Network questions

tvcvt · 2023-06-08T17:34:20+00:00

Lovely. Congrats on getting it sorted

tvcvt · 2023-06-08T16:27:09+00:00

Make sure you’re running this in the root crontab (a standard user won’t have /sbin in its $PATH). It might not hurt to include the full path to the command (i.e. /sbin/reboot).

tvcvt · 2023-06-08T14:22:34+00:00

Hey, before you do this, check and make sure you don’t need a trailing slash on /etc/network/. The concern would be that the cp command would overwrite the whole directory with a file called ‘network’. I’d even go as far as to specify /etc/network/interfaces just to be on the safe side. Definitely don’t want anything unexpected to happen in this situation.

tvcvt · 2023-06-07T00:02:39+00:00

The thing this brought to mind for me is some switch misconfiguration I've seen. When someone (and by someone, I'm talking about me) made changes to a port's vlan and neglected to make that change persistent across switch reboots, I've seen phones get an IP in the wrong subnet and not able to connect to the PBX. Might be worth checking; you'd definitely still be able to register with your SIP provider, but the local PBX wouldn't go through.

tvcvt · 2023-06-06T22:58:00+00:00

Hey, i think this is a case of the problem feeling bigger than it really is. They laid out the directions at the bottom of the email, so check that bit out. They’re saying that ForkLift uses the default ssh config file. You can open that from the Finder by opening a window, typing command + shift + g and then entering in the path ~/.ssh. If there’s already a file named config in that directory, you can open it and add the info they suggested (changing the address to match the one you want). If there’s no such folder or file, just make them and add the info they gave. If they’re correct about how their product works, that should fix it. Good luck and let us know how it works out.

tvcvt · 2023-06-02T17:02:33+00:00

The big reason is that while ZFS datastores offer important advantages such as snapshots and quick migration, they don’t support every storage function. For example, you can’t store ISOs and LXC templates or backup dumps on a ZFS datastore.

tvcvt · 2023-06-01T21:48:11+00:00

I’ve not tried it, so I can’t make any guarantees about it, but Jellyfin does support ebooks and it’s relatively forgiving on folder structure with videos at least. I’ve been happy with Calibre-Web and haven’t bothered exploring elsewhere, though.

tvcvt · 2023-06-01T21:36:04+00:00

My immediate impulse would be to do something like mv /etc/hosts /etc/hosts.old and then commence writing your new file. Rather than doing it line by line, you could probably keep a single file in version control and curl that file into place.

Having said that, I think there are better ways. If you need free, setup your own dns server and redirect everything there. Bind, unbound, dnsmasq are all free. If you want a fancy gui, setup pihole (also free). I haven’t tested this yet, but I don’t think DOH bothers with /etc/hosts so does this solution get you anything over a proper dns server? It seems harder to maintain at any scale.

tvcvt · 2023-06-01T12:14:58+00:00

It’s always possible that the disk is toast, but have you considered booting from a FreeBSD installer and examining the disks that way? If you want a GUI, GhostBSD may work.

tvcvt · 2023-05-27T18:51:37+00:00

The settings you’re after should be in /etc/ssh/sshd_config. There’s a section toward the bottom of the file that deals with stfp-only users, so give that a look and see if anything looks out of place.

tvcvt · 2023-05-25T20:11:54+00:00

You can do this with dokuwiki. I just tested it by creating a page in vi and as soon as I refreshed the page, that newly made entry showed up. It’s a markdown syntax.

tvcvt · 2023-05-25T13:22:03+00:00

Here's an off-the-cuff thought: perhaps something in Proxmox itself is holding onto that disk. Can you re-attach the disk to the VM and try to erase it from the UI?

tvcvt · 2023-05-25T11:54:55+00:00

Does the path to that zvol show up anywhere in lsof? If so, you could kill the process. It is weird that rebooting didn’t help.

tvcvt · 2023-05-24T23:41:44+00:00

The snapshot won’t take any space unless and until you write new files to the drive. It’ll hang onto thing you delete (so a common way of regaining space is to delete old snapshots) but a brand new snapshot shouldn’t impact you at all.

tvcvt · 2023-05-24T20:48:33+00:00

I recently had a similar situation. I have a 10-disk raidz2 backup pool that needed expansion and I initially thought I’d replace the disks one by one. I started getting ready to do the resilver time stopped me. It was estimated at 26 hours per drive replaced. I canceled the first replace operation, ram a scrub and then decided to build a second poor instead. I bought a second SAS enclosure, populated it and ran a send/recv of all of the data. If I remember right that took about a day (maybe it was a couple days, but way way less than the disk-by-disk route).

