Exmix | Anyone know a semi-quick/simple way to install OpenVPN on Ubuntu Server(Kinda similar to how PiVPN is easy to install) | 03:23 |
---|---|---|
gartral | I have a vm that's inaccessable... it's in emergency and asking for a root password... but as we know, ubuntu doesn't have a default root pass... what do I do here?!?! | 04:38 |
gartral | it's a server 18.04 vm on a xen host (not xenserver, straight xen project), so I can't just boot an ISO, I tried, it doesn't boot | 04:40 |
=== disposable3 is now known as disposable2 | ||
=== lotuspsychje_ is now known as lotuspsychje | ||
zzlatev | Hi guys | 07:25 |
zzlatev | A start job is running for raise network interfaces (5 mins 1 sec) | 08:31 |
zzlatev | can you help me | 08:31 |
ren0v0 | Hi, when i login via SSH to my server it says "67 packages can be updated", but when I run apt upgrade it says 0 packages to upgrade? | 08:48 |
ren0v0 | Seems completely broken somewhere! https://pastebin.com/ump3RWZu | 09:00 |
ren0v0 | can anyone assist? | 09:00 |
ren0v0 | Think its the MOTD | 09:36 |
ren0v0 | anyone know how to force update it ? | 09:36 |
rbasak | ren0v0: what's the output of running /usr/lib/update-notifier/apt-check? That's what the motd uses. | 10:20 |
rbasak | ren0v0: I think you can remove /var/lib/update-notifier/updates-available but it gets recreated daily (or something like that) anyway | 10:22 |
rbasak | ren0v0: via /etc/update-motd.d/90-updates-available | 10:22 |
technoob | Hi guys | 15:12 |
technoob | Need help | 15:12 |
technoob | I have a problem in installing pihole docker version on ubuntu server 18 | 15:13 |
technoob | It says that port 53 is alrrady used | 15:13 |
technoob | Anyone can help me? | 15:16 |
blackflow | technoob: perhaps fix your connection first. | 15:51 |
technoob | How? | 15:51 |
blackflow | technoob: your connection that's making you disconnect from IRC I mean | 15:51 |
technoob | I see | 15:51 |
blackflow | nobody here is gonna play parrots to repeat stuff said when you were disconnected | 15:51 |
technoob | Its because of my phone | 15:52 |
blackflow | that said.... on a certain IP address (like localhost), there can be only one process listening at a port number | 15:52 |
blackflow | by default ubuntu uses systemd-resolved as local resolver (and before that dnsmasq) which are all taking port 53. So if you want something else to listen on that <ip>:<port> combo, you'll have to disable whatever is running right now. | 15:52 |
technoob | My phone keeps on disconnecting sorry | 15:52 |
technoob | I see | 15:53 |
technoob | How do i disable those running? I tried netstat and i see dnsmasq and systemd resolver | 15:54 |
technoob | Those 2 are listening | 15:54 |
blackflow | they can't both be listening on the same ip:port combo | 15:55 |
blackflow | iirc systemd-resolved is not at 127.0.0.1, right? | 15:55 |
technoob | Im not sure what ip it was | 15:59 |
technoob | My server is off right now | 15:59 |
technoob | So couldnt check | 15:59 |
technoob | But dnsmasq and the resolver have different ip | 15:59 |
technoob | But same port | 15:59 |
tomreyn | it listens _of course_ ;-) at 127.0.0.53 | 16:01 |
technoob | Backflow | 16:04 |
technoob | blackflow | 16:04 |
blackflow | technoob: alright so, you have two options here. One, use pihole as the only resolver, or two, tell resolved to use pihole as its "upstream" (since resolved is just stub) | 16:05 |
blackflow | option two should be most simple one, requiring only a change in /etc/systemd/resolved.conf, adding a proper DNS= line. That also requires your pihole docker to run at another ip | 16:06 |
technoob | Ill try the easy one | 16:07 |
technoob | So what dns should i add or change in conf | 16:07 |
technoob | blackflow | 16:11 |
blackflow | to the IP where the pihole is listening on | 16:12 |
mybalzitch | why don't you learn to create a network in docker, then have your pihole docker use a specific ip on your network, without having to gut ubuntu's resolv system | 16:12 |
