[00:04] <hehehe> solved :)
[00:05] <sarnold> Adam-M: try this https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-16-04
[00:09] <hehehe> sarnold: have you practised with some boxes to find php etc code that lead to exploit?
[00:09] <hehehe> that can be a valuable skill imo
[00:09] <hehehe> quick detection and patching
[00:42] <hehehe> eureca
[00:47] <sarnold> hehehe: in some sense that's pretty much my job -- review code, get a feeling for how good or bad it is, and see if we can support it
[00:48] <sarnold> hehehe: thankfully it's not much php, that requires a lot of specialized knowledge that I'd rather spend the effort learning better tools, like rust
[00:48] <hehehe> rust is bad name
[00:48] <hehehe> usually when iron is rusty is like eeeeww
[00:49] <hehehe> well just my initial reaction
[00:50] <hehehe> however its interesting and telling - the way people chose to name software
[00:50] <hehehe> rocket.chat - overtaking slack now and name is fitting
[00:50] <hehehe> whats rust for? :)
[00:53] <sarnold> rust is a new systems programming language designed to make it possible to write fast, concurrent, safe, programs
[00:54] <hehehe> hmm
[00:54] <hehehe> I like bubble.is and similar :)
[00:54] <hehehe> works well for me
[00:54] <hehehe> how rust make software safer?
[00:54] <hehehe> the name itself is not  off puting to you?
[00:54] <hehehe> rust=decay hmm :)
[00:54] <sarnold> the name was chosen in part because it's using "old" ideas in programming language research, algebraic data types, generics, 'move semantics', traits, etc...
[00:55] <hehehe> i would call it - simple
[00:55] <hehehe> since simplicity is simply effective
[00:56] <hehehe> whats their website?
[00:58] <sarnold> hehehe: https://www.rust-lang.org/en-US/
[00:59] <hehehe> and yes if we program or do any other action out of abundance of energy its easy, if we use energy that is not abundant - aka pushing then its not wise
[00:59] <hehehe> as body may need this energy for own needs lol
[00:59] <drab> sarnold: just out of curiosity, wasn't that the whole point of go?
[00:59] <hehehe> current control of money issuance by central banks promt but not force many people to push themselves
[01:00] <hehehe> drab: imo `my` idea of new language called simple can work well :) for extraverts at least
[01:02] <sarnold> drab: go's aim appears to be high productivity low barrier to entry; it has a garbage collection system, lacks generics, lacks algebraic data types, and is very difficult to use for FFI with other programming languages. Go's really good at providing transparent async io servers, REST apis, etc., but it would be a really poor fit for an OS kernel
[01:03] <drab> sarnold: oh, I see, for some reason I was thinking about concurrent, fast safe server programs (aka daemons, etc)
[01:03] <drab> thanks for explaining
[01:04] <sarnold> drab: there's loads of places where garbage collection means it's already a non-starter
[01:04] <sarnold> drab: and to my knowledge go doesn't have any mechanism that forces programmers to handle errors -- just (foo,_) = function(...) means that you'll never know if the function errors..
[01:06] <sarnold> drab: rust _almost_ has sometihng similar, on Option<> and Result<> types, unwrap(), but that's easy enough to search for if you want to find out what in your code doesn't check error returns
[01:12] <hehehe> so which building blocks a language usually have?
[01:12] <hehehe> is there a diagram?
[01:12] <hehehe> language anatomy
[01:14] <sarnold> hehehe: http://colinm.org/language_checklist.html
[01:15] <drab> sarnold: thanks for sharing, hvaen't really got that deep in either languages, partially trying to get out of this rather than the in, but the curiosity hasn't completely gone :)
[01:16] <sarnold> drab: I can understand :)
[01:16] <sarnold> drab: I have to say that I felt an excitement writing my first few rust programs that reminded me why I got into the field in the first place
[01:17] <hehehe> sarnold: that dude is sado maschochist
[01:17] <sarnold> drab: so much about it was entirely new to me, so I felt like an absolute beginner again, and yet it was fun all the same. It's hard to explain.
