daftykinspresume i'll have to force reboot xD00:00
TJ-send ctrl-alt-del from the hypervisor?00:01
Bashing-omdaftykins: ' systemctl reboot ' ?00:01
TJ-you should be able to do systemctl reboot00:01
daftykinsah well i forced it already00:01
daftykinsit took the password properly that time, booting recovery mode00:02
daftykinsooh heck of a lot of angry services00:04
TJ-that's unexpected, unless it is due to no network00:06
daftykinsi popped netplan.io on and copied my conf, so i had an IP but non-working DNS00:09
daftykinsjust erased resolv.conf by hand and set a basic one so i could install openssh-server as i seem to have forgotten that too00:09
TJ-eeek, never delete it, let systemd-resolved manage it00:12
daftykinsit must have had missing paths as the symlink was dead00:13
daftykinsi think i can get by on that much, i just need fstab but it sucks having to edit through this console00:13
daftykinsfor some reason SSHing in as my user i get auto disconnected00:13
daftykinssome property of the recovery mode perhaps?00:13
TJ-does it actually connect? is there a separate /home/ that isn't mounted due to no fstab?00:14
daftykinsyep connects and gets killed after entering a password, nah /home/username is there fine00:15
TJ-journalctl -u ssh00:15
daftykinsnevermind i have echo'd blkid into /etc/fstab and will just edit it down to what i want00:15
daftykinsthis was quite the adventure00:20
TJ-TIL ?00:20
TJ-is it working correctly now?00:20
daftykinsstill booting00:21
daftykinsi see a message under plymouth "cryptsetup: xvda5_crypt: set up successfully"00:21
daftykinslooks like i made an fstab error00:22
daftykinsanywho i'll keep at it!00:22
daftykinsSSH and login fine :)00:22
TJ-that means the cryptsetup-initramfs worked correctly00:23
TJ-nice one!00:23
daftykins:D thanks for the assist!00:25
daftykinsso i need to fix at least this one from dmesg: [   21.162563] EXT4-fs (xvda1): VFS: Can't find ext4 filesystem00:25
daftykinsnot quite sure why that was wrong00:25
TJ-did you add an entry for xvda1 in fstab?00:28
daftykinsyeah to avoid having to prune down to UUIDs00:28
daftykinspresumably since it's encrypted that's erroneous00:28
TJ-I suspect you meant to put /dev/mapper/LUKS_BOOT00:28
TJ-that's where the ext FS is00:29
TJ-think of the block devices as a stack of those Russian dolls, one inside another ad infinitum00:29
TJ-then it is easier to relate which block device to reference00:30
daftykinsquick fix to /etc/hosts to allow sudo to resolve $hostname00:30
TJ-sda > sda1 > LUKS > ext4 > dir > file00:30
daftykinssystemctl status appeared to have a problem with a couple of units, might give me clues on what else is broken xD00:32
daftykinsbooting again to see what progress i've made00:32
TJ-at least you made it boot 1st time ... many fail on that00:32
daftykinshmm seem to be booting to a 30 second GRUB timeout on each boot now00:32
daftykinshehe :D yeah i can feel slightly smug!00:33
daftykinsin realworld terms though, how far ahead is all this versus using the installer's encrypted LVM option?00:33
TJ-that timeout is likely due to the OS not setting the boot-success flag that GRUB tests so it shows the menu and runs the timeout00:33
TJ-well the installer cannot encrypt a separate /boot/00:34
daftykinsmmm so there's the tamper risk00:34
TJ-that's the entire point of the tutorial00:34
daftykinsfor my use-case of a VM running atop an XCP-ng host though, do you think both choices are good enough?00:35
TJ-right - UEFI SecureBoot can at least detect tampering, but this makes it more difficult since kernel and initrd cannot be got at, and you can guard against GRUB's core being compromised in the BIOS boot by simply saving and checking its hash00:35
daftykins"systemctl status" reports a clean "running" now \o/00:36
daftykinsboot isn't particularly fast, but it gets there00:36
* TJ- awards daftykins the order of Tj, 1st class00:37
TJ-but it shouldn't boot more than once a year!00:37
daftykinswoohoo \o/00:37
daftykinshahaha, that's true... well it's going to be an R-Studio server, so once it's created, hopefully there'll not be much trouble00:37
daftykinsthanks to the beauty of virt, i can now snapshot that install and call it 'known good'00:38
daftykinswell, after removing my easy passphrase i suppose ;)00:39
daftykinswow i think it's time to step away and get food!00:40
TJ-good plan - I've not eaten today yet (Saturday) and I'm doing an overnighter at the office currently00:41
