[00:11] <Guest13916> a
[00:39] <Teduardo> anyone here have grizzly working on 13.04?
[00:45] <LargePrime> kevireilly: If you have a moment
[00:45] <LargePrime> can i PM you
[01:15] <izanagisan> hi all. I have a quick doubt: just noticed Ubuntu-Server 12.04 installs the LAMP stack with php 5.3.10 instead of the latest php4
[01:15] <izanagisan> err
[01:15] <izanagisan> I mean
[01:15] <izanagisan> oh, ok, I misread
[01:15] <izanagisan> everything's ok
[01:15] <izanagisan> thought it installed php4 instead of 5
[01:59] <LargePrime> The following command is duplicating the final source dir under the destination dir.  can you say why?
[01:59] <LargePrime> scp -r /home/user/stuff/ auth@ip.that.i.have:/home/user/stuff/
[02:00] <LargePrime> it ends up in /home/user/stuff/stuff/
[02:01] <sonofzeus> I just installed phpmyadmin on ubuntu desktop and at the configuration screen I just clicked ok without selecting apache2 or lightppd whereas I've to select apache2 now how shall I select apache2?
[02:01] <sonofzeus> Anyone?
[02:03] <hachre> the menu?
[02:04] <hachre> try dpkg-reconfigure phpmyadmin
[02:05] <hachre> with sudo if you arent root
[02:06] <hachre> sonofzeus
[02:06] <sonofzeus> Im here
[02:06] <sonofzeus> sorry
[02:07] <hachre> hehe no worried, just wanted to trigger your highlighting by saying your nick in case you were coming back later ;)
[02:07] <hachre> worries*
[02:07] <tsimpson> LargePrime: -r copies directories, so you're asking it to copy over the /home/user/stuff directory
[02:08] <sonofzeus> Theres a red cursor and how shall I select apache2
[02:08] <sonofzeus> Im kinda new to this stuff
[02:08] <hachre> tab, cursor keys enter
[02:09] <sonofzeus> Oh no its not working
[02:09] <sonofzeus> I cant select apache2
[02:10] <hachre> space if it is a checkbox
[02:10] <hachre> to check it
[02:10] <sonofzeus> Thanks :-)
[02:10] <hachre> :)
[02:11] <Teduardo> anyone here built an openstack deploy on 13.04 yet?
[02:12] <sonofzeus> Yay it worked love ya hachre
[02:12] <hachre> np ;D
[02:52] <LargePrime> tsimpson: So it will append the Dir onto the end of the destination.  ok GREAT.  thanks
[03:01] <LargePrime> I am doing a stupid file copy from one file server to another file server
[03:02] <LargePrime> via ssh
[03:03] <LargePrime> is there a way to do this so that if my connection is interrupted it will complete?
[03:03] <mardraum> use rsync
[03:04] <ia0001> anyone know anything about webservers
[03:04] <mardraum> they serve web pages
[03:04] <ia0001> yeah why cant i connect to it from my Android
[03:04] <ia0001> i did port forwarded
[03:05] <LargePrime> thanks mardraum
[03:08] <sonofzeus> Hi there
[03:08] <sonofzeus> Anyone here uses phpmyadmin?
[03:08] <sonofzeus> I'm facing the privileges bug , any fix or workaround?
[03:45] <ia0001> i use phpmyadmin whats the problem
[03:46] <ia0001> dont let anyone use phpmyadmin but you
[03:46] <ia0001> refresh your browser and clear your data
[03:58] <sonofzeus> Hey there
[03:58] <sonofzeus> I edited something in terminal using nano how shall I save it?
[11:13] <dan2077> Hi, I'm trying to create a screen session with a bash one-liner. Can someone help me?