[01:17] <hehehe> who simply invents problems instead of solutions :D
[01:18] <drab> sarnold: been there, I can relate
[01:18] <hehehe> I prefer to create something instead of bla bla all is bad and cant be fixed
[01:18] <hehehe> :)
[01:18] <hehehe> and only old things are cool
[01:18] <drab> sarnold: I actually go for that type of experience routinely trying to pick up new skills, mostly non tech these days
[01:18] <sarnold> hehehe: this checklist started as a joke on usenet many years ago and has grown over time :)
[01:18] <hehehe> dunno
[01:18] <hehehe> its seems like a very bland satire
[01:19] <hehehe> attempt at satire :)
[01:19] <sarnold> hehehe: but it was the most concise thing I could think of to describe many of the tradeoffs involved in language design
[01:19] <drab> it's pretty good
[01:19] <hehehe> if you constraint your thinking by thinking there are trade offs
[01:19] <hehehe> you will find it hard to invent
[01:19] <hehehe> and unleash your creative powers
[01:19] <sarnold> drab: definitely a good idea; I picked up german that way, trying russian now..
[01:21] <hehehe> you can learn russian fast
[01:21] <hehehe> in 2 weeks, already can speak some
[01:22] <hehehe> create efficient language is tricky cause entire field is obscured for certain reasons
[01:22] <hehehe> however if you dont go with brainwash should be easier :)
=== tohuw_ is now known as Tohuw
[01:25] <hehehe> after all cpu can process yes and no 1 and 0
[01:25] <hehehe> that si very simple
[01:26] <hehehe> its electro magnetic force same force thats inside our physical body
[01:26] <hehehe> so making software based on cpu can be easy
[02:30] <hehehe> save on harvard https://thepiratebay.org/torrent/9676621/Programming_Languages_Theory_Book_ :)
[06:11] <lordievader> Good morning
[06:57] <cpaelzer> hi lordievader, how are you today?
[06:58] <lordievader> Doing good here, got coffee :)
[06:58] <lordievader> How are you today, cpaelzer?
[07:00] <cpaelzer> now cofee, but good for me
[07:00] <cpaelzer> s/now/no/
[07:00] <cpaelzer> I (amost) never drink coffee
[07:00] <cpaelzer> still on single digit numbers for all of my life
[07:01] <lordievader> How do you cope with monday mornings?
[07:01] <lordievader> :P
[07:01] <cpaelzer> in bad mood :-)
[07:01] <hateball> s/monday//
=== zerocool is now known as Guest28886
=== zerocool is now known as Guest33616
[08:37] <peetaur2> any solution to this? I want to install openjdk-9-jdk ... which also pulls in openjdk-9-jdk-headless which has a file conflict with openjdk-9-jdk... a catch-22
[08:37] <peetaur2> https://bpaste.net/show/0a921b91e44d
[08:38] <peetaur2> jdk8 apparently works
[08:52] <peetaur2> hah this bug is 1 year 6 months old and still not fixed  https://bugs.launchpad.net/ubuntu/+source/openjdk-9/+bug/1550950
[08:52] <ubottu> Launchpad bug 1550950 in openjdk-9 (Ubuntu Xenial) "package openjdk-9-jdk 9~b102-1 failed to install/upgrade: trying to overwrite '/usr/lib/jvm/java-9-openjdk-amd64/include/linux/jawt_md.h', which is also in package openjdk-9-jdk-headless:amd64 9~b107-0ubuntu1" [Medium,Confirmed]
[08:53] <peetaur2> but says fix released 2016-04-23
[09:42] <tomreyn> peetaur2: unless you need the other packages, you could just install openjdk-9-jdk-headless
[10:26] <peetaur2> tomreyn: I tried just that one, and to my great surprise, it had things like javac, but not java .... what kind of package is that? :D
[10:27] <peetaur2> so now I just installed jdk8 ... if that's no issue, it doesn't matter which version I have
[10:27] <peetaur2> I'm not a fan of ignoring conflicts like suggested in the lp ...because then it'll happen each update probably
[10:28] <tomreyn> peetaur2: right, i wouldn't wan to need to deal with the recurring issue either
[10:28] <tomreyn> *want to
[10:29] <tomreyn> if the version doesn't matter then going with openjdk 8 is probably your best choice
[10:30] <tomreyn> note that the openjdk-9 packages are in universe whereas openjdk-8 is in main
[10:31] <tomreyn> so they have different support levels, openjdk-8 is supported, openjdk-9 only receives community support, if any.
