@matteo-nunziati said in Anacron Jobs on a CentOS 7 Server:

@JaredBusch well never considered the workload on servers. I don't know how they manage it! maybe not so many use unattended upgraqdes in debian.

I definitely feel like Ubuntu users don't keep their systems as up to date ;)

So that is where we are now. A missing package, unclear documentation and yum unable to resolve dependencies for some of the remaining packages. As the support community showed no interest in Kopano being used in production and actually got angry that we wanted to, we decided to halt here. But there is the documentation in case anyone runs into this and wants to pursue it further.

In case anyone else is wondering, you can easily schedule OS ticket to fetch emails, by setting up a cron job that "runs" the cron.php file in the OSTicket directory. Just open up /etc/crontab and enter this line:

***Assumes your php directory and OSTicket install are at the locations specified below.

This causes OSTicket to poll the mailbox that is defined in the OSTicket email setup area in the OSTicket GUI, every 5 minutes.

*/5 * * * * root /usr/bin/php /var/www/html/helpdesk/api/cron.php

@stacksofplates said in Open Firewall Ports on CentOS 7 and RHEL 7:

@coliver said in Open Firewall Ports on CentOS 7 and RHEL 7:

@stacksofplates said in Open Firewall Ports on CentOS 7 and RHEL 7:

@coliver said in Open Firewall Ports on CentOS 7 and RHEL 7:

@scottalanmiller said in Open Firewall Ports on CentOS 7 and RHEL 7:

@coliver said in Open Firewall Ports on CentOS 7 and RHEL 7:

Did anyone ever figure out if there was a way to setup files for firewalld? Or was the XML service files the way to go?

XML I think.

That's what I was afraid of. We're using IPTables on all of our OEL7 servers right now but I think moving to the default firewalld may be a good idea. I'll have to look into the XML config and see how much more difficult, if at all, it is over the IPTables file. It's a shame we can't just copy a single file around anymore but the XML files probably won't be too much more difficult.

Ya it's not bad at all. Here's the config from my Identity Management server. It's pretty similar to /etc/sysconfig/system-config-firewall on RHEL 6, just in zone specific XML files.

<zone> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <service name="http"/> <service name="https"/> <service name="ntp"/> <service name="dhcpv6-client"/> <service name="kerberos"/> <service name="ldaps"/> <service name="ssh"/> <service name="dns"/> <service name="ldap"/> </zone>

Those services are predefined right? You can also build your own services via the same process.

Ya and you can define specific ports. I prob could have grabbed a better example.

No, I think I've got it just need to investigate actually setting these up.

I'm running the same version on Ubuntu and mostly idle CPU utilization and disk usage here.

@scottalanmiller said in Installing Linux Malware Detect and ClamAV on CentOS 7:

@travisdh1 said in Installing Linux Malware Detect and ClamAV on CentOS 7:

Any reason to use LMD instead of or in addition to rkhunter?

Doesn't rkhunter focus only on root kits?

Mostly, but this was the first time I remember hearing about LMD.

@scottalanmiller said in Installing a Basic LAMP Stack on CentOS 7:

@NashBrydges said in Installing a Basic LAMP Stack on CentOS 7:

@scottalanmiller I haven't yet. About to give it a try. Stuck to legacy since that was what I was reading everywhere.

Where is everywhere? Technet says to not use legacy.

https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/supported-centos-and-red-hat-enterprise-linux-virtual-machines-on-hyper-v

Legacy is a fallback driver that you never want to use, it's low performance and high overhead. If you needed that for CentOS, it would make Hyper-V a silly, non-production ready platform. But Hyper-V is a good, solid performer.

Not only that, but I install all of my CentOS 7 VM's as Generation 2 when on Hyper-V they work perfectly with default settings for everything except secure boot. Uncheck secure boot. Everything else is 100% default settings.

Great job @scottalanmiller and welcome aboard!

Hope you enjoyed the experience!

Now if you want to play with it, I recommend you to use our CLI (http://docs.openio.io/cli-reference) or you can deploy our S3/Swift implementation (https://github.com/open-io/oio-sds/wiki/Install-Guide---OpenIO-Swift-S3-gateway).

Feel free to send me some feedbacks, I'm here to help!

Guillaume.
Product Manager & Co-Founder @ OpenIO

That's a good question... when does chrooting make more sense than containers today?

Storage is one. Lots of people use chroot jails for storage purposes. Containers are heavier than chrooting which has effectively no impact on any resources.

You forgot

gluster start volume gv0

before you mount the volume to /data

@dafyre said:

@JaredBusch said:

@dafyre said:

As a matter of correctness... Do you have EPEL /REMI or any other repos installed in your CentOS 7 image?

The script is connecting the Gitlab RPM, that is all. The base image he uses for all of these is CentOS 7 minimal, release 1511 unless he has changed the base template on his scale cluster.

