@scottalanmiller said in Hairpin NAT Issue:

Internal DNS is definitely resolving to the correct public IP address?

I just sent you screenshots showing that it is in telegram

I have a physical server at home that hosts multiple webservers and am using an er4 as my firewall.

I change the gui port on my er4

configure

set service gui https-port 8443
set service gui http-port 8080

commmit
save

I also created a firewall rule to allow inbound traffic on port 8443

edit firewall name WAN_LOCAL rule 50
set description "Inbound traffic to Web GUI"
set action  accept
set log disable
set protocol tcp_udp
set destination port 8443

I can access the router on the new ports. I rebooted the firewall to verify it's correctly applied.

I setup port forwarding to my nginx reverse proxy

The webservers are accessible from outside of my network but I still can't access them internally. Hairpin NAT is enabled. Any ideas?

That seems to have fixed the issue

Alright I see one thing I did wrong was specify a file rather than a directory.

gpg —batch --homedir /home/serviceaccount/.gnupg/pubring.gpg —recipient 8A4YA9YC —encrypt  —yes /directory/to/encrypt/*

has been changed to

gpg —batch --homedir /home/serviceaccount/.gnupg/ —recipient 8A4YA9YC —encrypt  —yes /directory/to/encrypt/*

@JaredBusch I'm running it as root in both instances to test

I made a basic script to encrypt everything contained in a specific directory as a test

gpg —batch —recipient 8A4YA9YC —encrypt  —yes /directory/to/encrypt/*
find . -name '.txt' -exec mv {} /home/datatransfer/company/archive/out/ \;

The key here isn't real.

If I run the script manually it works. If I try to run it with cron it errors with encryption failed: No public key.

It clearly can't see the path to the key, so I tried to find a way to specify it.

gpg —batch --homedir /home/serviceaccount/.gnupg/pubring.gpg —recipient 8A4YA9YC —encrypt  —yes /directory/to/encrypt/*

Same error: encryption failed: No public key

Trying to stay positive in a very difficult work week

I succeeded on half of the things i needed to do today and idk how to feel lol

This week was a learning experience.

#!/usr/bin/env bash
source "/home/datatransfer/company/master.sh"
encryptedFolderPath="/home/datatransfer/company/in /"
decryptedFolderPath="/home/datatransfer/company/out"
archiveFolderPath="/home/datatransfer/company/archive"
for i in $(ls $encryptedFolderPath.pgp)
do
    gpg --batch --passphrase $PASS --list-only --list-packets --yes $i | grep -q "encrypted"
    if [ $? != 0 ]; then
        echo "$i is not a pgp file"
        continue
    fi
    v=${i%.}
    encryptedFile="$v"
    fileName=${encryptedFile##/}
    timeNow=$(date +%Y%m%d%H%M)
    extension=${fileName##.}
    newFileName=${fileName%.*}
    fileWithTimestamp="$newFileName""_""$timeNow.$extension"

    gpg --batch –passphrase $PASS --yes --decrypt $i > $decryptedFolderPath/$fileWithTimestamp

    ls -lr $decryptedFolderPath/$fileWithTimestamp
    if [ $? != 0 ]; then
        echo "$fileWithTimestamp is not a readable file"
        continue
    fi

    mv $i $archiveFolderPath
done

Thanks to @scottalanmiller @stacksofplates and my friend Erik

Youtube Video

@scottalanmiller terraria just seemed like a better game

@Obsolesce I've never played minecraft but I played the hell out of terraria. I probably should give it a try

@WrCombs said in Huge Mistake:

Guess that Makes Sense, Had I have not listened I wouldn't be in this situation, but I did and Still ended up having an issue.
So Yeah, it's my Fault, I fucked up, I already told my bosses boss that before i even got online.

In my mind, Had I have done it the right way the first time, I wouldn't be in this situation, but since we have to try and Screw over our customers as much as possible, and not do it the right way, and just replace both hard drives, for billable time to the customer, he made that decision. Guess My thought process was wrong .

