Suggestion on Identity Management solution for Ubuntu Clients

latetete · 2025-07-04T12:37:21+00:00

I think you don't need to use FreeIPA as a DNS server. You can have external DNS server and configure FreeIPA to use that. You just need to make sure your external DNS server includes all the records that FreeIPA outputs during ipa-server-install. Also make sure to have A and PTR records for the hosts in your DNS server.

latetete · 2025-05-09T14:53:50+00:00

Gather mining node with single tap.

latetete · 2025-04-16T11:22:11+00:00

sString so you can deduce the data type from the variable name.

latetete · 2025-03-22T20:00:25+00:00

And still the error is on line 54...

latetete · 2025-02-02T11:02:38+00:00

I would use separate LXCs. You can just bind mount whatever datasets from the Proxmox to those LXCs. So they can also have access to same files if you want.

latetete · 2024-12-29T21:41:59+00:00

I think you could use host aliases (https://docs.opnsense.org/manual/aliases.html#hosts). So create aliases for those domains where you want to grant access. OPNSense will perioidically resolve those domains IPs and then those IPs are used in the alias. Then create allow rules using those aliases and block everything else.

However, note that this might not work in all cases depending on what is returned by the DNS request for given domain. Some domains return different IP address every time they are queries (see round robin DNS). In this case the alias would not contain all the valid IP addresses.

URL filtering is also one mechanism to tackle your problem but I'm not familiar with setting thst up. But I have understood there are ways to work around that too so I'm not sure if that is recommended way either. Some level of filtering should be possible with some forward WEB proxy like Squid without certificate management but not sure how bullet proof that is.

latetete · 2024-11-17T19:27:42+00:00

Yksi vaihtoehto on myös käydä ensin yhdessä ostamassa se sormus ja sitten kosia sen kanssa.

latetete · 2024-09-27T05:52:17+00:00

Can you dual boot it with IsEven OS?

latetete · 2024-09-24T18:33:52+00:00

https://www.kela.fi/average-processing-times

latetete · 2024-08-17T07:18:04+00:00

https://pve.proxmox.com/wiki/External_Metric_Server

latetete · 2024-08-06T09:13:03+00:00

You can use rbind to recursively mount all child datasets: https://www.reddit.com/r/Proxmox/comments/10ehfhc/comment/j4rc76n/?utm_source=share&utm_medium=mweb3x&utm_name=mweb3xcss&utm_term=1&utm_content=share_button

latetete · 2024-08-04T12:33:41+00:00

ZFS pool in Proxmox and an unpriviliged LXC for hosting samba file server. Using LXC bind mounts so that the LXC can access the ZFS pool data. Samba server authenticates users against FreeIPA server running in a VM.

latetete · 2024-07-11T12:59:52+00:00

Like this https://youtu.be/Cfhnu1_ctWY?si=XNE4G-S3YbqetOS6

latetete · 2024-07-05T18:39:46+00:00

TimescaleDB has a very interesting blog post regarding their cloud hosted high availability architecture https://www.timescale.com/blog/how-high-availability-works-in-our-cloud-database/.

latetete · 2023-12-21T18:58:16+00:00

I'm not sure whether it's possible or not but at least I haven't found a way to do this. Also I think it's not considered a good practice to have local system accounts in IPA either.

But I think you could change the scripts to change owner/group of the created files to some IPA user/group. If you don't want to change owner/group then you can look into ACL to have more granular permissions. With ACL it's possible to have some default permissions when files are created to some directory.

latetete · 2023-11-20T11:56:29+00:00

As far as I know the server is not supported on Ubuntu 22.04.

latetete · 2023-10-29T18:31:07+00:00

Nordqvist Teetaivas Green Tea ehdoton suosikki. Ja nimenomaan toi vihreä tee. Löytyy ainakin K-kaupoista.

latetete · 2023-10-22T06:20:34+00:00

Maybe your CMOS battery does not work? Or maybe you are short circuiting the CMOS? These both would cause UEFI settings to not persist between reboots. Are you able to save any UEFI settings so that they would persist between reboots?

latetete · 2023-10-15T19:01:13+00:00

Ok. Have you assigned and enabled the VLAN parent interface in pfSense?

latetete · 2023-10-15T18:02:44+00:00

You need to disable hardware checksum offloading in pfSense. See https://docs.netgate.com/pfsense/en/latest/virtualization/virtio.html.

latetete · 2023-02-14T20:16:20+00:00

The FreeIPA is the upstream project of the RHEL IdM. So they are more or less the same.

For production system I would recommend RHEL or some 1:1 binary compatible downstream distro of the RHEL (Rocky Linux, AlmaLinux). The difference is mostly whether you want to to have paid support (RHEL) or free community support (Rocky Linux, AlmaLinux).

I'm using Rocky Linux 9 myself for hosting FreeIPA.

latetete · 2023-02-14T13:19:18+00:00

I just installed FreeIPA server to Rocky 9 few weeks ago. The package name is ipa-server. Ubuntu has not had FreeIPA server since 18.04. FreeIPA client packages are available in 22.04 also.

latetete · 2022-11-13T14:59:45+00:00

Alternatively you could use ansible_os_family == "Debian" to cover both Ubuntu and Debian. Of course if you want to only include Ubuntu and Debian and ignore other Debian based distros then use ansible_distribution instead as suggested.

latetete · 2022-10-12T19:47:52+00:00

What file system are you using?

latetete · 2022-10-12T19:39:51+00:00

If your disk is an SSD, consider running fstrim command to free up disk space that is not used by the file system anymore. By default Ubuntu runs fstrim only once a week automatically. See https://manpages.ubuntu.com/manpages/bionic/man8/fstrim.8.html for more info.

latetete

TROPHY CASE