[11:17] <RoyK> !ask | dan2077
[11:32] <dan2077> I'm trying to exec a bash one-liner while starting screen. After entering this cmd, no new screen seems to have been created: http://pastebin.com/v2hD8dH7
[11:36] <RoyK> not sure - sorry - perhaps others my know
[12:16] <zastaph> by default ubuntu has myserver in /etc/hostname and 127.0.0.1 localhost; 127.0.1.1 myserver in /etc/hosts .. I need a fqdn for Postfix though (just local network) so I do 127.0.1.1 myserver.local myserver .. however other computers on the LAN can only see myserver not myserver.local .. Naturally because the hostname is the only thing added to my routers DNS by default.. what would be
[12:16] <zastaph> the natural way to make other computers see the fqdn too?
[13:23] <rbasak> zastaph: for .local? Install avahi-daemon to advertise your hostname with .local on your LAN. But note that this is Zeroconf, which is a slightly different concept from what your system's FQDN is (which it looks like you've done correctly).
[13:25] <rbasak> Or alternatively perhaps your router will do the right thing if configure your DHCP client to send the FQDN as its client identifier.
[13:27] <bjensen> I want to make it very easy to get a physical box up and running. I have chef configured. Once I get a fresh ubuntu 12.04 with network connectivity, its all non-interactive. But I need to get ubuntu lts 12.04 server installed from scratch. Im thinking usb boot non-interactive with predefined settings on partitions etc, does anyone have pointers on which tools / direction I should go?
[13:28] <RoyK> you can't do an interactive install?
[13:28] <bjensen> RoyK: sure I can, but I want to be able to not do it.
[13:29] <RoyK> tried googling it_
[13:29] <RoyK> ?
[13:29] <bjensen> The best solution would be to be able to pop in a usb stick and hit reboot and select the  usb as boot device  and then done
[13:30] <bjensen> RoyK: Ive googled and found ubuntu-builder and remastersys (not being actively developed anymore). So I came here for advice
[13:31] <zastaph> rbasak, interesting. Didn't hear about avahi or zeroconf before now. I would like both myserver and myserver.local to be advertised on my LAN. usually I just access by myserver. myserver.local is only because some apps require a fqdn.
[13:35] <zastaph> rbasak, if I choose the alternative solution, where would I configure my DHCP client in ubuntu server ?
[13:35] <rbasak> zastaph: define "advertised on my LAN". If you want to advertise using Zeroconf, by spec the name ends in .local.
[13:36] <zastaph> well advertised to my router
[13:36] <rbasak> AFAIK, you can't advertise just a hostname. But I suppose you could add .local to your search list at the client end
[13:36] <zastaph> yes but then I would need to do that on all my computers right? the point is to avoid that.. all my computers can ping whats in any other computers /etc/hostname as is
[13:37] <rbasak> DHCP client identifier configuration is in /etc/dhcp/dhclient.conf I think
[13:38] <rbasak> Perhaps its host-name that will help you, rather than dhcp-client-identifier
[13:39] <rbasak> bjensen: look into "preseeding".
[13:40] <RoyK> bjensen: https://help.ubuntu.com/community/Installation/UnattendedCD ?
[13:41] <bjensen> cool thanks guys Ill check it out
[13:42] <RoyK> bjensen: that was my first hit on google :P
[13:42] <bjensen> RoyK: you googled unattended?
[13:42] <RoyK> I googled "ubuntu unattended install"
[13:42] <bjensen> the hard part, when using google, is knowing what to google for
[13:42] <bjensen> I googled ubuntu usb install non interactive
[13:42] <bjensen> :p
[13:43] <patdk-lap> isn't this what preseed was made for?
[13:44] <bjensen> pre seeding seams to be what I am looking for :)
[14:00] <mwcampbell> I know that libvirt sets up a NAT'd local network on the virbr0 interface. What if I want to allow incoming connections from one of the host's IP addresses to a VM on that NAT'd network? Do I need to set up iptables rules myself, or is there a tool I should be using to do that?
[14:00] <mwcampbell> FWIW, I'm using ufw as my firewall. This is on Precise.
