configuration management – Back up arbitrary config files on linux servers in RANCID

I use RANCID to back up router and switch configurations.

I’d also like to be able to have it take automatic backups of configuration files on my servers so I can easily see when changes occur and if something breaks, revert to the last known config.

There are a number of approaches to this, but RANCID has everything I’m looking for in terms of features and I already use it, so it would be ideal if I could have it built in to that.

I see this question from 9 years ago asking the same thing and the top answer pretty much just says “build your own module” – I’ve had a look at the RANCID modules and I can’t wrap my head around how to do that, so looking to see if in the past 9 years if anyone knows of a module that’s now out there for this.

postcss – Vite does not build tailwind based on config

I created a new react-ts app using yarn create @vitejs/app my-app --template react-ts.

I installed tailwind using yarn add --dev tailwindcss@latest postcss@latest autoprefixer@latest.

I initialized tailwind: npx tailwindcss init -p.

I set from and to in postcss.config.js:

module.exports = {
  from: 'src/styles/App.css',
  to: 'src/styles/output.css',
  plugins: {
    tailwindcss: {},
    autoprefixer: {}
  }
}

I created a App.css file in src/styles:

@tailwind base;
@tailwind components;
@tailwind utilities;

According to https://vitejs.dev/guide/features.html#postcss, any valid postcss-load-config syntax is allowed. from and to seem to be allowed.

When I call yarn dev which essentially runs vite, my app is starting without build errors but tailwind output is not generated.

What am I doing wrong?

composer – Magento2 installation – Failed to set PHP CodeSniffer installed_paths Config

I am trying to install Magento2 using composer.

Getting codesniffer error and tried below steps to overcome the error but unfortunately it’s not going away

STEP 1: Tried to install magento2

$ composer create-project --repository=https://repo.magento.com/magento/project-community-edition magento2

enter image description here

As you can see, the installation ended up with the error
Failed to set PHP CodeSniffer installed_paths Config

STEP 2:
so I tried to install the codesniffer using below command

$ composer global require "squizlabs/php_codesniffer=*"

successfully installed codesniffer as shown below
enter image description here

I removed the magento2 directory to start over again

$ rm -rf magento2

STEP 3: tried to install magento2 again

$ composer create-project --repository=https://repo.magento.com/magento/project-community-edition magento2

that still ended up with the same error
enter image description here

I tested the phpcs installation and there seems no issue with it

enter image description here

18.04 – Pulseaudio set the source volume in the default.pa config?

In my /etc/pulse/default.pa configuration file I have the following settings:

load-module module-echo-cancel aec_method=webrtc source_name=echocancel sink_name=echocancel1
set-default-source echocancel
set-source-volume echocancel 65536

The echo-cancel module loads just fine, and is set as the default source for the microphone, however the source-volume is not set to 100%, rather the last line doesn’t seem to do anything.

Running the last command stand-alone such as pacmd set-source-volume echocancel 65536 sets the volume to 100% just fine for the source (microphone).

How would I go about setting the volume of the new echo-cancelled source in the loaded configuration files so it persists between restarts?

OpenVPN server employees and customers config on the same instance and server?

I want to add some firewall rules for my customers and others for the employees.

From my understanding I can do that using different subnet combined with the client-config-dir ccd
Also from my understanding the client-config-dir is based on the CN.
When I tested that I discovered that I can only have one certificat by CN. And I don’t want my employees nor my customers to use the same certificat so this solution seems wrong from my POV.

How can I achieve that ?