[10:31] <peetaur2> maybe that's why they didn't fix it after 1.5 years
[10:31] <peetaur2> is universe like a community repo?
[10:32] <tomreyn> https://help.ubuntu.com/community/Repositories/Ubuntu
[10:32] <tomreyn> yes
[10:34] <tomreyn> by default you only have the 'main' repository enabled, so you must have chosen to enable universe (hopefully after reading about its support status)
[10:41] <peetaur2> I dunno about that... I find that on ubuntu installs, it adds everything
[10:42] <peetaur2> but that's another reason to choose jdk 8
[11:06] <cpaelzer> nacc: fixed up the nut upload, please re-review and sponsor if you agree
[11:07] <cpaelzer> nacc: were two rather nasty build issues triggered by the toolchain switch
[11:12] <bonhoeffer> i'm getting an ERR_CONNECTION_TIMED_OUT -- apache2 is running -- plenty of ram/cpu -- anything else i can check?
[11:12] <bonhoeffer> nothing can connect to my server
[11:12] <bonhoeffer> i can ping it -- but no web access
[11:13] <peetaur2> bonhoeffer: first check lsof to see if it's listening and to what interface...then stop apache and test with netcat on that port and interface... then check firewall etc. until netcat works, then try apache2 again
[11:14] <bonhoeffer> excellent -- thanks for the options
=== freyes__ is now known as freyes
[12:42] <ahasenack> is this an artful gcc7 issue:
[12:42] <ahasenack>  /usr/include/KF5/AkonadiCore/std_exception.h:1:10: fatal error: /usr/include/c++/6/exception: No such file or directory
[12:42] <ahasenack> ?
[12:45] <oerheks> !info gcc-7 artful
[12:45] <ubottu> gcc-7 (source: gcc-7): GNU C compiler. In component main, is optional. Version 7.1.0-13ubuntu1 (artful), package size 30535 kB, installed size 124399 kB
[12:45] <oerheks> ahasenack, you might want to reask in #ubuntu+1, artful is not released yet
[12:46] <ahasenack> it's an autopkg test on kdepim, which was triggered after my cyrus-sasl2 upload to artful
[12:55] <ahasenack> xnox: remember that is_systemd_running check we talked about yesterday
[12:55] <ahasenack> xnox: it seems a pattern spread all over the place
[12:55] <ahasenack> like https://omega.ict.waw.pl/external/openvpn/blob/8ee5646111625c598efbc82413649b1ab6275877/misc.c#L1402
[14:34] <funabashi> hey guys if a file looks like .csv: ASCII text, with very long lines. it makes new lines. how can i change so it shows full lines?
[14:34] <Pici> funabashi: how are you trying to view it?
[14:35] <funabashi> Pici: cat
[14:36] <Pici> funabashi: well I'm pretty sure that cat will always wrap.  Use  less -S  on your file instead
[14:40] <funabashi> Pici: yeah less -S works. but how if  i want to do awk and grep for stuff ?
[14:40] <funabashi> less -S file >newfile ?
[14:41] <Pici> funabashi: cat won't insert newlines when sending to awk/grep... also both awk and grep will accept filenames as arguments
[14:42] <funabashi> Pici: less -S file |grep domain doesnt look good
[14:43] <Pici> funabashi: grep domain file
[14:50] <funabashi> Pici: then it get new lines instead of one full line
[15:04] <nacc> cpaelzer: re: nut, that seems worth an email possibly to ubuntu-devel?
[15:07] <cpaelzer> nacc: please convince me - why would that be ubuntu-devel?
[15:07] <cpaelzer> because it is gdc fallout?
[15:07] <cpaelzer> gcc
[15:07] <nacc> cpaelzer: yeah and possibly affecting other packages?
[15:07] <nacc> cpaelzer: as in anything that relied (even implicitly) on the old behavior?
[15:07] <cpaelzer> hmm true - in an FYI sense that makes sense
[15:07] <nacc> yeah
[15:07] <cpaelzer> let me summarize and send something
[15:09] <nacc> cpaelzer: thanks, probably not super-urgent
[15:09] <nacc> but if it's fresh, good to do now
[15:09] <cpaelzer> but might fit between now and the meeting :-)
[15:09] <cpaelzer> and the exim4 test
[15:09] <cpaelzer> arr time ...
