[00:36] where can I get help about xrdp? [01:11] where is XRDP channel? [01:12] you may have better luck to ask more specific questions [01:23] I have XDRP problem - cant connect [01:25] what error messages do you get on the client and on the server? [01:26] cant connect to Xorg display 10, [01:26] then disconnect [01:28] sarnold: instelld fresh from git, 10.04 lts + lxde [01:28] sarnold: 16.04 [01:32] sarnold: OK, recompiled it again, now it works, but spits error about wcid. [01:33] how to completely remove xrdp installed from repo? It is so stupid that you cant rid of pckage. [01:33] I had to restore snapshor of vm to make it work [01:34] i've never heard of wcid; google shows a bunch of water district information :) [01:36] this? looks like a windows thing https://github.com/pbatard/libwdi/wiki/WCID-Devices [01:36] yes [01:40] I cant make damn keyboard layout work (not switching) [01:40] at xrdp session [04:11] good morning [04:17] morning === Guest76648 is now known as icey [06:06] Good morning === Guest53884 is now known as Frickelpit === lypsis|awy is now known as lypsis === lypsis is now known as lypsis|awy === Guest32440 is now known as patsToms === lypsis|awy is now known as lypsis [11:45] cpaelzer: did you see the dovecot related component mismatches? [12:58] rbasak: note yet, thanks for the ping === jelly-home is now known as jelly === ^kiokoman^ is now known as kiokoman === kiokoman is now known as ^kiokoman^ === ^kiokoman^ is now known as kiokoman [14:18] morning all [14:19] morning [14:19] morning [14:43] hi there! [14:44] i am wondering how i could change a ubuntu server lts 18.04 to use its mac address as dhcp "identifier"? [14:49] currently my dhcp-server shows a "mac" for the new host which is 36chars long... i would like to assign a static lease to the server. [16:07] i am wondering about syslog-ng configuration: i enabled the service through "systemctl enable syslog-ng". after that i started it but not much is going on here. i am wondering if i need to edit the unit-file and pass the config to it [16:08] ahasenack: just to let you know, finally got around to filing that bug upstream for the searx failure, and apw was kind enough to mark the autopkgtests as ignored for this time around. Thanks for your help hunting that one down. [16:08] and thanks apw for your help as well :) [16:37] teward: upstream in this case is debian or searx? [16:37] ahasenack: debian [16:37] ok [16:37] they didn't notice the package was failing CI [16:38] and searx runs fine directly [16:38] so it's the uwsgi integration there that's broken [16:38] the maintainer is notified now, though, I bothered them direct over on OFTC, as well as with the Debian bug [16:40] yeah, debian isn't gating yet on dep8 tests [16:40] nope. [16:40] but they're aware CI is breaking, and I made a note that downstream in ubuntu it's affecting package migrations [16:40] they're not sure why it's failing, though, so I doubt it'll be a quick fix [16:45] well, it was easy to reproduce [18:15] Hi. When doing an install out of a cd-rom, you can choose "expert mode" (can't remember exact name) that lets you do every stage of the install at a time. If installing from the web using virt-install --location, is there some way to turn on the expert mode? [18:29] Tuna-Fish: de0pends on how you 'install from the web', i guess [18:30] installing to a virtual machine, I was using virsh-install --location [18:30] would be willing to do it another way, if it is easier that way [18:31] the problem is that I am doing this on a server that has no X, and where I cannot get a X shell, so I can only do things through a terminal === lypsis is now known as lypsis|awy [19:10] oops, virt-install, not virsh-install [19:40] Tuna-Fish: i'm not actually sure how virt-install does it, but running the (now) "alternative" server installer (maybe also just mini.iso) via PXE/TFTP boot should work [19:40] or just a s a cdrom [19:42] anyone here familiar with unbound? [19:42] https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1771545 is asking that the root.key file be shipped with the library (libunbound2) essentially [19:42] Launchpad bug 1771545 in unbound (Ubuntu) "root.key might be missing" [Undecided,New] [19:44] ahasenack: the root.key shipped by the package dns-root-data but unbound also supports fetching/refreshing it [19:44] s/shipped/is shipped/ [19:49] ahasenack: the unbound packages provides a script (https://salsa.debian.org/dns-team/unbound/blob/master/debian/package-helper#L66) that will manage the root.key [19:50] the claim, as I understand it, is that apps linked with the libunbound2 library might fail because that root.key file isn't present in /var/lib/unbound [19:50] this helper script is indeed missing from unbound-{anchor,host{ [19:50] package-helper is only used by the main unbound package [19:50] unbound-anchor was an example of such a tool [19:50] right [19:51] although it has the -a option [19:52] ahasenack: a