/srv/irclogs.ubuntu.com/2019/05/01/#ubuntu-server.txt

zzlatevhey guys00:09
soulseekercan usb ethernet have usage for installing with mini.iso02:59
soulseekerI was looking at the codes and notice  the mimics03:00
* soulseeker jerks arm for the mimics03:01
* soulseeker spins arm 03:01
* soulseeker wiggle wiggle03:02
lordievaderGood morning06:10
=== Wryhder is now known as Lucas_Gray
phobosophhi13:39
phobosophSo I had an issue yesterday where the ubuntu dist updater tool was cancelled and then wanted me to upgrade before starting the upgrade afterwards.13:39
phobosophI was able to fix this: Just replace the codename of distribution to update to with the codename of old distribution13:40
phobosophin /etc/apt/sources.list13:40
sdezielphobosoph: did it allow you to start the process again?13:42
phobosophyes13:43
phobosophit is running right now, looks good13:43
sdezielgreat13:43
phobosophI am using the KVM console instead SSH to keep connection during upgrade13:44
RoyKphobosoph: do-release-upgrade should do the job - no need to do it the debian way13:45
catbadgerhi!14:31
RoyKhello14:32
catbadgerI am looking to set up a gateway server with 2 nics. i am using iptables to pass the traffic from my internal network out to the world as is, but i want to set up reverse proxy for some servers. I want these servers to handle their own ssl and such, and just want the gateway to proxy all traffic for the servers FQDN to the server's internal ip. once that is up i want to be able to set up alarms based on traffic volume and maybe do some stuff14:34
catbadgerafter. I thought squid was the right fit but it insists on being a caching server that handles the ssl and such for each server...14:34
catbadgeris there a project that's better suited to what i'm trying to do than squid?14:34
sdezielcatbadger: for a reverse proxy thing, I'd look at nginx or haproxy, both are really nice14:38
sdezielcatbadger: if you want to terminate SSL/TLS on the backends, haproxy might be better suited for the job14:38
catbadgerthat sounds about right. does haproxy let me analyze the traffic to each destination in real time?14:39
RoyKcatbadger: haproxy with the certs will probably be easier14:40
sdezielcatbadger: if you terminate TLS at the backends, haproxy would operate in TCP proxy mode, not much to inspect but you'd get TCP logging14:40
RoyKcatbadger: or nginx14:41
RoyKnginx is good for proxying https to http or even to https if you don't trust the network in the back14:41
sdezielcatbadger: in TCP proxy mode, you can generally look at the unencrypted portion of the TLS session so you can learn which hostname/cipher/proto ... but nothing more14:41
catbadgerthat's ok. i just want to be able to analyze volume from the proxy14:42
RoyKit should be easy for both, last I checked14:43
catbadgerokie thank you all14:43
catbadgerboth14:43
RoyKjust setup grafana or something to draw the graphs :)14:43
RoyKor just zabbix - or munin or …14:44
phobosophhi15:02
phobosophSick question: Is it possible to downgrade smbd on bionic to the samba/smbd used by xenial? :)15:02
tewardunlikely given build depends, etc.15:04
tewardnot certain you can't but it's probably *unlikely*15:04
Ussat8 ball says.....prob not15:06
phobosophteward, Ussat: I need to install the samba package from Xenial on my Bionic Ubuntu system15:07
tewardyes you said that already15:07
UssatYa, survey says..........not a good idea15:07
Ussatdeps will be different to start15:08
teward^15:08
Ussatlets start here, WHY do you need that one ?15:08
teward^ this as well15:08
teward'cause it sounds like an XY problem in the current way you asked15:08
blackflowthe bot has factoids :)15:09
blackflow!xy15:09
ubottuThe XY problem is when you need to do X, and you think you can use Y to do X, so you ask about how to do Y, when what you really should do is state what your X problem is. There may be a Z solution that is even better than Y, but nobody can suggest it if X is never mentioned.15:09
phobosophOK, so this is Ubuntu on WSL (Windows Subsystem for Linux) and samba from Bionic Ubuntu (from Canonical) got  issues starting)15:10
UssatOK....full stop right there15:10
phobosophit worked with the samba from Ubuntu Xenial15:10
UssatWSL is NOT real ubuntu, networking stuff is VERY different15:11
phobosophright15:11
Ussatuse a VM if you must15:11
Ussatdoin ANY network stuff with WSL may or may not work15:11
blackflowWSL is really just one emulated bash process15:11
Ussatreally, use a VM15:11
Ussat^^^15:11
UssatYou will be much happier with a VM, VMware player is free15:12
UssatWSL is in my opinion, a novelty.....its ok for some light stuff, network stuff is not one of those15:13
jerichowasahoaxwhy are you installing samba in a windows-emulation15:14
jerichowasahoaxinstead of, say, the built in samba daemon in windows15:15
jerichowasahoaxthis sounds like we're at least two levels of xy problem deep15:15
Ussatjerichowasahoax, and that ya15:15
phobosophsamba windows daemon? :O15:15
phobosophright15:15
