Latest Server related questions

I have a folder like this

$ ls -al /mnt/efs/main/
total 8
drwxr-xr-x. 3 root   root   6144 May 24 02:35 .
drwxr-xr-x. 3 root   root     18 May 23 23:59 ..
drwxrwxrwx. 2 nobody nobody 6144 May 24 03:04 html

I have an nfs server that has an exports like...

/mnt/efs/main/html .../24(rw,no_root_squash) 

but I get

exportfs: /mnt/efs/main/html requires fsid= for NFS export

so I add

/mnt/efs/main/ht ...

I have:

• A local Windows 10 PC running MySQL Server 8.0.33 on port 33060.
• A remote Ubuntu 20.04.6 LTS VPS running MySQL Server 8.0.33 on port 3306.

I want to create a reverse tunnel using PuTTY on my Windows PC so that my Ubuntu VPS is able to connect to my local MySQL instance running on port 33060.

For example, I'd like to connect via this command:

username@localhost:~$ mysql -h localhost -P 3 ...

In many firewalld config examples I see mention of the normal INPUT iptables chain, as well as one named INPUT_direct.

e.g.

$ sudo firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 \
  # etc...

$ sudo firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 1 \
  # etc...

What is the significance of INPUT_direct? Must I use it instead of INPUT?

And what is the difference between INPUT_dir ...

as I want to automatically handle redirection of https://site/page to https://site/page.php I've got an updated ngnix config that includes

location / {            
    try_files $uri $uri/ $uri.php?$query_string;
}

as the Azure web app container isn't persistent, I need to overwrite the /etc/nginx/sites-available/default at startup (and following a deployment from GitHub).

If I include a restart ...

I am running on Ubuntu 20.04.4 LTS. I have 2 drives in a RAID 1 array. One of them got acidentely disconnected but is now connected again.

raid1 sdb1[1] sda1[0]

I have [U_]

How do I synchronize?

Maybe mdadm --manage /dev/md0 -a /dev/sda1

I have setup Gitea on an Ubuntu server using this docker-compose config:

version: '3.9'
services:
  db:
    image: docker.io/bitnami/postgresql:15
    volumes:
      - 'db_data:/bitnami/postgresql'
    environment:
      - POSTGRESQL_DATABASE=gitea
      - POSTGRESQL_USERNAME=gitea
      - POSTGRESQL_PASSWORD=gitea

  gitea:
    image: docker.io/bitnami/gitea:1
    volumes:
      - 'gitea_data:/bitn ...

I've utilized Nginx 404 Not Found when entering a specific url path to help be fix a 404 error that has been occuring when I copy any specific page path of my site into the search bar ( ie "example.com/hello" instead of "example.com"). There is no trouble reaching these paths through the initial homepage navbar itself. It also sends 502 error whenever the page is refreshed.

I am using nginx 1.18.0 ubuntu ...

I have a single tower that has windows server 2022 on it. Everyone RDP's into that with different users to access the necessary software. After 5 minutes of inactivity the user should be logged out with the exception of one user sitting in the control room where that should be running all day. My original solution was to go to local group policy editor and go to computer configuration -> windows sett ...

I am trying to add a 2nd disk to a CentOS 8 instance and I want to extend the entire storage utilizing all the available extra space;

• 1st storage: 40 GB
• 2nd storage: 100 GB (added later)

The problem is I can't seem to find the expected /dev/mapper/cl-home (mounts to /home) volume! Of course I am missing something here. All the guides over internet are either about mounting the extra space to some  ...

I'm using kOps 1.26.3 and Kubernetes 1.26.5, running on AWS. After upgrading with kops upgrade cluster, metrics server stopped working.

It is installed using this on cluster manifest:

  metricsServer:
    enabled: true

Some resources, like the service, are created. But there are no metric-server pods, nor deployments:

$ kubectl get service metrics-server -n kube-system
E0523 12:28:33.191542   3515 ...

Or put another way, when I see @OWNER in a nfs4 ACL does this @OWNER refer to a local Unix/Linux user?

I need to make an AD user (without a corresponding local account) the owner of a directory on a CentOS server.

When I say "without a corresponding local account" I mean the target directory is owned by a local service/app account that is not bound to any network (AD/LDAP/Kerberos) identity.

Thanks.

I followed the steps in the link below to install the Edge policy templates into Active Directory.

https://pureinfotech.com/install-microsoft-edge-group-policy-templates-windows-10/

However, after doing so, I am noticing that all of my other policy templates are missing from GPO. For example, I am no longer able to see Control Panel, Desktop, Network, Shared Folders, etc.

What is the correct way to im ...

A client has contacted me, requesting to deploy a custom solution (python API and a react application) to his GoDaddy server.

I successfully established SSH connection (which was hell, I had to enable SSH access from 2 different places and use keys + passwords), then I was given a terminal. I tried to look around the cpanel for any info at all regarding the linux version, couldnt find any so I du ...

I'm developing my application with 2 containers: apache and php-fpm.

Apache serves requests, and delegates PHP execution to the php-fpm container in its vhost:

    <FilesMatch .php$>
        SetHandler "proxy:fcgi://myapp-php-fpm:9000"
    </FilesMatch>

The two containers share a single volume that contains the application code.

The location of that volume is different in each of the contain ...

We have a windows server running Tomcat 7.0 which the SSL certificate has expired. We have a new certificate, but are unsure of how to update it to the new one. Can anyone help?

