Topics created by Alex Sage

I have 20 some devices on 1.10.1.

No reported issues yet.

I only have 3 ER-X though.

@jaredbusch Also, certbot doesn't have automatic DNS configuration.

@travisdh1 Interesting, so it is working.

That's correct the pointed to /admin

@aaronstuder said in Sangoma 6 to 7 Upgrade Tool Error:

@jaredbusch said in Sangoma 6 to 7 Upgrade Tool Error:

@aaronstuder said in Sangoma 6 to 7 Upgrade Tool Error:

Guess I am just going to build a new 14 VM and transfer over the config. Any thing to watch for?

You can export and import some things with the default handlers.

If you are using SSL from LE and have the Yelaink T4xG series phones they won't talk right using SSL.
If this is the same system I worked on, don't forget to grab crontab with the bell schedule.

It is in fact the same system. Will the custom extensions come over?

Yes. they are still extensions.

@scottalanmiller said in Ubuntu 18.04 adding Minimal Install:

@jaredbusch said in Ubuntu 18.04 adding Minimal Install:

@dbeato said in Ubuntu 18.04 adding Minimal Install:

@aaronstuder said in Ubuntu 18.04 adding Minimal Install:

Seems like a good move

https://www.omgubuntu.co.uk/2018/02/ubuntu-18-04-minimal-install-option

I thought they had it already, I have been using the net install for a long time in Debian and Ubuntu
https://www.ubuntu.com/download/alternative-downloads

Minimal Install != Net Install

Net Install is more "Minimal Download" rather than "Minimal Install"

Correct. A NetInstall is a small initial download because it installs whichever version from direct net downloads after selection.
I always use the NetInstall download for Fedora/CentOS because that is the only way to get a solid "Minimal Install".

But I also installed my full desktop from a NetInstall image.

@momurda was news to me too. Good news! 🙂

I have mine in 2 directories:
/data/windows_vm
/data/linux_vm

I also have a /data/iso for ISO files

@tim_g said in Anyone Ever Outsource Help Desk Level 1?:

We tried it with a supposedly big and good MSP.

It didn't go well. Response times were horrible, issues didn't get get taken care of properly, their software was a big PITA on all endpoints and servers.... just to name a few.

Did they pay for dedicated helpdesk or try to go cheap with a "pool" where you are just mixed in with all other calls?

I have been using it for the last 3 days, seems to be stable so far.

@aaronstuder said in Anyone using AdGuard?:

@nashbrydges I understand that. It would need to be done correctly.

Even when done correctly, you now have a single exposure point instead of many hundreds. You're relying fully on 1 source to properly encrypt traffic between you and itself and then itself and the source, rather than distributing the risk across the hundreds of sites you might visit. It's easy to inspect the SSL cert validity of a website that you visit directly, not possible if you are routing via a 3rd party who is managing that connection on your behalf.

This concern would only apply to the HTTPS inspection though. Using their DNS service is like using any other DNS service.

@black3dynamite said in Securing BookStack behind a Ubuntu NGINX Reverse Proxy:

@aaronstuder said in Securing BootStack behind a Ubuntu NGINX Reverse Proxy:

This setup is a LXC host, running both NGINX and BookStack in a different containers.

I forward 80/443 from the host to the NGINX container.

Then setup NGINX to reverse proxy to another container (BookStack, NextCloud, etc.)

Each app has it's own container.

How's the performance doing it that way?

LXC has essentially zero overhead. Should act exactly like doing them on the same box.

@tim_g bump

@net-runner said in Guacamole on Fedora 27:

I've tried Guacamole on CentOS and Debian. Both worked fine, but it was a bare-metal install (not docker). Check Guacamole and Tomcat logs to identify if they are running at all and try to see your connection attempts there. If there is nothing it has to be firewall/connectivity issue.

The Docker instructions don't seem to work, which seems to be my experience with all Docker instructions. Sounds like it'll be easy, but never "just works" and takes more complicated fiddling than just doing traditional installs.

Here’s mine based off of the DISA STIGS.

https://mangolassi.it/topic/15041/ansible-hardening-role

@black3dynamite said in KVM Templates:

@stacksofplates said in KVM Templates:

@aaronstuder said in KVM Templates:

@stacksofplates building templates using virt-builder

Oh. It's pretty simple. virt-builder --list gives you a list of images you can use.

0_1518740996335_virtlist.png

Then just create your template with virt-builder <os> --format <format> imagename.format

0_1518741052670_virt-buidler.png

Then you can use virt-customize to inject packages, create users, set passwords, etc. Then just clone that for your template.

Is it necessary to add --selinux-relabel when downloading the VM?

No. That’s all in the image. Only when updating the packages with libguestfstools

@aaronstuder said in Managing KVM via the Command Line:

Anyone have any good resources to learn to manage KVM via the Command Line?

virsh --help

virsh <command> --help

My mother's computer just died recently and it had been a backblaze computer for several years. Download the client and login and she has access to all of her pictures.

There are multiple guides here to do this. And again jumping more than a single version is not the proper way to handle it. Even if it works.

Yes, that requires moving to Standard licensing, and yes, it will be quite costly.

@coliver said in Would you apply for this job?:

Looks like they want a generalist.

Either they want a decently senior generalist, or more likely three mid-level specialists.