[14:05] <zastaph> bjensen, vagrant ?
[14:06] <bjensen> zapotah: I use that in my dev environment yes, but the questions in here aren't for vagrant :)
[14:26] <mwcampbell> With libvirt on Ubuntu Precise, I'm trying to figure out how to forward incoming connections on the host to a guest on the NAT'd network. The libvirt wiki has a hack based on a libvirt hook script. Is there any better option?
[14:39] <RoyK> mwcampbell: why not use a bridge instead of nat?
[14:41] <mwcampbell> RoyK: because our dedicated server hosting company (ServerBeach) won't allow that. It has to be NAT.
[15:16] <patdk-lap> mwcampbell, use proxyarp instead
[15:16] <patdk-lap> likely the issue with the hosting company is they locked the ip to a specific mac
[15:17] <patdk-lap> so bridge wouldn't work, but proxyarp looks the same as nat to them
[15:18] <Teduardo> it's likely that they actually are using BPDU guard on the port
[15:19] <Teduardo> and when you send a BPDU to the port they shut your interface down
[15:20] <mwcampbell> patdk-lap: No, I don't think that will work either. I've allocated a secondary IP from the hosting company for the VM, but the secondary IP is on a different subnet from the primary, and I haven't been assigned a gateway on that secondary subnet. So I think they assume that I'll only use the secondary IP as an alias (eth0:0)
[15:20] <patdk-lap> that also
[15:20] <patdk-lap> who said you needed a gateway?
[15:21] <Teduardo> why don't you just have them route like a /29 to your server's external interface and then just setup a router on your server?
[15:21] <patdk-lap> when you setup the ip on the vm, use your machine as the gateway
[15:21] <Teduardo> or you can even do this via NAT
[15:21] <patdk-lap> teduardo, ya, they wanted him to do nat
[15:22] <patdk-lap> personally I would avoid nat all chances you get
[15:22] <Teduardo> the other option in all of these cases is "or find a host that will"
[15:22] <Teduardo> there are 30000 hosting companies
[15:23] <patdk-lap> hmm
[15:23] <patdk-lap> if the subnet is not directly on the lan
[15:23] <patdk-lap> then they have to route the ip to you
[15:23] <patdk-lap> in that case no nat or proxyarp is needed
[15:23] <Teduardo> Well, one IP obviously has to be on the LAN otherwise he can't get to the internet
[15:23] <patdk-lap> just have the host route that ip to the vm's nic
[15:24] <patdk-lap> ya, but that ip is on the host
[15:24] <Teduardo> yes, but the gateway is most likely also on the same LAN
[15:24] <patdk-lap> it's the ip for the vm he is having the issue with
[15:24] <patdk-lap> yes as the host ip
[15:24] <patdk-lap> if he uses is host as the gateway for the vm, no issue
[15:24] <patdk-lap> eitherway it will be using his host anyways
[15:26] <mwcampbell> I'm guessing that in any case, I can't continue to use ufw as the firewall on the host.
[15:26] <patdk-lap> now you will have to create your own static routes on the host and vm for that to work, but it's simple
[15:26] <patdk-lap> this has nothing to do with ufw
[15:26] <patdk-lap> if you purely route it
[15:26] <patdk-lap> just set a route up, on the host to the ip to your vm
[15:27] <patdk-lap> on the vm, you need to add a route to your host ip, and a default route
[15:27] <patdk-lap> then just configure ufw to forward packets for your vm ip
[15:28] <mwcampbell> Hmm, doesn't seem any less complicated than NAT.
[15:29] <patdk-lap> but completely transparent, unlike nat
[15:30] <mwcampbell> The guest OS is Windows. I'll want to keep the networking as simple as possible guest-side.
[15:32] <Teduardo> what is the host os?
[15:33] <mwcampbell> Ubuntu Precise
[15:34] <mwcampbell> I wouldn't be asking on this channel if it weren't :)
[15:37] <mwcampbell> And yes, I wish I was working with a hosting comapny that would provide us a /29. Not my decision.
