@Mario-Jakovina you are correct, in bridge mode a telecom router SHOULD be essentially transparent. It's just an extra switch at that point.

MT is good. I always prefer a dedicated router/firewall. Then my APs separate.

If you run Ubuntu or other Linux system using the UFW firewall mechanism, and you probably want to limit at least some ports to only receiving traffic from CloudFlare's proxy servers. CloudFlare provides scripts for iptables, but not for UFW. But they do provide their IP list in a handy format. So here is all you need to do...

cd /tmp
wget https://www.cloudflare.com/ips-v4 -O ips-v4-$$.tmp
wget https://www.cloudflare.com/ips-v6 -O ips-v6-$$.tmp

for cfip in `cat ips-v4-$$.tmp`; do echo "ufw allow from $cfip to any port 80 proto tcp"; done
for cfip in `cat ips-v6-$$.tmp`; do echo "ufw allow from $cfip to any port 80 proto tcp"; done```

Notice this doesn't take action, it produces a handy human readable set of ufw instructions that you can audit before running. Just copy the output to a file and "bash file" to take action. Make sure to set the port to 443 in most cases, or run twice, once with 80 and once with 443.

Back in the day there was LogMeIn, but they lied about being free and it became very costly and difficult for people to get away from it. I've yet to encounter any competitor to MeshCentral that sits in the same space.

@Oksana Does it make it arbitrarily slow and buggy too? Does it break updates constantly for an "authentic' Windows experience?

If you need to remote into a Windows machine and get a list of printers without interrupting the user, this powershell command is quick and easy...

Get-Printer | Format-Table

Doing some platform updates today.

So after all of these years, just how busy is MangoLassi? Well, we are holding at 10 million views per week right now. Even with very low traffic, we are busy!

Hey guys, in Houston for the week just hanging out. Last scheduled trip to the US. Not sure when I'll be back. Updated my driver's license, did some work in my storage unit. Back to paradise in the morning.

On my live stream right now...

Youtube Video

Hey guys, sorry for the outage.

The most effective meetings are the ones that you don't have. - Quote (by me)

Turns out it is an App Armor restriction that Unity hasn't mentioned anywhere in their documentation even though we are at LEAST two releases into this problem. The fix is simple, but should be part of the install docs.

This is the error for the search engines:

No usable sandbox! Update your kernel or see Chromium Docs - Linux SUID Sandbox Development 48 for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.

To Test:

sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

And then for the real fix: /etc/sysctl.d/unity.conf

kernel.apparmor_restrict_unprivileged_userns=0

But my CEO always needs help with EVERYTHING

@EddieJennings said in What Are You Doing Right Now:

Reading about trusts between Red Hat Identity Management and Active Directory.

YOu'll enjoy this... So a mutual old customer of ours (wink wink) that fired us over three years ago because we made it obvious that their new CEO was laundering, called us to beg for us to rebuild their infrastructure because they've not maintained anything for three years (even though money flows to an MSP every month AND they have a whole internal IT team now) and they don't know how to get their servers online. They literally called to ask us HOW TO SIGN IN to the servers that THEY have "maintained" with TWO companies for THREE years. LOL

We said sure, but I don't think you are in our billing system anymore (we already wrote down the $38K that they stole from us), we just need to set that up. And they literally acted shocked that they'd have to PAY us to do their jobs for them. They actually thought that we'd do all the work of their IT department, that they happily pay two organizations to not do already, for free!

Just back from two weeks in Argentina with @valentina

@IThomeboy80 said in Proxmox os backup and restore:

Restore:

Log in to the Proxmox web interface.

Select the node or server where you want to restore the backup.

That's for restoring VMs, not ProxMox. By the time you have this interface available, you've already restored ProxMox.

@IThomeboy80 said in Proxmox os backup and restore:

Note: It is essential to follow the backup and restore process carefully to avoid data loss or system failure. Always test the backup and restore process before performing it on a production system.

Actually, it should have no data loss. No data should ever be stored outside of the VM files.

@gjacobse said in Proxmox os backup and restore:

@ronneyb said in Proxmox os backup and restore:

So what is the best way to setup a single pve so that we can backup and restore the os. I have not been able to backup and restore using clonezilla. Maybe the proxmox backup server ? Any ideas and answers will be appreciated

Thanks
Ronney

Just for my own clarification, are you saying you want to backup/restore the Proxmox system?

Yeah, that's what he is doing.

@ronneyb So the main question is... why would you want to? There isn't much documentation on this because it's not generally considered a good thing to do. You normally just want to reinstall fresh.

Youtube Video