[03:23] <Exmix> Anyone know a semi-quick/simple way to install OpenVPN on Ubuntu Server(Kinda similar to how PiVPN is easy to install)
[04:38] <gartral> I have a vm that's inaccessable... it's in emergency and asking for a root password... but as we know, ubuntu doesn't have a default root pass... what do I do here?!?!
[04:40] <gartral> it's a server 18.04 vm on a xen host (not xenserver, straight xen project), so I can't just boot an ISO, I tried, it doesn't boot
[07:25] <zzlatev> Hi guys
[08:31] <zzlatev> A start job is running for raise network interfaces (5 mins 1 sec)
[08:31] <zzlatev> can you help me
[08:48] <ren0v0> Hi, when i login via SSH to my server it says "67 packages can be updated", but when I run apt upgrade it says 0 packages to upgrade?
[09:00] <ren0v0> Seems completely broken somewhere!  https://pastebin.com/ump3RWZu
[09:00] <ren0v0> can anyone assist?
[09:36] <ren0v0> Think its the MOTD
[09:36] <ren0v0> anyone know how to force update it ?
[10:20] <rbasak> ren0v0: what's the output of running /usr/lib/update-notifier/apt-check? That's what the motd uses.
[10:22] <rbasak> ren0v0: I think you can remove /var/lib/update-notifier/updates-available but it gets recreated daily (or something like that) anyway
[10:22] <rbasak> ren0v0: via /etc/update-motd.d/90-updates-available
[15:12] <technoob> Hi guys
[15:12] <technoob> Need help
[15:13] <technoob> I have a problem in installing pihole docker version on ubuntu server 18
[15:13] <technoob> It says that port 53 is alrrady used
[15:16] <technoob> Anyone can help me?
[15:51] <blackflow> technoob: perhaps fix your connection first.
[15:51] <technoob> How?
[15:51] <blackflow> technoob: your connection that's making you disconnect from IRC I mean
[15:51] <technoob> I see
[15:51] <blackflow> nobody here is gonna play parrots to repeat stuff said when you were disconnected
[15:52] <technoob> Its because of my phone
[15:52] <blackflow> that said.... on a certain IP address (like localhost), there can be only one process listening at a port number
[15:52] <blackflow> by default ubuntu uses systemd-resolved as local resolver (and before that dnsmasq) which are all taking port 53. So if you want something else to listen on that <ip>:<port> combo, you'll have to disable whatever is running right now.
[15:52] <technoob> My phone keeps on disconnecting sorry
[15:53] <technoob> I see
[15:54] <technoob> How do i disable those running? I tried netstat and i see dnsmasq and systemd resolver
[15:54] <technoob> Those 2 are listening
[15:55] <blackflow> they can't both be listening on the same ip:port combo
[15:55] <blackflow> iirc systemd-resolved is not at 127.0.0.1, right?
[15:59] <technoob> Im not sure what ip it was
[15:59] <technoob> My server is off right now
[15:59] <technoob> So couldnt check
[15:59] <technoob> But dnsmasq and the resolver have different ip
[15:59] <technoob> But same port
[16:01] <tomreyn> it listens _of course_ ;-) at 127.0.0.53
[16:04] <technoob> Backflow
[16:04] <technoob> blackflow
[16:05] <blackflow> technoob: alright so, you have two options here. One, use pihole as the only resolver, or two, tell resolved to use pihole as its "upstream" (since resolved is just stub)
[16:06] <blackflow> option two should be most simple one, requiring only a change in /etc/systemd/resolved.conf, adding a proper DNS= line. That also requires your pihole docker to run at another ip
[16:07] <technoob> Ill try the easy one
[16:07] <technoob> So what dns should i add or change in conf
[16:11] <technoob> blackflow
[16:12] <blackflow> to the IP where the pihole is listening on
[16:12] <mybalzitch> why don't you learn to create a network in docker, then have your pihole docker use a specific ip on your network, without having to gut ubuntu's resolv system
[16:12] <blackflow> there we go.... the parrot game
[16:12] <mybalzitch> technoob: why don't you learn to create a network in docker, then have your pihole docker use a specific ip on your network, without having to gut ubuntu's resolv system
[16:13] <blackflow> technoob: and set DNS=   to the IP where the pihole is listening on
[16:14] <technoob> mybalzitch i see. I could do that too but im really new to sysadmin and alot of things are so confusing
[16:14] <technoob> Thats why im asking
[16:15] <technoob> But i will take into consideration your advice as i too also dont like to gut ubuntus default configuration
[16:16] <technoob> That was the reason why i opted to use a docker so that there is minimal changes done to the original env
[16:16] <technoob> Forgive me if i have used wrong terms
[16:16] <technoob> blackflow thanks ill try that maybe later as i need to get some shut eye
[16:30] <kab0m> Hi everyone.
