MySQL or MariaDB entries take like a millisecond, literally. It's so blinding fast. It's the same kind of transaction that has to happen when a filesystem writes where a file is. It's tiny and effectively instantaneous. It would be pretty while if the database writing that a file was being stored could be measured in any way through performance, as it would happen at the same time that the file is being transferred.

Compare it to driving a load of corn from New York to California. And while doing so, needed to make a not in a log book that says "Shipped Corn to California". The one action, the actual moving of the corn, takes like 40 hours. The logging in the book happens in like 15 seconds. And you can make the log entry anytime during the 40 hour process and have it happen simultaneously for zero performance impact on the shipment process.

@IRJ

I come mentally prepared with my powerful Crane! 🙂
alt text

2019_07_03_13_49_48_Window.png

I've not done this, but as cPanel is just a web app itself, it seems likely that any HA web platform will naturally handle this as well.

@black3dynamite said in Make a Bootable Windows 10 USB Installer from Fedora Linux:

@scottalanmiller said in Make a Bootable Windows 10 USB Installer from Fedora Linux:

@black3dynamite I've not seen that happen. This is every time?

It happened twice so far with the same USB.

Try another USB, maybe there is something wrong with that one?

No access to the GUI from where I am right now. But here is what I have configured to handle something similar.

In this case,
eth0 = WAN - 107.182.76.27
eth1 = LAN1 (10.8.25.0/24) - My network with webservers and stuff 10.8.25.100 = Nginx proxy
eth2 = LAN2 (10.99.0.0/24) - Friend's network with his own router behind this (yes, he's double NAT'd).

Friend uses his own DNS and thus when he tries to get to one of my webservers, he attempts to hit the public IP. The router understands this but cannot hairpin because he is on a different LAN than the port-forward rules.

set port-forward auto-firewall enable set port-forward hairpin-nat enable set port-forward lan-interface eth1 ...rules here... set port-forward wan-interface eth0

So I had to make hairpin rules for him. Your setup would be similar.

Rule 1 (port 443) and rule 2 (port 80) are looking for traffic coming in on eth2 that are destined for the WAN IP and sending the traffic to the Nginx Proxy instead.

set service nat rule 1 description 'Dwarf LAN HTTPS Hairpin' set service nat rule 1 destination address 107.182.76.27 set service nat rule 1 destination port 443 set service nat rule 1 inbound-interface eth2 set service nat rule 1 inside-address address 10.8.25.100 set service nat rule 1 inside-address port 443 set service nat rule 1 log disable set service nat rule 1 protocol tcp set service nat rule 1 type destination set service nat rule 2 description 'Dwarf LAN HTTP Hairpin' set service nat rule 2 destination address 107.182.76.27 set service nat rule 2 destination port 80 set service nat rule 2 inbound-interface eth2 set service nat rule 2 inside-address address 10.8.25.100 set service nat rule 2 inside-address port 80 set service nat rule 2 log disable set service nat rule 2 protocol tcp set service nat rule 2 type destination

I don't recall why I made masquerade rules (5001 & 5002) I am not sure these are needed. I was significantly not sober when this was implemented.

set service nat rule 5001 description 'Dwarf LAN HTTPS Hairpin' set service nat rule 5001 destination address 10.8.25.100 set service nat rule 5001 destination port 443 set service nat rule 5001 log disable set service nat rule 5001 outbound-interface eth2 set service nat rule 5001 protocol tcp set service nat rule 5001 source address 10.99.0.0/24 set service nat rule 5001 type masquerade set service nat rule 5002 description 'Dwarf LAN HTTP Hairpin' set service nat rule 5002 destination address 10.8.25.100 set service nat rule 5002 destination port 80 set service nat rule 5002 log disable set service nat rule 5002 outbound-interface eth2 set service nat rule 5002 protocol tcp set service nat rule 5002 source address 10.99.0.0/24 set service nat rule 5002 type masquerade set service nat rule 5999 description 'masquerade for WAN' set service nat rule 5999 outbound-interface eth0 set service nat rule 5999 type masquerade

No firewall rules at this time. I still need to implement that to keep his stuff off my network except for the proxy. Maybe I'll go drink with him tonight and do that.

@G-I-Jones said in Spiceworks Custom CSS HelpDesk Theme:

Anyone here using Spiceworks played with the CSSpice plugin?

Has anyone figured out a way to change icons?

It might be a little tedious for all of the icons, but if you want to change a main logo or something you can just base64 encode an image and use that as your CSS.