[15:38] <mwcampbell> I think I'll just figure out how to forward incoming connections to the guest using NAT.
[15:39] <jacobw> It sounds like your doing SNAT to map the addresses of connections originating the private network to the public IP
[15:40] <jacobw> To map connections to the public IP to addresses in private network you need to do DNAT
[15:41] <jacobw> Check out this page, http://www.frozentux.net/iptables-tutorial/chunkyhtml/x4033.html
[15:43] <Teduardo> mwcampbell: if you dont want to do that just like i said have them route a /29 to your box, then just put one of the IP addresses of the /29 on the interface facing the virtual machine and then have the virtual machine use that IP as the gateway
[15:49] <mwcampbell> Can I add rules to the FORWARD chain (in the filter table) using ufw?
[15:49] <mwcampbell> Also, does ufw touch the nat table at all? It doesn't look that way
[15:52] <jdstrand> mwcampbell: ufw allows you to use the forward chain, but the cli command doesn't manage it. see 'man ufw-framework' for how it all works together
[15:56] <ia0001> anyon know why io
[16:06] <jacobw> mwcampbell: IMO, iptables is simpler than UFW, integrations aside.
[16:07] <ScottK> jacobw: ufw is just a front end for iptables, so that statement doesn't parse.
[16:12] <jacobw> I think that iptables is simpler in cases that UFW isn't designed to cover, and that it's simpler to detail with iptables directly except in cases that UFW covers.
[16:12] <ScottK> That makes sense.
[16:13] <ScottK> Use UFW for the stuff it was designed for and not other stuff.
[16:17] <jacobw> ScottK: Yeah
[20:07] <Quest> can I install applications on windows clients with a linux server, just in a way that active directory and domain control system does by the aid of a windows server? if not (most probably) are there any work arounds?
[20:41] <Quest> 1. can I install applications on windows clients with a linux server (to all clients at once with a single instruction), just in a way that active directory and domain control system does by the aid of a windows server? if not (most probably) are there any work arounds? 2. how to do all that if the clients and server are both linux based? (that would be easy i guess)?
[20:41] <daveyg> hi all
[20:43] <sarnold> Quest: you may wish to check serverfault.com to see if anyone has asked the same question and gotten any good answers
[20:43] <sarnold> Quest: it feels like you need a larger audience to find an answer to that question
[20:45] <Quest> sarnold,  hm. what about 2.?
[20:47] <sarnold> Quest: ah, for linux clients you could use landscape or parallel ssh tasks or salt or cfengine (does anyone still use cfengine?) or puppet or chef..
[20:48] <LargePrime> what i hate about linux is lack of choice
[20:50] <Quest> sarnold,   i can ssh multiple clients from server at the same time and run a command that runs on all clients?
[20:51] <sarnold> Quest: yes, there's a pile of tools to help there, you can either just shell-script it, but you probably want to go the next level and use a tool like pssh
[20:52] <Quest> sarnold,
[20:52] <Quest>  as i see the strategy, i make a user account with same name and password on all clients. and run multi-ssh command from server and it will run on all clients.? how can it be done?
[20:52] <jacobw> Puppet
[20:52] <jacobw> MCollective, even.
[20:53] <sarnold> jacobw: nice, the description looks perfect
[20:54] <sarnold> Quest: parallel ssh things are nice when you've got a cluster of machines that all work identically. it's a little less awesome if you've got heterogenous machines that might be up or down or different configurations, at which point a real tool like puppet or chef or mcollective or landscape would be a better choice.'
[20:54] <jacobw> It'd be a lot better to use a key in that case.
[20:55] <sarnold> Quest: are you using ssh keys yet?
[20:57] <jacobw> If Puppet's Exec resource or MCollective, or even a cronjob that sends it's output to you doesn't work, you could ensure the user and SSH key quite easily with Puppet and use SSH in a for loop or whatever.