[15:10] <nacc> heh
[15:18] <cpaelzer> nacc: resumit open as https://code.launchpad.net/~paelzer/ubuntu/+source/nut/+git/nut/+merge/329119
[15:18] <nacc> cpaelzer: thanks
[15:22] <GreenRob> Hi.  I need to disable unattended *kernel* updates on my ubu server -- specifically, anything that gets written/added/modified in or under /boot.  I'm "PrettySure(tm)" that I need to modify /etc/apt/apt.conf.d/50unattended-upgrades for that?
[15:22] <GreenRob> Mine atm includes: https://pastebin.com/raw/1hQkz60z
[15:23] <GreenRob> Is this the right place/method?
[15:24] <drab> GreenRob: it is
[15:24] <drab> looks at the section under "Unattended-Upgrade::Package-Blacklist"
[15:24] <drab> it sounds like that's what you want
[15:25] <drab> adding kernel packages to that list
[15:25] <GreenRob> drab Oh, so blacklist rather than disable one of those allowed-origins?  overkill, I guess?
[15:25] <drab> either, it just depends how fine grained you wanna get I guess
[15:26] <drab> I mean, some people just uninstall unattended-upgrades altogether
[15:26] <drab> if you change the origin you're probably going to miss out on all updates (if you take that out)
[15:27] <drab> which may or may not be what you want, it really just depends on the results you wish to achieve
[15:27] <GreenRob> drab: Ok, will read up.  If I want to stop unattended-upgrades altogether, what's the right way -- REALLY uninstall it?  'hold' it? other?  TBH, I'm vigilant about checking my server, and would prefer to simply do it myself.  Wasn't sure how smart that is.
[15:28] <drab> if you are not using it there's no reason to have it installed, ime having stuff laying around that's not doing anything just creates opportunities for future problems
[15:28] <drab> so I'm always for keeping things to the min necessary for the results and nothing more
[15:28] <drab> results wanted*
[15:29] <GreenRob> I stumbled onto this issue when I was out of country, and away from this server, for 2+ months.  'unattended-updates' filled up my small/dedicated /boot partition, and I was getting "disk @ 92%" emails every few minutes for those 2 months ...
[15:29] <GreenRob> great, sounds like an uninstall for me ...
[15:29] <drab> whether in this specific case it's the smart thing to do, I'll leave that up to you, I don't know you and I don't know your setup and what you are trying to achieve
[15:30] <drab> ok, in that specific case ime you're solving the wrong problem
[15:30] <drab> you're getting rid of something that keeps your ssytem up to date because you have a boot partition that sounds far too small and or not managed/pruned as it should
[15:30] <xnox> ahasenack, that's the old check that got replaced upstream....
[15:31] <xnox> ahasenack, this too need fixing.
[15:31] <drab> so in your shoes I'd rather fix the problem, ie correctly manage automatic upgrades, rather than getting rid of automatic upgrades
[15:31] <GreenRob> worth some further though. thx!
[15:31] <drab> but that's of course just me and my experience, it doesn't mean it's the right thing
[15:31] <GreenRob> thought, even
[15:32] <drab> older kernels are left behind because the new one may now work, so it's for a good cause
[15:32] <drab> so you can reboot into an older kernel if the new one doesn't work
[15:32] <drab> and unless you tell it to do so , unattended upgrades won't reboot the machines, so new kernels (and their boot files) keep piling up
[15:33] <drab> also the kernel upgrade at that point it's useless becasue you haven't rebooted and so no change has taken effect
[15:34] <drab> if you can get a larger boot so that you have enough space to get to it before you start getting alerts, that's probably the best fix
[15:34] <drab> otherwise I think a good middle way would be to just disable kernel upgrades and do those manually, since you need to reboot anyway
[15:34] <drab> that way you still benefit from daemons being patched for security and whatnot as needed without you having to do stuff
[15:35] <drab> brb
[15:45] <GreenRob> drab: AFter ur suggestions, and a bit more reading, I'll try the selective blacklisting for awhile.  The /boot parts (on VMs, so trying to keep 'em thin), are currently 500M.  I'm cool with keeping current/last running kernels ... just in this particular case, I ended up with several updated, but not yet installed, kernel update.  Fille up space ...
