Latest Server related questions

Preface:

I use a windows EC2 instance with a role attached that allows it access to specific AWS Secrets Manager secrets. We never use access keys directly. The app running on the instance needs to be able to pull these secrets.

The end-user of this instance is currently required to RDP into that instance in order to perform their task. The end user is never directly aware that they can access the secr ...

To preface: there are lots of other useful questions (e.g. this and this) on possible causes for different sizes reported by df and du. None of the explanations apply to my exceedingly simple case, however, hence this new question.

I have a very simple scenario: I have two identical 5 TB Seagate hard drives purchased at the same time (a few months ago), with their original NTFS formatting. Hard drive A i ...

Recently I had an issue on an EC2 instance. The site running there was unavailable for 2 hours:

CPU utilization for the past week:

The rest are around the time it happened:

The systemd journal around that period.

What I can see there? At around 20:31 it looks like things get slow:

Job execution of per-minute job scheduled for 20:30 delayed into subsequent minute 20:31. Skipping job run.

Jobs  ...

Below code will create a service while creating subnet. Is there anyway to create a delegation to existing subnet? The main purpose is, below code will be create error for policy Deny-Subnet-Without-Nsg. So, creating this subnet directly in the vnet block.

resource "azurerm_subnet" "example" {

  virtual_network_name = azurerm_virtual_network.aksvnet.name
  name                 = "aks-postgres-sub ...

These are the logs down below.

[DESTROY] udp      17 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 packets=3 bytes=216 [UNREPLIED] src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 packets=0 bytes=0
    [NEW] udp      17 30 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 [UNREPLIED] src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0
    [NEW] udp      17 30 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 [UNREPLIED] src=0.0.0.0 dst=0.0.0.0  ...

Everyone knows that there are 4 steps to a DHCP handshake.

Everyone talks about DORA (Discover, Offer, Request, Ack) and the "happy path" to getting an address, and this is the most common and important information.

However, there are DHCP options to be considered too. Lots of places talk about the options, their numbers (if relevant), their names, etc., but I am having a hard time finding when they ar ...

I have an authentication server, that return an id Cookie that should be used by the client for the followed request, but the nginx proxy don't return the id cookie to the client over the proxy.

   location /cim/session/api/ {
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-NginX-Proxy  ...

Is it possible to forward url to subfolder traefik loadbalancer server? For example define backend server url to http://myserver/myfolder/my

For example:

 [http.services.appv2]
    [http.services.appv2.loadBalancer]
      [[http.services.appv2.loadBalancer.servers]]
        url = "http://private-ip-server-2/"

Above is normal usage, but I want to do it like: '

 [http.services.appv2]
    [http.service ...

I am trying to link up a dummy email address to two different email addresses:
contact@example.com -> user1@example.com and user2@example.com
This would mean that mail sent to contact@example.com would also get BCC'd or forwarded to user1@example.com and user2@example.com

I am having trouble with the recipient_bbc_maps config:

# /etc/postfix/main.cf
recipient_bcc_maps = pcre:/etc/postfix/recipient_b ...

I am giving a laptop to an employee to use at home. The user logs in with an AD domain account, and then connects via OpenVPN. Normally this works fine, because the AD login is cached on the device and the user can log in before there is a connection to the AD. But with the new laptop, they cannot start OpenVPN without logging in, but cannot log in without the VPN connection.

OpenVPN also doesn't ...

I am having troubles installing numpy on my MacBook Pro (13-inch, M1, 2020) with Monterey 12.1.

When I pip install numpy 1.18 I get:

numpy/core/src/private/npy_fpmath.h:48:6: error: No long double representation defined

I am installing numpy as a dependency of deeppavlov so I cannot change the numpy version. Does anybody know how to fix it?

Thanks.

I have a Linode server that has been under load for a few hours. The configuration is 2 CPU Cores, 4GB memory, 80GB SSD storage mounted as 1 partition, 500MB swap. There's a second hard drive of 30GB which is also SSD. Software is Ubuntu 18.04, Apache 2.4.52, PHP-FPM (Most sites using 8.0, some on 7.2 and 8.1). I'm also using fail2ban and iptables for protection.

Here's the graph that Linode's da ...

Working with the Azure Cloud:

I am looking into a solution where I can have users authenticate via Azure AD so they can access an app hosted on a virtual machine. This is something very similar to CloudFlare Zero Trust Access. https://www.cloudflare.com/en-gb/plans/zero-trust-services/#overview

I have a private VM that I do not want to open to the world. I want to have the user authenticate via Azure AD  ...

We're in the process of planning the migration of our whole platform into AWS. The current thinking is that we will host our instances on EC2 and use FSx as the file system. However, I can't find anything about whether a separate FSx instance is recommended for each drive needed by SQL Server. It's good practice to split data files, log files and tempdb out on to different drives to minimise contentio ...

It feels like I've searched everywhere about this but I get lost in all the variants that exists.

What we want: To be able to login on our (on premise) Windows Servers using our Office365 credentials.

What we have: Windows Servers

What we don't have: Azure AD Local AD

Is this possible? If so, how? I need some pointers in the right direction, or even better a guide/tutorial.

I found out that this wa ...

After an update of Centos 7.2 to 7.9 an HTTP/2-enabled vhost/site started to behave weirdly: random js/ccs files are downloaded in the browser as zero-length empty ones, but with 200 status.

I cannot reproduce this in curl using --http2 switch (seems that this has something to do with complicated browser cipher/policy algos), but this is reproducible across several client machines and browsers. Nginx re ...