[03:24] * foo troubleshooting a high priority issue trying to figure out what's going on [03:25] dear nginx, why didn't you come back online [03:26] # netstat -nap |grep 80 [03:26] tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25308/nginx: master [03:26] ... it looks like it's listening [03:28] huh, networking dns issue. [03:31] uh, I had changed /etc/hosts on a domain... I don't remember doing that. Anyway, disregard the foo... and maybe pity me, a little. ;) [03:36] Can anybody maybe help me? I get poor speeds on my dedicated Hetnzer box to me. I also get under the mentioned linespeed I have in a speedtest to a local server. Is there anyway I can improve this?' [03:38] lunatiq: If you describe the situation with a little more detail/clarity it might be easier to help. What have you done? What tools are you using? What results did you get? What results did you expect? What changes have you made to try to fix it? How much did they help? [03:45] blahdeblah_ I have enabled bbr. That seems to have doubled the speed to me. I just did that. [03:45] I'm using speedtest [03:47] System was throwing this: redis.exceptions.ResponseError: MISCONF Redis is configured to save RDB snapshots, but it is currently not able to persist on disk. Commands that may modify the data set are disabled, because this instance is configured to report errors during writes if RDB snapshotting fails (stop-writes-on-bgsave-error option). Please check the Redis logs for details about the RDB error. - [03:47] I've never seen this before, randomly started showing it. In the redis log I saw: 9787:M 08 Jan 18:57:03.013 # Can't save in background: fork: Cannot allocate memory ... the *only* thing that I could think that caused this was an rsync I did from from laptop to serverA (which had the issue). Is this possible? I rebooted the server and it solved it... but I realize that's not the ideal fix here. Not [03:47] sure what else I could have done to fix that [03:56] https://www.speedtest.net/result/c/679cf5e6-149f-4207-a632-32bfd814cf84 this is the result I got [03:56] I get more towards 1000 or 900 [04:03] how would I speedtest against these files https://speed.hetzner.de/ [04:13] lunatiq: curl or wget would be the usual way to test against those files [04:16] well this says I get my speeds :s [04:17] foo: If your redis server is complaining that it can't allocate memory, you need to work out what's using that memory. It might have been your rsync, but it could just as easily have been something else on the system. Look in /var/log/kern.log to see if the OOM killer was triggered. [04:18] foo: You're looking for a line something like this: [04:18] Jan 3 14:15:02 myhost kernel: [4752161.961871] rsync_bpc invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [04:19] foo: But there might be other things still running that are using the memory; use top or ps or similar to locate processes using the most memory [04:44] lunatiq: Keep in mind you'll get different speeds to different places - you can't expect consistent bandwidth to everywhere at once... [04:55] I installed a ppa and don't remember which one. I'd like to remove it and remove the app. I know how to remove the app. apt-get purge appname. Right? How do I remove the ppa afterwards? [05:05] lunatiq: Do `ls /etc/apt/sources.list.d` and find the config file that pulls in the PPA in there. Then you can just move or delete the configuration file and run `sudo apt update`. You might want to *move* the file rather than deleting it, since you may also want to remove the PPAs signing key from the system, and the configuration file will tell you where that signing key is. [05:06] (I don't know if that last bit about signing keys applies to true PPAs or not, but it still comes in handy for removing third-party repos, which you should be able to remove the same way.) [05:07] The only other gotcha in this is that some third-party repos store a highly trusted key in /etc/apt/trusted.gpg.d - if you're moving a third-party repo from your system, make sure to check that folder for a key and move it out of that folder to disable it. If everything works after that, then delete it. [05:08] (Third-party repos shouldn't be using the trusted.gpg.d folder anymore, but some still do, most notably Google Chrome.) [05:12] isn't `add-apt-repository -r ppa:user/ppa` the way to remove a PPA? [05:15] arrayboltXE /etc/apt/keyrings/ookla_speedtest-cli-archive-keyring.gpg so I rm this? [05:18] lunatiq: