What is netfilter's Connection Tracking system? The connection tracking system often referenced as nf_conntrack is part of the Netfilter framework. It allows the Linux kernel to keep track...
...of all logical network connections and sessions. In combination with iptables this feature is used to achieve a stateful firewall. Why to care about nf_conntrack? All connections are stored...
When restoring a barman PITR backup you may encounter this error: Copying required WAL segments. EXCEPTION: {'ret': 2, 'err': '/bin/sh: 1: cannot open /var/lib/barman/foopostgres/wals/00000007.history: No such file\n', 'out': ''}
...present in the wals directory of your backup. The most likely reason is that someone deleted this file in the past. If you do not need this file for restoring...
Canonical does not ship Ubuntu 24.04+ Vagrant images due to HashiCorps switch to the Business Source License (BSL). There is currently no open source fork of Vagrant. Alternatives
...cloud-image/ubuntu-24.04 which can be used. Caveats The images are unmodified but unofficial. Sharing via the /vagrant folder is not possible. Use SSH/SFTP instead...
The terraform documentation states the...
...syntax as (grouping mode*. See: Grouping-Results). But this seems not the be the whole truth. Instead the...
...syntax behaves like Go's Ellipsis expression...
...is only available for for expressions. This can be especially useful when creating data structures in loops: users = { users = { "Bob.Bobster" = { name = { given_name = "Bob" family_name = "Bobster" } email = "bob.bobster@foobaringen.com"
...t find a complete and working documentation on how to do this. But this steps succeeded (at least once). Install build dependencies $ sudo apt-get install pbuilder devscripts dpatch grep...
...sources to apt sources list (if you don't have it yet) deb-src http://security.ubuntu.com/ubuntu xenial-security main universe multiverse restricted Start the process: $ mkdir exim
...has a very different disk usage on it's nodes you can use these steps to rebalance the shards. Attention Before we begin it's important to understand how Elasticsearch/OpenSearch...
...defines balance: The balance of the cluster depends only on the number of shards on each node and the indices to which those shards belong. It considers neither the sizes...
The link contains a simple shell script to push a cleanup policy for gitlab repositories in a group. Please mind that this will overwrite the configuration for all the repositories...
...with the given settings...
on the bash (issued as postgres user) Start/Stop/Restart PostgreSQL pg_ctl -D $configdir start|stop|restart Start/Stop/Restart the corresponding PostgreSQL using the given configuration directory. The configuration directory should contain...
...the postgresql.conf file. The following example would start the PostgreSQL of our governor instances: pg_ctl -D /var/lib/postgresql/config start PostgreSQL fast shutdown pg_ctl -D $configdir stop -m fast
Bash stores the exitcodestatus of piped commands in the environment variable PIPESTATUS So you can just echo ${PIPESTATUS[@]} to get them all. 13:52:30 ✔ claus:~$ ps ax | grep /usr/bin/ruby...
...PIPESTATUS is an array, so you can get the exitcode of an specific command (first pipe): 13:54:20 ✔ claus:~$ echo ${PIPESTATUS...
Add apt source: apt update -y && apt install -y gpg sudo wget curl sudo install -dm...
.../etc/apt/keyrings wget -qO - https://mise.jdx.dev/gpg-key.pub | gpg --dearmor | sudo tee /etc/apt/keyrings/mise-archive-keyring.gpg 1> /dev/null echo "deb [signed-by=/etc/apt/keyrings/mise-archive-keyring.gpg arch=amd64] https://mise.jdx.dev/deb stable main" | sudo tee /etc/apt/sources.list.d/mise.list
If your railscomplete-deployment uses the net-ssh-gem please ensure you use version 5.2.0 or newer to ensure you can deploy via Capistrano. It's best to use...
To completely remove the old host key on the client run: # remove host entry ssh-keygen -f "$HOME/.ssh/known_hosts" -R appserver.makandra.de # remove IP entry ssh-keygen -f "$HOME/.ssh/known_hosts" -R $(getent...
...you want to automatically delete old container images from your Elastic Container Registry, the solution is a quite simple ECR Lifecycle Rule that deletes images e.g. 7 days after they...