How to setting firebase remote config for unity?

lets to the point, so i want to make some configuration with my game to show Ads but I avoid to update game version too much, because of that I choose firebase remote config with this I can update setting/configuration without update the game version.

there is document for this but not very clear for newbie like me, you can check it here https://firebase.google.com/docs/remote-config/use-config-unity

I already make the script like on doc, but I don’t understand how its work on show data because error string format, which is what I know on this firebase console is int format
enter image description here

the script like this :

public static _FirebaseRemoteConfig instance;

    private void Awake()
    {
        instance = this;
    }

    Firebase.DependencyStatus dependencyStatus = Firebase.DependencyStatus.UnavailableOther;
    // Use this for initialization
    void Start()
    {
        Firebase.FirebaseApp.CheckAndFixDependenciesAsync().ContinueWith(task =>
        {
            dependencyStatus = task.Result;
            if (dependencyStatus == Firebase.DependencyStatus.Available)
            {
                InitializeFirebase();
            }
            else
            {
                Debug.LogError(
                    "Could not resolve all Firebase dependencies: " + dependencyStatus);
            }
        });
    }

    public void InitializeFirebase()
    {
        System.Collections.Generic.Dictionary<string, object> defaults =
            new System.Collections.Generic.Dictionary<string, object>();
        defaults.Add("config_test_string", "default local string");
        defaults.Add("config_test_int", 1);
        defaults.Add("config_test_float", 1.0);
        defaults.Add("config_test_bool", false);

        Firebase.RemoteConfig.FirebaseRemoteConfig.SetDefaults(defaults);
        Debug.Log("Remote config ready!");
    }
    public void FetchFireBase()
    {
        FetchDataAsync();
    }
    public void ShowData()
    {
        Debug.Log("maxCountToShowAdmob: " +
            Firebase.RemoteConfig.FirebaseRemoteConfig.GetValue("MaxCountShowIntersitialAds").LongValue);
    }

    // Start a fetch request.
    public Task FetchDataAsync()
    {
        Debug.Log("Fetching data...");
        System.Threading.Tasks.Task fetchTask = Firebase.RemoteConfig.FirebaseRemoteConfig.FetchAsync(
            TimeSpan.Zero);
        return fetchTask.ContinueWith(FetchComplete);
    }

    void FetchComplete(Task fetchTask)
    {
        if (fetchTask.IsCanceled)
        {
            Debug.Log("Fetch canceled.");
        }
        else if (fetchTask.IsFaulted)
        {
            Debug.Log("Fetch encountered an error.");
        }
        else if (fetchTask.IsCompleted)
        {
            Debug.Log("Fetch completed successfully!");
        }

        var info = Firebase.RemoteConfig.FirebaseRemoteConfig.Info;
        switch (info.LastFetchStatus)
        {
            case Firebase.RemoteConfig.LastFetchStatus.Success:
                Firebase.RemoteConfig.FirebaseRemoteConfig.ActivateFetched();
                Debug.Log(String.Format("Remote data loaded and ready (last fetch time {0}).",
                    info.FetchTime));
                break;
            case Firebase.RemoteConfig.LastFetchStatus.Failure:
                switch (info.LastFetchFailureReason)
                {
                    case Firebase.RemoteConfig.FetchFailureReason.Error:
                        Debug.Log("Fetch failed for unknown reason");
                        break;
                    case Firebase.RemoteConfig.FetchFailureReason.Throttled:
                        Debug.Log("Fetch throttled until " + info.ThrottledEndTime);
                        break;
                }
                break;
            case Firebase.RemoteConfig.LastFetchStatus.Pending:
                Debug.Log("Latest Fetch call still pending.");
                break;
        }
    }

nginx load balancer config optimisation and linux file open limits

I have an HTTP load balancer running via nginx, it’s a fairly simple virtual machine with limited resources, 2 vCPUS, 3GB of RAM, CentOS 8. I want to push this machine as far as it can go in terms of traffic.

The nature of my traffic is not typical to web applications:

  • High amount of unique client requests per second.
  • Very bursty at different times of the day.
  • Exceptionally short web requests (response times in the order of 0.030 seconds)
  • Within file open limitations, I have also configured keepalive_timeout to a much reduced value.

I have recently run into socket() failed (24: Too many open files) while connecting to upstream errors and addressed it by setting the nginx directive worker_rlimit_nofile to 262144 (this is what ulimit -Hn shows). I can see this working after consulting the output of cat /proc/<nginx worker ids>/limits:

Limit                     Soft Limit           Hard Limit           Units
...
Max open files            262144               262144               files
...