[16:31] <kab0m> What is the best way to setup a VM as a vpn-router? has someone a guide on hand? I tried now serveral times and problems with dnsmasq openvpn and dnsleaks are coming back, im stuck.
[16:33] <blackflow> kab0m: debian or ubuntu. last you asked about resolv.conf was for debian. the two have very different default network settings paradigms.
[16:34] <kab0m> blackflow: i tried with both debian and ubuntu...no success so far...atm im happy with any of those two systems.i just need to get things running
[16:34] <kab0m> *i would be hapyp with guides for any of those systems
[16:35] <blackflow> kab0m: what I'd personally do, and what I _do_ actually, is replace the default resolving stack wiht a local bind resolver. you can use unbound as well. which includes a static /etc/resolv.conf . most flexible, best control, no leaks.   In contrast, there's been a plenty of reports about systemd-resolved not playing nicely with VPNs
[16:36] <blackflow> default stuffs in ubuntu are complex layers upon layers of reinvented or badly invented software.
[17:39] <kab0m> blackflow: thanks for the hints ;) do you maybe have a guide or a tutorial which i can use to start with?
[17:40] <blackflow> nothing in my bookmarks, sorry
[18:38] <tomreyn> Pici: we miss ubottu - could you have a look?
[19:46] <kab0m> is there a minimum disksize for a ubuntu-server installation? because i tried with 5gb and i couldn't select the disk as it is greyed out in the installer?
[19:47] <Ussat> thats a bit small
[19:47] <Ussat> I mean disk is cheap......I would think at least 20
[19:48] <kab0m> Ussat: i think 20gig a bit overpowered for a little service thats running on this thing.
[19:49] <Ussat> well then choose what you want
[19:49] <Ussat> like I said disk is cheap
[19:49] <kab0m> https://help.ubuntu.com/community/Installation/SystemRequirements#Ubuntu_Server_.28CLI.29_Installation states 5GB should be enough...but the installer says nothing about
[19:50] <Ussat> ...
[19:50] <kab0m> Ussat: btw its a VM
[19:50] <Ussat> so use 10
[19:58] <tomreyn> 10 works fine for a basic installation without many services
[19:59] <kab0m> 10G was the key, thanks Ussat and tomreyn
[20:00] <Ussat> I just thin provision all my vm's and dont worry about it. If you give it 100G it doesnt matter, only uses what it needs
[20:13] <tomreyn> thanks Pici, it's back
[22:06] <RoyK> kab0m: 2GB should do for a server - I have that on a few VMs
[22:07] <RoyK> the base install for a server takes up 1GB or perhaps 1,2GB
[22:08] <RoyK> plus swap
[22:08] <kab0m> RoyK: Strange...i couldn't install it with 5GB as the installer greyed out the disk and i had to up the size to at least 9GB..how did you pass the ubuntu-server installer with that small disk?
[22:08] <RoyK> you want a bit of swap
[22:08] <RoyK> kab0m: was this the new installer or the old one?