If you're getting rid of Ookla Speedtest, yeah, I'd remove that, as well as the config file in /etc/apt/sources.list.d. [05:18] I did [05:18] Exterminador: That will work, but this way works on third-party repos too, which are similar but not the same as PPAs. [05:23] How much size does it need to ha a repo mirror for Jammy version? Is it in the scale of TB? === cpaelzer_ is now known as cpaelzer [06:42] moha: according to https://wiki.ubuntu.com/Mirrors in 2021 the whole archive was about 1.5TB, so I'm sure if you only need jammy and only some architectures it will be much less than 1TB ? [06:44] also, if this is for your internal use, you don't need to mirror source packages either === arrayboltXE is now known as Guest5152 === Guest5152 is now known as arrayboltXE [11:09] It would be an internal mirror; I didn't enable the sources. It's now down, but I get this error on other machines pointed to this mirror: E: Failed to fetch http://myrepo/ubuntu/dists/jammy/main/cnf/Commands-amd64 404 Not Found [IP: 172.17.238.11 80] [11:09] `apt update` --> E: Failed to fetch http://myrepo/ubuntu/dists/jammy-security/main/cnf/Commands-amd64 404 Not Found [IP: 172.17.238.11 80] === polymorp- is now known as polymorphic [18:09] if I purchase additional IPs can I route a virtualhost to just that IP or is that done through DNS? [18:10] I want to use the same server but use a different IP for another site [18:19] both [18:24] JanC how do I setup in virtualhst? [18:27] I think I got the virtualhost part [18:27] How do I assign another IP to my server if I purchasd it? [18:35] I think I see how https://linuxhint.com/how-to-assign-multiple-ip-addresses-to-single-nic-in-ubuntu/ [18:48] lunatiq: if you have only one NIC you need to assign both IP addresses to that NIC indeed, you also need to tell the web and/or other servers about the different IP addresses (if you want to host different domains on each), and you need to change the DNS records for the (sub)domain(s) [18:50] 2: enp0s31f6: mtu 1500 qdisc fq_codel state UP group default qlen 1000 [18:50] enp0s31f6 is my nic right? [18:51] or the interface name [19:13] lunatiq, yes, that's the interface name. if you have a normal ubuntu server install you'd configure extra static IPs in netplan, https://netplan.io/examples should show how [19:18] They say I must use the mac address assigned. The guide I found doesn't show anything about mac addresses [19:21] lunatiq, there's only one MAC address per interface, even if there are multiple IP addresses. If it's working now it must be OK and you shouldn't change it. [19:24] rfm it says that at Hetzner it is critical that you use the MAC address listed when you configure the IP, you cannot use the MAC from the network card itself [19:30] lunatiq, obviously they have some list of permitted MACs so people can't attach more systems than they pay for. So the authorized MAC address needs to be configured on the adapter, overriding the hardware MAC address. This can be done in netplan. Like I said, if this connection is already working this must have been done already. [19:31] rfm I ordered another IP adddress and I am trying to attach it. [19:35] lunatiq, yes, I get that. If it is a reasonably normal Ubuntu Server install, you just have to add the address to the netplan config (and don't touch anything else) https://netplan.io/examples#using-multiple-addresses-on-a-single-interface [19:38] lunatiq: https://docs.hetzner.com/robot/dedicated-server/network/net-config-debian-ubuntu/ [19:38] i would also recommend contacting their support in case something is unclear [19:39] ravage I don't understand their guide [19:39] I'm not through Hetnzer I'm through a reseller. [19:40] then your reseller is your support contact [19:42] can you please help me? They won't help. [19:42] Please [19:48] lunatiq, we've already told you exactly what to do, the same thing that the Hetzner doc says: "When using netplan, simply add the additional IP addresses as /32 to the addresses section". then "netplan try" to apply the config.. [19:50] rfm but what about the mac address [19:51] lunatiq, again, don' [19:52] they say "The MAC has to be configured on the virtual nic you setup the IP for :)" [19:53] lunatiq, that section is for when you are running a virtual machine inside the server. Are you doing that? [19:54] No [19:55] rfm that's what the reseller told me "The MAC has to be configured on the virtual nic you setup the IP for :)" [19:56] lunatiq, so