Latest Server related questions

Maybe I'm not using the right terms so allow me to explain myself using an example. Connecting over SSH as user "centos" and executing cat /etc/passwd in my Centos7 machine I get:

centos:x:1000:1000:Cloud User:/home/centos:/bin/bash
www:x:1001:1001::/home/www:/sbin/nologin

Now, if try sudo su www - I get: This account is currently not available.

That according to my limited knowledge is due to the

I am trying to configure a failover for a ISC dhcp server running on Linux that has dynamic-bootp range declaration.

The configuration file looks like this (I am trying it locally first, therefore private ranges):

authoritative;
log-facility local7;
shared-network "vm-net" {
failover peer "failover-partner" {
     secondary;
     address 192.168.122.4;
     port 647;
     peer address 192.168.122.3;
  ...

What I am presenting here is a simplified version of my setup and the syntax is wrong.

I have a list of high level "agents" that I want to deploy as pods on a kubernetes cluster.

Some nodes in this cluster have special hardware, some don't, but all the pods should use the same container.

Could look like (again: syntax is wrong):

agent1 wlan
...
agent8 wlan
agent9 wlan rs232.1
agent10 wlan rs232.2

I'm testing a rabbitmq instance upgrate scenario that looks good but throws an Erlang error when I try to stop the new version instance.

"Old version" of RabbitMQ RMQ 3.8.5 erlang 23.0.2

"New version" of RabbitMQ RMQ 3.9.10 erlang 23.2.7

The new version start well. I can send/receive messages but when i stopped the service some error comes into logs:

021-12-09 13:23:53.489319+01:00 [info] <0.48 ...

I'm trying to implement a solution to identify if there was an idle time of X minutes between two requests.

For this, I'm planning to use the following approach.

1. Initially, set a cookie from the application side. The expiry time of this cookie is set to X minutes.
2. Whenever there is a request, in nginx, I will check if the cookie expiry time is passed or the cookie is available.
3. If the cookie is a ...

I've been blocking my site for HTTPS for 2 days now (VPS Server, Node.js, Nginx, Unbuntu). I ordered a certificate from an organization, so I received 4 certificates.

From what I understood, I had to create a .key and .csr (which include my personal data) with this command:

openssl req -new -newkey rsa:2048 -nodes -keyout domainname_com.key -out domainname_com.csr

After that I had to bring together the 4 ...

I know that this is a valid systemd unit configuration file syntax:

[Unit]
RequiresMountsFor=/mnt/foo /mnt/bar
...

Recently, I've seen a multiline variant of the above:

[Unit]
RequiresMountsFor=/mnt/foo
RequiresMountsFor=/mnt/bar
...

Are these two syntaxes semantically equivalent?

I checked the RequiresMountsFor option in the systemd.unit manpage, which explicitly states: "Takes a space-separated list ...

I have the slapd/stable,now 2.4.57+dfsg-3 amd64 Debian 11 package. I read the official OpenLDAP documentation and Debian article.

But I cannot understand the difference between the multiple configuration files.

I know the best practice is to use the dynamic OLC (OpenLDAP Configuration) method over the legacy slapd.conf static file.

I saw the package ships with 2 other static configuration files, the ...

I'm trying to work out why MySQL is hitting 100% over the past week:

It's a server that does network/server monitoring called LibreNMS.

Top: https://pastebin.com/1qypfm0n

Here I access MySQL and look at the processes: https://pastebin.com/zCVMh2cL

and full processes https://pastebin.com/0ZFhqpiF

I then found a tool called MySQLTuner, but I'm not experienced enough to understand the results: http ...

i succesfully created a simple WEF setup between two domain server (WS2019) it's all working great while it remain in HTTP protocol.

Once i try to take the leap to HTTPS, no more logs is going to the WEC server.

i got certificates on both host issued by the same CA i followed multiple procedures i found online and redo stuff while i was tshooting.

i can't manage to get this work.

on the wec server, in the ...

I'm having an issue, where after a couple of seconds of no queries my ProxySQL seems to lose connection to the database server, I have a single Azure MySQL as a service DB and I'm running ProxySQL on Kube in Azure, when I run

LOAD MYSQL SERVERS TO RUNTIME;

on the admin side, the connections work flawlessly as long as I keep running queries, but as soon as I don't run any query for about 10 secon ...

I have Nginx 1.18 (not dockerized) to host a REST API application (running in a Docker Container) on Ubuntu 20.04, and I try to set proxy_request_buffering off to allow uploading large files with streaming. Here it is my server blocks:

server {
   server_name mydomain;
   location ~ ^/(api|static\-data|static\-files)/ {
     proxy_pass         http://127.0.0.1:5001;
     proxy_http_version 1.1;
     proxy ...

I want my office/excel to accept only VBA code from my own trusted publisher. So I've selected the following: Disable VBA macros except digitally signed macros

• Require macros to be signed by a trusted publisher
• Block certificates from trusted publishers that are installed in the current user certificate store
• Require Extended Key Usage (EKU) for certificates from trusted publishers

Next to this I a ...

I am currently trying to catch failed SSH login attempts with certificate based authentication (certificate correct but wrong password) using fail2ban version 0.11.2-2 (running on Debian 11).

Therefore I created a new file /etc/fail2ban/filter.d/sshd.local with the content

[Definition]
failregex = %(known/failregex)s
            ^%(__prefix_line)sConnection closed by authenticating user <F-USER& ...

I am using react as my font end, and nodejs as backend which is running on localhost:3016 and I used nginx as reverse proxy and load balancer; this my nginx conf file for the site

upstream load_balance{
    #least_conn;
     #ip_hash;
    server  localhost:3016;
    #server localhost:8010;
    #server localhost:8011;
    #server localhost:8012;
    #server localhost:8013;
    #server localhost:8014 ...

I know that in order to migrate mail, I have to create a project through Google Cloud Platform. Here, it appears that the organization and ID are registered.  However, it is said that there are no organization in the process of creating the project. Look at the screen I captured. Error screen.

How do I solve this problem?