serverfault.com

I am looking for a way to temporarily disable or stop an Azure Cognitive Services resource to ensure no further requests are processed and to halt consumption-based billing. How can one disable/pause an Azure Cognitive Services resource to prevent further billing on that resource?

¿Cómo optimizar la configuración de memoria RAM y uso de swap en un equipo de producción que ejecuta un servidor web Apache y una instancia de MySQL? Actualmente tiene 16 GB de RAM, pero se observan picos de uso que causan lentitud en las operaciones, y quiero evitar que el sistema use excesivamente el swap.

I am setting up an Azure OpenAI resource and I need to restrict access so that only requests from our office static IPs and our application server are allowed. By default, the resource seems to be open to "All networks." How can I configure an Azure OpenAI resource so that it allows requests from certain IPs?

In my enterprise, we have Linux hosts with SCSI HBAs connected to SAN via Fibre Channel ('qla2xxx' driver). Fibre Channel uses switched fabric topology. Sometimes, there are new LUNs provisioned to our hosts from the SAN side, and sometimes those LUNs are not discovered, so we need to scan HBAs: nothing special. I'm not an expert neither in SAN, SCSI, or Fibre Channel, so I've read through some documents and specifications. As I understand it, Fibre Channel has three basic topologies: point-to-point, arbitrated loop, switched fabric. Now, to discover new LUNs via the FC interface, there is a possibility to use the 'issue_lip' file, and there is also the corresponding option for the 'rescan-scsi-bus.sh' (it just writes into the same file). As all Fibre Channel specifications are hidden under paywall, I cannot check what's the reason to use LIP when we have FC with the switched fabric. LIP stands for Loop Initialization Procedure (or process, or primitive: whatever), so if we

I have two hard drives of the same model: HGST HUH721010AL5200 (10TB SAS). Both are declared as 10TB by the manufacturer, but the reported usable sizes differ: Drive A: 9.095 TB visible Drive B: 8.909 TB visible My server requires at least 9TB per disk, so the smaller one will not work. Images: Disk 9TB+ Disk 9TB+ stats Disk 8.9TB Disk 8.9TB stats I was following these instructions: https://talesinit.blogspot.com/2015/11/formatted-with-ty

I want to make a valid TLS certificate for my MX server but I'm confused which hostname/SN I have to set. The MX dns record is published with a cname to serve multiple domains. Example: MX mail.mydomain.com CNAME mail.mydomain.com > server1.otherdomain.com A server1.otherdomain.com x.x.x.x So I don't know which hostname I have to use for the tls certificate. Should I use the mx name? (in that case it is different by domain), or maybe the match is checked using the ptr resolution? Or the name is smtp Helo exchange?

I have certbot that keep a valid certificate and key in its folder /etc/letsencrypt/archive/ The cert is public (644) and key is restricted to root (600). I'm wondering how can I let exim read as TLS certificate. Exim doesn't run as root and cannot read the key. I imagine is not a good idea to change key permission to a group with exim use, what is the best practice? Does certbot like to change its key permission? What happen at key renewal?

I have a slow bash script which I would like to replace with awk, if possible to achieve the following. The input file has 3 columns. Date, FQDN and a Label. The Labels can be replaced by a Flag if a condition is met. The input file has a row for each site (FQDN) with a label on that day. The output file has 1 row / day and the sites are transposed/moved to the columns. LABELS - low - mid - high - nil # when site has -le 2 labels in total and no label on this day - null # when site has -gt 2 labels in total and no label on this day FLAGS - init # first and only value - warn # 30 consecutive days with null - so null label is replaced with warn flag input_data: DATE FQDN LABEL 2025-12-01 www.site_1.tld high 2025-12-02 www.site_1.tld low 2025-12-03 www.site_1.tld mid 2025-12-03 www.site_2.tld low 2025-12-04 www.site_1.tld high 2025-12-04 www.site_2.tld high 2025-12-04 www.site_3.tld in

I’m dealing with a customer which uses a proxy for Internet access; an explicit proxy, not a transparent one. You need to actually call it, and the configuration is deployed to all users using a proxy.pac file and Group Policies. Now, the customer wants to use some Azure services with Private Endpoints (I’m specifically interested in services using HTTPS connections). The networking and DNS resolution are in place, but the proxy gets in the way, because it can’t access those Private Endpoints (they don’t want everyone to be able to connect to them, thus they are filtering access; allowing the proxy would allow all users going through it); this means all actual users of those services need to bypass the proxy when connecting to them. This is easily (enough) achieved for a web browser by setting proxy exclusions, either in the proxy settings of the client or in the proxy.pac file. It’s cumberstome, but it works. But here’s the

I am trying to connect an iPhone (iOS 16/17) to a MikroTik RouterOS 7.8 using IKEv2 + IPsec and it consistently fails. The same configuration does work with a Debian 13 client using strongSwan. The error message in RouterOS log is always identity not found for server:valid.fqdn peer: (here it changes depending on the config: RFC822 or FQDN or ADDR4 depending on the content of local ID config in iOS VPN) Environment: MikroTik RouterOS: 7.8 with RB3011UiAS iOS 18.6.2 with iPhone 14 VPN type: IKEv2 (IPsec) Client: iOS built-in VPN (IKEv2) Authentication: Certificates Here parts of the RouterOS config: /ip ipsec mode-config add address-pool=pool-vlan35-private name=ikev2-pool /ip ipsec profile add dh-group=ecp256,modp2048 enc-algorithm=aes-256 hash-algorithm=sha256 name=ikev2-profile /ip ipsec peer add exchange-mode=ike2 name=ikev2-peer passive=yes profile