[20:57] <Quest> sarnold,  i have clients on lan actually. (may be a wan access be needed later in future) so i wont need to get each clients ip individually to us pssh, mssh, mussh?       and 2.  which one do you recommend  in pssh, mssh, mussh?
[20:57] <jacobw> Don't overlook cronjobs and root mail :)
[20:57] <Quest> sarnold,  iam just using ssh by passwords
[20:58] <sarnold> Quest: okay do yourself a favor and go read about using ssh keys :)
[20:58] <sarnold> Quest: they are far more convenient _and_ safer. It'll take perhaps an hour to read about it and set one up, but believe me, it is an hour well-spent.
[20:59] <Quest> sarnold,  i know what ssh keys are.
[20:59] <sarnold> Quest: I haven't used a parallel ssh thing in years, no idea which one is nicest these days
[20:59] <jacobw> for i in host1 host2 host2; do ssh-copy-id foo@$i; done;
[21:00] <jacobw> clusterssh is a PITA
[21:01] <jacobw> https://github.com/capistrano/capistrano
[21:03] <Quest> if i have many clients on lan. and i want to ssh 2 or 3 by Wan, is there a way? as 22 port can only be forwarded to one lan ip at a time?
[21:04] <sarnold> Quest: I'd just nominate one host to the 'master' and have it do all the other work
[21:04] <jacobw> Forward 22 to 22 on A, 23 to 22 on B, 24 to 22 on C
[21:05] <jacobw> Or just run sshd on different ports on each host in the private network
[21:05] <Quest> jacalvo,  or just connect to on host and doo all the stuff by that host
[21:05] <Quest> as you would be inside lan when connected to the host
[21:06] <Quest> as sarnold  said
[21:07] <jacobw> That's true, but you'd be be relying on one host being up to manage the others :)
[21:08] <sarnold> usually not a bad assumption, even my little pandaboard is up for months at a time
[21:08] <sarnold> but having a backup would be very reasonable and prudent
[21:09] <Quest> hm ok
[21:09] <Quest> if i have many clients on lan. and i want to ssh 2 or 3 by Wan, is there a way? as 22 port can only be forwarded to one lan ip at a time?
[21:09] <Quest> so. iam correct
[21:10] <jacobw> Hmm, I like my management channels as direct as possible.
[21:10] <Quest> jacalvo,  hm
[21:10] <Quest> jacalvo,  have you used any multi ssh apps?
[21:10] <jacobw> Quest: I've just been through that.
[21:10] <Quest> oh
[21:10] <Shogoot> trying to get my domain up and go, but i get this when i restart apache2, can anyone help me troubleshoot this?
[21:10] <Shogoot> http://paste.ubuntu.com/5613867/
[21:10] <sarnold> Quest: please be careful with your tab-completion :) jacalvo is someone other than jacobw :)
[21:10] <Quest> do i need to give ips for alll cllients while multi sshing?
[21:11] <Quest> oh ya
[21:11] <jacobw> Quest: Run sshd on different ports, or forward different ports from the public IP address to the private IP addresses
[21:11] <Shogoot> my hosts file might be a bit messed up http://paste.ubuntu.com/5613875/
[21:11] <sarnold> Shogoot: how are you trying to start apache? that looks like the startup script, not the errors...
[21:12] <jacobw> Quest: All private IPs listen on port 22, the public IP forwards port 22 to private IP A, port 23 to private IP B and port 24 to private IP C.
[21:12] <sarnold> Shogoot: oh that is essed up -- you need a 127.0.0.1 localhost line to be uncommented
[21:12] <Quest> jacobw,  in my enviroment, i think runing all on 22 and making or two as master is suffice
[21:12] <jacobw> Quest: Check out DNAT
[21:12] <jacobw> Quest: It might be, that's your decision :)
[21:13] <Quest> ya. we already have complecations. nice suggestion though
[21:13] <Quest> do i need to give ips for alll cllients while multi sshing?