If you verified the drives before you attempted to format you wouldn't be in this position. Your boss has nothing to do with it. Have you ever worked with someone who blamed everyone else for their mistakes? Does anyone ever respect that person? Again, there is no one here who hasn't made mistakes. It's how you process your mistakes that defines you. Take ownership of the situation and instead of just being the problem ALSO be the solution. Grow from it.

@WrCombs said in Huge Mistake:

@JaredBusch said in Huge Mistake:

@WrCombs said in Huge Mistake:

@IRJ said in Huge Mistake:

We have all done stupid shit like this in our careers, and that is not really the issue here. I am worried about you passing on the blame to your boss as a maturity issue.

In no way shape or form can you blame the boss for this. It's on you 100% and that is ok because it happens ONCE or maybe twice. But you need to man up to the mistake, or else you will never grow as an IT professional. There is a reason why IT veterans like myself verify 3 or 4 times and click once. We have made the mistake before, but we learned from it.

Take ownership on this one, bud.

I already took ownership of it and am Trying to fix it

You are still trying to blame your boss, in the very first fucking sentence.

@WrCombs said in Huge Mistake:

So let me start this off by saying if I hadn't listened to my boss first thing this morning, this mistake wouldn't have happened. but god forbid he say he was wrong.

Yeah, Cause this has every part of him being wrong as I do, because he told me to change my plan and do it his way.
My fault was not verifying what I was doing.

That's just not true man. Your boss didn't say anything that is wrong he made you change what you were doing. Maybe this threw you for a loop, but it's up to you to organize your thoughts and make sure you fully understand what you are doing. It's okay to make mistakes. It's not okay to not take responsibility for them. Trying to share responsibility, when you are the only person responsible, is not taking responsibility.

@WrCombs said in Huge Mistake:

@IRJ said in Huge Mistake:

We have all done stupid shit like this in our careers, and that is not really the issue here. I am worried about you passing on the blame to your boss as a maturity issue.

In no way shape or form can you blame the boss for this. It's on you 100% and that is ok because it happens ONCE or maybe twice. But you need to man up to the mistake, or else you will never grow as an IT professional. There is a reason why IT veterans like myself verify 3 or 4 times and click once. We have made the mistake before, but we learned from it.

Take ownership on this one, bud.

I already took ownership of it and am Trying to fix

try to keep in mind that not everyone has seen your posts as you've posted them and we will respond to things as we see them

This is why I have a bookstack instance. I create documentation on everything I've done, how I did it and why it was done that way. Sometimes looking through what you've done allows you to organize it better in your head (at least in my case). I actually make checklists of sorts in my head just to make sure I am doing everything correctly

@scottalanmiller said in Script to Move and Decrypt Files in a Specified Directory:

@wirestyle22 said in Script to Move and Decrypt Files in a Specified Directory:

and place it in a specific directory that will be used by the load process

What's the reason for needing to move it, decrypt it, and move it again? Isn't that unnecessary steps? Or can it not be decrypted where it first gets put?

yes, it can't. someone else is dictating where the files and placed and then where they are moved to

@JaredBusch said in Script to Move and Decrypt Files in a Specified Directory:

@wirestyle22 said in Script to Move and Decrypt Files in a Specified Directory:

jaredisacuddlebear

I don’t do the furry scene. Sorry.

If you did, what animal would you be?

I am playing with PGP keys for a project I am working on and the next phase requires a script to be written. This is what the script needs to do:

• Move the encrypted file into an archive.
• Decrypt the file and place it in a specific directory that will be used by the load process which an application team will be creating.

Once the load process is complete, the decrypted file will be deleted outside of the script.

I found this in my search:

@ECHO off
mv /directory/*.gpg /home/service_account/directory
SET password=jaredisacuddlebear
PUSHD "/path/to/directory"
FOR /F "tokens=+" %%F IN ('DIR * .gpg /B') DO (
        gpg --output "&&~nF" --batch --yes --passphrase %password% --decrypt "%%F")
POPD

I haven't had the opportunity to test it yet, but does this look correct? There are parts of it I'm not sure about.

Outward has been very fun