@scottalanmiller said in Looking for some neat Server Build Projects:

@guyinpv said in Looking for some neat Server Build Projects:

@tim_g said in Looking for some neat Server Build Projects:

@guyinpv said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

@fuznutz04 said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

@fuznutz04 said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

@fuznutz04 said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

https://wiki.js.org/

Now this looks like a WIKI that I would actually use. I've been searching for one that has a good way to display code snippets. (like the way code is displayed here on ML) This looks like it does the trick.

I've not used it yet, but I've been looking for something just like this for a while. Hoping to deploy it soon.

Fingers crossed. I really want a better internal documentation tool. OneNote and SharePoint are getting too cluttered.

OMG I can't stand OneNote.

I used to like it. But as documentation grows, it quickly becomes cluttered.

Exactly. It's good for a tiny, tiny bit of stuff when everyone is looking at it. But once you get to any size, it is impossible.

Not to derail conversation but how so?

I got an Office365 for my business and figured I'd start using it for client data. I had left Evernote and didn't have many other choices.

I store each client's OneNote file in their directory on OneDrive. In the note I have a tab for general client info, and another tab for jobs, with each job in a page.
I may use other tabs for archiving jobs, todo, etc.

Then I have one note for the business, and some others as personal note files.

In your view, what is lacking in their feature set? And given that I have Office365 and the whole suite of tools, what would be a good alternative?

It sounds like you are mistaking it for a CRM tool.

I like using it for a more longer term clipboard... but not much else... Or a place to gather thoughts to get them down quickly without formatting issues.

Not necessarily a CRM, just internal notes about jobs/tasks, and record of my time.

I don't find a problem with its performance. Though it might bit a bit over-featured. I don't use anything in the entire ribbon. At most I make some text bold or increase font size. I've used the checkboxes a few times.

@scottalanmiller said in Looking for some neat Server Build Projects:

That makes OneNote that much worse. Folders are not how Sharepoint is meant to be used.

Sharepoint doesn't have folder?

That's exactly not what I said. I said it did have folders but only had them to support managers who didn't understand how to use SP and would cripple it with them. You aren't supposed to use them, but they are retained for legacy support reasons - almost entirely around corporate politics rather than technical needs. A key point of the original design of SP was that folders were no longer useful and actively get in the way.

We have SP. it seems like the most unorganized thing I have seen. It could be the people that set it up, but from what you are describing I’m guessing not. I can never find anything I want.

@tim_g said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

https://wiki.js.org/

That looks really nice. But I still think I'd rather stick to WordPress... I just can't stand writing and maintaining markdown articles and wikis. That's the biggest reason we moved from Mediawiki.

Now, if they had plugins that did WYSIWYG editing, screenshot from clipboard pasting, etc... then I'd be all in.

I'd rather use Markdown. I'm much faster at that than I am with clicking toolbar buttons and I find it less prone to weird formatting issues like you get with some WYSIWYG editors.

@coliver said in KVM Setup:

@tim_g said in KVM Setup:

@kelly said in KVM Setup:

All scorn and derision aside, if I wanted to manage a KVM host from Windows what are my options?

SSH (I like Putty)

Pretty much or running a Fedora VM. The command line tools are incredibly robust and very easy to learn.

Ansible has a libvirt module as well (http://docs.ansible.com/ansible/latest/virt_module.html). However it doesn't have clone because libvirt doesn't have a clone function. Virt-clone does a bunch of other work like snapshotting, copying, etc. And you can just run the commands with it like this simple setup here https://mangolassi.it/topic/15257/ansible-create-kvm-guests that builds a disk with virt-builder. By default the OS disks from virt-builder are really small (like 6GB), so you will need to add the logic in to create the second disk.

@guyinpv said in Looking for some neat Server Build Projects:

Data is not uniform and standardized. We get data as outputs from web apps, product vendors, financial reports, and don't have a say in how other people's data is stored.

And Excel is the worst format to try to put that in. I'd bet $20 that most of that isn't in xlsx by default. Esp from a web app. That's 99% likely to be retrieved from an API and when you export it from the site, it comes out in CSV format.

Macros can perform more advanced data manipulation tasks like converting values, calculating and combining fields, renaming columns and moving them around, create summaries, and setting up a printable template.

Which is exactly what a database application would do.