possible fix would be to provide the helper in libunbound2 and have a systemd timer unit/cron job to refresh the root.key periodically [19:52] a lib package shouldn't have any of that probably [19:53] granted but the root.key isn't static [19:53] how about making unbound-anchor a depends for libunbound2? [19:53] and ship the cron job in -anchor [19:55] no idea [19:55] I asked to file a bug with debian, since we take this package with basically no ubuntu changes (just apparmor) [19:56] maybe it's expected that apps linked with libunbound2 pull in the main unbound package [19:56] actually, let me check what links with it [19:56] strongswan, opendkim [19:56] unbound-anchor/host should be able to function on their own [19:57] unbound-host doesn't even use the root.key file it seems [19:57] with -v, it always said the resolution was "insecure" [19:57] I found a debian bug about that bit [19:57] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641704 [19:57] Debian bug 641704 in unbound-host "unbound-host should be preconfigured with DNS root trust anchor" [Normal,Open] [20:00] this unbound-host behavior seems like a different bug to me [20:02] apps using libunbound2 should get the local root.key automatically managed without needing to do it themselve [20:06] didn't debian move to packaging all the root hints and keys in one package? [20:07] sarnold: yes: dns-root-data [20:07] the helper script uses that as a preseed for the root.key [20:07] thanks sdeziel :D [20:09] but I can remove it just fine [20:09] nothing complains [20:14] ahasenack: if the reporting user doesn't beat me to it, I'll report the issue to Debian [20:16] also, it will be possible to drop the Ubuntu delta as soon as unbound is sync'ed again from Debian [20:28] sdeziel: thanks [20:28] np [20:56] when we use let encrypt we can for one certificate to create many domain? [20:56] it isn't wildcard? [20:57] what is algorithm for shell? [20:58] at first ask user to input list needed domain, then generate certificate? [20:59] it adds automatically if exists virtual host, if doesn't it doesn't add [21:03] I'm going to create shell where I enter list of domains and it should create let'sencrypt certificate and set up automatically [21:11] I think about should I create virtual host for mail.kselax.ru? [21:12] If I do it will put all certificates automatically, if not it doesn't add [21:12] on mail.kselax.ru I can put webmailers [21:13] it might useful thing, but each virtual host takes ram [21:13] better host all in the same virtual host [21:13] put wp site and inside put /roundcube folder [21:17] or generate for each host his own certificate [22:31] "each virtual host takes ram" [22:31] Neo4: don't worry about virtual hosts using ram. ram is there to be used. Do what you need to do. [22:31] the *actual* ram use will vary based on what your computer *does* [22:32] so don't worry about a few thousand virtual hosts in your web server unless you actually have a few thousand concurrent connections [22:33] I think each virtual host it's additional load on apache? [22:34] better all put to one host [22:35] if we put webmail to separated virtual host somethign like roundcube.kselax.ru it will worse than to kselax.ru/roundcube, isn't it? [22:35] but it's not exactly [22:35] I can't imagine the difference being more than 200kb [22:36] and 200kb is me being rather mean to the apache project :) [22:36] sarnold: and it will consume equal CPU and other resources? [22:36] CPU should be identical, yes [22:36] easier it's create for mail.kselax.ru [22:36] memory may be slightly different, but if you've got more than 256MB ram on this machine it isn't even worth thinking about it [22:37] then I will simply generate automatically certificates [22:37] so do whatever is easiest for you and your users to *use* [22:37] 500mb, [22:37] but we can add swap [22:38] sarnold: ok, I will [22:38] sarnold: for me easier writ shell [22:39] certbot --apache -d stie1.com -d site2.com -d site3.com and all will automatically added to /etc/apache2/sites-availabel [22:40] if there in one site not exists virtual hsot it won't add automatically [22:40] will show error and you should manually put path to certificate [22:42] Neo4: I don't know if that would apply to your use case but Let's Encrypt can now sign wildcard certs [22:42] sdeziel: no, it will have different domains [22:43] wildcard for subdomain [22:43] I'm going to finish shell script and then run a few my web projects, chat, online store, etc [22:44] understood, good luck [22:44] VPS is foundation, I had better now spend time and then save many times on install [22:45] sdeziel: with shell won't problem deploy any CMS or somethign like nodejs [22:45] sdeziel: I dreamed about to have this chat http://bizarre.kiev.ua/ [22:46] only in English, I'm going to create copy [22:46] for USA, there will each room main town, will 40 rooms [22:46] passed [22:46] it's dreams [22:47] and think about others projects