM1733 7.68 TB and a server platform Gigabyte R282-Z94 with 2x 7702 64cores AMD EPYC. OS: Oracle Linux 8.6, 5.4.17-2136.311.6.el8uek.x86_64

I need this server for testing so I have to use a thin pool in my environment (i need snaps). I also use LVM because I have used it before. But I tried ZFS and could not get better results.

The main question sounds like this: How to get maximum p ...

it is my third month as a junior sys admin and my senior is on vacation.

Starting this past Tuesday, users have not been able to log in to a website while on our primary network. The web page loads and functions properly, but upon entering credentials, the page just hangs indefinitely. I suspected it was a DNS issue, so I removed the static IP that points to our AD server, rebooted the computer,  ...

I have domain user accounts (Windows Active Directory) that they use the same (1-1) Windows 10 domain PC some years without problems about saving passwords to browsers. But if I use the same domain user accounts to login to a different pc then I can't save any password to any browser except Firefox!!! Only with the bult-in domain administrator account I am not having any problem when I logged in to any  ...

I have been looking for days and I can't seem to understand how to use Domain Certificates in IIS. Is there even a point to it? From what I understand, you absolutely cannot change which template it will use and you cannot update the WebServer template. I've messed around with the templates for a while and my websearch-fu is failing me.

There is this answer from 2012 but the links are dead.

The de ...

I'm using IIS to reverse proxy HTTP requests to a nodejs app running in the same machine.

URL rewrite and ARR modules are installed and the proxy setting checked. The URL matching seems good: if I change the rule to redirect it works as expected. Using rewrite I get a 404 error.

The API endpoint is api.url.com/getContent/ofertas. The IIS site root folder is W:\sites\LocalUser\site\api. Here is the

I have a home automation host installed at a remote location which I access through WireGuard VPN. The router at the remote location uses 192.168.1.x, which is the same network as my home router. I can access this host fine through mobile data, but when I try to access the host from my home network over the Internet it fails. I speculate it is searching for the host in my home network since it uses the  ...

I created a new VM on GCP and then try updating by running:

apt update && apt upgrade -y

But everytime. it stucks at

Preparing to unpack .../google-cloud-cli_436.0.0-0_all.deb ...

I have tried deleting the VM three times and create a new one. It always stucks at this line and then update doesn't continue.

I am running Debain 10 on E2 Micro.

[Image showing the online shell window]1

As a new system admin, I was provided with access to some standard role assignments from the 365 admin center, which include the following:

• Authentication Policy Administrator
• Exchange Administrator
• Global Reader
• Groups Administrator
• Intune Administrator
• Security Administrator
• Service Support Administrator
• SharePoint Administrator
• Teams Administrator
• User Administrator

I'm currently testing the  ...

This is my first foray into anything AWX/Ansible, so please be gentle :)

I've set up a new AWX instance in Kubernetes (using the AWX Operator), and am trying to import our existing job-templates from an old instance (that I did not set up, nor have control over). There is a metadata.yml file in our playbooks repo that defines them. The format is:

project_name: playbooks
project_version: 2.5.7
proje ...

I've installed Grafana behind Nginx running as a reverse proxy for it and then behind Cloudflare. Unfortunately when I am trying to access it is stuck on jumping Grafana logo with "loading" inscription underneath it.

Grafana is expected to be accessible on subdomain like grafana.domain.com.

I've tried to change a config in both Nginx vhost and grafana.ini but with no luck. My current Nginx config: ...

After searching for many hours I cannot find a solution to a problem I have with a new Postfix server I'm deploying. I'm are in the process of decommissioning old on-prem Exchange servers which are used for STMP relay from internal systems and moving to Postfix 3.6.4.

One of our requirements to is archive all email to an external system. Currently in Exchange that is done with envelope journaling ...

I have an Oracle VPS with Ubuntu. Before enabling ufw everything worked perfect. I've added rules for ssh, http, https and openvpn. After enabling it ssh stopped working, but after rebooting my VPS it worked fine. But http and https stopeed working! My webserver still is running, and listening at 0.0.0.0:80/0.0.0.0:443. Curl'ing my VPS didn't result in Connection refused but Couldn't connect to server

There's a web app url of which may vary - it's either .com or my..com depending on if a user is logged or not.

However, there's an element on the main page (that can be accessed via .com or my..com) that requires authentication.

If the logged user accesses the my.*.com and clicks a button it works with no issue. There's just 1 POST request returning 200 as expected.

200

However, if the logged user access  ...

I need to enforce a strong custom password policy for LUKS FDE on Ubuntu 22.

I have successfully enforced it on the user account level by modifying /etc/pam.d/common-password. But the restrictions in this file do not get applied when changing a LUKS password via cryptsetup. cryptsetup seems to completely ignore this file, and I cannot find any information about applying custom password requirement ...

When upgrading to TeamCity 2023.05 (using the Docker image), I received the error "Can't take exclusive lock when db lock is not held" and the detailed instruction:

<pre>java.lang.IllegalStateException: Can't take an exclusive lock when db lock is not held
    at jetbrains.buildServer.serverSide.db.Heartbeat.tryGetExclusiveLock(Heartbeat.java:726)
    at jetbrains.buildServer.serverSide.db.T ...

I want to add CORS to my reverse-proxy. Generally everything is working but I don't understand why even though reading the documentation on add_header and reading several forum entries.

In my case I have two ifs and I would assume that nginx only resolves one but I don't even understand what is happening. Because if Iam requesting the location, the preflight is fine but then the acutal request te ...

I am using salt by defining roles which map a list of states to a list of hosts on which to apply the states:

#/srv/pillar/base/top.sls:
{% set h = 'host1, host2,' %}
'L@{{ h }}':
    - roles.Servers

{% set h = 'host3, host4,' %}
'L@{{ h }}':
    - roles.newServers    
    
#/srv/salt/base/top.sls: 
base:
  'role:Server': # Mapping a host to a role can be found in: /srv/pillar/top.sls
    - match: ...

I want to achieve scaling of the container based on the array of values (like a matrix set of values used for creating containers). I can't do scaling with a single container in docker compose file:

services:
  runner:
    image: gitea/act_runner:$VERSION
    pull_policy: always
    restart: unless-stopped
    volumes:
      - "./data/${TOKEN}:/data"
      - /var/run/docker.sock:/var/run/docker.sock
 ...