Back to Home / #linode / 2019 / 03 / Prev Day | Next Day
#linode IRC Logs for 2019-03-29

---Logopened Fri Mar 29 00:00:33 2019
00:06-!-montigny34 [~oftc-webi@107-190-62-156.cpe.teksavvy.com] has joined #linode
00:06-!-montigny34 is "OFTC WebIRC Client" on #linode
00:06<montigny34>how do i move phpmyadmin into a subdomain
00:06<montigny34>symbolic link?
00:10<montigny34>or just point document root to /usr/share/phpmyadmin
00:16<montigny34>?
00:16<montigny34>https://linuxize.com/post/how-to-install-phpmyadmin-with-nginx-on-centos-7/ foolloeing this tut
00:18<montigny34>ok it worked but how do i not see phpmyadmin
00:19<montigny34>https://dungeon.primitiv.media/phpMyAdmin/
00:19<montigny34>I dont want to have to type phpmyadmin
00:25-!-montigny34 [~oftc-webi@107-190-62-156.cpe.teksavvy.com] has quit [Quit: Page closed]
01:17-!-girish [~oftc-webi@115.248.85.26] has joined #linode
01:17-!-girish is "OFTC WebIRC Client" on #linode
01:17<girish>hi
01:18-!-girish [~oftc-webi@115.248.85.26] has quit []
01:45<linbot>New news from community: How to fix Apache Server child pid 637 exit signal Segmentation fault (11), possible coredump in /etc/apache2 Issue <https://www.linode.com/community/questions/17998>
02:30-!-weechat [~weechat@li141-165.members.linode.com] has joined #linode
02:30-!-weechat is "weechat" on #linode
02:31-!-weechat [~weechat@li141-165.members.linode.com] has left #linode []
03:24-!-rahul [~oftc-webi@125.63.122.96] has joined #linode
03:24-!-rahul is "OFTC WebIRC Client" on #linode
03:25<rahul>Hi Buddies
03:25<rahul>I am Rahul From India
03:25<rahul>I need a Linux (Ubuntu 16.04) VPS with Indian IP
03:25<rahul>Can i get it from Linode ?
03:25<rahul>Can anybody help me out ?
03:27-!-rahul [~oftc-webi@125.63.122.96] has quit []
04:01<Peng>Is it possible to transfer a /116 between accounts? Hypothetically.
04:32<@jcardillo>Peng: let me check
04:33<Peng>Don't look at my account. You'll see all the IPv6 blocks I have assigned and sigh. ;D
04:33<Peng>accounts*
04:33<@jcardillo>I didn't :)
04:34<@jcardillo>I believe you can only move /64 or /56 pools between accounts.
04:34<Peng>;_;
04:36<Peng>I can work with that... maybe.
04:37<Peng>Thank you for checking :)
04:37<@jcardillo>wait, to clarify: i think this is because the /116 range is not routed to a specific Linode, but instead is routed to every Linode. So addresses from this pool could hypothetically be used by other Linodes on your account in the same dc.
04:38<Peng>They /could/ but, in the hypothetical situation, the source account would only have 0-1 Linodes.
04:41-!-jback [~jasper@shell.jhq.io] has joined #linode
04:41-!-jback is "Jasper Backer (jhq)" on #linode
04:47<@jcardillo>Peng: maybe I misunderstood. I was thinking you meant, is it possible tyo transfer a /116 between Linodes. But did you mean between your account and someone elses? If so I'd have to ask around about that. Because I'm not sure.
04:47<@jcardillo>to*
04:48<Peng>Well, between my account, and my *other* account. :D
04:49<Peng>So not someone else's, but yes, accounts.
04:54<@jcardillo>Gotcha. Let me try and find out.
05:11<Peng>Thinking about moving a Linode between two accounts. I'd prefer not to renumber all the IPv6 addresses -- or at least not without some transitional time.