[21:13] <jacobw> IPs yes, public IPs, no.
[21:13] <Shogoot> sarnold, sorry this is waht i meant http://paste.ubuntu.com/5613882/
[21:14] <Quest> jacalvo,  i meant lan ips
[21:14] <Quest> oops
[21:14] <Quest> jacobw, ^
[21:14] <jacobw> SSH is a TCP based protocol, which requires IP.
[21:14] <Quest> hm\
[21:14] <jacobw> They need IPs, private or public doesn't matter as long as you can reach them.
[21:14] <jacobw> Private == LAN, public == WAN
[21:15] <jacobw> Private IPs are not routable on the Internet, public IPs are.
[21:15] <Quest> hm
[21:16] <Quest> jacobw,  which one do you recomend. pssh, mssh, mussh, or any other?
[21:16] <sarnold> Shogoot: DocumentRoot shouldn't be a specific file, it should be a directory
[21:16] <jacobw> Quest: Capistrano.
[21:17] <jacobw> Quest: Or just SSH in a for loop in Bash.
[21:17] <sarnold> Shogoot: you'll probably also need to fix the NameVirtualHost warnings, but I don't know enough about apache to recommend the solution there :)
[21:17] <jacobw> for i in host1 host2 host3; do ssh root@$i "echo $HOSTNAME"; done;
[21:17] <jacobw> etc.
[21:17] <jacobw> DocumentRoot should be the directory where the index resides.
[21:18] <Quest> jacobw,  why not the pssh, mssh or mussh then?
[21:18] <jacobw> https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex
[21:19] <jacobw> Quest: I just don't know what they are.
[21:19] <Quest> oh
[21:19] <jacobw> Quest: I've used clusterssh before, but it's a massive PITA
[21:22] <jacobw> Shogoot: Can you post the contents of the files in /etc/apache2/sites-enabled?
[21:25] <Shogoot> sure
[21:26] <jacobw> Shogoot: Also, is /var/www/index.html actually readable to Apache? (www-data user)
[21:26] <jacobw> Shogoot: ls -l /var/www
[21:26] <Shogoot> just looking how i can apstebin all these files
[21:27] <jacobw> Shogoot: have you changed any of them?
[21:27] <Shogoot> no
[21:27] <jacobw> Shogoot: I assumed that you'd added a new virtual host and it wasn't working
[21:28] <sarnold> Shogoot: check out the 'pastebinit' tool; it can make pastebinning things very quick
[21:28] <Shogoot> http://paste.ubuntu.com/5613935/
[21:28] <jacobw> Shogoot: OK, check that /var/www/index.html is readable to www-user
[21:28] <Shogoot> drwxr-xr-x  7 root  upload   4096 Apr 28 23:01 www
[21:29] <Shogoot> -rwxr-xr-x 1 smn  smn        177 Mar 20 21:22 index.html
[21:29] <Quest> jacobw,  i need mostly used one and not a PITA
[21:30] <Shogoot> i have to pastebinit all files of sites-enabled one by one. hold on.
[21:30] <jacobw> chmod 640 /var/www/index.html; chown smn.www-data /var/www/index.html
[21:30] <jacobw> Shogoot: chmod and chown first, then see if it works.
[21:31] <Shogoot> sorry did i miss a command?
[21:31] <Shogoot> what shall i shmod and chown?
[21:31] <Shogoot> chmod*
[21:31] <jacobw> Shogoot: chmod 640 /var/www/index.html; chown smn.www-data /var/www/index.html
[21:32] <Shogoot> -rw-r----- 1 smn  www-data   177 Mar 20 21:22 index.html
[21:32] <Shogoot> done
[21:34] <jacobw> Shogoot: Does it work?