(Soft limit used to be 1024)

My knowledge over file descriptors/file opens in Linux is quite limited, but this had an immediate positive impact (even with traffic increases), I fear I might have gone “overboard” with my configuration changes, unless I am wrong in the following assumptions: ulimit -Hn is showing the hard limit for an individual process, if my machine is running 2 nginx workers, I am now open for system failure should these 2 processes combined go over the 262144 limit (not even considering other processes running on the machine). Is this correct? Should I, at the very least, be setting this worker_rlimit_nofile to ulimit -Hn / worker_processes?

Secondly, and more importantly, my traffic is projected to grow to the point that cat /proc/sys/fs/file-nr is showing I might go over 262144 – are there any drawbacks if I was to increase this limit via /etc/sysctl.conf or /etc/security/limits.conf? What sets this limit anyway?

vpn – Strongswan Error: no config named ‘foo’

On Ubuntu 20.04, I am trying to establish a VPN tunnel to a IKEv2/Ipsec VPN site using Strongswan.

However, even though I have the file /etc/ipsec.conf as shown

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
    # strictcrlpolicy=yes
    # uniqueids = no

conn foo
    left= ...
    right= ...
    ...

when I run sudo ipsec up foo, I get the error

no config named ‘foo’

I have tried the follow commands before running ipsec up foo, but the error persists.

sudo ipsec update
sudo ipsec reload 
sudo ipsec restart

Strongswan U5.8.2/K5.4.0-60-generic was installed using

sudo apt-get install strongswan libcharon-extra-plugins -y

What seems to be preventing the foo connection from being detected?

Thanks!

installation – Magento2 doesn’t load in Browser after fresh install and successful nginx config test

I successfully deployed the latest Magento 2.4.1 on Ubuntu 18.04, PHP, Nginx with letsencrypt cert.

Previously, when i visit my domain i was able to see the magento 2 welcome page. After having made the Command line installation successfully and got the unique link to admin panel, visiting magento through the browser is returning a server not found error.

When i send a GET request to local host (NOT https) from server side, it returns the following Nginx welcome page.

curl -XGET http://localhost

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>

</body>
</html>

I am able to successfully ping my connected domain over the internet which returns the actual server IPv4 address

root@pc:~# ping domain.com
PING domain.com (xxx.xx.xxx.xx) 56(84) bytes of data.
64 bytes from xxx.xx.xxx.xx (xxx.xx.xxx.xx): icmp_seq=1 ttl=53 time=161 ms
64 bytes from xxx.xx.xxx.xx (xxx.xx.xxx.xx): icmp_seq=2 ttl=53 time=82.6 ms
64 bytes from xxx.xx.xxx.xx (xxx.xx.xxx.xx): icmp_seq=3 ttl=53 time=105 ms

If i ping my domain with “www.” before it retuns the below

root@pc:~# ping **www**.domain.com
ping: www.domain.com: Name or service not known

Possible issues:

I have magento installed in var/www/ instead of var/www/html but i made the necessary changes in default.conf as well as nginx.conf and the sample configuration file in the magento2 filesystem configuration (nginx.conf.sample)

The solution may be something very simple that i missed, does anyone have an idea?

etcd – Kubernetes API: Compare and update config map key

Etcd has a concept of Atomic Compare-and-Update by comparing the key’s value before executing an update. I’d like to use this feature for updating a ConfigMap in my Kubernetes cluster. I’d like to update the config map only if the existing config map data or a specific data key matches a certain value.

Example ConfigMap:

curl -X POST -H 'Content-Type: application/json' 
    -d '{"apiVersion": "v1", "kind": "ConfigMap", "metadata": {"name": "test"}, "data": {"foo": "1"}}' 
    http://localhost:8001/api/v1/namespaces/default/configmaps

I need to interact with K8S API or directly with K8S’s etcd directly if possible (is it?), and I don’t want to rely on resourceVersion. I’d like to depend on my own version which is actually the config map’s data key. How can I achieve such an atomic UPDATE (or DELETE) operation?