Latest Server related questions

I'm trying to debug a problem in which my Windows host resolver will not resolve a particular DNS name (FQDN).

I notice that if I call the Windows nslookup command as follows,

nslookup x.y.z.cloud

(x.y.z.cloud is a stand-in for the actual name), the request times out twice with no reported results.

However, if I call

nslookup -v x.y.z.cloud

or

nslookup -v -debug x.y.z.cloud

it does not report  ...

I'm using letsencrypt in two ways: a docker stack using certbot, and another using traefik (which performs certificate management automatically, using lego). In both cases there's a setting for the registration email address.

Is that email address stored in the certificate, or elsewhere? And can anyone (other than letsencypt) discover that email address?

Recently I converted a bare-metal Server 2022 machine to a Hyper-V guest VM. I used Veeam Windows Agent 6.0 (Free) to back up the bare metal machine and restore it as a virtual machine. I created two dynamically-expanding VHDX disks for the restore of the system drive and data drive. The system seems to be working fine, but I am now getting these warnings from the virtual machine:

"Application Ev ...

I'm trying to create a fail2ban filter that will match successful authentications. An example log entry looks like this:

[2023-05-25 18:41:00] VERBOSE[26149] res_pjsip/pjsip_options.c: Contact user/sip:[email protected]:47682;transport=ws;x-ast-orig-host=b0cnalpndgjm.invalid:0 is now Reachable.  RTT: 27.843 msec

I am not well-versed in creating fail2ban filters, but here's my attempt (I started by ...

Recently i bought another domain, and i have all of them on 1 hosting. My hosting provides me only with htaccess file where are all redirects from subdomains made. The folder structure now looks like this:

\---www
    |   .htaccess
    |
    \---domains
        +---example.com
        +---site.test.net
        \---test.example.com

but because there is lot of folders with different domains and subdomai ...

k8s StatefulSet:

apiVersion: v1
kind: Service
metadata:
  name: my-web
  labels:
    app: my-web
spec:
  ports:
    - name: http
      port: 8080
      targetPort: 8080
  selector:
    app: my-web
  type: ClusterIP
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: my-web
  labels:
    app: my-web
spec:
  serviceName: my-web
  selector:
    matchLabels:
      app: my-web
  template:
    me ...

I'm not recieving error messages from my server, because they get bounced by my email provider for having an invalid "To:" address.

I have a working mail setup - I can use mail to send email addresses as root or myself, and they appear in my inbox from the address specified in /etc/email-addresses. It's a basic Debian smarthost setup.

root@statler:/etc/exim4# cat /etc/aliases
# /etc/aliases
mailer-d ...

I have configured a VPN server and VPN client with strongswan with the following ipsec.conf configuration settings

Server ipsec.conf

conn ikev2-vpn
    also=rw-base
    auto=add
    compress=no
    keyexchange=ikev2
    forceencaps=yes
    rekey=no
    
    left=%any
    leftid=@xxxx
    leftcert=fullchain.pem
    leftsubnet=10.0.3.0/24
    #lefthostaccess=yes
    leftfirewall=yes
    
    right=%any
 ...

Is there a specific search filter I can use to see all admin activity in the Audit log in GitHub?

I'm specifically looking for admin changes to repository merge checks and any instance of an admin overriding merge checks in order to merge a PR. Is there a list of actions I can search for somewhere (I can't find this in GitHub's documentation)?

Bonus question: is there any way to send reports or aler ...

I would like to be able to duplicate the list of enabled systemd units from one machine to another.

A systemd unit is enabled or disabled based on the existence (or lack) of a sym-link. At this time, the best tool I've been able to think of is tree or perhaps find? So, in theory, I could script something up; but isn't there already a tool to do this?

In a perfect world, it would scan all the vario ...

I've installed mailcow dockerized on ubuntu 22.04 host. There is some instruction how to setup local mtu with postfix (sendmail is ubuntu default) https://docs.mailcow.email/post_installation/firststeps-local_mta/. Following this instruction I installed postfix and setup it, so now the command:

echo test | mail -s "test message" root

sends a test message, that can be read by root user using command

My organization has acquired a lot of Microsoft Cloud services (Teams, SharePoint Online, OneDrive, Office 365). All our users have a OneDrive account, but they are not all using it yet. Additionally, some users have added a link to their Teams channel file share into their Windows Explorer menu (it shows after the user's OneDrive share). This was done by opening the teams channel in SharePoint and Syn ...

What I'm trying to do is setup a custom domain name so that it can be cloned as a git repository using git clone.
For example,

$ git clone https://my-domain-name.tld/ # would be cloned into my-domain-name.tld
# and
$ git clone https://my-domain-name.tld/my-repository # would be cloned into my-repository

I don't actually want to host the repository itself on my server, I just want to configure th ...

I am trying to set up multiple MySQL versions using Homebrew. I have already been using MySQL 8.*, which is running fine. However, due to some old project requirements today, I have installed another version of MySQL (5.7). Now when I switch to [email protected], it gives me the following error.

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

Please have a look at ...

My default bridge network isn't working properly.

So I spinned up 2 containers, one is for mongodb and one is for ubuntu. These are the commands:

docker run -d ubuntu bash

docker run -d -p 27017:27017 mongo

These are the results for the default bridge inspect.

[
    {
        "Name": "bridge",
        "Id": "eb4d37858eeafc8e05061f4a28d6b6a5754ad92476f5361f9c624636a335d1b4",
        "Created": "2023 ...