[21:35] <Shogoot> i restarted apache2 and no i get one line less o f warnings http://paste.ubuntu.com/5613952/
[21:35] <Shogoot> and no it dont.
[21:35] <Shogoot> or try to connect to www.cthulhuisevil.net :)
[21:35] <jacobw> Oh, that's a different problem :)
[21:35] <Shogoot> ?
[21:35] <jacobw> Test it from localhost, `w3m http://127.0.0.1/`
[21:37] <Shogoot> the server ahs astatic ip and the ip/index.html is working fine
[21:37] <jacobw> OK, check that the name resolves to the IP.
[21:37] <Shogoot> but.... how do i get apache to take the cthulhu.net and display the page via apache2?
[21:38] <jacobw> dig @8.8.8.8 -t A www.cthulhuisevil.net
[21:38] <jacobw> Also, w
[21:38] <jacobw> ..
[21:39] <jacobw> Also, www.cthulhuisevil.net is not cthulhuisevil.net, although most DNS providers will point www. to your name for you.
[21:39] <shauno> it may be worth noting cthulhuisevil.net and www. point to different addresses.  the first looks like a residential isp, the second looks like a domain shop
[21:39] <shauno> bah, too slow
[21:40] <Shogoot> http://paste.ubuntu.com/5613974/
[21:41] <jacobw> Is the IP in the Answer section your static IP address?
[21:41] <Shogoot> no
[21:42] <Shogoot> and with oonly cthulhuisevil.net without (www.) i get answer cthulhuisevil.net.      3600    IN      A       188.126.194.146
[21:42] <Shogoot>   wich i smy public ip and not the servers static
[21:42] <jacobw> Try again with just cthulhuisevil.net, then try using just cthulhuisevil.net in your browser.
[21:43] <Shogoot> cthulhuisevil.net/ gives me error 101
[21:43] <jacobw> What is the static IP?
[21:44] <Shogoot> 192.168.1.166
[21:44] <Shogoot> must be my hosts file http://paste.ubuntu.com/5613988/
[21:44] <jacobw> That's a private IP address, it's not reachable from the Internet
[21:45] <Shogoot> im prettys ure your telling em something im not understaindig
[21:46] <jacobw> IPv4 has private address spaces, like 192.168.0.0/18 that you're free to use within your organisation (i.e. LAN)
[21:46] <jacobw> These address spaces are not routable on the Internet
[21:47] <jacobw> You need a public IP address to run a web server
[21:48] <Shogoot> i understand taht, but where im using this wrong?
[21:48] <Shogoot> 188.126.194.146 is my public ip, right?
[21:48] <jacobw> Does the server listen on that IP address?
[21:50] <jacobw> If your server is behind a router that happens to be NAT'd to 188.126.194.146, you won't be able to reach it from the Internet at 188.126.194.146
[21:50] <qman__> you need to use some form of NAT such as port forwarding to make that work; also keep in mind that many residential ISPs block ports 25, 80, and 443
[21:50] <Shogoot> ah so the clue is my router then.
[21:50] <jacobw> Shogoot: Do you own that IP address?
[21:51] <Shogoot> hmm not sure
[21:51] <Shogoot> its my line wf that is what you mean
[21:51] <Shogoot> its my line if that is what you mean*
[21:51] <jacobw> Shogoot: You'd know if you did, if you don't own it, then it's owned by your ISP who use it as a NAT point
[21:52] <jacobw> Shogoot: NAT is what allows many ISP users to access the Internet from a single public IP address
[21:52] <jacobw> Shogoot: ISPs don't have a unique public IP address for each customer
[21:52] <jacobw> Shogoot: IPv4 addresses have run out already, in fact.
[21:53] <qman__> yeah, that IP isn't assigned to you permanently unless you pay for it to be
[21:54] <qman__> and it may even be shared with other customers depending on how strapped for address space your ISP is
[21:55] <Shogoot> so unless i buy my ip i cant get the domain host to route to my webserver correctly?