05:12-!-thiras [~thiras@195.174.215.70] has joined #linode
05:12-!-thiras is "Ant" on #debian #linode #tami
05:15<@jcardillo>Peng: from what I'
05:15<@jcardillo>dang... irc newbie here
05:15<@jcardillo>from what i'm gathering, the answer is no. the /116 pool can't be moved between accounts.
05:16<Peng>Thank you. :)
05:30-!-Zr40 [~zr40@000128ef.user.oftc.net] has quit [Ping timeout: 480 seconds]
05:34-!-Zr40 [~zr40@000128ef.user.oftc.net] has joined #linode
05:34-!-Zr40 is "Zr40" on #linode #ceph
07:36<linbot>New news from community: How do I add a module to NGINX in Laravel Forge? <https://www.linode.com/community/questions/17999>
08:20-!-eyepulp [~eyepulp@c-71-239-4-144.hsd1.il.comcast.net] has joined #linode
08:20-!-eyepulp is "eyepulp" on #linode
08:38-!-spiki [~spiki@0001014f.user.oftc.net] has joined #linode
08:38-!-spiki is "Nenad Spirkoski" on #linode
08:45-!-The-spiki [~spiki@0001014f.user.oftc.net] has quit [Ping timeout: 480 seconds]
10:17<linbot>New news from community: How can I monitor my network traffic? <https://www.linode.com/community/questions/18000>
11:46-!-Hobbyboy [Hobbyboy@0001fb73.user.oftc.net] has quit [Quit: I think the BNC broke.]
11:47-!-Hobbyboy [Hobbyboy@0001fb73.user.oftc.net] has joined #linode
11:47-!-Hobbyboy is "Andrew" on #perl #openttd #oftc #moocows #linode @#YourBNC
12:27<linbot>New news from community: How to Configure CWP to host multiple website. <https://www.linode.com/community/questions/18001>
12:53<Zr40>speaking of IPv6 pools, I don't suppose it's possible to have one /64 for all the linodes in my account without having one linode act as a router?
13:05-!-compuguy [~compuguy@ec2-34-193-165-89.compute-1.amazonaws.com] has quit [Quit: The Lounge - https://thelounge.chat]
13:05-!-compuguy [~compuguy@ec2-34-193-165-89.compute-1.amazonaws.com] has joined #linode
13:05-!-compuguy is "compuguy" on #linode
13:28-!-skyfaller [~textual@73.81.119.79] has joined #linode
13:28-!-skyfaller is "Textual User" on #linode
13:28-!-skyfaller [~textual@73.81.119.79] has quit []
14:49-!-tems [~oftc-webi@102.149.227.105] has joined #linode
14:49-!-tems is "OFTC WebIRC Client" on #linode
14:50<tems>Hi, one very quick question?
14:51<tems>What is the total count of users under the dedicated $ 30 linode account?
14:52<millisa>I'm not sure the question makes sense.
14:52<millisa>The prices are for a virtual private server. You determine what OS, how many users, how things are installed.
14:54<tems>Sorry, very handicapped in IT.
14:54<millisa>Check out the getting started guide and see if it's the sort of thing you want to tackle: https://www.linode.com/docs/getting-started/
14:56<tems>Thank you for sharing the link.
14:58-!-tems [~oftc-webi@102.149.227.105] has quit [Quit: Page closed]
14:59-!-copart [~copart@00027003.user.oftc.net] has quit [Quit: WeeChat 2.2]
15:37<@scrane>!point millisa
15:37<linbot>scrane: Point given to millisa. (78) (Biggest fan: relidy, total: 17)
16:23-!-smccabe_ is now known as smccabe
16:23-!-smccabe is now known as Guest4529
16:26-!-Guest4529 is now known as smccabe
16:33-!-BR [~oftc-webi@160.254.108.24] has joined #linode
16:33-!-BR is "OFTC WebIRC Client" on #linode
16:33-!-BR [~oftc-webi@160.254.108.24] has quit []
16:33-!-BRummel45 [~oftc-webi@160.254.108.24] has joined #linode
16:33-!-BRummel45 is "OFTC WebIRC Client" on #linode
16:34<BRummel45>Hey folks!