Right. I'm just curious if he has added the epel-release or any other repos to it.

Definitely no EPEL. I often use it, but avoid it in the base image.

I just used this myself to make a new block device in a single line. Awesome :)

@scottalanmiller said:

@JaredBusch said:

@scottalanmiller said:

@JaredBusch said:

@scottalanmiller said:

@JaredBusch said:

While I have never made a how to with a port range, the basic firewalld syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.

I would have thought that this was a colon, though, not a hyphen.

I have never seen it commonly used with a colon to represent a range

Native IPTables. :)

I rarely work with native IPTables. That would explain a difference in point of view.

Yeah, and for me I pretty much have done raw edits on /etc/sysconfig/iptables and never used external tools. Now with FirewallD I'm relearning the syntax for everything on Linux firewalls.

Well, at least I'm not the only one then. Learning how to use firewall-cmd still feels a bit odd.

@scottalanmiller
In version 7, you can enable it. However, in my version 8 test, I previously installed successfully the Zextras trial which includes the chat module. It did not expire when the trial does.

Zextras Suite Brochure

Page 24 The Zextras Chat module is included in Zextras Suite 100% free of charge!

Zextras Suite Chat

Chat and Videochat: 100% Free of charge The Zextras Chat module is included in Zextras Suite 100% free of charge! The Zextras Chat Zimlet allows your users to communicate within the Zimbra Web Client, while desktop and mobile clients can connect via XMPP.

ZxChat

Is this free? Yes, it is and it will always be! ZeXtras Chat is a free module of ZeXtras Suite, and will be functional even if your ZeXtras Suite trial is expired or if you don't have a valid ZeXtras Suite License installed.

ZxChat FAQ

Is ZeXtras Chat free? Yes!

I've also previously setup OpenFire/Spark bundle in my previous employer. Though it never saw the light of approval.

Regarding AD integration, I'm not sure I understand it though. I have successfully provisioned a server which can look-up the account password in AD, though its a separate account (manual creation of account--separate from AD), the password is the same as Zimbra looks it up. Lock the account up and the user can not log into Zimbra as well.

@ou_snaaksie said in Installing Rocket.Chat on CentOS 7:

The installation worked perfetly, but after restarting the server I am unable to access Rocketchat.

I've run the line:
/opt/Rocket.Chat/node_modules/forever/bin/forever start /opt/Rocket.Chat/main.js

but it is still not working.

Use this command to see what is listening...

netstat -tulpn

@scottalanmiller said in Installing MongoDB 3.2 on CentOS 7:

Just tested and deployed to CentOS 7.2 on Linode.

This failed me, so I went to the mongo docs and the baseurl contains the variable $releasever.

using that results in redhat//mongodb in the file, which is why I assume you hard coded that bit.

Escaping the $ fixes it.

cat > /etc/yum.repos.d/mongodb-org-3.2.repo <<EOF [mongodb-org-3.2] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/3.2/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc EOF

Had a spare laptop laying around. Installing CentOS now. Also planning on installing NextCloud here soon as well. Creating a repository/shared calendar for the family with this machine.

No, there is nothing like that. The filesystem is just not there. It would warn you, though, so you would know not to be trying to save to something that doesn't exist.

@JaredBusch said:

@coliver said:

@JaredBusch said:

Disabke SELinux and see if it works. Then if so, add the port as allowed to SELinux?

Looks like it was SELinux, setting it to permissive allowed the port to be used. Now to figure out how to allow the port in SELinux.

semanage port -m -t http_port_t -p tcp 82

That did it thanks.

I tried Rundeck. It was more confusing than just using Ansible without a GUI. IMO, just having the playbook with yaml and jinja files is easier to read and use. GUIs always have at least one thing you need in a place you wouldn't think.

I guess I wouldn't mind having some reports in a GUI but I'll stick with just text files.

Since you have that thread about testing out Vultr...

They don't explain it very well there but you can spin up a VM with OwnCloud already installed and ready to go.

It runs on CentOS 6, but still very handy!

Time for weekend updates, it sounds like.

@thecreativeone91 said:

@JaredBusch It's in the Repo's https://copr.fedoraproject.org/coprs/jaile/sogo/

Fedora repos are neither the RHEL repos, not the EPEL repos nor SOGO's repos. Until it is all the way to in the OS or supported by the makers, it's not supported yet. Tons of things are RPM'd by third parties for things. But none that I would use in production.

@nadnerB said:

@thanksajdotcom said:

For @nadnerB , what htop looks like:

Ah ha. That looks like what I want. Thanks :)

No problem

I love screenconnect, used it for 3-4 years for simple remote support at my last company that offered "remote support" to the public.

Have now implemented it here now instead of Teamviewer.