[21:56] <qman__> the answer is maybe, but not with the same level of service
[21:56] <jacobw> That's right
[21:56] <qman__> if you don't pay extra for a static IP, it can change on you at an interval your ISP decides
[21:56] <jacobw> That's not the problem
[21:56] <qman__> it also may or may not be controlled at your router, if it isn't, you can't do it at all
[21:57] <jacobw> The problem is that port 80 isn't DNAT'd from the public IP address to the router
[21:57] <qman__> that assumes his router doesn't have the public IP leased to it
[21:57] <qman__> it might or might not be
[21:57] <Shogoot> this is on my router http://imageshack.us/photo/my-images/707/myrouter.png/
[21:58] <qman__> if those numbers were auto-filled by your router, you probably can port forward
[21:59] <jacobw> I'm happy with that assumption :)
[21:59] <Shogoot> im 100% sure ive not changed those
[21:59]  * jacobw →  sleep
[21:59] <shauno> that doesn't look like cgnat to me (good news), most likely you just need to look at port-forwarding.  http://portforward.com has instructions & screenshots for more routers than you'd believe
[22:01] <shauno> and your error 101 when you try to connect from your own machine, sounds like you're trying to do https on port 80 rather than 443
[22:01] <Shogoot> whait waht... :) checking taht out
[22:11] <Shogoot> ohooh :) progress
[22:12] <Shogoot> now im getting a Forbidden wheni di cthulhuisevil.net
[22:12] <Shogoot> the port fowrd should be ok, now whyis this failing now?
[22:13] <shauno> that's better news.  I'm reaching apache from the outside too.  so next step is to look in apache's logs to see what its complaining about now
[22:13] <Shogoot> apache/error.log, right?
[22:14] <shauno> sounds familiar
[22:16] <Shogoot> shaun
[22:16] <Shogoot> shauno, http://paste.ubuntu.com/5614093/
[22:16] <Shogoot> did tail -f /var/log/apache2/error.log
[22:17] <Shogoot> [Mon Apr 29 00:15:01 2013] [error] [client 127.0.0.1] client denied by server configuration: /var/www/
[22:17] <Shogoot> thought jacobw sorted my rights.
[22:19] <Shogoot> the /var/ ls-l lokks like this drwxr-xr-x  7 root  upload   4096 Apr 28 23:01 www
[22:19] <Shogoot>  and /var/www/ ls- l -rw-r----- 1 smn  www-data   177 Mar 20 21:22 index.html
[22:19] <Shogoot> back in 10 min
[22:20] <shauno> I think you've posted this already, but I can't seem to find it .. what's in /etc/apache2/sites-enabled/default  ?
[22:28] <Shogoot> http://paste.ubuntu.com/5614130/
[22:30] <shauno> I can't promise it's the problem, but line 9, I'm don't believe you should have a / after /srv/www
[22:30] <shauno> er, /var/www rather
[22:34] <Shogoot> chainging for        <Directory /var/www>
[22:34] <Shogoot>  and restarting apache is not helping
[22:34] <shauno> same error in error.log still?
[22:35] <Shogoot> let me check
[22:35] <Shogoot> yes [Mon Apr 29 00:35:01 2013] [error] [client 127.0.0.1] client denied by server configuration: /var/www/
[22:38] <Shogoot> shauno, look : http://paste.ubuntu.com/5614156/
[22:38] <Shogoot> what i sthis line?= [Mon Apr 29 00:37:20 2013] [warn] RSA server certificate CommonName (CN) `SmnLpz' does NOT match server name!?
[22:48] <shauno> well, you've got me confused.  'denied by server configuration' should mean there's something in your config that's denying that path.  but I don't see where
[22:52] <Shogoot> im more confused believe me :)
[22:53] <Shogoot> ah, well... fuck this now, im going to sleep. thanks for your time shauno
[22:53] <Shogoot> ill insist on trying to find out this tomorrow