@scottalanmiller said in Alternative to never in stock Ubiquiti EdgeMax line:

@Pete-S said in Alternative to never in stock Ubiquiti EdgeMax line:

I don't know if that is the case with Ubiquiti but some products in their line sure looks like it.
Looking at the number of employees working at Ubiquiti versus their revenue, also suggests that (most?) of their products are not designed in-house. That's just speculation of course.

Well the Edge line, and this is me guessing, is likely third party hardware that they buy (that's pretty easy) and they basically use an open source OS barely modified. They were half public about that when they started, so it kinda made sense with that line. No idea if they continued that with Unifi and others.

Well, they started with RF-based products so they have that expertise in-house.

It would make sense that their wifi products are developed by themselves and manufactured by OEMs while the rest are ODM products.

That's the quickest way to expand the product range. Otherwise you need a ton of employees. From the info online they're only about 1000 employees worldwide.

@Yonah-S said in Another new server question:

If you want to know how to get something built like that without the constraint of the online configurators - hit me up on private message.

When I buy, this is what I do.

But for quick comparison or rough ideas, the online tools are easy

I don't know if ubuntu has a similar cloud kernel.

Update: It looks like there is a linux-kvm kernel amongst others. Haven't tried it though.

BTW, in Debian/Ubuntu and other distros the different kernels are often referred to as kernel flavors. Good to know if you want to search for them.

Tested and it works all the time by hostname instead of IP.

@gjacobse

OK, I checked now and the GX420T and GX430T is the same printer but with different dpi print heads.

If you can tell the application that prints to print differently depending on which printer you are printing to, everything will be fine.

If you can't, you have to replace those two GX430T printers with GX420T models.

Or put another way - if you want to have printers that are drop-in replacements for each other, you need to buy just GX420T printers (or other 203 dpi models).

b2996495-4ddc-41e7-b10c-dbb7a25d2912-image.png

GAM that's what it was!
https://github.com/GAM-team/GAM

Looks like they've made some improvements, back in the day it was one giant py file, lol.

@Pete-S said in ssh to new cloud instance?:

@scottalanmiller said in ssh to new cloud instance?:

@Pete-S said in ssh to new cloud instance?:

If you add another admin in the cloud control panel, is an account for that user created on all cloud instances that person can access?

In Vultr, there aren't users in the cloud panel at all. There are keys that you can choose to deploy at deploy time for root. Other than that, if we wanted to deploy keys (as an example), we'd do that through our management system (script, Salt, Ansible, etc.). I would not want the cloud platform to be touching my users.

OK, got it.

Does that also mean that only one person can have access to the actual Vultr account as well? I'm guessing it's multi-user.

Yeah, the cloud level is multi-user. But just as you can have multiple people with access to a data closet, and multiple people with access to a Windows instance housed in that closet, you don't want the physical closet to maintain the Windows logins. Same here, your cloud provider is like a data center or data closet with its own level of access unrelated to applications or other workloads running higher up the stack and 99.999% of the time, no association or commonality between them.

@stacksofplates said in Windows 11 versus 10:

and the ever changing landscape of screen sizes.

I think we all want giant screens. That's more just a manufacturing and cost thing IMHO.

You don't need "development" for me to tell you that I want enormous screens with high resolutions, lol. I just need them to be affordable and available.

@JaredBusch said in Tenant disabling of Basic Auth cause OAUTH iPhone to break:

Disabling of Basic Auth should have done nothing.

If the security setting are changed on an account it makes sense to force users to reauthenticate. It might even be best practice.

I think it works the same on other providers.

But there should be some better mechanism regarding authentication in ios and android.

@scottalanmiller said in Does the end of O365 Basic Authentication mean no more app passwords:

@Pete-S said in Does the end of O365 Basic Authentication mean no more app passwords:

@JaredBusch said in Does the end of O365 Basic Authentication mean no more app passwords:

Customer has a LoB application called Enfocus Switch.

It has a mail retrieval function that connects via IMAP using an app password on a normal O365 email account with MFA enabled.

It stopped retrieving email on the morning of Wednesday October 12th.

Since Microsoft finally killed Basic Auth on Tuesday, I assume this is related, but I can find no information on this at all.

The vendor do what they do, but I noticed that most applications that need this kind of functionality uses mail forwards from customers mailboxes to their own IMAP mailboxes.

That can be a way to solve this when microsoft kills it. Redirect from customers O365 mailbox to another provider that supports IMAP with normal authentication. Have the LoB application use that inbox instead.

We have customers doing that. Setting up MailCow to get past all the primary vendor security systems.

That makes sense.

I think you could probably run a bare mailserver with just dovecot as well. Since it only needs to handle incoming email from Microsoft and be an IMAP server, there's a lot things that becomes irrelevant - like spam detection, ip reputation etc.

@JaredBusch said in UFW or IPTABLES:

@Pete-S said in UFW or IPTABLES:

So I think the current recommendation is to either stick to ufw or firewall-cmd or just use nft directly.

I try to. This was the first time I've had a need to go outside the box of ufw or firewall-cmd to use direct iptables in years.

Yes, it's only when you need more control.

