serverfault.com

I am provisioning Windows 2022 EC2 instances using Terraform and a PowerShell User Data script. I want to add functionality where this User Data script will configure a shutdown PowerShell script that will copy some files to a S3 bucket upon shutdown. This needs to be done without using the Windows GUI. This the code I am currently using: # ------------------------------------------------------------------------- # Create a PowerShell script for shutdown # ------------------------------------------------------------------------- $shutdownScriptPath = "C:\Scripts\BackupOnShutdown.ps1" # Ensure the Scripts folder exists New-Item -ItemType Directory -Path "C:\Scripts" -Force # Create the shutdown script @" # Backup Gateway Backups folder to S3 try { aws s3 sync "C:\Users\Administrator\Desktop\Gateway Backups" "s3://${backup_bucket}/gateway-backups/" --exact-timestamps aws s3 cp "C:\Users\Adm

I am using Win 11 Home on a Dell XPS 13 9360. I plug a USB hub into it using USB c connector. This normally provides power, HMDI, wired network and USB A connectors. This has worked just fine for a number of years. It has recently stopped working totally. Looking at the device manager it is the highlighted one in the screenshot. If I check the driver I can see it was updated on the 24th of Nov - around the time it stopped working. I can't seem to rollback this driver 'update'. Any ideas on how I fix this to get my hub working again? screenshot of device manager

I rented a VM from Google Cloud Platform, but it frequently (once a week) goes down, and I’m unable to connect via SSH (even through the GCP console). I’ve tried manually stopping and starting the server and it worked, but I still don’t understand why it keeps going down. Does anyone know what could be causing this issue and how to troubleshoot it?

We're running our own Kubernetes cluster and it works well for a while but at minute :03 each hour, public web services stop responding (504 gateway timeout) and some commands such as kubectl top nodes no longer works (), kubectl get pods works but is very slow to respond. I can make the cluster work again by running k rollout restart daemonset calico-node -n kube-system. Then the cluster runs smoothly again until next hour at :03 and the same issue reappears. calico-node-pods all look normal even after the cluster has started missbehaving (i.e. no error logs, no CrashLoopBackoff etc). I've checked cpu, memory, disk and inodes just before the issue appears and see no abnormalities. Logs for ingress-nginx-controller shows errors that coincide with when the issues appear, like: W1202 15:03:48.643048 7 reflector.go:569] k8s.io/[email protected]/tools/cache/reflector.go:251: failed

(First, please excuse me. Not a professional sysadmin, just someone who has had to set up a VPS recently). I recently set up a new Almalinux 10 box, and I wanted to add port knocking to it to further secure it besides the regular stuff (fail2ban, no root SSH logins, etc.). However, after spending a few hours, I found out that the two port knocking/SPA packages I was looking for (knockd and fwknop) only work with iptables, while Almalinux 10 has removed it entirely and works with nftables now. Is there a simple port knocking solution available for newer Linux distributions such as mine?

I am improving an existing CI and CD setup and the team wants to move toward a stronger DevSecOps model where security validation happens much earlier in the pipeline. The challenge is that our deployments are time sensitive and any added scan or check can slow down the delivery cycle. Currently we use basic static checks, but want to add more depth such as cloud config validation, container image scanning, secret scanning, and automated policy testing. We need to run inside our existing Git based workflow without forcing developers to change how they commit or merge. For teams that follow DevSecOps practices, how do you add early stage security checks while keeping build and deploy times under control? Do you run all scans on every commit or only on merge? Do you separate fast checks and deep scans into different stages? Any recommendations for tools or patterns that balance speed and security? Looking for practical setups that have worked

I want to install a single-node OKD 4.19 cluster in an air-gapped environment. I prepared the Harbor registry, but mirroring the images needed for OKD 4.19 failed. The 4.19 documentation was not helpful. The problem with the mirrored images is the SHA256 hashes are changed, and the OKD installer does not find them. Installing OKD 4.19 in connected environment works fine. How can I install OKD 4.19 in air-gapped environment, specifically, how to correctly mirror needed images to local Harbor?

Was anyone able to install LocalDB 2025? Attempting to download through SQL Server Express results in 0MB size MSI. Below is what I get when I try to download it. I also couldn't find a direct link to the MSI. When I do decide to download it, there is an empty folder created named en-us. MSI is nowhere to be found.

I recently pulled one CPU on my Supermicro X9DRG-QF-B to save power, going to a single socket. I had 128GB RAM (8 x 16GB DDR3 ECC RDIMM) installed, spread across both sockets, which worked fine. After removing the CPU, the system only boots with 7 DIMMs (128 GB) installed around the new socket With 8 DIMMs, the system will not display POST. The system works with the 8th DIMM removed. The motherboard docs state this is supported: screenshot of motherboard DIMM support documentation The population plan for RAM (DRx4 ECC 1.35v) and CPU (Xeon e5-2650L v2): ECC RDIMM population for e5-2600 v2 CPUs I know it is not the RAM, as the system worked fine with 128GB spread across both CPUs. The host has the lat

I created a GPO to prevent hosts from connecting to infrastructure-type networks, but it is not taking effect on laptops. gpresult /r shows the policy is applied, and netsh wlan show wlanreport shows no errors. I tried several combinations of settings, but do not see the expected changes made by Wireless Network (IEEE 802.11) Policies section. Settings in other sections of the policy apply as expected. Clients are Windows 11 25 H2. The GPO applies to a group of domain computers that are located in the default "Computers" container in AD. Could it be a reason? Does it require OU to work? Please help.