Sysadmin

fEmber,

​:heart_trans:​ Request for IT assistance ​:heart_trans:​

Hi friends! Our SysAdmins are still blocked by a network issue that prevents our migration to the new servers. We are running out of ideas and would appreciate any possible support. If you have or know someone who has experience with IPv6 networks, then please contact me or another member of our staff. We would earnestly appreciate any help or advice!

The problem, as I understand it, is that traffic fails to pass through our OPNSense firewall. We have a /48 block allocated on the WAN side, and want to expose a public IP from the LAN. See this reply for a longer description and some discussion.

Boosts appreciated! 💙
CC: @Amelia and @puppygirlhornypost

#FediAdmin #FediAdmins #AdminSupport #SysAdmin #NetworkAdmin #IT

shalien,
@shalien@projetretro.io avatar

@fEmber @Amelia @puppygirlhornypost
Sound like either a RA issue or a misconfigured rule in opensense.

DeltaLima, German
@DeltaLima@social.la10cy.net avatar

"Enterprise software" ist auch nur ein Synonym für "Zeitverschwendung durch Lizenzprobleme"

#sysadminlife #sysadmin #fckatlsn

2ndStar,
@2ndStar@astronomy.social avatar

@DeltaLima Bestimmt nicht 😅👍

stefano,
@stefano@bsd.cafe avatar

Interesting tool to check your own e-mail server: https://www.learndmarc.com/

#EMailHosting #SysAdmin #EMailTools

SadKitten, French
@SadKitten@mastodon.social avatar

Demande d'utilisateur récente : avoir un répondeur d'absence sur son mail qui envoie une réponse auto à tous les mails
Réponse des admins : non
Pourquoi on a dit non à votre avis ? #sysadmin #xp #vieille

R1Rail,
@R1Rail@mastodon.gougere.fr avatar

@SadKitten @bortzmeyer le standard est de ne pas répondre plus d'une fois par semaine à la même adresse, ça coupe les ping pong

ciredutempsEsme,
@ciredutempsEsme@mamot.fr avatar

@SadKitten parce que y'a pas assez de place sur les serveurs ?

bortzmeyer, French
@bortzmeyer@mastodon.gougere.fr avatar

(19/35) Upgrading xz-libs (5.6.1-r1 -> 5.6.1-r2)

#Alpine #sysAdmin

bortzmeyer,
@bortzmeyer@mastodon.gougere.fr avatar

Thinking of all the Docker images based on Alpine which will never be upgraded against the xz issue...

mherrb,
@mherrb@mastodon.tetaneutral.net avatar

@bortzmeyer sshd is not linked against liblzma on Alpine. Hence not vulnerable to CVE-2024-3094

goodthinking,
@goodthinking@beige.party avatar

…located and removed two instances of Diddy from conference room screensaver deck…

#sysadmin

mwl,
@mwl@io.mwl.io avatar

Vultr backed down, but so what?

https://mwl.io/archives/23504 #sysadmin

Rights grabs are becoming more common, though. I believe that the only way to stop them is to stop doing business with any company that attempts one. Backing down from a rights grab is too late.

mwl,
@mwl@io.mwl.io avatar

New blog post: #Vultr just betrayed us.

https://mwl.io/archives/23498

I've recommended them for years. Will be moving off immediately. #sysadmin

No, not a joke.

aral,
@aral@mastodon.ar.al avatar

@mwl wtf?!

ParadeGrotesque,
@ParadeGrotesque@mastodon.sdf.org avatar

@mwl

Well, F***.

Sorry, that's the only thing that came to mind. Thank Cthulhu, I am not hosted with them.

phil,
SadKitten, French
@SadKitten@mastodon.social avatar

Qui déménage des serveurs demain et a un gros doute sur le format des prises électriques à l'arrivée ? C'est pas le voisin ...

Kahte,
@Kahte@toot.aquilenet.fr avatar

@SadKitten 🤞

hl, (edited )
@hl@social.lol avatar

Sigh. So copying and pasting commands from the internet doesn't solve my problem. This means I'm going to have to actually try and /understand/ what's wrong. I didn't sign up for this.