I've looked into this before and it wasn't not super obvious how all these tools interact. But nowadays ufw and firewalld are services to manage nftables. nftables itself manages the netfilter packet filtering mechanism in the kernel.

The ability to use iptables are just for legacy reasons and they're converted to nftables rules behind the scenes.

Since ufw (canonical project) and firewalld (redhat project) where initiated when iptables was used, I'm not sure their existence is warranted in the same way. At least not by sysadmins.

I'm looking at setting firewall rules automatically in a project and it seems like using nftables directly makes the most sense. That said I have to learn nftables first 🙂

@PhlipElder said in Misc go-to FOSS options:

@scottalanmiller said in Misc go-to FOSS options:

@PhlipElder said in Misc go-to FOSS options:

@scottalanmiller said in Misc go-to FOSS options:

@PhlipElder said in Misc go-to FOSS options:

@scottalanmiller said in Misc go-to FOSS options:

@PhlipElder said in Misc go-to FOSS options:

@scottalanmiller said in Misc go-to FOSS options:

@PhlipElder said in Misc go-to FOSS options:

Workloads are multiple WordPress sites on one Ubuntu server OS (boy, what a lot of fun it is trying to get any documentation that gives a clear step-by-step ... just blew up the server for the umpteenth time now need to figure out what broke it as search sucks at this point for me) as well as Mastodon.
We'll be setting up some SFTP sites for clients once we get the WordPress sites online.

It's not terrible, but yeah, there is a surprising lack of documentation on that. It's like the single most common Linux server task and it seems no one knows how to do it.

I can only imagine that there was a time when everyone knew how to do it and because of that, stopped teaching it, and now no one knows. But you need it constantly.

Wow, no kidding.

The number of "How to set up WordPress multiple sites on one VPS/Ubuntu Server" articles is crazy and they're all somewhat different. Plus, there's "multisite" which is *.domain.com hosting subdomain sites. We don't want that.

Got a good How-To pointer? Please & Thanks?
*Sorry for co-opting the thread.

I really need to make one. BUt that's not going to be a "this week" item as I'm in Costa Rica for my anniversary.

My team needs it too. I should be able to hand this stuff off to them easy peasy and I can't.

Happy anniversary. How many years?

Understood.

19 married, 21 together!

Suweet. December is 20 for my wife and I. It's been an amazing ride. :0)

Cool, almost the same. Pre-emptive congrats to you as well.

Ta.

Looking forward. Have lots of surprises for her.

nice

@scottalanmiller said in Need: How-To Step-by-Step for Multiple WordPress sites on Ubuntu 20/22 LEMP:

@PhlipElder said in Need: How-To Step-by-Step for Multiple WordPress sites on Ubuntu 20/22 LEMP:

@PhlipElder said in Need: How-To Step-by-Step for Multiple WordPress sites on Ubuntu 20/22 LEMP:

Wow, talk about documentation fragmentation. 😞

We've installed Ubuntu 22 a number of times reaching various points towards the goal of hosting multiple WordPress sites in a single Ubuntu v22.04 (as of this writing) using one MariaDB instance with multiple databases set up within.

NGINX is set up and the server blocks are in place.

This last go-around we managed to get three sites up and running without issue. Once the fourth went in all of a sudden the server would only serve one of the sites no matter what URL was being requested.

Certificates are being handled by RapidSSL as a personal preference. We've not had any issues there.

Please and thanks.

And, crash and burn again. :0(

As soon as I install the second site the server only pushes the last one set up. sigh

I bet it is a matter of being in alphabetical order. That causes a lot of "mystery" issues in this kind of setup.

e41cb55e-8ce3-44bc-9655-be3ad311d3f1-image.png

I fat fingered it. The ">" at the end of the domain for server_name is what did it.

Since all of the setup files were copy and paste, whenever that got introduced it carried onwards.

Because of the wiring in my head when it happened the first time I didn't see it. So, I flattened everything and started fresh. When it happened the second time I took the time to look at the original reference server block because it was seemingly obvious that I'd done something.

@syko24 I didn't have a closing } in one of my sections so it was ignoring some of the config. Fixed.

Thanks!

Found the problem and fixed it.

For anyone else having this problem:

sudo nano /etc/default/grub

Change this line: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
To: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash nomodeset"

sudo update-grub

Youtube Video

@scottalanmiller said in ps2 to usb adapters:

analogue.

analogue, eh?

@DustinB3403 said in Microsoft Finally Deprecated WINS:

@scottalanmiller Finally. . . I have a customer who insists that WINS is as good as it'll ever get. . .

Now maybe I can put their nose into it. .

How many clients even know what it is? Wow.

@Pete-S said in New server q's:

@siringo said in New server q's:

Those last 2 posts are spot on Scott.

If I were to deploy a solution that was different to what everyone else was deploying, even if it was cheaper, better, faster, more resilient etc, I'd be lambasted by others simply because it was different and more likely, not understood.

That can lead to unhappy management, which can then lead to all sorts of grief for me.

This is obviously, not what I want.

Thanks for all the info & advice, it is greatly appreciated.

So you should buy the same old server model from 2016 to stay consistent with what they currently know 🙂

Unfortunately yes.

It comes under the job preservation title. I live in area where IT work is extremely hard to secure due to there not being much of it, so rocking the boat is not a good move.