[15:56] <drab> GreenRob: makes sense
[15:59] <xnox> ahasenack, i can ask security team to do a archive wide scan.
[16:01] <GreenRob> drab: Yeah, I've blacklisted a few pkgs in addition to kernel ... mainly those that require a reboot.  Will see how this works.  Worst case I suppose is that I have to manually update/upgrade, which is my intention/practice anyway.
[16:02] <drab> GreenRob: you may want to look into apt-listchanges if you don't have that already set up
[16:03] <drab> it's the next best thing to setting up a reminder on a calendar to run a check :)
[16:03] <GreenRob> thx
[16:07] <nacc> cpaelzer: fyi, i *think* our nut repo was out of date. So i'm refreshing it manually now. It might mean your prior upload tag won't get pulled into the history, but the new one should
[16:11] <DammitJim> do I need to be creating conf files for systemd service units?
[16:12] <DammitJim> how come say tomcat8 on Ubuntu 16.04 doesn't create them and just relies on systemd to figure out to look in /etc/init.d?
[16:13] <drab> DammitJim: some services have simply not been migrated, it's a work in progress afaik, but autodetection works in all the cases I've had to deal with
[16:13] <drab> not sure about tomcat tho, don't use it
[16:13] <DammitJim> drab, got it... but the safe thing to do is to start creating those conf files, right?
[16:13] <DammitJim> I don't know why an old /etc/init.d/ file wasn't being recognized by systemd to start it
[16:14] <drab> DammitJim: not necessarily no, if the autostuff does the right thing it's not an issue. if it doesn't work then the problem should be filed as a bug upstream since one way or the other it should work
[16:14] <drab> the user should not need to create service units
[16:14] <drab> to start standard daemons installed from packages at least
[16:14] <drab> of course if you have custom stuff you'll have to
[16:15] <DammitJim> oh ok, I think that's working
[16:15] <DammitJim> I guess I'm concerned about the stuff I've created and it's not working by just existing on /etc/init.d
[16:15] <DammitJim> Thanks!
[16:22] <sdeziel> DammitJim: maybe your init script is simply not enabled? You can check with: systemctl is-enabled nameoftheinitscript
=== zerocool is now known as Guest66422
[16:26] <nacc> cpaelzer: ah ok, so the linter is correctly complaining about your branch, because it is based off of artful, but branched off of zesty
[16:27] <nacc> so by passing --target-branch pkg/ubunut/artful-proposed (or artful-devel), i am able to make it pass
[16:27] <nacc> cpaelzer: just for reference
[16:30] <nacc> cpaelzer: i think you found a bug in the linter -- we want d/changelog distribution to be checked against the branch targets
[16:30] <nacc> *target
[16:32] <nacc> LP: #1711174 filed
[16:32] <ubottu> Launchpad bug 1711174 in usd-importer "git ubuntu lint: changelog distribution should be checked against target branch" [Undecided,New] https://launchpad.net/bugs/1711174
[16:33] <nacc> ahasenack: around?
[16:33] <ahasenack> nacc: yep
[16:33] <nacc> ahasenack: have time for a brief HO?
[16:33] <ahasenack> sue
[16:33] <ahasenack> sure*
[16:33] <nacc> ahasenack: standup ok?
[16:33] <ahasenack> y
[16:33] <nacc> ahasenack: thx
[16:42] <hashwagon> I have an ubuntu 16.04 system that randomly went completely unresponsive and had to be manually rebooted. What logs should I look at? Isn't journalctl cleared after each reboot?
[16:43] <drab> hashwagon: by default, it is, yes, /var/log/syslog will have stuff tho
[16:43] <hashwagon> thanks, drab
[16:44] <nacc> hashwagon: you can make journal persistent
[16:44] <nacc> hashwagon: which some might argue is quite useful :)
[16:44] <drab> nacc: is there a value since everything is saved to syslog anyway?
[16:44] <drab> I never quite got the point
[16:44] <drab> nicer tooling to work with to inspect logs?
[16:45] <nacc> drab: yeah, i think it's mostly that
[16:45] <nacc> drab: journal & systemd interact
[16:45] <hashwagon> I see. Thanks for the options guys.
