Latest Server related questions

I have a Ceph system with 8 OSD's and 8 disks mapped 1:1.

One of the disks is giving me smart errors and I would like to replace it.

How do I know which physical disk is mapped to which OSD?

I am trying to run a studio integration that was built in the past - so don't have access to the studio files etc. On running the integration - the following error is encountered.

"Integration Failed. com.capeclear.mediation.MediationException: application=wcc - Workday Out transport id=GetPageOfData encountered problem sending to endpoint 'https://wd3-impl-services1.workday.com/ccx/service/XXXX ...

On a router (busybox) I'm limited to shebang. On devices like these relaying on squashfs and flash storage it's common practice to mount --bind files from USB/CIFS/JFFS onto a file provided by the squashfs (and expanded in RAM).

e.g.

mount --bind /mnt/sda1/dnsmasq.conf /etc/dnsmasq.conf

I'm trying to automate some login in a script of mine but I can't find a way to display precisely what file was mo ...

I have a playbook with dynamic ec2 inventory, below is the graph.

$ ansible-inventory -i inventory/dynamic_inventory/uat_aws_ec2.yaml --graph
@all:
  |--@aws_ec2:
  |  |--xx.xxx.xx.xx
  |  |--xx.xxx.xx.xx
  |  |--xx.xxx.xx.xx
  |--@nonprod_uat:
  |  |--xx.xxx.xx.3
  |  |--xx.xxx.xx.1
  |  |--xx.xxx.xx.2
  |--@uat_auth:
  |  |--xx.xxx.xx.xx
  |--@uat_web:
  |  |--xx.xxx.xx.xx
  |--@ungrouped:

Now if I  ...

So far I have this for my reverse proxy settings:

 server {
        server_name subdomain1.DOMAIN.net;
        location / {
            proxy_pass       http://192.168.1.156:9090;
        }
 }
 server {
        server_name subdomain2.DOMAIN.net;
        location / {
            proxy_pass       http://192.168.1.156:9091;
        }
 }

How ever it's just reporting back a 502 bad gateway when I check the ...

I have an OpenWRT box that has 2.4ghz, and 5ghz AC. Should I set up the same "Mobility Domain" for both radios to enable 802.11r?

I installed Fedora 37 XFCE spin on my Lenovo Yoga 4k laptop. The Grub options during the startup looks so small. So I installed sudo dnf install grub-customizer to easily change the grub config through a UI.

With the grub-customizer I can change the text to a larger font. I can even change the text color. Great. But no matter what I do I cannot set a background image. How do I put in an image?

So the

Setup: 2 host-only ints each connected to a separate host on a separate network PFsense VM routing between 2 networks (implicit accept on both networks, no other rules)

Can receive normal, syn,syn/ack,rst/ack, ACK, etc, essentially all the normal traffic you'd expect to see, but when I do a NULL/FIN or XMAS scan on nmap (nmap -sX ), I get an ICMP request, reply, timestamp, and a syn & rst/ack ...

I am looking to update my postfix configuration so it restricts the domains to which emails can be sent. I am thinking of using smtpd_recipient_restrictions with check_recipient_access, based on this solution: https://serverfault.com/a/412805 Does this allow for regex? I want to say, only send emails to *@mydomain.com and block everyone else. Something like this:

smtpd_recipient_restrictions = che ...

I'm trying to get OpenTelemetry container to pass spans along to my Jaeger container, but haven't quite figured out, and can't tell what's wrong, either.

I have confirmed that:

• my app is generating and passing along spans to OTel
• Otel is receiving the spans

But beyond that, I see nothing that might denote that errors are occur during export to Jaeger, but no spans ever appear there. It is also hard t ...

I have email delivery issues, and MXtoolbox says "Reverse DNS is not a Valid Hostname". I have A and AAAA records for domain.com and mail.domain.com. The data center has set up reverse DNS to domain.com. I have found this and this thread where users reported similar issues and it appears the issues were resolved by 'changing the hostname' from 'domain.com' to 'something.domain.com'.

I am not comf ...

I'm creating a service that makes use of sshd (aka OpenSSH.Server). However, although I know that all the Windows versions we need to support can run sshd, I can't guarantee that it'll actually be installed on every machine the service will run on.

I'm a little confused by the various concepts surrounding Windows services and how they get installed, but ideally what I'd like would be for the serv ...

On Ubuntu server 20.04, I am running spammassassin/spamd, postfix/dovecot. In my mail logs at /var/log/mail.log I am getting a spamd

internal error, python traceback seen in response

error as shown below:

Mar  2 12:28:52 mail spamd[26377]: spamd: connection from 127.0.0.1 [127.0.0.1]:34916 to port 783, fd 5
Mar  2 12:28:52 mail spamd[26377]: spamd: using default config for user123: /var/vmail// ...

I'm following this tutorial exactly line by line: https://docs.meilisearch.com/learn/cookbooks/running_production.html#step-4-run-meilisearch-as-a-service

It has a step to setup the Meilisearch as a service using this config:

cat << EOF > /etc/systemd/system/meilisearch.service

[Unit]
Description=Meilisearch
After=systemd-user-sessions.service

[Service]
Type=simple
WorkingDirectory=/var/li ...

I have added two additional IP addresses following this guide: https://docs.ovh.com/ie/en/dedicated/network-ipaliasing/#debian-9-ubuntu-1704-and-arch-linux_1

cat /etc/systemd/network/50-default.network

[Match]
MACAddress=08:(...)