blackflow | there we go.... the parrot game | 16:12 |
mybalzitch | technoob: why don't you learn to create a network in docker, then have your pihole docker use a specific ip on your network, without having to gut ubuntu's resolv system | 16:12 |
blackflow | technoob: and set DNS= to the IP where the pihole is listening on | 16:13 |
technoob | mybalzitch i see. I could do that too but im really new to sysadmin and alot of things are so confusing | 16:14 |
technoob | Thats why im asking | 16:14 |
technoob | But i will take into consideration your advice as i too also dont like to gut ubuntus default configuration | 16:15 |
technoob | That was the reason why i opted to use a docker so that there is minimal changes done to the original env | 16:16 |
technoob | Forgive me if i have used wrong terms | 16:16 |
technoob | blackflow thanks ill try that maybe later as i need to get some shut eye | 16:16 |
kab0m | Hi everyone. | 16:30 |
kab0m | What is the best way to setup a VM as a vpn-router? has someone a guide on hand? I tried now serveral times and problems with dnsmasq openvpn and dnsleaks are coming back, im stuck. | 16:31 |
blackflow | kab0m: debian or ubuntu. last you asked about resolv.conf was for debian. the two have very different default network settings paradigms. | 16:33 |
kab0m | blackflow: i tried with both debian and ubuntu...no success so far...atm im happy with any of those two systems.i just need to get things running | 16:34 |
kab0m | *i would be hapyp with guides for any of those systems | 16:34 |
blackflow | kab0m: what I'd personally do, and what I _do_ actually, is replace the default resolving stack wiht a local bind resolver. you can use unbound as well. which includes a static /etc/resolv.conf . most flexible, best control, no leaks. In contrast, there's been a plenty of reports about systemd-resolved not playing nicely with VPNs | 16:35 |
blackflow | default stuffs in ubuntu are complex layers upon layers of reinvented or badly invented software. | 16:36 |
kab0m | blackflow: thanks for the hints ;) do you maybe have a guide or a tutorial which i can use to start with? | 17:39 |
blackflow | nothing in my bookmarks, sorry | 17:40 |
tomreyn | Pici: we miss ubottu - could you have a look? | 18:38 |
kab0m | is there a minimum disksize for a ubuntu-server installation? because i tried with 5gb and i couldn't select the disk as it is greyed out in the installer? | 19:46 |
Ussat | thats a bit small | 19:47 |
Ussat | I mean disk is cheap......I would think at least 20 | 19:47 |
kab0m | Ussat: i think 20gig a bit overpowered for a little service thats running on this thing. | 19:48 |
Ussat | well then choose what you want | 19:49 |
Ussat | like I said disk is cheap | 19:49 |
kab0m | https://help.ubuntu.com/community/Installation/SystemRequirements#Ubuntu_Server_.28CLI.29_Installation states 5GB should be enough...but the installer says nothing about | 19:49 |
Ussat | ... | 19:50 |
kab0m | Ussat: btw its a VM | 19:50 |
Ussat | so use 10 | 19:50 |
tomreyn | 10 works fine for a basic installation without many services | 19:58 |
kab0m | 10G was the key, thanks Ussat and tomreyn | 19:59 |
Ussat | I just thin provision all my vm's and dont worry about it. If you give it 100G it doesnt matter, only uses what it needs | 20:00 |
tomreyn | thanks Pici, it's back | 20:13 |
RoyK | kab0m: 2GB should do for a server - I have that on a few VMs | 22:06 |
RoyK | the base install for a server takes up 1GB or perhaps 1,2GB | 22:07 |
RoyK | plus swap | 22:08 |
kab0m | RoyK: Strange...i couldn't install it with 5GB as the installer greyed out the disk and i had to up the size to at least 9GB..how did you pass the ubuntu-server installer with that small disk? | 22:08 |
RoyK | you want a bit of swap | 22:08 |
RoyK | kab0m: was this the new installer or the old one? | 22:08 |