16:34<millisa>Greetings
16:35<BRummel45>Hi there! Just a quick question regarding your service. Would it possible to spin up a VM using the Nanode plan?
16:36<millisa>They sort of are vm's already
16:36<@mtjones>Are you looking to install a specific kind of OS to it?
16:37<Peng>BRummel45: What exactly are you asking? Do you want to run a VM inside your VM?
16:37<millisa>Yo dawg...
16:37<BRummel45>... I just answered my own question didn't I? XD
16:38<smccabe>If you are looking to do Nested VMs from your Linode, it is not something we support
16:38<BRummel45>Understood.
16:38<linbot>New news from community: How do I submit abuse reports? <https://www.linode.com/community/questions/18003> || Configure "A" Record using the DNS Manager <https://www.linode.com/community/questions/18002>
16:38<BRummel45>Thanks folks!
16:38-!-BRummel45 [~oftc-webi@160.254.108.24] has quit []
16:50<csnxs>but what kind of linode do i need to install a mcintosh
18:13-!-Humpas [~oftc-webi@h-168-97.A259.priv.bahnhof.se] has joined #linode
18:13-!-Humpas is "OFTC WebIRC Client" on #linode
18:16<Humpas>Goodevening, quick and potentially stupid question but.. I have a new domain, configured it to use linode nameservers, added the domain under my linode account. using whois on mxtoolbox show ns(1-5).linode.com to be nameservers. BUT when i try to do a nslookup against ns1.linode.com i get "query refused".
18:16<Humpas>Is there an obvious step i missed?
18:17<millisa>How long ago did you configure the zone on the nameservers? (They publish about every 15 minutes)
18:18<Humpas>About a day or so ago, over 24hrs
18:18<millisa>what's the domain?
18:19<Humpas>fikad.ax
18:21<millisa>and the dns records you added in the dns manager? that was a day ago?
18:21<Humpas>Three acording to thel inode control panel
18:22<Humpas>Should i try deleting the domain from linode and re-creating it? (i only have two a-records at the mo and they┬┤re not in use for anything)
18:24<millisa>what is one of the a records?
18:24<Humpas>Just www.fikad.ax
18:25<smccabe>Hey Humpas, Could you open a support ticket with us and pass along the ticket number?
18:25<smccabe>would help us take a deeper look into this
18:26<Humpas>smccabe: Sure i'll get on that right away. Thanks!
18:26<millisa>do you have a linode configured on the accuont?
18:26<millisa>at least 1?
18:26-!-eyepulp [~eyepulp@c-71-239-4-144.hsd1.il.comcast.net] has quit [Remote host closed the connection]
18:27-!-eyepulp [~eyepulp@c-71-239-4-144.hsd1.il.comcast.net] has joined #linode
18:27-!-eyepulp is "eyepulp" on #linode
18:28<Humpas>No just the domain, do i need a linode as well?
18:28<millisa>at least 1
18:28<millisa>it doesn't have to be running; but it does have to be on the account
18:28<Humpas>Ah. Mystery solved then :) Thanks!
18:29<millisa>reference: https://www.linode.com/docs/platform/manager/dns-manager/#dns-set-up-checklist (first sentence)
18:31<Humpas>Heh, i jumped to the checklist without reading that. So as i assumed it was a layer8 issue
18:35-!-eyepulp [~eyepulp@c-71-239-4-144.hsd1.il.comcast.net] has quit [Ping timeout: 480 seconds]
18:38<linbot>New news from community: Setting up a CPanel <https://www.linode.com/community/questions/18004>
18:50-!-Humpas [~oftc-webi@h-168-97.A259.priv.bahnhof.se] has quit [Quit: Page closed]
19:30-!-bobby [~oftc-webi@107-190-62-156.cpe.teksavvy.com] has joined #linode
19:30-!-bobby is "OFTC WebIRC Client" on #linode
19:30<bobby>best sftpsofytware for centos 7?