#projects #sysadmin #homelab

hl,
@hl@social.lol avatar

@xdydx I'm trying to mount a Apple Airport Time capsule Samba share on #FreeBSD 14, and so far no luck. I'm lost somewhere between #samba versions, types of security and the fact that FreeBSD seems to have changed the way to deal with Samba shares over the years; and I think from various forum posts I'm getting the different methods confused.

zirias,
@zirias@techhub.social avatar

@hl @xdydx #FreeBSD has only support for SMBv1, which you should absolutely avoid for security reasons, although you can probably configure #samba to still allow it ... but ... don't. Nowadays I'd prefer to say FreeBSD does not support mounting SMB shares.

There are some ports available implementing "modern" SMB (v2/v3) on top of #fuse, which might be an option, but in my experience, they're not perfectly reliable and performance isn't the greatest either.

If ever possible, work on the server side and see whether you can share via #NFS instead. Either #NFSv3 (which is only "secure" as long as your network is perfectly secure and you control all participating machines, but at least it doesn't pretend to do anything else), or #NFSv4 with #kerberos security.

mwl,
@mwl@io.mwl.io avatar

Holy carp.

IANA might be moving on a TLD for internal use. It's only taken, what? Thirty years? That I, personally, have been following this? #sysadmin

https://www.icann.org/en/public-comment/proceeding/proposed-top-level-domain-string-for-private-use-24-01-2024

mwl,
@mwl@io.mwl.io avatar

@Doomed_Daniel @distractal

They could, but they won't.

You violated a standard that doesn't support what you need, and deserve to be punished. :flan_shrug:

Doomed_Daniel,
@Doomed_Daniel@mastodon.gamedev.place avatar

@mwl @distractal
well, I linked a RFC there and it almost recommends using those TLDs, that's gotta count for something

matthew,
@matthew@social.retroedge.tech avatar

Reminder:

Check to make sure your data backups are working as they should.

me,
@me@social.taupehat.com avatar

Current Twilio outage is completely goatfucking my ability to get work done. 2FA over SMS is garbage. #sysadmin

ai6yr,
@ai6yr@m.ai6yr.org avatar

@me 👀

SadKitten, French
@SadKitten@mastodon.social avatar

Mais 🤬🤬🤬🤬🤬🤬🤬🤬 VMware 🤬🤬🤬🤬🤬 Broadcom 🤬🤬🤬🤬🤬 prix

Kahte,
@Kahte@toot.aquilenet.fr avatar

@SadKitten :blobcat_heartcat: Courage et des bisous 😘 😘 😘 😘

Catelli,
@Catelli@mstdn.ca avatar

Sometimes being a feels like you're trying to outrun an avalanche.

Yes, it's as exhausting as it sounds.

gnuplusmatt,
@gnuplusmatt@fosstodon.org avatar

What do fellow sysadmins do with regards to alert emails. Our system is let all the systems email the one address. It's hoped between the 3 senior admins we'll catch important stuff. But these days it's become very noisy and with staff shortages this week some issues have been over looked, causing a short outage.

Do you have elaborate email filters? Fancy triaging systems? Does every alert open a ticket?

#sysadmin #alerts #email #thesystemisdown #spidermanpointingmeme

simon,
@simon@fosstodon.org avatar

@gnuplusmatt send alerts to an alerts channel in slack instead. Aim for always green. If not immediately fixable, ack the alert in nagios and create a ticket. If not actionable,the thresholds are probably wrong

Catelli,
@Catelli@mstdn.ca avatar

Being a means always living a contradiction. For example, need to migrate a system from legacy unsupported to supported.

But the supported install does not support the latest server edition. Which means I am migrating from legacy to soon-to-be-legacy, because soon-to-be is the latest version.

Catelli,
@Catelli@mstdn.ca avatar

What do we gain by doing this? A very narrow window of being in compliance.

