@gjacobse I was wondering what denable was lol... good eye.

Corrected it

@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:

The top post has been edited to now include the pretty URL and self signed SSL

HTTPS only. HTTP not open on the firewall.

I just followed these through start to finish.
Copy/Paste only.

b0dc6866-d819-44ef-b235-f268760cfa1d-image.png

@WLS-ITGuy give this a try, you may need to go back more than a year though.

The last time I set up Graylog I had to configured SELinux.

Allow the web server to access the network:
sudo setsebool -P httpd_can_network_connect 1

Graylog REST API and web interface:
sudo semanage port -a -t http_port_t -p tcp 9000

Elasticsearch (only if the HTTP API is being used):
sudo semanage port -a -t http_port_t -p tcp 9200

Allow using MongoDB default port (27017/tcp):
sudo semanage port -a -t mongod_port_t -p tcp 27017

The IT benefit to this entire thing is, by enabling this feature, IT will now have a backup of the configuration of all the phones. Even if a user changes a button. Now a phone can die and IT will simply change the MAC on the provisioning server and put the new phone on the desk.

To the business, the benefit is to let users control their own buttons without IT getting involved. Buttons can easily be programmed by a user simply holding it down until the menu pops up. It takes very little instruction to teach users to pick Speed Dial or BLF and enter the number or extension.

For most small shops, this doesn't matter in the first place. They rarely change anything.

But for an organization over 20, it is very common to have users all needing different configurations on their phone buttons. Their Boss, their Queue Pause, their specific parking lots, etc.

@JaredBusch fair enough, I haven't used the product itself as of yet and wasn't aware it had whitelisting inside the product, if this was specific to just fail2ban then that method would be suitable, but in this case I agree with you, my mistake.

@black3dynamite said in Setting Up a Standard MySQL or MariaDB Database for an Application:

@JaredBusch said in Setting Up a Standard MySQL or MariaDB Database for an Application:

I like my approach to setting this up.

Obviously, install MySQL/MariaDB first as noted above.

Then do the following. This all needs done in the same SSH session, but otherwise things are simple.

Choose once of these exports for your DB root password.

The first one is for you to specify, the second generates a random one and echo's it back to you.

# Specify your own password for MariaDB root user export DB_ROOT_PASS="somebigpasswordgoeshere" # Generate a random password for MariaDB root user export DB_ROOT_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 30)" echo "This is your MariaDB root password: $DB_ROOT_PASS" Specify the application database name and application user name # Database user to use for application export DB_USER='yourusername' # Database name to use for application export DB_NAME='yourdatabasename' Generate or specify a random password for the database user # Specify your own password for the application's database user export DB_PASS="somebigpasswordgoeshere" # Generate a random password for the application's database user export DB_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 30)" echo "This is your password for the application user: $DB_PASS" Then create the application database, use, and grant access. mysql -e "CREATE DATABASE $DB_NAME;" mysql -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';" mysql -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost';" mysql -e "FLUSH PRIVILEGES;" Finally, lock down the system without the interactive requirement of mysql_secure_installation # Secure MariaDB (this does what mysql_secure_installation performs without interaction) mysql -e "UPDATE mysql.user SET Password=PASSWORD('$DB_ROOT_PASS') WHERE User='root';" mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" mysql -e "DELETE FROM mysql.user WHERE User='';" # Beginning on some version of MariaDB after Fedora 29 was released, the test DB is no longer there by defualt. mysql -e "DROP DATABASE test;" mysql -e "FLUSH PRIVILEGES;"

Your approach makes it easier to use as part of a script.

It also generates random passwords, which I prefer.

@stacksofplates said in Install OpenSupports on Fedora 29:

It does look nice though which can't be said for a lot of them.

That is the reason I looked at it. The view was solid.

@Emad-R said in Installing MS SQL Server Express on CentOS:

Et me guess it is much faster on Linux than on Windows server

No idea, but it is one less Windows Server license needed.

Also MS SQL Server Express works well for many tasks.

@NashBrydges said in Mass upload sound files into FreePBX:

Very useful stuff, thanks for this.

Self serving. I’m buildinging a mass import right now using this process.

@travisdh1 said in So I built: Pi-hole:

@BRRABill said in So I built: Pi-hole:

Where is @scottalanmiller to chime in that isn't the purpose of DNS?

:)

Careful, sounds like he's already infected you!

Yes but I can't yell at people as good as him.

Nice write up, thanks!

@wirestyle22 said in Renewing Let's Encrypt certificates using a systemd timer:

sudo systemctl enable certbot-renewal.timer

As I did this again today, I thought I would post my quick tweak to this because I do not like the idea of it running hourly.

I set mine to run twice a day with a 1 hour randomizer.

[Timer] OnCalendar=*-*-* 01,13:00:00 RandomizedDelaySec=3600 Unit=certbot-renewal.service

027a0074-88ec-4c1f-b114-91722521529b-image.png

For anyone interested, I recently setup Ansible AWX on Fedora 27 using this guide. Running as a local VM so didn't do anything with Nginx / reverse proxy.

@tim_g said in Use DHCP option 43 on Windows Server to tell UniFi devices how to find the controller:

@jaredbusch

I see, so just setting option 43 on whatever DHCP server you use is all you need. Nothing hardware specific is required on the network.

Correct

@brandon220 said in Install Nginx as a Reverse Proxy on Fedora 27:

Another question:
When you access Nextcloud with https and the site check shows that everything passes

passed.PNG

But, when you place it behind Nginx, it "breaks"

fail.PNG

I am trying to understand what is happening behind the scenes to cause the error. Is anyone else seeing this happen on their instances?

If you want to remove that warning, add the following in the server block

location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; }

@hobbit666 said in Install Zabbix on Fedora 27:

Just ran through this again as moved from a CentOS install to Fedora and only just noticed it pulls down Version 3.0.15?

Current Version is 3.4.8. Does the script need changing or how do we update to the latest?

3.0.15 is Zabbix 3.0 LTS version.
https://www.zabbix.com/download?zabbix=3.0&os_distribution=centos&os_version=7&db=MySQL

Edit: You will have to manually install the new version.