@gjacobse said in Recommendation for home WiFi router:

@JaredBusch
the UniFi Express 7 looks pretty decent in capacity and features - and likely a contendor replacement for the UniFi Lite Router I have since my NTG days. Has that really been ten years ago now?

I will say I sort of feel that they seriously missed the mark in the design. Seems that USB-C has to be shoved into everything - but seriously - why!!??
06f98131-bcc5-4ccc-84ad-86f84482fcb2-image.png

They could have easily put the PSU into the unit and only had the AC power cable. True, the unit shouldn't need to be moved once in place. But,.. really? Get real - Just because USB--C can do so much, doesn't mean that you need to use it everywhere - especially when all you are suppling is 5v. Incorporate the whole thing and it'll be a better format.

That said,.. I'm still likely to move to something like it or this in the future.

I had a location with a UniFi Lite router that died around a year ago. Upgrading to the UniFi Express doubled their throughput with QOS enabled. Went from 300MB download to 600MB. Upload is limited because of the cable connection.

@EddieJennings yeah, that would be nice for sure.

@scottalanmiller said in Proxmox backup to remote PBS over Zerotier:

If you haven't played with it for tiny scale stuff, TailScale makes this SO easy to do.

I do have a TailScale account, but didn't think of it because I already had some other stuff at the location already on Zerotier.

@scottalanmiller said in List Windows Printers from PowerShell Command Line CLI:

If you need to remote into a Windows machine and get a list of printers without interrupting the user, this powershell command is quick and easy...

Get-Printer | Format-Table

Make it easier Get-Printer | FT

version v1.9.2 now out. Been running this panel since 2021. Free webhosting panel without the fees of cpanel. Recently just moved users to a new VPS with Ubuntu 24.04

@gjacobse Thanks, I have tried the recommended ones from Microsoft, the diskpart now shows it is out of "read only" , but it is a false reading. I can access some of the data ( most data is saved to server)m but users always know better (LOL). Next I will try dd and see how that goes, I suspect I may (low probability) be able to "fix" the installation after running dd. Thanks again. I was hoping for something I had not heard/seen.

As you know almost all drivers are a part of the kernel itself. There isn't a way to "export" them in the way that you're thinking -- at least not that I'm aware. If you installed a package that included a 3rd party hardware driver, perhaps you can just download the rpm or deb file from its repo to back it up. Some kernel modules (or groups of kernel modules) are the drivers for some hardware, and you could potentially backup those files to load later. I haven't had hardware that has required special kernel modules that would create that situation.

To be honest, if that system crashes, reinstalling your Linux distribution will be your method of getting drivers for your hardware :).

Here is something i found:

Ensure LUKS Drive is Configured
If the drive isn’t encrypted yet, you can encrypt it with LUKS:

bash
Copy
Edit
sudo cryptsetup luksFormat /dev/sdX
Replace /dev/sdX with the appropriate drive/partition. Be cautious—this step will erase all data on the drive.

Add the Drive to /etc/crypttab
Edit the /etc/crypttab file to configure the system to unlock the drive at boot.

Open the file:

bash
Copy
Edit
sudo nano /etc/crypttab
Add an entry for the encrypted drive:

bash
Copy
Edit
cryptname /dev/sdX none luks
cryptname: A name for the decrypted device (used later in /etc/fstab).
/dev/sdX: Path to the encrypted device.
none: Use none for a passphrase prompt at boot or specify a path to a key file.
luks: Indicates LUKS encryption.
Example:

bash
Copy
Edit
cryptdrive /dev/sdb1 none luks
3. Add the Decrypted Device to /etc/fstab
To automatically mount the decrypted drive after unlocking:

Edit /etc/fstab:

bash
Copy
Edit
sudo nano /etc/fstab
Add an entry for the decrypted drive:

bash
Copy
Edit
/dev/mapper/cryptname /mnt/mountpoint ext4 defaults 0 2
Replace:

/dev/mapper/cryptname with the mapped device from /etc/crypttab.
/mnt/mountpoint with your desired mount point.
ext4 with your file system type.
4. Generate an Initramfs
If the root file system or a critical drive is encrypted, you’ll need to update the initramfs to include decryption tools.

Update the initramfs:

bash
Copy
Edit
sudo update-initramfs -u
Verify that the cryptsetup package is installed in your initramfs configuration.

Test Boot Behavior
Reboot the system and observe the decryption process:

If you specified none in /etc/crypttab, you should be prompted for a passphrase at boot.
If a key file was used, the drive should decrypt automatically.
6. Using a Key File for Automatic Decryption
To avoid entering a passphrase at boot, use a key file:

Generate a key file:

bash
Copy
Edit
sudo dd if=/dev/urandom of=/root/luks-keyfile bs=4096 count=1
Set permissions:

bash
Copy
Edit
sudo chmod 600 /root/luks-keyfile
Add the key file to the LUKS header:

bash
Copy
Edit
sudo cryptsetup luksAddKey /dev/sdX /root/luks-keyfile
Update /etc/crypttab:

bash
Copy
Edit
cryptname /dev/sdX /root/luks-keyfile luks
Update the initramfs:

bash
Copy
Edit
sudo update-initramfs -u
Reboot to test automatic decryption.

Troubleshooting
Device not found during boot: Ensure the correct device path is used in /etc/crypttab.
Passphrase prompt not appearing: Verify cryptsetup is installed and included in initramfs.
Boot hangs or fails: Boot into a live session, comment out entries in /etc/fstab or /etc/crypttab, and investigate.