...is a floating tag always associated with the image currently deployed to production, the situation suddenly is not so simple any more. ECR does not provide a keep action in...
...to do a VACUUM FULL without holding an exclusive lock during processing. There is still a need of one exclusive lock at the beginning and the end of the repacking...
...affected table. Warning pg_repack writes a copy of the whole table. The database server needs to have at least ($size_of_biggest_table * 2) + some buffer free disk space...
In case you're wondering, when concat-ing server certificate and intermediate certificates, the server certificate comes first. RFC 4346: certificate_list This is a sequence (chain) of X.509v3 certificates...
certificate must come first in the list. Each following certificate must directly certify the one preceding it...
When you need to know how a BIOS screen in a Lenovo Laptop works without actually booting into the BIOS setup utility or even having the exact model of laptop...
...in front of you, Lenovo offers a BIOS Simulator Center. This is especially useful when giving remote support to someone else and walking them through the steps over the phone...
To get a good overview about load, cpu frequency, temperature sensors, etc. we found s-tui quite useful. It's included in Ubuntu's default repositories: $ sudo apt install...
$ s-tui While it's possible to run s-tui as root for even more information and optionally also make use of stress for benchmarking, those methods did...
How can I configure virtual IP's? There are two parameter to set up virtual ips in Keepalived: virtual_ipaddress Addresses defined here are included into the VRRP packets and...
...interface instead of the one in interface. Why are the floating IPs getting dropped by systemd-networkd/netplan? Read Prevent systemd from dropping IP-Addresses configured from other processes.
With Ubuntu 24.04 it's not longer possible to setup FDE with BTRFS The new installer won't offer you any options for manually created dm-crypt volumes
.../dev/mapper/ubuntu--vg-ubuntu--lv /mnt Move default subvolume to @ cd /mnt btrfs subvolume snapshot . @ rmdir @/ext2_saved btrfs subvolume set-default @ ls | grep -Ev "@|ext2_saved" | xargs rm -rf Create additional subvolumes btrfs subvolume...
...link to find out what ways there are for performacne analysis. This link is shows the more sophisticated way and encourages to dig deeper for optimizing your system. If you...
...command on a server which continues to run after the SSH session is closed. Consider systemd-run as alternative. It will turn every command in a systemd service unit:
...openssl speed` as unit run-benchmark.service $ sudo systemd-run --unit=run-benchmark openssl speed # Query the current status $ systemctl status run-benchmark.service ● run-benchmark.service - /usr/bin/openssl speed Loaded: loaded (/run/systemd/transient/run-benchmark.service; transient) Transient: yes
A severe bug was found in ImageMagick by Bryan Gonzalez from Ocelot Team. It allows to embed the content of an arbitrary remote file when ImageMagick parses PNG files.
...on updated Packages for Ubuntu (https://ubuntu.com/security/CVE-2022-44268). Due to that we patched our systems as follows: Ubuntu 22.04: Get package source on a Ubuntu 22.04 system: apt-get source...
...measurement metrics in Linux. These are the differences: Code Name Description vsz virtual memory size Total amount of memory a process may hypothetically access. Includes swapped memory, memory from external...
...libraries and allocated memory that’s not used. rss resident set size Total amount of non-swapped used physical memory. Includes memory from external shared libraries. pss proportional share size...
Systemd's networkd will drop IP-Addresses configured by other processes like Keepalived's VRRP, when it is restarted. This may happen on updates. To prevent this following settings are...
...critical: yes to /etc/netplan/50-cloud-init.yaml eth1: addresses: - 192.0.2.67/24 gateway4: 192.0.2.1 nameservers: addresses: - 198.51.100.42 - 198.51.100.53 search: - example.lcal critical: yes run netplan generate This will add the CriticalConnection to your networkd configuration...
...a MacBook that uses an M1 or M2 Chip. Documentation on the Internet is sparse and not even the Geniuses at the Genius Bar are 100% sure. We found out...
...your MacBook, using more than one external display is only possible with workarounds. Docking stations Whenever you're considering using more than 1 external display, it makes sense to consider...