19:30<bobby>vsftpd??
19:31<Abi12>sftpd?
19:31<Abi12>sftp**?
19:31<Abi12>or ftp/ftps?
19:32<Abi12>vsftpd is great for ftp/ftps. Just use openssh server and enable chroot jailing for SFTP.
19:32<@mtjones>It depends on what you'd prefer to use. It looks like vsftpd can run just fine on CentOS 7.
19:32<bobby>i want to be able to have one master login that sees all chroot jails
19:33<bobby>and the ability to assign users to different chroot jails to see multiple sites
19:33<bobby>thats the end goal ideally
19:35<Abi12>It's possible. Atleast the first thing you mentioned, I've set up something like that recently. It just takes a certain level of coordination with file permissions/sshd.conf rules.
19:38<bobby>can you provide a tut to achieve this?
19:39<Abi12>I remember having to use a mixture of tutorials and trial/error. I can give you a quick run down though. It sort of works like virtualhosts, except the user cannot write into the root directory.
19:40<Abi12>I had a /var/sftp folder which contains all the sites. I assigned /var/sftp as my 'sftp admin' user's home directory and disable shell access. Then I'd assign each normal user's gome directory to an individual site.
19:41<Abi12>home*.
19:42<Abi12>so the sftp admin could read read/write into each of the site subdirectories, but unfortunately cannot create new directories within its root.
19:47<Abi12>oh wow. Linode has a nice tutorial on it: https://www.linode.com/docs/tools-reference/tools/limiting-access-with-sftp-jails-on-debian-and-ubuntu/
19:47<Abi12>Not sure if this applies to centos 7 :p, never used it.
19:48<Abi12>err.. I actually tabbed here to ask something. Does anyone have a *recent* url rewrite ruleset when running wordpress on lighttpd? Everything I'm finding stretches back to WP 3.X.X
19:48<@mtjones>Abi12: As in, the base wordpress .htaccess file contents?
19:50<Abi12>basically. I already have a front controller ruleset from another site.. I guess it'd be better to ask. "How do I exclude pre-exisiting directory index urls from rewriting to the index.php?". So if a user types in example.com/wp-admin or example.com/wp-admin/, it's seen as wp-admin/index.php
19:51<Abi12>I have to manually exclude that whole directory currently and/or specify a static rule for each directory.
19:51<Abi12>Not sure if I phrased all that correctly.. sorry.
19:52<Abi12>/s/for each directory/for each url
19:52<@mtjones>I think I follow. If I remember correctly there's a set of mod_rewrite directives in either the .htaccess file or index file for in the document_root/wp-admin/ file that does the rewrite.
19:52<@mtjones>In the specific case of redirecting to wp-login.php
19:53<@mtjones>I don't think WordPress does anything more complicated than that for any other redirect, so it should all just be in .htaccess files in differend directories
19:53<@mtjones>different, even.
19:53<Abi12>ahh yes. That works fine. I'm taking about on the server-side of things, since I have to add the front-controller pattern rewrite rules in lighttpd.conf
19:54<Abi12>I guess in shorter terms. I want example.com/wp-admin to lead me to example.com/wp-admin/indes.php, but I want example.com/wp-admin/whatever to be rewritten to index.php
19:55<@mtjones>The same way you handled the general redirect rules for the front end of the site will work for the back end of the site too.
19:55<@mtjones>It's just a matter of changing it to be for only example.com/wp-admin
19:57<@mtjones>That being said I'm not sure off the top of my head if wp-admin will work the same, it's been a while since I've been in the back end of a wordpress install.
19:58<@mtjones>If the URL in your browser stays as example.com/wp-admin/index.php no matter what page you visit in wp-admin then it will work. If the url in your browser changes at all when navigating around then forcing it to stay at example.com/wp-admin/index.php might break it.