Ussatwhat ere you REALLY trying to do15:15
phobosophbecause samba is used through a ssh tunnel :D15:15
Ussat...15:15
phobosophso the target box can git clone15:15
UssatREALLY dont use WSL15:16
jerichowasahoaxlook fam just throw the whole project away and start over15:16
Ussatuse a VM and then share the folders via the hypervisor15:16
UssatWSL is a very bad idea for this15:16
jerichowasahoaxwhy are you trying to git clone through samba anyway15:17
jerichowasahoaxwhat possible advantage would that have15:17
phobosophthe deployment thing wants a git repository - and I don't want to host all these git repos publicly15:18
phobosophso I use a SSH tunnel and samba so it can clone locally (from its perspective)15:18
Ussatso...use git for windows if you must15:18
phobosophhm15:18
jerichowasahoaxi use openvpn for that15:19
Ussatbut ya ssh + samba + wsl = bad juju15:19
phobosophVPN stuff, interesting!15:19
jerichowasahoaxstick openvpn on a box, git clone ssh://vcs.internal.example.com/project.git15:19
phobosophI have to use a SSH reverse tunnel though because my internet is behind a double NAT - or rather my ISP NATs me anyway15:19
Ussatwait, if youre useing ssh, no need to use a vpn15:20
phobosophright, I use a reverse SSH from the target machine to get a samba mount15:20
UssatYou REALLY need to sit down and draw this out...because this is ugly. and DONT use WSL15:20
phobosophoriginally I used NFS but it was behaving bad, it often got stuck15:20
phobosophhm right15:20
jerichowasahoaxif you must use an ubuntu "guest" for this task, install hyper-v15:21
Ussator vmware player15:21
jerichowasahoaxhe's already got the windows license, most of those come with hyper-v now15:21
Ussatunless its win715:21
phobosophright, I got pro + hyperv support, I use it for docker on windows15:22
Ussatand player is free15:22
UssatI am not a hyper-v fan is all I am sure its fine15:22
jerichowasahoaxi'm kind of allergic to vmware, myself ;-)15:22
UssatI have a little over 1k *nix systems in esxi :)15:23
jerichowasahoaxi most strongly prefer qemu kvms but windows doesn't have those afaik15:24
jerichowasahoaxhyper-v comes close15:24
phobosophI am not a fan of hyper-v :)  I had issues with ipv6 and ubuntu as guest15:26
phobosophbut after disablign ipv6 completely in ubuntu guest it works fine15:26
phobosophhi16:31
phobosophSo I am now using native Windows file sharing service instead of samba16:31
phobosophI still use WSL though - but this works very nicely now.16:31
phobosophit tunnels over SSH, directly using the SSH client options16:32
phobosophso on the server/target system side I only need samba package for cifs-utils16:32
catbadgermy 18.04 reverse tcp proxy setup is failing to start haproxy https://pastebin.com/jaZv8xgZ PLEASE HELP I'M FREAKING OUT16:41
sarnoldcatbadger: any error messages in the log? any errors in dmesg? what gives you the impression it's not working?16:44
sdezielcatbadger: you may want to use "haproxy -c -f /etc/haproxy/haproxy.cfg" to sanity check the config16:46
sdezielthe line "server [domainnamehere.com] 192.168.0.2:* check" looks bogus to me16:47
phobosophhe, I also got some haproxy experience and yes, its logging thing is strange16:48
sdezielphobosoph: the log config in there looks pretty much like the stock config, no?16:52
phobosophdev/log, so syslog?16:57
sdezielyup, that's a dedicated socket created inside the default chroot16:58
=== Wryhder is now known as Lucas_Gray
sdezielthe magic happens in /etc/rsyslog.d/49-haproxy.conf16:59
catbadger@sarnold @sdeziel thank you. i got it working17:16
sdezielyw17:17
sarnoldcatbadger: cool, what was it?17:17
catbadgerthe config was completely wrong.17:17
catbadgerhaha17:17
catbadgerchanged a lot17:17
sarnoldwell, that'll do it :)17:18
=== gislaved2 is now known as gislaved
fooI have screen overriding my titles I set with ctrl+a A ... any idea where this might be stored?18:30
fooor what setting that is? it seems to update it with a path18:30
sarnoldis it perhaps your PS1 environment variable?18:31
foosarnold: thank you, that's possible. I wonder if screen is set to override that when values of PS1 change18:34
foo$ echo $PS118:34
foo[\u@\h \W]\$18:34
fooeg. I want it to stay at whatever I set it at with ctrl+a A18:34
sarnoldhmm. that's nice and boring. bummer.18:34
foosarnold: what is "that" - my PS1, or what I want it to do?18:35
sarnoldyour PS1. that shouldn't cause retitling things18:35
foosarnold: oh, ok, thanks. This must be a screen setting18:39
sarnoldfoo: what's in your ~/.screenrc?18:41
foosarnold: nothing, must be a global setting overriding. I could snag from another system perhaps18:42
sarnoldhmmmm. /etc/screenrc ?18:43
foosarnold: thanks, yup. I bet it's in here... somewhere.18:47
mwhudsonfoo: PROMPT_COMMAND?21:28
foomwhudson: looks like that could very well be it, thank you21:44
mwhudsonfoo: lots of places for things to hide :)21:45
foomwhudson: :)21:52
sarnoldmwhudson: ha :) nice21:52

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!