daftykinsooh my!00:42
daftykinsbig task on?00:42
daftykinswell many thanks once again, hope i didn't distract you too much :D00:42
TJ-I came in to do some electrical installations but can't make much noise overnight so doing some kernel build and test for our Turris Mox gateway switch/router, since I'm deploying Debian on it with latest kernel00:44
TJ-I can get on without distractions at weekends00:44
daftykinsah ha00:45
daftykinsright, to that food young man! :)00:45
TJ-anyone else think asdfgh isn't really using an Ubuntu install?01:49
daftykinsseems likely and i'm not even in there (:02:10
lotuspsychjegood morning03:38
TJ-morning lotuspsychje03:43
TJ-guess who's still working!03:44
lotuspsychjehey TJ-03:44
lotuspsychjewhat madness are you trying to solve this time TJ-03:44
TJ-right now? checking if the kernel 5.9-rc8 has fixed bugs that affect our Turris Mox gateway/switch/routers ... looks like one may be solved: the hardware switch was eating IPv6 DHCP discovery multicast broadcasts... just tested and client now gets an IPv6 from the DHCPv6 server03:46
TJ-the other issue is UAS for USB3 storage suffering constant aborts when storage is plugged in. not solved, but there is a workaround of disabling/blacklisting uas and allowing usb_storage module to handle it instead03:47
lotuspsychjewow must be some shiny router if it needs 5.903:47
TJ-the opposite. Turris ship it with an old 4.4 stable branch and openwrt, but I want Debian 10 + latest upstream kernel03:48
lotuspsychjei see03:49
TJ-The Mox is an amazing bit of kit - expandable via plug-on modules so we've got 3 x 8 gigabit ethernet modules, 1 x 4-port USB3, 1 x mini PCIe + SIM card slot, 1 x SFC port, and of course the CPU module itself03:49
TJ-so 26 gigabit ethernet ports03:50
lotuspsychjenever heared of that brand before03:50
TJ-it's an open-source hardware project from nic.cz the Czech network infrastructure organisation. They started off with a kickstarter for the home router Turris Omnia and then developed the Mox for business and ISP03:51
TJ-think - souped up RasPi designed for networking03:52
lotuspsychjedidnt know czechs were hardware players too :p03:53
lotuspsychjereviving old routers with linux, \o/03:59
daftykinsmost abandoned ones are on Linux :D04:03
TJ-Mox is very good; takes a lot to impress me but colour me impressed. We've been using them for about 6 months now04:13
TJ-the expandability via plug-on modules is the best bit by far. Add as many ethernet ports as you need04:15
DeyaaHow can I pass client IP throught nginx reverse proxy all the way to the website?06:26
* daftykins looks at the topic06:27
Maik!topic | Deyaa06:38
Maikhmmm... doesn't work, too bad06:39
DeyaaI'm Sorry06:39
DeyaaMaik: I thought it is related to Ubuntu06:39
Maiksupport is in #ubuntu06:40
Maikthis channel is non-support06:40
lotuspsychjeDeyaa: there's also ##networking for network issues general06:42
DeyaaOkay thanks guys I appreciate it06:43
=== TheBomb is now known as akem
oft_gegongis ubuntu done right?18:49
oft_gegongI'm 93% sure at least 84.7% of it is done right.18:50
=== Wanderer is now known as WanderingLich
tomreynTJ-: i guess you could say so, at least for new users who do not know about terminal, synaptic, gnome-software22:18
TJ-it's the NIH aspect that is so wrong, and Canonical has a terrible record in that regard22:19
tomreynit's how you make money22:19
tomreynthat's if it ever works out22:20
TJ-I disagree.. because now they've increased their cost base (dedicated developers)22:20
tomreynyou mean for developing the snap store?22:21
TJ-and when the next round of reorganisation/cuts hits, those devs may well be gone and it'll end up on life-support or orphaned as with Unity, ecryptfs, and countless others (Ubuntu One, etc.)22:21
TJ-tomreyn: developing and supporting the whole snap infrastructure... that'll only make money if it can reach a critical mass, but it is driving the audience away from Ubuntu22:21
tomreyni'm sure it would if ubuntu server goes apt-less, i.e. becomes ubuntu core22:23
* daftykins shudders in horror22:23
TJ-snap has driven me away and I've been a big supporter since 2004. I'm moving all our infra and workstations away to Debian/ I adopted LXD for containers but since it went snap-only I've dumped it and we now use k3s/k8s (Kubernetes)22:24
TJ-won't touch micro-k8s22:24