@tim_g said in VPS Open Ports - Thoughts?:

@scottalanmiller said in VPS Open Ports - Thoughts?:

@tim_g said in VPS Open Ports - Thoughts?:

@scottalanmiller said in VPS Open Ports - Thoughts?:

That looks like you have done SSH TO that address, not from that address.

That's correct isn't it? Salt connects to the SSH address on GitLab.

Yes.

What you likely want to use it netstat -tulpn to see what is listening (open) rather than what is connected (which includes connections you have established.) For example, using your netstat flags, my desktop shows my MangoLassi web connection. Which is interesting, but not useful in this case.

I see, here's what that shows:

A little more interesting, but both are helpful.

So, port 68 and 323... are those supposed to be listening like that?

Chrony does by default, in case you want to monitor/control it remotely. Dhclient needs to so you can get an address but since it's layer 2 it can get the address without the port open.

Just use X2Go. Much less setup.

@eddiejennings said in Cloud-Hosted Linux Desktop:

@stacksofplates said in Cloud-Hosted Linux Desktop:

X2Go

! I think you're about to change my life.

It’s really nice. We even run 3D modeling software through it and it handles it pretty well.

@tim_g said in Sysctl Server Hardening - Help and Advice:

@stacksofplates said in Sysctl Server Hardening - Help and Advice:

I use SCAP for this. Set up a host and install SCAP. It gives you hardening rules from common servers up to DISA STIG levels. You can pick and choose what you want to enforce. It has rules and the reasons for enforcing the rules. Some of the sysctl stuff is paranoid, but some is good. Most don't cause any issues with anything so it doesn't hurt to enable them.

I'm surprised to not see kernel.randomize_va_space on there. That's a useful one that randomizes virtual address space.

I'm not at all familiar with this stuff specifically. I did a quick search that lead me to here: https://linux-audit.com/linux-aslr-and-kernelrandomize_va_space-setting/

According to that I suppose the default setting is okay. Although I couldn't tell you what the default setting is on Fedora 26. (that article says 2, how do I check?)

You want to set it at 2. I don’t think it’s on my default unless it is in Fedora.

@tim_g said in Sysctl Server Hardening - Help and Advice:

@stacksofplates said in Sysctl Server Hardening - Help and Advice:

I use SCAP for this. Set up a host and install SCAP. It gives you hardening rules from common servers up to DISA STIG levels.

I've not used SCAP before. A quick search lead me to https://www.open-scap.org/download/.

Any tips on usage and configurations?

That’s the site. Just install it from the repos along with SCAP Workbench. Workbench makes it a lot easier to see stuff. Then you will get a nice HTML report with all of the remediations that you can fix.

If you use KVM you can also scan VMs without the agent on them. It will spin up a temporary VM and attach the disk read only and scan it.

@stacksofplates said in Why restart works ? Technical reason ?:

@scottalanmiller said in Why restart works ? Technical reason ?:

@stacksofplates said in Why restart works ? Technical reason ?:

@scottalanmiller said in Why restart works ? Technical reason ?:

In an ideal world, of course, we'd track down every problem and solve it. This not only means we always know what happened, but we know how to prevent it, in theory.

But the real world doesn't work that way very often. Tracking down a problem is generally time consuming, and unreliable. And finding one problem might hide another. A problem that causes instability might hide one that causes data loss, for example.

Imaging should take around thirty minutes and, in reality, we are often getting that number lower and lower. With a "good" setup, it might easily be only 15-20 minutes. And with VDI you might be looking at mere seconds or at single minute, at most. These numbers are getting really small.

In many cases, an L0 helpdesk tech can have a serious issue resolved via imaging before someone who knows enough to figure out the issue can even respond.

Now granted it’s not Windows but we can rekickstart in about 10-15 mins.

Well, and kickstarting is not really all that fast. Full on imaging can be even faster.

Oh definitely. We only kickstart physical stuff and that’s because it’s easy to automate.

Just a couple points with this since I just redid some kickstart stuff.

1. Kickstarting is hardware agnostic so there is that advantage over imaging.
2. Kickstarts are really easy to automate. I have a playbook that builds kickstart configs based on a YAML dictionary. I put in the hostname, MAC, and some other misc data. It goes and builds kickstart files and the appropriate MAC based PXE boot file from the same dictionary.
3. Images aren't OS specific and don't change with updates.
4. It's still pretty fast. ~15 mins for a full install + updates. ~10 mins for just an install.

did you put in a password for the key encryption?