[16:45] <nacc> so if you're debugging, say a boot failure, you want the journal often, to help report the bug
[16:45] <nacc> and unless you have a serial console, it's not always easy to get to
[16:48] <ahasenack> nacc: pushed
[16:48] <nacc> ahasenack: thanks
[16:48] <nacc> ahasenack: perfect, and you can, i think, see how the next merge, will be able to drop both those commits as gone from the old delta
[16:49] <ahasenack> cool
[17:15] <nacc> cpaelzer: thx for the ubuntu-devel post, it might be affecting snapd too (brought up in #snappy)
[17:34] <cpaelzer> nacc: yw, thanks for the hint - I'd have no highlight on my real name :-)
[17:37] <cpaelzer> nacc: I only spun forward the former branch we had
[17:37] <cpaelzer> nacc: glad that is one more thing we can sort out
[17:37] <cpaelzer> I'll subscribe to the bug
[17:37] <cpaelzer> nacc: actially ipxe is very likely done now
[17:38]  * cpaelzer trying to sync
[17:38] <cpaelzer> yep looks good
[17:53] <Epx998> How can I track down which apt repo I need for a package?
[17:55] <drab> Epx998: https://packages.ubuntu.com/
[17:55] <drab> do a search there
[17:55] <Epx998> i broke apt somehow ugh
[17:55] <drab> but if it's a standard package I don't see how you don't have it already
[17:56] <drab> unless it's some kind fo really strict install without verse
[17:56] <Epx998> im working on a apt module in puppet and somehow im missing a repo i guess
[17:56] <Epx998> not sure how
[17:56] <drab> not sure what that means, if you can paste an error that'd help
[17:56] <drab> if you want more help with it, that is
[17:58] <Epx998> drab: we mirror apt repos locally, so our builders dont touch the internet.  We use puppet to manage configuration during a post install, i've been moving my source files to the apt module in puppet and appearently i missed a devel i guess
[18:00] <drab> ok, we do the same here except s/puppet/ansible/
[18:00] <drab> we have mirrors + an internal repo for our own pkg stuff
[18:00] <Epx998> i have no idea how i lost this repo tho, everything is in there
[18:01] <sdeziel> Epx998: there is always the clientbucket to look for old files overwritten by puppet
[18:01] <Epx998> i have more originals in puppet still - but i cant see whats missing
[18:01] <Epx998> very odd
[18:02] <sdeziel> Epx998: if you have another box with the package installed, you can check where it's coming from with apt-cache policy
[18:08] <Epx998> hmm explains the extra apt key i had
[18:15] <Epx998> ok this is weird
[18:15] <Epx998> https://gist.github.com/anonymous/96e9be2f1f87b38b90de495bb383c9e0
[18:17] <sdeziel> any pinning?
[18:18] <Epx998> not sure what that is tbh
[18:18] <sdeziel> those priority at -10 would seem to imply pinning
[18:18] <Epx998> in the apt module its -10
[18:19] <Epx998> ive never used pinning, it was just a default entry in the module
[18:20] <sdeziel> the puppetlabs-apt modules doesn't apply any pinning by default IIRC
[18:20] <Epx998> their full example for adding a source to hiera does
[18:21] <sdeziel> maybe you don't need that section then
[18:21] <Epx998> ill remove and see
[18:24] <nacc> cpaelzer: yeah, it is, sorry
[18:24] <nacc> cpaelzer: was afk for a bit
[18:44] <Epx998> same problem seesh hmm
[19:28] <Aison> hello, systemd networking.service is only required when using the systemd own network config files, not?