[22:09] <kab0m> RoyK: the latest ubuntu-18.04.2-live-server-amd64.iso
[22:09] <RoyK> use the old installer
[22:10] <RoyK> you really don't need nine gigs for a basic server installation
[22:10] <kab0m> which one is the installer and what exactly is the difference?
[22:10] <RoyK> and then - take a copy of that installation and use it again
[22:10] <RoyK> the new installer is fancy and flashy and - well - sucks
[22:11] <RoyK> they made a new one to make everything flashy and forgot about making it useful
[22:11] <mybalzitch> hate it when that happens
[22:11] <RoyK> even for ubuntu desktop, you won't need 9 gigs for a base install
[22:12] <kab0m> RoyK: Ok good to know :D where can i find the "old" installer? and does it have any disadvantages?
[22:12] <kab0m> RoyK: LOL iirc the desktop installer now requires at least 20GB ore something like that? ^^
[22:13] <kab0m> its just insane
[22:13] <RoyK> kab0m: "traditional installer" on ubuntu.com download
[22:13] <RoyK> kab0m: that's just  bit weird
[22:13] <f2600> anyone here
[22:14] <RoyK> o/
[22:14] <tomreyn> no
[22:15] <f2600> looking for websites or book recommendations that go in depth on securing 18.04. My searches give pretty basic security info and looking to see if community has some recommendations
[22:16] <kab0m> RoyK: well, i fell for the shiny new installer as canonical has hidden the traditional very well on their download page as i see now^^
[22:16] <rbasak> It's because the installer uses an image which is generated at 8G.
[22:16] <rbasak> If you're using a VM, using an installer is like being in the dark ages. Use a cloud image.
[22:16] <rbasak> kab0m, RoyK: ^
[22:17] <kab0m> rbasak: ahhh thanks for the insight. ahm ok, where can i find the cloud images...also on ubuntu.com?
[22:17] <rbasak> cloud-images.ubuntu.com, but rather than using it direct, use tooling that uses an image.
[22:17] <rbasak> Try vagrant or multipass or uvtool.
[22:19] <kab0m> rbasak: tbh i have my vms running in virtualbox lol i guess something like unraid etc would be a better idea...but that would mean i would have to migrate everything, which i try to avoid atm
[22:19] <rbasak> vagrant supports virtualbox natively I think.
[22:19] <rbasak> Though vagrant images aren't suitable for production use unless they've changed how they do things.
[22:22] <kab0m> rbasak: is vagrant some kind of esxi vsphere clone?
[22:33] <ec0> vagrant is a tool for automating VM install and configuration
[22:34] <ec0> it has a virtualbox provider by default, but there's also other ones. I use the libvirt provider quite often to bring up VMs on KVM for testing purposes.
[22:34] <ec0> the ISOs for the installer are also pretty easy to snag from archive.ubuntu.com
[22:45] <kab0m> thanks ec0
[23:06] <ec0> no problem!
[23:12] <Exmix> So obviously I have UFW enabled on my Ubuntu Server, i have it to allow SSH, and Apache as I use it as a Web Server and a SFTP Server. I recently installed PiHole onto it so I can use my RaspberryPi for other nifty and fun things. Anyway, since I have the PiHole as my DHCP server and such, I would need to allow ports 67, and 68 correct? Would I also need to allow DNS(53)?
[23:15] <mybalzitch> yes if you are serving dns to the restof the network
[23:15] <mybalzitch> (which you probably will want to)
[23:25] <Exmix> Ok, Thank you. Now my other question is, if I 'ufw allow 67' it will add it to v6 as well, is that necessary or is there a way not add it to v6
[23:30] <Exmix> or does it really not matter?
[23:46] <OerHeks> Exmix, no, The excellent thing about UFW is that enables the firewall on both IP stacks
[23:51] <Exmix> So it doesn't matter if the v6 is there or not, gotcha. Thanks OerHeks