We have web api with multiple endpoints behind nginx (1.18.0 on Ubuntu 20) proxy. Everything works fine but one scenario. When user whith our company's Android app tries to upload attchment using one specific endpoint to server behind nginx and one's network connectivity is quite poor one's POST requests simply don't reach the server. All other endpoint are reachable with no problems. As a ...

So I wanted to experiment with this smbprotocol in local docker (compose) network controlled environment and in all my attempts, I've been able to solve a lot of issues that always seem to return me to this issue. Here is my smb.conf:

[global]
workgroup = WORKGROUP
server string = Docker Samba Server
; server role = standalone server
server services = -dns, -nbt
server signing = default
server mult ...

I have rented several cloud servers from Hetzner. These are all on a private network (10.20.20.0/24), with only one server of them even having a public IP.

Following this German tutorial, I want to set up a site-to-site connection to my network back home. In part 3 of the tutorial, starting at about minute 14:00, it is shown that Hetzner requires a special setting for the NAT (outbound NAT, see sc ...

We have some clients (networks) which are connected via VPN to our server network. Let's say client has e.g. 192.168.0.1/32 and our server network is on 10.1.0.0/24.

So the issue now with this client is, that they're already using the 10.1.0.0/24 themselvs, so we cannot have our range on the clients side. Please note, that configuring the clients network is not in our hand.

To avoid issues, we decide ...

We use a email setup (incoming mails) in the following order:

Internet -> on premises mailserver (=> attachment filter, antivirus, spam filter) -> forward to Microsoft 365 Exchange Online using hosted SMTP Relay (postfix on our web server).

My problem is, that mails, Microsoft recives, are failing the SPF check because the forwarded mail gets the sender ip adress from our SMTP relay.

Is there  ...

1. My environment:

• MIT Kerberos server on Red Hat 8.8
• PostgreSQL server v15.3 on Red Hat 8.8
• PostgreSQL client v15.3 on Ubuntu 22.04 Desktop

2. I have configured PostgreSQL server to use Kerberos. On my Ubuntu Desktop where PostgreSQL client is installed, I can successfully establish Kerberos connection with PostgreSQL server using psql client.

3. On Ubuntu Desktop I have installed pgadmin4 using apache2 ser ...

Given the following configuration (reduced to the relevant parts):

/etc/nginx/nginx.conf:

http {
  # ... general configuration stuff here ...

  map $http_user_agent $isbot_ua {
    default 0;
    ~*(GoogleBot|bingbot|YandexBot|mj12bot|PetalBot|SemrushBot|AhrefsBot|DotBot|oBot) 1;
  }

  map $isbot_ua $limit_bot {
    0       "";
    1       $binary_remote_addr;
  }

  limit_req_zone $limit_bot zone=bots ...

I need to connect to works VPN using AWS VPN Client v3.5.0, but when I do this I get severe lag on DNS lookups for public domains

This does not happen when the VPN is disconnected and it is not an issue for any other team members, however as far as I know they are not on Win11.

I have:

• Checked that there is no other VPN client installed
• Disabled IPV6 on both my wi-fi connection and the vpn connecti ...

I try to create a S2D with my HP DL380 Smart Array B140i. I have all bays with SSDs and want to use bays 5-8 for a S2D. I need to configure the array controllor (or the BIOS?) to make the drives transparent for the operating system (Windows Server 2019 Datacenter). How can I do that?

If I don't assign the drives to an array I can't see them in the OS.

Thanks!

I'm working on migrating my Mongo database to Azure Cosmos. I'm using the MigrationMongoService Azure Database Migration Service but when I create a project, it fails because of connectivity problems.

I think the problem might be due to me having that Mongo in another machine for which you need access via VPN.

So maybe Azure doesn't have that access although I'm connected to that VPN in my local? ...

We have this scenario : I to increase the disk space of one of our VM,

Disk details :

root@Test-01:~# blkid
/dev/vda2: UUID="0eae0eb4-92ed-45ec-aa99-6d606f17e70a" TYPE="swap" PARTUUID="06cf22a2-02"
/dev/vda1: UUID="b5e223df-9f41-4e4c-aa8d-e4529fa28424" BLOCK_SIZE="4096" TYPE="ext4" PARTUUID="06cf22a2-01"


root@Test-01:~# lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
vda    254:0    0  150G  0 disk ...

Our Server hosting PHP web application is facing frequent downtime

Server Information [Nginx, FreeBSD] Web application [PHP 5.6, MYsql 5.7]

I have gone through the Nginx logs and below are my findings

error.log has some below logs

2023/05/31 19:48:16 [error] 1456#100101: *7408 open() "/usr/local/www/html/uploads/files/22816683587.pdf" failed (2: No such file or directory), client: 5.255.231.177, s ...

I am setting up an application using CapRover (moving from just a single ec2 instance after a hardware failure knocked the whole thing offline). I have everything containerized in Docker, it's all stateless so I don't need persistent storage, and it's just about ready to go. However, I'm discovering that while CapRover can obviously scale the application easily by adding as many worker nodes as necessar ...

I recently was working on a problem for a user at work. The basic problem was they had a bank scanner that connects directly to the bank but it wasnt working on our network.

The domain name was usb.rdmscanners.net when I tried to resolve this in our domain I wasn't able to but I tried externally and was met with 192.168.253.1 bear in mind this is using Oracle’s public DNS

The issue has been fix ...

I have a brand-new local Terraform project that I have just cloned from gitlab. I have not made any changes to the code, but when I run terraform init I get the following error, repeated for every module in the project:

Error: Failed to download module

Could not download module " <module name>"
(<filename>.tf:<line #>) source code from
"git::<gitlab address>":
error downloading
'& ...