[00:09] <zzlatev> hey guys
[02:59] <soulseeker> can usb ethernet have usage for installing with mini.iso
[03:00] <soulseeker> I was looking at the codes and notice  the mimics
[03:01]  * soulseeker jerks arm for the mimics
[03:01]  * soulseeker spins arm 
[03:02]  * soulseeker wiggle wiggle
[06:10] <lordievader> Good morning
=== Wryhder is now known as Lucas_Gray
[13:39] <phobosoph> hi
[13:39] <phobosoph> So I had an issue yesterday where the ubuntu dist updater tool was cancelled and then wanted me to upgrade before starting the upgrade afterwards.
[13:40] <phobosoph> I was able to fix this: Just replace the codename of distribution to update to with the codename of old distribution
[13:40] <phobosoph> in /etc/apt/sources.list
[13:42] <sdeziel> phobosoph: did it allow you to start the process again?
[13:43] <phobosoph> yes
[13:43] <phobosoph> it is running right now, looks good
[13:43] <sdeziel> great
[13:44] <phobosoph> I am using the KVM console instead SSH to keep connection during upgrade
[13:45] <RoyK> phobosoph: do-release-upgrade should do the job - no need to do it the debian way
[14:31] <catbadger> hi!
[14:32] <RoyK> hello
[14:34] <catbadger> I am looking to set up a gateway server with 2 nics. i am using iptables to pass the traffic from my internal network out to the world as is, but i want to set up reverse proxy for some servers. I want these servers to handle their own ssl and such, and just want the gateway to proxy all traffic for the servers FQDN to the server's internal ip. once that is up i want to be able to set up alarms based on traffic volume and maybe do some stuff
[14:34] <catbadger> after. I thought squid was the right fit but it insists on being a caching server that handles the ssl and such for each server...
[14:34] <catbadger> is there a project that's better suited to what i'm trying to do than squid?
[14:38] <sdeziel> catbadger: for a reverse proxy thing, I'd look at nginx or haproxy, both are really nice
[14:38] <sdeziel> catbadger: if you want to terminate SSL/TLS on the backends, haproxy might be better suited for the job
[14:39] <catbadger> that sounds about right. does haproxy let me analyze the traffic to each destination in real time?
[14:40] <RoyK> catbadger: haproxy with the certs will probably be easier
[14:40] <sdeziel> catbadger: if you terminate TLS at the backends, haproxy would operate in TCP proxy mode, not much to inspect but you'd get TCP logging
[14:41] <RoyK> catbadger: or nginx
[14:41] <RoyK> nginx is good for proxying https to http or even to https if you don't trust the network in the back
[14:41] <sdeziel> catbadger: in TCP proxy mode, you can generally look at the unencrypted portion of the TLS session so you can learn which hostname/cipher/proto ... but nothing more
[14:42] <catbadger> that's ok. i just want to be able to analyze volume from the proxy
[14:43] <RoyK> it should be easy for both, last I checked
[14:43] <catbadger> okie thank you all
[14:43] <catbadger> both
[14:43] <RoyK> just setup grafana or something to draw the graphs :)
[14:44] <RoyK> or just zabbix - or munin or …
[15:02] <phobosoph> hi
[15:02] <phobosoph> Sick question: Is it possible to downgrade smbd on bionic to the samba/smbd used by xenial? :)
[15:04] <teward> unlikely given build depends, etc.
[15:04] <teward> not certain you can't but it's probably *unlikely*
[15:06] <Ussat> 8 ball says.....prob not
[15:07] <phobosoph> teward, Ussat: I need to install the samba package from Xenial on my Bionic Ubuntu system
[15:07] <teward> yes you said that already
[15:07] <Ussat> Ya, survey says..........not a good idea
[15:08] <Ussat> deps will be different to start
[15:08] <teward> ^
[15:08] <Ussat> lets start here, WHY do you need that one ?