You can also try whois.sc

@travisdh1 said in WINGET: Not available on Win10.:

I found that the name has changed to UniGetUI recently. I've been using it recently since it does all the Windows repositories I know about.

I seem to remember WingetUI,.. But This is a case of a fresh install of Win10 not having the 'updated MS Store' that even has the native Microsoft Winget.

I will however take a look at UniGetUI.. My goal maybe was simply just staying out of the MS Store,.. and using CLI like chocolatey, apt-get and the similar...

For Windows I have used this PowerShell

https://github.com/fire1ce/DDNS-Cloudflare-PowerShell

@Obsolesce said in The Most Effective Meetings:

@MrWright4hire said in The Most Effective Meetings:

Isn't it funny how we may disagree about being there for someone until we're the someone that needs the help

Is calling a meeting to take the time of several people or more really the most effective use of resources if one needs help with something? I can't agree to that.

Allow me to clear my thoughts up for everyone.

Scenario #1:
When you call a meeting and there's really not much to talk about from a business pov. However, you are aware that a team member is having issues and struggling at work. You open the dialog, without pointing fingers, how you have notice the issues. And how you need to address it before it gets out of hand. Like I said, instead of calling someone out, let it be known that anyone with the issues should come and discuss the issues. You not taking up extra resources. You're bringing awareness and depend on what the issue is, educating your team for a better work environment.

AND

Scenario #2:
Co-workers don't get along. That needs to be address and nipped in the bud quick, fast and in a hurry.

There's issues you can address in public and in private without wasting time or resources.

This doesn't have to be trivial, I'm basically just saying that people are important when it comes to a team. Just make sure all is good for a great team results.

@travisdh1 I have never done so it will interesting setting one up.

Okay for anyone still around, I was able to get this sorted, it appears that the initial file I was using was either corrupted or maybe a patch for an existing installation.

I've documented the process, copied below for reference. I won't be sharing IBMs RPM's on this post. You should be able to get these directly from IBM's website free of charge, but your mileage may vary.

Installing IBM Datapower on CentOS 8/9 or Rocky Linux 8/9 to your Hypervisor/Cloud Provider

Minimum System Requirements
• 4 vCPU
• 16 GiB RAM
• 80 GiB Disk Space
• 4 Network Interfaces – with DHCP or Statically Assigned IPs
• 2 Available Loop devices – Documented Below
• Default Partitioning will work, can be configured to meet any security requirements (separate LV for VAR for example)
• Installation without a GUI recommended with these below features
◦ “Server Installation” Option
▪ Guest Agents (Drivers for Hypervisor/Cloud recommended)
▪ Remote Management for Linux recommended – SSH and or Cockpit
• Root only account – User accounts are unnecessary
• Security Policy to adhere to any State/Fed requirements (may effect Installation Destination configuration – not documented here).

Configure Timezone and any other settings as required – no specific documentation needed

Sample User: root
Password: your-password

Upon installation check for updates and install a few required repositories.

sudo dnf update -y sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm sudo dnf update -y sudo dnf search schroot sudo dnf install schroot ipvsadm kmod telnet -y

Post installation of dependencies we need to confirm our loop devices are configured.

Confirm what loop devices exist (likely there is only 1) so we’ll need to create some with the below.

List your loop devices:

ls -l /dev/loop* brw-r----- 1 rootls disk 7, 0 Jul 24 17:49 /dev/loop-control

We only have the loop-control device, so create two more loop devices with the below.

mknod -m660 /dev/loop1 b 7 8 mknod -m660 /dev/loop2 b 7 8

Confirm the devices are listed.

ls -l /dev/loop* brw-rw----. 1 root root 7, 8 Nov 27 08:10 /dev/loop1 brw-rw----. 1 root root 7, 8 Nov 27 08:10 /dev/loop2 crw-rw----. 1 root disk 10, 237 Nov 27 07:51 /dev/loop-control

Now transfer or download the Datapower and LibgCrypt RPMs to this system using something line wget or WinSCP depending on access. You can find libgcrypt here (https://rpmfind.net)

Once transferred, you may have to decompress the installation files.

tar -xf idg_lx10540.cd.ASL.prod.tar

Now we can install the program

sudo yum install idg_lx.10540.image.x86_64.rpm idg_lx10540.common.x86_64.rpm

Once installed, you’ll connect to the system via telnet on the system’s loopback address

telnet 127.0.0.1 2200 Initial login is: admin Initial Password is: admin

Confirm to all prompts with Y and then run/create and confirm a new password

You must restart the DataPower Gateway to make the Common Criteria policies effective.

idg# configure terminal;web-mgmt;admin-state enabled;local-address 0 9090;exit Global mode Modify Web management service configuration

Now you can go to the web console via your computer and using the primary IP address. In our example
https://ip-address:9090

You’ll use the login password you created while connected via SSH. You’ll have to create yet another new password.

Once the password is updated, you’ll be able to login and complete the setup by accepting the license agreement.

After accepting the licensing agreement the system will need to reboot. After logging in via SSH you’ll need to restart the web interface.

telnet 127.0.0.1 2200 admin <password> idg<config> idg <config> configure terminal;web-mgmt;admin-state enabled;local-address 0 9090;exit

That's the complete installation process from start to finish. The last step would be to setup initialization of the datapower service upon restart. I'll be working on this sometime this week probably so that the environment is fault tolerant.