As Travis said, use ssh-copy-id user@remotehost

@dustinb3403 said in KVM - Virt-Manager on a Separate VM:

@stacksofplates said in KVM - Virt-Manager on a Separate VM:

did you put in a password for the key encryption?

As Travis said, use ssh-copy-id user@remotehost

Nope, no password when generating the key. Just blank.

The key is copied to the KVM server, and I can ssh into it with just ```ssh '[email protected]'

And that's the user you defined in the connection for Virt-Manager?

That user has to be part of the libvirt group if it's not root.

@dustinb3403 said in KVM - Virt-Manager on a Separate VM:

@jaredbusch said in KVM - Virt-Manager on a Separate VM:

@dustinb3403 said in KVM - Virt-Manager on a Separate VM:

Of course I can just create a directory on the server and then download ISO's directly into it. . .

But I'd rather not. Hrm. . it works, but seems weird.

Well I do not download from the KVM server, I do always have a "iso_store" folder on my KVM server that I have ISO files in.

Sometimes it is a remote share mounted, most of the time it is local to the /root partition.

Yea so what I did is I SSH'd to the server, and ran sudo mkdir /media/iso and then ran wget <url.iso> and it works. But it seems like the wrong way to have to do this. . .

I think that's the way everyone does it.

https://mangolassi.it/topic/12537/kvm-snapshot-backup-script

I have 12 KVM hosts in production. For the very few machines that have stateful data, I use either the backup options built into the software/service that's running to a mounted location, my script, or I use ReaR. The rest of the systems are stored in Git.

ReaR is cli but is really easy to automate.

I ran an oVirt all in one before and it was really slow. It was on my DL380 with 96GB RAM and dual quad core Xeons, so I don't think it was the box. Bare KVM is just fast and easy.

@guyinpv said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

@guyinpv said in Looking for some neat Server Build Projects:

@scottalanmiller said in Looking for some neat Server Build Projects:

@guyinpv said in Looking for some neat Server Build Projects:

Sometimes we sacrifice the "best" and the "ideal" for quick and productive.

But often they are the same thing and we just don't realize. I see things like this often where "best" is avoided because of the assumption that it is costly or hard, when it is often "best" specifically because it is fast, easy and cheap.

Maybe not here, but I see this more often than not.

In my case, not long ago, they didn't buy Office Pro and so nobody but a couple people even had Access on their computers.

Now within the last few months we finally have Office365 so indeed Access is an option. The next problem becomes storing the database files and dealing with mutli-user issues opening the same files and all that stuff.

I used to use Access for some fairly complex IT management, and it definitely wasn't very productive without creating all the right forms to be able to search and filter and create records and do exports and all that.
Nobody here has ever opened Access, let alone will understand how the database works, where files are stored, how multi-user works, how to browse, search, filter, export, prepare reports and print.

But everybody knows how to make some Excel columns fit on one sheet wide and print it.

Right, but that's part of the problem. Access is WAY more complicated than making a proper app.

And making a proper app might be more complicated than Access.

I've often tried to find and test any kind of self-hosted software for managing CRUD DB projects.
I've longed for a simple way to spin up a relational DB, throw a bunch of data in it (that's the easy part), but then have a ready-to-go CRUD app that takes care of the basics of user accounts and roles/permissions, data entry/editing/deleting (forms), tracking changes in order to undo things or audit changes, export records, do searches and filtering, customized exports, and forms.

And then some kind of feature that lets me build the visual reports and summaries, like a custom dashboard sort of thing.

CRUD app in a box. Is there such a thing? I've been playing with JS frameworks like Vue and Meteor and many others, just as a way to build a template CRUD app I can reused for DB projects.

There are all internal projects, so they should all be accessible through a common interface too. In that sense, each CRUD app should be relatively portable.

Drupal.

I’m curious to see how it works. It was slow (compared to bare KVM) the last time I tried it.

Why not just use OpenStack?

@bigbear said in Install Telegram Desktop on Fedora 26 and newer with Cinnamon Desktop:

@jaredbusch said in Install Telegram Desktop on Fedora 26 and newer with Cinnamon Desktop:

@bigbear said in Install Telegram Desktop on Fedora 26 and newer with Cinnamon Desktop:

Is there a Telegram group chat for ML?

May be less secure but for this situation may be a better use case...

Yes. Just called MangoLassi. It is a public group.

Dash invited me in, he and I are just talking private chat at the moment.

Looks WAY better.

Ya I like it a lot. I’m glad I found it early last year. It’s nice for cross platform normal chat.