[19:29] <Aison> the strange thing is, this service fails at startup and is also listed as failed by systemctl
[19:29] <Aison> but the network works without any problems
=== Shutterstrom1 is now known as Shutterstrom
[19:38] <sdeziel> Aison: try looking at journalctl -u networking.service, maybe that will hint you into what caused the issue
[19:40] <Aison> sdeziel, http://paste.ubuntu.com/25327635/
[19:40] <Aison> strange thing, because these devices are up
[19:40] <Aison> and working
[19:41] <Aison> maybe I should switch from network/interfaces to .netdev .network files anyway
[19:50] <sdeziel> Aison: you could check what's up bond0.{1,2,101}: journalctl -u ifup@bond0.1
[20:43] <drab> Aison: if you do, and managed to, I'd love to hear about it. I thought that would have been the right way [tm], but it just quickly turned into a nightmare so I set up all my bonds with network/interfaces
[20:43] <drab> or I should say, I looked at networkd, not .netdev .network, I guess those are different things
[21:26] <JaguarDown> I am at a loss. Set up apache2 with most basic config possible using ubuntu-server documentation. Firewalls are open, ports are forwarded. HTTP works great on port 80, but can't test HTTPS cause I can't connect on 443 from the internet. (works on LAN)
[21:26] <JaguarDown> using lets encrypt SSL
[21:28] <Walex> JaguarDown: 'tcptraceroute ... 443'
[21:33] <JaguarDown> standby one houston
[21:34] <JaguarDown> While we're waiting, as a side note, 443 UDP to an OpenVPN server works perfectly over the internet
[21:34] <JaguarDown> on same box
[21:37] <JaguarDown> So after about the 7th hop it gets lost and says "Destination not reached" (sorry I am networking newbie)
[21:39] <hehehe> hi
[21:39] <hehehe> find ./ -type d -exec chmod 750 {} \;
[21:39] <hehehe> this suppose to change all dirs to 750 recursively?
[21:39] <hehehe> for some reason 1 directory stays 755 lol
[21:40] <JaguarDown> I think it's getting blocked by the isp...
[21:42] <tomreyn> JaguarDown: either the ISP or the destinations' firewall. you can stop the service there and run 'nc -vv -l 443' then on the client 'nc -vv ... 443' where ... is the servers' ip address.
[21:43] <tomreyn> both client and server should report when a connection is established this way.
[21:43] <hehehe> ok just have to click refresh in FireZilla
[22:15] <JaguarDown> tomreyn: it says DNS fwd/rev mismatch. my DNS is dynamic but why would that be a problem for tcp 443
[22:17] <JaguarDown> says the same thing for 80 though and 80 works
[22:18] <tomreyn> JaguarDown: it's not a problem
[22:20] <JaguarDown> This is strange, never had a problem opening and forwarding any other ports
[22:22] <JaguarDown> I know the port forwarding is a non-issue as it works in LAN but something is blocking it. When I trace the route both 80 and 443 show the same IP on the last hop but 443 just doesn't reach the destination. I'm assuming that last IP is my ISP
[22:22] <tomreyn> JaguarDown: and you're sure you're hitting the correct ip? since you're saying your 'DNS is dynamic', i assume you mean your servers' IP address is dynamically assigned and will change over time.
[22:23] <JaguarDown> yeah ddclient is updating it, and again the same website using http on port 80 works
[22:23] <JaguarDown> gotta go bbl
[23:06] <bonhoeffer> i can't get any response from my server -- httpd (apache2) is running, but i get a timeout -- after a long time -- any troubleshooting options
[23:06] <bonhoeffer> i'm thinking about setting up a basic webserver to see if a firewall is blocking traffic -- i can ping out
[23:07] <bonhoeffer> and i can ping the server
[23:08] <bonhoeffer> i have lots of ram and processor available
[23:11] <xnox> ahasenack, http://paste.ubuntu.com/25327289/
[23:11] <bonhoeffer> any other troubleshooting steps available?
[23:11] <nacc> xnox: nice
[23:11] <nacc> bonhoeffer: can you locally on the server?
[23:12] <bonhoeffer> sorry --
[23:12] <bonhoeffer> the result of lsof -i TCP:443 is empty
[23:12] <bonhoeffer> nacc: can i do what locally?
[23:13] <nacc> bonhoeffer: can you ping / curl / wget from your server locally
[23:14] <nacc> bonhoeffer: `netstat -pan | grep 443` is typically waht i use. Although if 443, I assume that means you have set up SSL , etc.?
[23:14] <bonhoeffer> i'm on a chromebook -- but i have two different vm's open -- i can ping both ways
[23:14] <nacc> bonhoeffer: rather than port 80 that is
[23:21] <hehehe> shady coders
[23:22] <nacc> bonhoeffer: ping seems like an odd choice
[23:35] <hehehe> hi folks
[23:38] <Epx998> yo