kab0m | RoyK: the latest ubuntu-18.04.2-live-server-amd64.iso | 22:09 |
RoyK | use the old installer | 22:09 |
RoyK | you really don't need nine gigs for a basic server installation | 22:10 |
kab0m | which one is the installer and what exactly is the difference? | 22:10 |
RoyK | and then - take a copy of that installation and use it again | 22:10 |
RoyK | the new installer is fancy and flashy and - well - sucks | 22:10 |
RoyK | they made a new one to make everything flashy and forgot about making it useful | 22:11 |
mybalzitch | hate it when that happens | 22:11 |
RoyK | even for ubuntu desktop, you won't need 9 gigs for a base install | 22:11 |
kab0m | RoyK: Ok good to know :D where can i find the "old" installer? and does it have any disadvantages? | 22:12 |
kab0m | RoyK: LOL iirc the desktop installer now requires at least 20GB ore something like that? ^^ | 22:12 |
kab0m | its just insane | 22:13 |
RoyK | kab0m: "traditional installer" on ubuntu.com download | 22:13 |
RoyK | kab0m: that's just bit weird | 22:13 |
f2600 | anyone here | 22:13 |
RoyK | o/ | 22:14 |
tomreyn | no | 22:14 |
f2600 | looking for websites or book recommendations that go in depth on securing 18.04. My searches give pretty basic security info and looking to see if community has some recommendations | 22:15 |
kab0m | RoyK: well, i fell for the shiny new installer as canonical has hidden the traditional very well on their download page as i see now^^ | 22:16 |
rbasak | It's because the installer uses an image which is generated at 8G. | 22:16 |
rbasak | If you're using a VM, using an installer is like being in the dark ages. Use a cloud image. | 22:16 |
rbasak | kab0m, RoyK: ^ | 22:16 |
kab0m | rbasak: ahhh thanks for the insight. ahm ok, where can i find the cloud images...also on ubuntu.com? | 22:17 |
rbasak | cloud-images.ubuntu.com, but rather than using it direct, use tooling that uses an image. | 22:17 |
rbasak | Try vagrant or multipass or uvtool. | 22:17 |
kab0m | rbasak: tbh i have my vms running in virtualbox lol i guess something like unraid etc would be a better idea...but that would mean i would have to migrate everything, which i try to avoid atm | 22:19 |
rbasak | vagrant supports virtualbox natively I think. | 22:19 |
rbasak | Though vagrant images aren't suitable for production use unless they've changed how they do things. | 22:19 |
kab0m | rbasak: is vagrant some kind of esxi vsphere clone? | 22:22 |
ec0 | vagrant is a tool for automating VM install and configuration | 22:33 |
ec0 | it has a virtualbox provider by default, but there's also other ones. I use the libvirt provider quite often to bring up VMs on KVM for testing purposes. | 22:34 |
ec0 | the ISOs for the installer are also pretty easy to snag from archive.ubuntu.com | 22:34 |
kab0m | thanks ec0 | 22:45 |
ec0 | no problem! | 23:06 |
Exmix | So obviously I have UFW enabled on my Ubuntu Server, i have it to allow SSH, and Apache as I use it as a Web Server and a SFTP Server. I recently installed PiHole onto it so I can use my RaspberryPi for other nifty and fun things. Anyway, since I have the PiHole as my DHCP server and such, I would need to allow ports 67, and 68 correct? Would I also need to allow DNS(53)? | 23:12 |
mybalzitch | yes if you are serving dns to the restof the network | 23:15 |
mybalzitch | (which you probably will want to) | 23:15 |
Exmix | Ok, Thank you. Now my other question is, if I 'ufw allow 67' it will add it to v6 as well, is that necessary or is there a way not add it to v6 | 23:25 |
Exmix | or does it really not matter? | 23:30 |
=== Bodenhaltung_ is now known as Bodenhaltung | ||
OerHeks | Exmix, no, The excellent thing about UFW is that enables the firewall on both IP stacks | 23:46 |
Exmix | So it doesn't matter if the v6 is there or not, gotcha. Thanks OerHeks | 23:51 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!