Is it worth it? Fuck if I know.

sysop408,
@sysop408@sfba.social avatar

There is no faster way to wake up on 4 hours of sleep than to wake up to server down messages. If you want an even bigger jolt of adrenaline, make it because the person you asked to fix a server config issue spent the entire time fixing SSL certificates because of course it's the SSL errors causing the server issues instead of the other way around. 🤦

I know you can't do everything yourself, but sometimes I wonder why I bother asking anyone to help. If I had just stayed up another couple of hours, I'd have fixed it and actually been able to get some good sleep. Ugh.

mvilain,
@mvilain@sfba.social avatar

@sysop408 I don't miss having a queue of people outside my cube when I get into the office [sigh]

torproject,
@torproject@mastodon.social avatar

🔍👩‍💻 Join our Sysadmin Team! 🔧🌐 Exciting opportunity to manage torproject.org servers and contribute to the software you love! Know someone perfect for the role? 🤝 Share the link: https://www.careers-page.com/tor-project/job/L68837VW #Sysadmin #JobOpportunity

sysop408,
@sysop408@sfba.social avatar

Anyone else out there getting the impression that bots have gotten a lot more aggressive lately?

A very unwelcome development I'm seeing is that they're adding pagination guesses so a bunch of them are just randomly seeing if appending ?page=15 gets them anywhere.

#sysadmin #Drupal

xdydx,
@xdydx@mastodon.social avatar

@sysop408
That's been a thing in my logs for at least a decade...

sysop408,
@sysop408@sfba.social avatar

@xdydx yeah, I think you're right about that.

I'm just having one of those days when you're out of answers and everything looks like the root cause of your issues.

fatuus, French
@fatuus@mstdn.fr avatar

Dites, y'a des gens avec un profil 🖥️ 🔧 / 👾 ✍️ qui cherchent du boulot sur 🇱🇺 ?

Je connais plusieurs postes ouverts (yapa vraiment de job description) en interne, avec des jours par semaine sur place.

Si ça vous intéresse, envoyez moi des C.V. !

P.S.: C'est pas pour moi 🙂

apgarcia,
@apgarcia@fosstodon.org avatar

Anyone using oVirt, or switching to it from VMware?

fedops,
@fedops@fosstodon.org avatar

@Topslakr regarding the non-shared storage: what did you have to do to migrate the VM storage? Did virtsh/virtmanager handle that?

I have a NAS storage with plenty of disk space available and I'm thinking to go shared anyway since it would be more resilient against one of the hosts conking out.
@apgarcia

Topslakr,
@Topslakr@fosstodon.org avatar

@fedops @apgarcia Shared storage is what I would do too, given the option. But, if you’re running hyper-convereged, it’s nice to know it’s possible.

For Non-Shared storage - Yes. The tooling to migrate has an option to copy the storage. In virsh it’s ‘—copy-storage-all’.

Tested with virt-manager, cockpit-machines, and virsh without issues both shared and non.

I wouldn’t want to run VMs without ZFS, and am happily using ZFS Snaps being pulled to replica servers for offsite.

mwl,
@mwl@io.mwl.io avatar

A net add of 300 words on today.

TLS in SMTP is wonky. How do you configure encryption when self-signed certificates are perfectly acceptable? The bar is super low here. TLS 1.0? Fine. :flan_yikes: :flan_on_fire:

dalias,
@dalias@hachyderm.io avatar

@ljrk @viq @b0rk @mwl No, DANE handles all of this. All you have to do is configure the client to use it, and then sending to any site that publishes DANE is fully protected from downgrade/stripping/fake certs.

ljrk,
@ljrk@todon.eu avatar

@dalias @viq @b0rk @mwl Yup, that's what I meant, I just didn't remember the acronym

mwl,
@mwl@io.mwl.io avatar

The most useful shell script I've found in 2024: a wrapper around date(1) that takes a date and time gives you the translation into other time zones you pick.

https://github.com/Jehops/sdss/blob/master/wt

  • All
  • Subscribed
  • Moderated
  • Favorites
  • sysadmin
  • kavyap
  • rosin
  • khanakhh
  • DreamBathrooms
  • osvaldo12
  • magazineikmin
  • Youngstown
  • slotface
  • InstantRegret
  • mdbf
  • thenastyranch
  • Leos
  • tacticalgear
  • Durango
  • HellsKitchen
  • everett
  • tester
  • ethstaker
  • cubers
  • GTA5RPClips
  • anitta
  • modclub
  • lostlight
  • normalnudes
  • cisconetworking
  • relationshipadvice
  • bokunoheroacademia
  • sketchdaily
  • All magazines