you're just adding another IP to the same interface -- which is already working, right? So it must have the MAC configured already, by whoever set up the system in the first place. [19:57] It has to have a virtual nic to setup additional IP addresses [19:58] lunatiq, no, it doesn't. [19:58] Thats' what they're telling me. [19:59] "Please note that at Hetzner it is critical that you use the MAC address listed when you configure the IP, you cannot use the MAC from the network card itself." [20:02] lunatiq, that doesn't say anything about a virtual NIC, it just notes that the MAC address has to be configured on the interface connected to their net [20:03] lunatiq, have you even looked in /etc/netplan? My guess is that's where the MAC address is being configured (again, if this is a reasonable normal Ubuntu Server install.) [20:05] frm it doesn't list a mac address in there [20:08] lunatiq, then I have no idea where the MAC address is being set, you'd have to talk to whoever set up the machine. But again, it must be being set somewhere or the system wouldn't be working at all. [20:11] lunatiq, "ip link show " will show the MAC address being used, you can check that against the MAC address they gave you [20:15] rfm it's not the same. [20:17] using the neovim ppa with v0.9.0 I really like that Jammy has plenty of default lua-5.1 support [20:18] https://docs.hetzner.com/robot/dedicated-server/network/net-config-debian-ubuntu/ It seems I want the bridged method. [20:18] Because it acts independantly. [20:19] In the guide it says to remove the auto lo and iface lo inet loopback [20:22] lunatiq, that's ifupdown (/etc/network/interfaces) stuff, Ubuntu hasn't used that in years [20:23] rfm then this guide is useless [20:26] rfm what should I use? [20:29] lunatiq, the guide looks fine to me, but you have to read the sections that talk about netplan. I still think you should just stick the extra address in the list in netplan. At least try it and see if you can ping that IP.. [20:38] rfm I'm trying to understand howto do this via netplan now [20:38] https://netplan.io/examples#using-multiple-addresses-on-a-single-interface [20:38] I'm reading this but it doesn't make sense to me [20:39] my yaml has /32 after my IP [20:44] I see now [20:44] Adding /32 after an IP address means that you are specifying all 32 bits of the IP address, and so you are not talking about a range of IP addresses. If you instead used /24 for example, you are specifying only the first 24 bits and the last 8 bits can take any value. So this is a range of 256 addresses. [20:46] I can't ping it [20:46] I tried netplan [20:46] lunatiq, actually in this case it's setting the "netmask", which is establishing a range of addresses that can talk directly (all on the same physical net). Since you don't really care about sending packets from one of these IPs to the other, /32 is fine (all traffic will go out to the router) [20:47] lunatiq, did you do "netplan apply"? does the ip show up in "ip addr"? [20:47] Yes it did [20:47] I did [20:47] I couldn't ping it [20:48] lunatiq, can you ping the other (old) address? some providers cut off ICMP (ping) at the router [20:49] Yes I can [20:49] check all the firewalls on all systems between the two systems -- perhaps some firewall (maybe run by your ISPs?) is blocking ICMP [20:49] I can ping other IP [20:52] it says netplan can't support virtual nic [20:52] on google [20:57] https://askubuntu.com/questions/990825/virtual-interface-in-netplan I found this but I tried to use a label and I got an error [20:57] etc/netplan/01-netcfg.yaml:10:18: Invalid YAML: mapping values are not allowed in this context: [20:57] label: enp0s31f6:0 [21:10] I got it [21:10] I used a netplan label [21:10] I added the IP [21:10] I corrected my indention and added the missing : after IP [21:10] I can ping it now [21:15] ty rfm and the others [21:40] why do you go to a Hetzner reseller instead of directly to Hetzner? [21:46] JanC I made a mistake. [21:50] can't you end the contract with the reseller? === polymorp- is now known as polymorphic === polymorp- is now known as polymorphic [23:32] How would I setup ftp access for people to only specific folders? [23:35] https://www.ryadel.com/en/vsftpd-configure-different-home-folder-each-user-specific-directory/ [23:35] I think this explains it [23:38] how can I deny SSH access to them though? [23:38] Can't users who are added login to SSH? === polymorp- is now known as polymorphic