serverfault.com

I have two servers, server A hosts example.com, and server B hosts subdomain.example.com. Server B needs to host both example.com and subdomain.example.com. Is it possible to copy the Letsencrypt certificate on server A for example.com over to server B such that server B contains both certificates? Normally I would copy the /etc/letsencrypt directory from server A to server B, but I believe that would wipe out the certificate that is already there. Thank you in advance! (running Apache on server A and nginx on server B if that's relevant)

I have an HP EliteBook with "Intel Wi-Fi 7 BE201 320MHz" adapter. I work at coworking place and WiFi connection establishes after reboot. Signal strength shows maximum. I am able to open a browser and browse the net. Within one minute, WiFi signal strength indicator changes to very weak and connection is lost. I use my phone on the same WiFi without a problem. Guys around use same WiFi. I switch on hotspot on my phone and laptop connects without any problem. The same laptop on different WiFi networks works fine. I was thinking something wrong with built in WiFi adapter and I bought external USB Realtek WiFi adapter. I disabled internal WiFi adapter and use only USB WiFi adapter. Same problem. I would understand if WiFi router would reject connection. I do not understand why signal strength indicator shows changes. How to troubleshoot this kind of WiFi connectivity? Please note, I cannot access the WiFi access point.

PROBLEM: I am integrating Dovecot 2.3.21 with Active Directory using LDAP authentication. I’ve been going through the documentation and several forum threads, but I can’t figure out the root cause of this issue. The problem appears to be related to the base setting in /etc/dovecot/dovecot-ldap.conf.ext. LDAP authentication works correctly when I specify a specific OU as the base DN, but it times out when I use the domain root DN instead. This configuration works correctly: hosts = ldapserver.net.domain.local ldap_version = 3 dn = CN=connector,CN=Users,DC=net,DC=domain,DC=local dnpass = connectorpass auth_bind = yes base = OU=VDI Users,DC=net,DC=domain,DC=local scope=subtree user_filter = (&(objectClass=user)(sAMAccountName=%n)) pass_filter = (&(objectClass=user)(sAMAccountName=%n)) However, the following configuration does not work: hosts = ldapserver.net.domain.local ldap_version = 3

Let's say that I have an internal passthrough network load balancer with a backend named instance-group-1, no session affinity, and 300s connection draining timeout. For maintenance, I want to temporarily change the backend to instance-group-2. Usually my procedure is: Add instance-group-2 and wait for load balancer update. Remove instance-group-1 and wait for load balancer update. From what I understand there is a connection draining process before backend instance-group-1 is removed. How "safe" is it if I just replace instance-group-1 with instance-group-2 in one step? By "safe", I mean from the client perspective: Will the clients' connections be fully drained? Will the clients experience connection timeout or other form of connection error? Will there any downtime? etc.

I am fairly new to Traefik, but have managed to set up multiple containers behind it. I am now running into an issue where if I create a container that has more than one router, Traefik doesn't process it. Is this something that should work, or does 3.6 not support it? According to the documentation, this is how I should set up the labels when I have an internal host only route and an external host + prefix route, where I need to strip out the prefix: labels: - "traefik.enable=true" # Local access, host only - "traefik.http.routers.foundry14lan.rule=Host(`vtt.homelab.lan`)" - "traefik.http.routers.foundry14lan.entrypoints=websecure" - "traefik.http.routers.foundry14lan.tls=true" - "traefik.http.services.foundry14lan.loadbalancer.server.port=30000" # External access, https, with path that needs to be stripped - "traefik.http.routers.foundry14web.rule=Host(<redacted>) && PathPref

We are looking to build a server for IA workloads on a non production environment. We would like to get a 1U server and get an L40s into it. However, size restrictions seem to be a major limitation here, as L40s is a full width, full height card, and Dell R650 for instance can get only cards with up to 3/4 length. Has someone built a 1U configuration with L40s? R650 for instance seems to be able to handle L4/L4s, but not L40. L40 capacity is a must, 1U is a preference, not a hard requirement. If it is not an option, we will go for a 2U option, but I would preferrably go for a 1U solution. Anyone with experience on this willing to share some thoughts? Thank you.

We are benchmarking RadSec (TCP/TLS) connections against a single FreeRADIUS instance and observing a consistent connection ceiling. FreeRADIUS (version 3.2.8) Running in Kubernetes (single pod) ~1000 proxy clients, each establishing 1 TLS connection Proxy-only setup (no heavy backend processing) CPU ~0.1 core, Memory ~250MB Open files limit: 65536 Established TCP connections plateau around ~505: ss -tn state established '( sport = :2083 )' | wc -l → ~505 Additional connection attempts fail with: (TLS) System call (I/O) error (-1) Failed to insert request into the proxy list We tried: Increased thread pool: max_servers = 256 Verified CPU/memory are not bottlenecks Verified file descriptor limits are sufficient Is

I've written my first systemd user service and I'm wondering what the best way is to kill it. When the script starts it up the processes look like this (output from systemctl status): ... CGroup: /user.slice/user-1000.slice/[email protected]/app.slice/myservice.service ├─2203135 /bin/sh /home/.../start-myservice-systemd ├─2203136 /home/.../python3 /home/.../bin/the-server --port 8200 └─2203137 /usr/bin/multilog s1000000 n10 /home/.../logs When stopping the service I want all of the processes to die and I've found that using pkill in the service config file seems to do the job: ExecStop=/usr/bin/pkill -P $MAINPID If I use /bin/kill $MAINPID then the python and the multilog processes stick around after a systemctl stop command. Is there perhaps a preferred way to send a signal to all of the child proce

I have a FortiGate DHCP server and Windows Active Directory DNS Server. Clients are getting IP addresses correctly, but DNS records are not being created or updated automatically in Windows DNS. So: DHCP works fine But no A or PTR records are created in DNS. Is this expected behavior with FortiGate DHCP, or is there a way to enable dynamic DNS updates? Any help would be appreciated.

Hardware/Environment: Server: FOG Project v1.5.10 (Running on Ubuntu 22.04) Target Hardware: 550x HP ProDesk 600 G6 SFF Golden Image: Windows 11 Pro (fresh install) Image Settings: Single Disk - Resizable, Partition Manager: Partclone Zstd The Problem: I am able to capture and deploy the image successfully (no errors during the PXE process), but upon reboot, the target machine immediately enters a Recovery loop with Error Code: 0xc000000f and File: \WINDOWS\system32\winload.efi. Steps taken on Golden Image before capture: Entered Audit Mode (Ctrl+Shift+F3) during OOBE. Disabled WinRE: reagentc /disable Deleted the Recovery Partition via diskpart and extended C: to fill the disk (resulting in: EFI -> MSR -> C:). Disabled Hibernation: powercfg -h off Verified BitLocker/Device Encryptio