[Network]
Description=network interface on public network, with default route
DHCP=no
Address=37.187.90.XX/24
Gateway=37.187.90.254
IPv6AcceptRA=no
NTP=ntp.ovh.net
DNS=1 ...

I have a Azure VM that I've joined to my Azure AD, works great. I've installed (Development Edition SQL Server 2022) SSAS Tabular on this server using the local admin account and would like to use this to create and access cubes with my external AzureAD guest users (of which I have many).

First problem, when I attempt to add Azure AD users to a tabular cube role, I cannot find them in the "Select User ...

The %SystemRoot% environment variable contains the path to the Windows directory. (e.g. c:\windows)

SystemRoot is not configured in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment, it is automagically set.

Now, typically on Windows 10 this directory has the caseing C:\Windows on NTFS disk.

After a script test(*) broke, we noticed:

• With same OS version Wind ...

we have RHEL 7.6 server , and we noticed about the following kernel messages.

[1065085.048872] EDAC sbridge MC0: PROCESSOR 0:406f1 TIME 1676989040 SOCKET 0 APIC 0
[1065086.052107] EDAC MC1: 0 CE memory read error on CPU_SrcID#1_Ha#0_Chan#0_DIMM#0 (channel:0 slot:0 page:0x2ae958e offset:0xa00 grain:32 syndrome:0x0 -  area:DRAM err_code:0000:009f socket:1 ha:0 channel_mask:1 rank:0)
[1065166.234239]  ...

Here are the Specs of our current server: Poweredge R540, Windows Server 2019 (version 1809)

We swapped this current server in for an older Poweredge R530 running Server 2012, but we've been receiving a deluge of errors linked to the old server, for whatever reason. They have not hampered productivity or produced any errors on the user side, but it's quite the inconvenience to have to scroll thro ...

According to https://wiki.nftables.org/wiki-nftables/index.php/Flowtables, flowtables reside in the ingress hook. So, does that mean if connection is picked up by the flowtable, it will not be processed by any other rules in prerouting, input, etc.?

I'm new in K8s and I need to check the kubeconfig file from a cluster. Is there a way to describe the kubeconfig file using the kubectl?

I'm looking for something similar to kubectl describe kubeconfig.

My root is mounted readonly (on purpose). I have a separate, read-write vg where I want to lvconvert --merge a thin snapshot. I'm getting Cannot archive volume group metadata for $VG to read-only filesystem. The manpage was unhelpful. Is there some flag I can pass to disable this "archive" functionality or to control where the archive is written?

I'm playing around with nftables to gain more experience and have a pretty easy scenario: NAT the destination port 8080 to 8081 (not really useful but in the Lab it is good enough).

This nft config works (so all packets which are targeted at port 8080 are forwarded to port 8081):

chain foo {
        type nat hook output priority mangle; policy accept;
        tcp dport 8080 redirect to :8081
}

when I  ...

Three environments (LAB, DEV/TEST, PROD) 2 NODES (active, inactive), 7 ROLES.

Experiencing fail over issues on the PROD environment, but the LAB and DEV/TEST clusters are not experiencing the same issue.

QUORUM setups are different.

LAB - Witness: Quorum Disk

DEV/TEST - Witness : Quorum Disk

PROD - Witness : Cluster Disk Quorum

On the PROD system, under resources, the Q drive is a Shared Storage - Dyn ...

We need to check if a URL contains a specific arg "?___store=en" and then redirect to the same url, but add /en/ after the domain name. But this should be dynamic, because the url is not static and should be able to change from every specific page.

For example:

https://www.example.com/category1/product1?___store=en

Should be redirect to:

https://www.example.com/en/category1/product1

We already tried the f ...

What I am trying to do is to have some clean redirects and don't make the content from the server available everywhere like is available via https://server-ip https://non-www and https://www-version

I see this are the 2 current redirects that exist:

server {
    if ($host = vgopromo.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

if ($host = www.vgopromo.com) {
    ret ...

I'm having problems with adding multiple failregex lines in my jail.local file. It works if I have one line but doesn't work if I have two.

This is my my jail.local config:

[sshd]
enabled = true
logpath = %(sshd_log)s
port = 22
banaction = iptables-multiport
mode = aggressive
failregex = %(known/failregex)s
            ^Bad protocol version identification '.*' from <HOST>
failregex = %(known/failreg ...

I've been using a Linux host machine with several docker containers running with one of those as Nginx Proxy Manager (from now on: NPM), which is just Nginx with a friendly UI.

NPM exposes ports 80 and 443 and redirects traffic to each container as per the proxy rules specified, a regular old reverse proxy configuration. All containers are instructed to connect to a bridge Docker network so NPM can  ...

This seems to be network issues between Redis cluster (Deployed on our site's on-prem worker node) and Redis client (On GCP VM that is connected to our site via Cloud VPN). Specifically, the issue is related to the unresponsiveness of the Redis clients (i.e. redis-py or redis-cli) when using the info stats / info memory commands (Large TCP Packets) while connected to the Redis cluster deployed on  ...

I'm building a complete solution to setup and harden our vps (ubuntu 22.04) with bash script and Ansible playbooks. What I want to do is the following:

1. Create a custom group "sudogroup" with sudo privileges
2. Create a new user "sudouser" in this group
3. Secure SSH connection to this user with keys pair
4. Execute my Ansible playbook as "sudouser" instead of "root"

I'm doing this with the following bash scrip ...