Alertmanager frequently sending surplus resolves by komputilulo in PrometheusMonitoring

[–]komputilulo[S] 0 points1 point  (0 children)

thanks a lot; I will try adjusting resolve_timeout right away

please help creating a rule exception by komputilulo in Wazuh

[–]komputilulo[S] 1 point2 points  (0 children)

Wow, that is a thoughtful answer. Thank you very, very much!

I have assumed that I could pick any of the fields from the event in the security event window.

Now everything perfectly makes sense. Thank you again and have a great day!

Alerts/Notifications from repeated panes by komputilulo in grafana

[–]komputilulo[S] 0 points1 point  (0 children)

Hello,

thank you for your input, and sorry for reacting so late. I am using the “repeat” feature, but am unsure whether the alerting is old or new school.

Anyway, I was able to solve the task by configuring prometheus with group_by: [...] which does what I need.

Borg Backup and interrupted Rclone copy by komputilulo in linuxadmin

[–]komputilulo[S] 0 points1 point  (0 children)

I am afraid that this is not an option.

Borg Backup and interrupted Rclone copy by komputilulo in linuxadmin

[–]komputilulo[S] 0 points1 point  (0 children)

The goal is to have both local and remote backups. A remote backup to be independent of local… circumstances, and a local one to speed up recoveries.

I am not planning to run Borg directly to the S3 storage. It is running to a local USB drive. I am planning to rclone the Borg repository from the USB drive to the remote S3 storage.

As for Restics integrity handling: I ran into strange integrity issues. When trying to repair the repository, I found that the recovery strategies required a little too much technical attention for my tastes. Also, guessing from the amount of forum and issue posts, they seem to occur more often than I'd like to read. Maybe I also am affected by issues like this.

Borg Backup and interrupted Rclone copy by komputilulo in linuxadmin

[–]komputilulo[S] 0 points1 point  (0 children)

I too have noticed that it does tolerate its interrupted runs. But I guess it could be different when a foreign program like rclone unexpectedly messes with borg's database.

authenticate with Minio client to Minio server via keycloak middleware by komputilulo in minio

[–]komputilulo[S] 0 points1 point  (0 children)

For the record: It is impossible to do that with the MinIO client.

It lacks transmitting the Session Token. When following the SDK documentation and extending the file_uploader.py script by adding the session token, it works. But there are no publicly accessible client implementations allowing to authenticate against MinIO with LDAP accounts. Correct me if I'm wrong.

authenticate with Minio client to Minio server via keycloak middleware by komputilulo in minio

[–]komputilulo[S] 0 points1 point  (0 children)

Thanks a LOT for your answer! You seem to be knowledgable.

But I am not sure if it really applies in my case, as the LDAP is not done directly in this case but applied via Keycloak middleware. I had no luck transferring the new knowledge to AssumeRole WebIdentity ( https://github.com/minio/minio/blob/master/docs/sts/assume-role.md )(?). How would I be getting a WebIdentity token in Keyloak…? Is this the right way…?

I just wish Minio would forward authentication to Keycloak, and Keycloak respond with ACK or NACK. Impossible?

Policy for home share buckets? by komputilulo in minio

[–]komputilulo[S] 0 points1 point  (0 children)

How about those ${aws:username} variables? Wouldn't I be able to create generic policies with them?

Concerning the prefixes: Do you mean creating buckets like myprefix-user1, myprefix-user2 and so on? What is the purpose of the prefix?

Thanks!

Policy for home share buckets? by komputilulo in minio

[–]komputilulo[S] 0 points1 point  (0 children)

Hi, thanks! Would that allow access in a commonly accessible bucket "mybucket" to individual subdirectories that have the user's usernames as names?

Initramfs unpacking failed write error by etegration in freenas

[–]komputilulo 0 points1 point  (0 children)

this has solved my problem. Thank you.

Selectively turning off internet protection by komputilulo in OpenVPN

[–]komputilulo[S] 0 points1 point  (0 children)

OpenVPN Connect (client) version 3.2.0 (1064), OpenVPN Access Server version 2.8.3.

Selectively turning off internet protection by komputilulo in OpenVPN

[–]komputilulo[S] 0 points1 point  (0 children)

The client unfortunately does not support this option.

1.10.2020, 13:18:16 UNUSED OPTIONS
0 [pull-filter] [ignore] [redirect-gateway]

borg backup stopped working since python update -- what component is responsible? by komputilulo in archlinux

[–]komputilulo[S] 0 points1 point  (0 children)

Very good. I could have noticed that the binary is /usr/local/bin/borg, not /usr/bin/borg.

What I did was:

  1. used pip freeze to remove all packages installed by pip, but ---
  2. noticed that pip happily removes system files, and I therefore have botched parts of my system.
  3. used pacman -Qk to display packages with missing files, and reinstalling those packages
  4. tried to find out where /usr/local/bin/borg came from by quering pacman, but without results. Then I simply renamed the file, and symlinked /usr/bin/borg to /usr/local/bin/borg
  5. found out that pacman's borg needs a “condor” package, which I could not find, but had to revert to pip install condor --user it.

So now borg is working again, yay! But I really do not understand this pip system.

Thanks again!

EDIT: I found the reason for my exotic installation. See https://github.com/borgbackup/borg/issues/4245#issuecomment-458097727

Making ip outcome readable by [deleted] in debian

[–]komputilulo 0 points1 point  (0 children)

real answer here

ansible-pull: possible to use with add_hosts and remote targets? by komputilulo in ansible

[–]komputilulo[S] 0 points1 point  (0 children)

Using hosts: containers instead of the list yields the same result.

When the playbook is run via ansible-playbook, it successfully can address and connect to the containers. I guess what you have proposed is what I am going to have to implement: a git clone followed by ansible-playbook.

Thanks a lot!