[15:08] <teward> ^ this as well
[15:08] <teward> 'cause it sounds like an XY problem in the current way you asked
[15:09] <blackflow> the bot has factoids :)
[15:09] <blackflow> !xy
[15:09] <ubottu> The XY problem is when you need to do X, and you think you can use Y to do X, so you ask about how to do Y, when what you really should do is state what your X problem is. There may be a Z solution that is even better than Y, but nobody can suggest it if X is never mentioned.
[15:10] <phobosoph> OK, so this is Ubuntu on WSL (Windows Subsystem for Linux) and samba from Bionic Ubuntu (from Canonical) got  issues starting)
[15:10] <Ussat> OK....full stop right there
[15:10] <phobosoph> it worked with the samba from Ubuntu Xenial
[15:11] <Ussat> WSL is NOT real ubuntu, networking stuff is VERY different
[15:11] <phobosoph> right
[15:11] <Ussat> use a VM if you must
[15:11] <Ussat> doin ANY network stuff with WSL may or may not work
[15:11] <blackflow> WSL is really just one emulated bash process
[15:11] <Ussat> really, use a VM
[15:11] <Ussat> ^^^
[15:12] <Ussat> You will be much happier with a VM, VMware player is free
[15:13] <Ussat> WSL is in my opinion, a novelty.....its ok for some light stuff, network stuff is not one of those
[15:14] <jerichowasahoax> why are you installing samba in a windows-emulation
[15:15] <jerichowasahoax> instead of, say, the built in samba daemon in windows
[15:15] <jerichowasahoax> this sounds like we're at least two levels of xy problem deep
[15:15] <Ussat> jerichowasahoax, and that ya
[15:15] <phobosoph> samba windows daemon? :O
[15:15] <phobosoph> right
[15:15] <Ussat> what ere you REALLY trying to do
[15:15] <phobosoph> because samba is used through a ssh tunnel :D
[15:15] <Ussat> ...
[15:15] <phobosoph> so the target box can git clone
[15:16] <Ussat> REALLY dont use WSL
[15:16] <jerichowasahoax> look fam just throw the whole project away and start over
[15:16] <Ussat> use a VM and then share the folders via the hypervisor
[15:16] <Ussat> WSL is a very bad idea for this
[15:17] <jerichowasahoax> why are you trying to git clone through samba anyway
[15:17] <jerichowasahoax> what possible advantage would that have
[15:18] <phobosoph> the deployment thing wants a git repository - and I don't want to host all these git repos publicly
[15:18] <phobosoph> so I use a SSH tunnel and samba so it can clone locally (from its perspective)
[15:18] <Ussat> so...use git for windows if you must
[15:18] <phobosoph> hm
[15:19] <jerichowasahoax> i use openvpn for that
[15:19] <Ussat> but ya ssh + samba + wsl = bad juju
[15:19] <phobosoph> VPN stuff, interesting!
[15:19] <jerichowasahoax> stick openvpn on a box, git clone ssh://vcs.internal.example.com/project.git
[15:19] <phobosoph> I have to use a SSH reverse tunnel though because my internet is behind a double NAT - or rather my ISP NATs me anyway
[15:20] <Ussat> wait, if youre useing ssh, no need to use a vpn
[15:20] <phobosoph> right, I use a reverse SSH from the target machine to get a samba mount
[15:20] <Ussat> You REALLY need to sit down and draw this out...because this is ugly. and DONT use WSL
[15:20] <phobosoph> originally I used NFS but it was behaving bad, it often got stuck
[15:20] <phobosoph> hm right
[15:21] <jerichowasahoax> if you must use an ubuntu "guest" for this task, install hyper-v
[15:21] <Ussat> or vmware player
[15:21] <jerichowasahoax> he's already got the windows license, most of those come with hyper-v now
[15:21] <Ussat> unless its win7
[15:22] <phobosoph> right, I got pro + hyperv support, I use it for docker on windows
[15:22] <Ussat> and player is free
[15:22] <Ussat> I am not a hyper-v fan is all I am sure its fine
[15:22] <jerichowasahoax> i'm kind of allergic to vmware, myself ;-)
[15:23] <Ussat> I have a little over 1k *nix systems in esxi :)
[15:24] <jerichowasahoax> i most strongly prefer qemu kvms but windows doesn't have those afaik
[15:24] <jerichowasahoax> hyper-v comes close
[15:26] <phobosoph> I am not a fan of hyper-v :)  I had issues with ipv6 and ubuntu as guest
[15:26] <phobosoph> but after disablign ipv6 completely in ubuntu guest it works fine
[16:31] <phobosoph> hi
[16:31] <phobosoph> So I am now using native Windows file sharing service instead of samba
[16:31] <phobosoph> I still use WSL though - but this works very nicely now.