I took a picture of the Rancher logo and did that to show you:

base64.png

Just do:

some-item { background: url(" data:image/png;base64,<base64 encoded string>"); }

Don't use image/png if it's not a png, use the correct format.

@jt1001001 Thanks. If you are running from PDQ deploy, you won't see anything. But, if you are doing it from PS/ISE or similar, that would be a great help.

I've added this to a larger script that I use, but if you only wanted to automate the naming process the above would work for you.

Else just remove the header #!/bin/sh and add the reset to any setup scripts that you have to automate this portion of the setup.

Thanks everyone for y'alls input as I value the knowledge. This all makes perfect sense. I was just chatting with my colleague's about these details and they are making sense of it too.

@DustinB3403 said in Need video recording software for Fedora:

I assume you're going to be looking to do production quality work with this then?

Meh, down the road, sure. Right now, I feel it is more important to get content created in order to even get an idea on how well it will work for our goal.

Production quality can be hired if it is found to be worth that cost.

@Curtis said in Cron Job - Troobleshooting:

So I just figure out that at least part of the script is running, however the rclone doesn't seem to be syncing the data to the cloud. Maybe I'll break the script into 2 parts to troubleshoot. Funny thing is when I run it manually, it works great.

Are you testing as root when running manually?

@scottalanmiller said in Microsoft Office - Licensing Questions For 3 Scenarios:

@flaxking said in Microsoft Office - Licensing Questions For 3 Scenarios:

I think you must be missing what's going on here. This removes the requirement to integrate more directly with MS Office, instead relying on a separate library that is provided standalone from Office and thus allows saving to Excel. We've had zero issues with using this library, which is actually pretty uncommon for us.

The issue is flexibility. Using third party libraries, you can integrate with Excel or with anything else. Using the Office libraries, every user, in ever system, is bound by the limitations of the most problematic. It makes deployments more costly, and more complex.

That's true, it's the kind of self perpetuating lock-in that has served Microsoft so well. People use Excel, and they ask for saving to Excel spreadsheet, so we create the integration specially to allow Excel and not include ODF, then we help keep the industry locked into using Excel because that's all we support unless you want to just save to CSV.

As for the cost and complexity of deployments... that could be true, except that the installation of our main software is already so complex and costly that dealing with potentially installing this library is the easiest part. I think we probably only have one other developer who would be able to figure out how to install it. I've never heard of any client's IT that have been able to figure out how to install it (just calls from those who have tried), client services has to do literally every install.

@PhlipElder said in deleted/corrupt partition:

@pattonb GetDataBack by Run Time Software. Used it recently to recover data from an Apple MacBook Air SSD

Yeah I've used GetDataBack several times with different levels of recovery.

@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:

@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:

@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:

@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:

@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:

@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.

This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.

Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.

No one is discussing your own CA though. The CA mechanism is based on trusted roots.

I responded to certs specifically, regardless of context.

And you are correct, in that context. But that's not what context we were thinking of.

@notverypunny said in BitTorrent/P2P technology for distributed file transfer of large files?:

I would add the caveat to test first...

That always goes without saying, it's part of the development process. I take it testing things first is a new concept for you?

@hobbit666 said in Another Cron issue - reboot:

@IRJ @DustinB3403 will give that a try tomorrow if I get a chance otherwise Sunday

Don't do it as a user, as IRJ says. This is because Cron does not use sudo. That would not make sense, if you dig into it.

Here is why....

The reason you put a cron job under a user is to act as that user. If cron tried to sudo, you'd lose the ability for users with sudo access to act as themselves, compromising security and limiting functionality.

Any user with sudo access to root can put the cron job that they want directly under root itself, so #1 doesn't limit their functionality in any way, it only gives them more functionality.

If it used sudo, tracking down where root level things were happening would become enormously difficult, instead of being centralized.

@Markferron said in SAS Drives RPMs:

@scottalanmiller Thanks, figured as much.

Things like fragmentation are real, and will slow the "storage subsystem" in most cases. But that's not the same as the drive slowing. The drive itself works at a predictable speed that only varies when a block cannot be read and the drive has to try again. But even that speed is predictable. So the mechanical speed of the drive never varies (over time), but the throughput of data pulled from the drive can vary based on the rate of magnetic failure. But once that has any real effect, the drive is toast anyway.

Bookmarking site. Thanks @IRJ!

@Pete-S said in Wget - Download a Web Dashboard For Local Viewing?:

Here is Firefox headless mode:
Firefox uses the same browser, just run with the headless switch. Works from version 57 and newer.
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Headless_mode

Thanks. I won't be able to use this with brightsign, but it might work if I have to run windows for a site that I can't view a public dashboard.