I've been working on setting up our Autopilot onboarding with our Hybrid AD. I have managed to join a device to the domain successfully, but I have noticed some differences against when we do this manually.

1. The device shows as Azure AD Registed in Azure AD, rather than Hybrid Azure AD Joined (it was originally displaying as Azure AD Joined). The device exists in our on-prem AD.

2. On the device itself ...

I'm attempting to achieve a somewhat standard bridged netns setup with a veth pair, with one end in the ns and the other on the bridge :

iptables -t nat -A POSTROUTING -o eth0  -j MASQUERADE
iptables -A FORWARD -i eth0 -j ACCEPT
iptables -A FORWARD -o eth0 -j ACCEPT
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

sysctl -w net.ipv4.ip_forward=1

ip netns add sns
ip link add br0  ...

The email address of the sender of our newsletter is used for phishing purposes. We do have a valid SPF record (ends with -all) and dmarc on our domain (confirmed by mxtoolbox.com : every checks are green/good). However, some hotmail.com and yahoo subscribers are receiving the bad messages.

Delivered message header example (replaced my domain by mydomain.com):

Received: from AM0EUR02FT053.eop-EUR02.pr ...

I have a file that looks like the following:

/path/to/a/very/long/path
       0 0 0 0 0 0

I need to move the line starting with a number (this can be any value not necessarily 0) to the end of the preceding line so that it looks like the following:

/path/to/a/very/long/path 0 0 0 0 0

Have 2 hosts my_host1, my_host2 This code work for my_host1, I also need run it for my_host2 Can be overridden hosts value on ansible main.yml task without changing string "hosts: my_host1" in init playbook.yml? Command line --extra-vars is not the solution for me.

Thank you

---

#init playbook.yml
- name: run role test
  hosts: my_host1
  roles:
   - role: test_1

---

#main.yml in role test_1

   -  ...

I am currently replacing 4 2012 domain controllers with 4 new 2022 domain controllers. I have run into an issue with the certificate authority as there were two enterprise root CA's installed on the domain. 3/4 of the new domain controllers received their domain controller cert from a CA that I will need to remove. The other CA will be migrated to one of the new domain controllers. What is the process t ...

I'm trying to authenticate my FTP users from Active Directory using LDAPS over SSL (port 636).

I managed to get it working using simple LDAP on port 389 and now I would like to increase security!

OS is Debian 11 x64 up to date

ProFTPd version :

# dpkg -l | grep proftpd
ii  proftpd-core                   1.3.7a+dfsg-12+deb11u2         amd64        Versatile, virtual-hosting FTP daemon - binaries
ii ...

Came across a use case where I need to block an IPv6 address from accessing a site. It is fairly simple to block an IPv4 address by skipping the specific address from the whitelist range. Does any one know how to do a similar thing with the IPv6 address or is it even possible?

PS: Whitelisting is the only option I have, no blacklisting option. I am not very good with the networking concepts of IP ...

Hello,

Google is currently indexing query string URLs of my website. Google has currently indexed almost 112k URLs that all of are duplicate versions of other URLs causing my website to slow down and negatively affecting my SEO.

The structure of the query strings URL is as follows: https://example.com?te=6.18.1346158.4.18.76.huffy+blue+and+white+bike

I contacted the search community earlier and t ...

Per requirements, I did installed all the required packages, however amazon.aws.s3_object is one of those things:

• couldn't be resolved/found
• was not found in configured module paths

step(s), I used to re-produce my issue:

% docker run -it debian:stable-slim bash
root@6140e6e2c06c:/# apt-get -qq update && apt-get -yqq install ansible python3-boto3 python3-botocore
root@6140e6e2c06c:/# un ...

I will launch and administrate a Linux storage server: 4U, HBA LSI 9500-16i Tri-Mode, hybrid. It wiill possess 12 positions for the HDDs/SSDs in the back, 24 positions in front. There is an expander that allows to combine NVMe/SAS. My question is how to efficiently maintain the structure of the HDDs throughout the lifetime of the server.

At the beginning, less than half of the positions will be o ...

Here is my configuration.

server {
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
        server_name _;

        ssl_certificate /etc/ssl/certs/nginx-self.crt;
        ssl_certificate_key /etc/ssl/private/nginx-self.key;
        ssl_client_certificate /etc/nginx/client_cert/ttca.pem;
        ssl_verify_client on;
        ssl_verify_depth 1;
        
        loca ...

I have installed debian 11 and pam-ldapd. Now, I want to setup authenticating for openvpn with pam. When I wanted to test it with 'getent passwd' command, I got only local users response.

Can you help me please, how to setup it?

My nsswitch is here:

passwd:         files systemd ldap
group:          files systemd
shadow:         files
gshadow:        files

hosts:          files dns myhostname
networks:  ...

I have running a proxmox server with two VMs which are connected to the bridge interface vmbr0:

• Host: 10.10.10.1 (extern IP: 123.123.123.123)
• VM1: 10.10.10.2
• VM2: 10.10.10.3

On VM2 a load balancer is running on port 443 (and yes I want to have it there and not on the host machine). I added a prerouting iptables rule to forward all incoming traffic on port 443 to VM2. This rule is working and allows to c ...

In my custom firewalld zone file, I defined various ports, and this:

<interface name="eth0"/>

The firewall works as expected, whether I include that or not.

Is it strictly necessary? Are there unintended consequences to removing it?