TJ-We've a few workstations still on Xubuntu but they're going to be moved off before xmas22:25
tomreynTJ-: i think there are basically two strategies by which canonical can make money: support services + ready-made solutions and hosted services, all of which they do and how they're surviving. and those vendor lock-in OS changes, but this only works when critical mass accepts them, which so far hasn't happened, and i don't think it will, ever.22:25
TJ-And of course we know longer recommend Ubuntu to clients22:26
tomreyni'm also moving back to debian, but it's a process22:26
TJ-tomreyn: agreed mostly; the niche for Ubuntu (server) is in cloud deployments and for desktop the relationship with Microsoft22:26
TJ-yep it is, but quite enjoyable :)22:27
TJ-Ironically though, I cannot support Debian on IRC since they have a stupid block on any IRC user with !*root*@  duh22:28
TJ-makes them read-only so cannot 'talk', or directly block from joining22:28
tomreyni'm not so happy with debian on a desktop. gnome-shell is nice there, without the changes, but those older software versions without PPAs aren't great. i guess i just need to start backporting myself.22:28
tomreynhehehe, block on root@irc22:29
daftykinsquick client config edit surely? :)22:29
TJ-ridiculous isn't it22:29
tomreynis this on both freenode and oftc?22:29
TJ-it's just theatre, whoever set that doesn't understand IRC nor the IDENT protocol22:29
TJ-tomreyn: yes, both22:29
tomreynthey have some stubborn sysadmins for sure22:30
tomreynsometimes that's good, other times bad22:30
TJ-OFTC: /join #debian = "#debian: Cannot join channel (+b)"22:30
tomreynwell, i guess you could work around it if you wanted ;)22:31
tomreynbut i also understand why you wouldnt22:31
jeremy31Using a terminal based IRC client22:32
TJ-their loss :)22:32
TJ-I run an ident server so can authenticate as root@ too22:33
tomreynTJ-: turns out the person you were helping is actually using unity, so maybe it was an entirely different 'app store' they had22:33
TJ-tomreyn: yeah I noticed that... Unity on 20.04 ?22:33
tomreynit's still in universe, i think22:33
TJ-right, but not a 'default' install option as was inferred22:34
daftykinsapparently a couple of people are trying to get it back in as a flavour22:34
tomreynoh, i think there is a fork which comes with unity22:34
TJ-I was helping a user with 2 NVMEs where one controller was disappearing randomly in ##linux ... I suggested swapping them between slots and so far the issue hasn't recurred! hard to explain the cause of that kind of voodoo22:35
TJ-daftykins: "couple" :D22:35
jeremy31bad connections22:35
TJ-jeremy31: it looks like a firmware bug22:35
daftykinsPCIe lane count / controller+firmware a bad mix maybe22:36
jeremy31TJ-: could be22:36
TJ-the NVMEs aren't identical and there is some evidence that the 2 slots aren't identical - some additional GPIO 'stuff' apparently22:36
* tomreyn shudders22:37
TJ-strangely the NVME that doesn't meet the spec (and is reported as such by the kernel) works fine; it's the 'correct' NVME that has the issue22:37
daftykinshrmm just noticed my sources.list in the debootstrap'd VM is very spartan, single line!23:08
Bashing-omdaftykins: My spartan source.kist - for your reference: https://termbin.com/w6rkd .23:11
daftykins:) thanks, much appreciated23:11
tomreynthe canonical partner repository only contains adobe flash (which i think will finally die by the end of this year), and google-cloud-sdk for focal23:13
tomreynso you may not even need that23:13
daftykinsconfused, i did a clean server install last night whilst tinkering - and that has universe and multiverse enabled, is that really default o023:14
tomreynshouldn't be, i guess, and i think there were bug reports about it before23:17
tomreyndaftykins: which image did you use?23:18
Bashing-omdaftykins: Great we  looked - I see an Uh OH in my sources.list file :(23:18
daftykinsubuntu-20.04.1-live-server-amd64.iso to be more precise23:19
daftykinsthat's the opposite of what i'm seeing23:24
tomreynyes, my point is that the configuration was changed on purpose23:24
Bashing-omNope - my sources.list stands as good - I just thought I had made an error :)23:27
tomreynhttps://bugs.launchpad.net/subiquity/+bug/1783129/comments/33 seems to state (i'm paraphrasing) "we want universe and it is now in there (again)"23:30

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!