[16:32] <phobosoph> it tunnels over SSH, directly using the SSH client options
[16:32] <phobosoph> so on the server/target system side I only need samba package for cifs-utils
[16:41] <catbadger> my 18.04 reverse tcp proxy setup is failing to start haproxy https://pastebin.com/jaZv8xgZ PLEASE HELP I'M FREAKING OUT
[16:44] <sarnold> catbadger: any error messages in the log? any errors in dmesg? what gives you the impression it's not working?
[16:46] <sdeziel> catbadger: you may want to use "haproxy -c -f /etc/haproxy/haproxy.cfg" to sanity check the config
[16:47] <sdeziel> the line "server [domainnamehere.com] 192.168.0.2:* check" looks bogus to me
[16:48] <phobosoph> he, I also got some haproxy experience and yes, its logging thing is strange
[16:52] <sdeziel> phobosoph: the log config in there looks pretty much like the stock config, no?
[16:57] <phobosoph> dev/log, so syslog?
[16:58] <sdeziel> yup, that's a dedicated socket created inside the default chroot
=== Wryhder is now known as Lucas_Gray
[16:59] <sdeziel> the magic happens in /etc/rsyslog.d/49-haproxy.conf
[17:16] <catbadger> @sarnold @sdeziel thank you. i got it working
[17:17] <sdeziel> yw
[17:17] <sarnold> catbadger: cool, what was it?
[17:17] <catbadger> the config was completely wrong.
[17:17] <catbadger> haha
[17:17] <catbadger> changed a lot
[17:18] <sarnold> well, that'll do it :)
=== gislaved2 is now known as gislaved
[18:30] <foo> I have screen overriding my titles I set with ctrl+a A ... any idea where this might be stored?
[18:30] <foo> or what setting that is? it seems to update it with a path
[18:31] <sarnold> is it perhaps your PS1 environment variable?
[18:34] <foo> sarnold: thank you, that's possible. I wonder if screen is set to override that when values of PS1 change
[18:34] <foo> $ echo $PS1
[18:34] <foo> [\u@\h \W]\$
[18:34] <foo> eg. I want it to stay at whatever I set it at with ctrl+a A
[18:34] <sarnold> hmm. that's nice and boring. bummer.
[18:35] <foo> sarnold: what is "that" - my PS1, or what I want it to do?
[18:35] <sarnold> your PS1. that shouldn't cause retitling things
[18:39] <foo> sarnold: oh, ok, thanks. This must be a screen setting
[18:41] <sarnold> foo: what's in your ~/.screenrc?
[18:42] <foo> sarnold: nothing, must be a global setting overriding. I could snag from another system perhaps
[18:43] <sarnold> hmmmm. /etc/screenrc ?
[18:47] <foo> sarnold: thanks, yup. I bet it's in here... somewhere.
[21:28] <mwhudson> foo: PROMPT_COMMAND?
[21:44] <foo> mwhudson: looks like that could very well be it, thank you
[21:45] <mwhudson> foo: lots of places for things to hide :)
[21:52] <foo> mwhudson: :)
[21:52] <sarnold> mwhudson: ha :) nice