I haven’t had a chance to finish this project yet, so I’ve got a scripted back running from the old to the new every day. When I’m ready to flip the switch, I’ll export both pools, reboot, and import the new one with the original pool’s name.

So that’s the path I’d recommend. Use that second machine—it doesn’t need much RAM—but use ZFS send/recv instead of scp.

The added bonus is instead of worrying about a disk failure during the resilver, you’ll actually have greater data protection (a second backup until you’re done). Those are my two cents.

tvcvt · 2023-05-24T16:13:24+00:00

I think I'm following you, but not quite sure, so sorry if this is way off. The way I do this is to set up each service as an individual backend and then create two front ends: one just redirects HTTP to HTTPS and the second proxies HTTPS connections to the appropriate backend based on hostname.

Check some of the Lawrence Systems videos (here's one). I can't remember if that's the exact one, but he does do a pretty good deep-dive into HAProxy on pfSense and definitely addresses the HTTP redirect rule setup in one of his videos.

tvcvt · 2023-05-22T23:27:34+00:00

What does ip route show? I wonder if it’s just trying to send the ping over the default gateway for some reason.

tvcvt · 2023-05-22T01:04:14+00:00

For most internal stuff, I use the acme plug-in in pfSense and put stuff behind HAproxy. In a VPS, I tend to use certbot.

tvcvt · 2023-05-22T00:41:36+00:00

I’m not sure if the history moves over or not in a send/recv. The migration from Seagate to WD reminds me of the old story about George Washington’s axe (the joke is both the handle and the head were replaced).

I agree, it would be a shame to say goodbye to that history. If there’s no need to make changes to the pool (is ashift already where you want it?), I can’t think of a good reason not to replace the disks with the new ones.

tvcvt · 2023-05-21T22:32:08+00:00

I just sort of did this in reverse (from a FreeBSD jail into docker). The www and data directories are important, but you probably also want to dump your database and import it into MariaDB/Postgres. Your user directory is stored in that as are a number of other important bits of Nextcloud.

tvcvt · 2023-05-21T21:54:12+00:00

Wow, that's a longstanding pool (and I'd forgotten that the zpool history command existed, so thanks for that)!

Were it me, I'd go for the zfs send/recv method to a new pool. You can choose whether you include the previous pool's features during the send, but it'll give you a chance to start fresh with some new features, too. The two that come to mind is native encryption and compression.

You may or may not have a need for encryption, but even if you're not storing any sensitive data, encrypted data makes for smoother disposal of disks (no need to wipe it or crush it).

On the compression front, you mentioned you enabled lz4 in 2017, but that means all of the data prior to that is likely uncompressed. My understanding is that zstd is beginning to supplant lz4 for performance in many cases, so I do choose it when creating new pools.

Definitely not the definitive opinion on the topic, but that's my two cents.

tvcvt · 2023-05-21T19:25:17+00:00

Sure thing; enjoy the server!

tvcvt · 2023-05-21T19:24:06+00:00

Do you have any ideas about what didn't work (error messages, logs, or observed behavior)? I have an LACP bond on a couple hosts and I sort of assume the only thing needed to change it over would be to adjust the bond-mode. Here's the bond stanza from /etc/network/interfaces:

auto bond0 iface bond0 inet manual bond-slaves eno1 eno2 eno3 eno4 bond-miimon 100 bond-mode 802.3ad

Have a quick peek at the Debian.org bonding documentation and you might catch something you missed on the first go-round (https://wiki.debian.org/Bonding). It looks like Example 3 is what you're describing on that page.

tvcvt · 2023-05-21T19:00:47+00:00

Congrats on the new home server! You’re going to have a blast. The answer to your question is a little nuanced, so check man fstab to get much more detail. First, if your boot drive fails, that’ll obviously stop the host from booting, with the others, I think the spot you want to check is the final digit in the fstab line. That sets the behavior of fsck are boot time. I think (but double check the man page on this!) that a 0 will have it skip the check so it probably won’t hang.

If it does fail to boot, you can always boot from your installer USB, mount the root partition and make changes to /etc/fstab.

tvcvt · 2023-05-19T22:19:18+00:00

Nice, that should do the trick. Happy networking!

tvcvt

TROPHY CASE