19:59<Abi12>I'm confused now LOL.
20:00<Abi12>Currently my rules do this: it rewrites all urls to index.php if the file doesn't exist.
20:00<@mtjones>Yeah, that should work.
20:00<Abi12>I'd like it to rewrite all urls to index.php if the file AND *directory* doesn't exist.
20:00<@mtjones>That's where it might break things.
20:01<Abi12>hmm okay. Then I should probably wait for the web designer to report back. He mentioned that some of the plugins were broken, and it was possibly because I was excluding wp-admin/wp-content from rewriting.
20:01<bobby>https://www.primitiv.media/
20:01<bobby>does it show up as insecure?
20:02<@mtjones>WordPress essentially 'tricks' your browser into thinking directories exist when they're really just dynamically generated by WordPress. This is to make things look pretty in the browser URL and to make visiting the same page twice easier.
20:02<Abi12>yup
20:02<bobby>i installed certbot
20:02<bobby>why does this happen?
20:02<Abi12>yeah xD. I almost always use a front controller pattern, but I've never had to figure out this sort of issue.
20:02<@mtjones>If you make lighttpd check if a directory really exists before allowing someone to visit it, then it might break WordPress.
20:02<Abi12>bobby: dungeon.primitiv.media
20:03<bobby>yea that one works fine
20:03<Abi12>bobby: you're using the dungeon.primitiv.media certificate on primitiv.media.
20:03<Abi12>That's why
20:03<bobby>how is that possible
20:04<Abi12>mtjones: I understand. What's weird is that 1and1 does WP hosting, and THEY did what I'm trying to figure out.
20:05<@mtjones>bobby: You can set up any SSL certificate for any domain. There's nothing in Apache or Nginx that checks the certificate before serving it, other than checking to make sure it's actually an SSL certificate. It doesn't check if it matches the domain.
20:05<Abi12>When visiting wp-admin/wp-content/etc, it doesn't rewrite, but when visiting wp-admin/something or wp-content/something it rewrites.
20:05<@mtjones>Abi12: I think they do that to break wp-admin on purpose, then have a different way to get to wp-admin
20:05<@mtjones>That way, bots and bad actors can't brute force or try to compromise /wp-admin
20:06<Abi12>hmm I see. I guess I'll just tell the web developer to access the panel via wp-login.php xD
20:06<Abi12>mtjones: Thanks heh.
20:06<@mtjones>Anytime!
20:07<bobby>so what do i do now
20:07<Abi12>bobby: generate a cert for primitiv.media
20:07<bobby>i did
20:07<Abi12>I think letsencrypt does wildcards, so you could probably use that same cert for dungeon.primitiv.media
20:08<Abi12>Now in your webserver configuration, specify that specific host to use that specific certificate.
20:09<bobby>im using nginx
20:10<bobby>i re generated the sll a few times
20:10<Abi12>it's working now mate.
20:13<bobby>shows me it still not working
20:14<Abi12>The certificate is fine, but now point that host to a webroot directory niginx has access to.
20:22<bobby>i am
20:22<bobby>idk why its showing phpmyadmin
20:26<bobby>im so confused
20:27<Abi12>That phpmyadmin is showing when you visit the dungeon.primitiv.media
20:27<bobby>ytes
20:27<bobby>when i go on https://www.primitiv.media/
20:27<bobby>it shows me phpmyadmin
20:27<bobby>when it should be a blank page'
20:27<Abi12>rip: https://primitiv.media/
20:29<bobby>it brings me to phpmyadmin and says its not secure??
20:29<Abi12>It seems like you're using the correct certificate on https://primitiv.media/ but using a webroot nginx has no access to. You're using the dungeon certificate on https://www.primitiv.media/ and it's pointing to the same root as the dungeon site.
20:29<bobby>how do i remove that certificate
20:29<Abi12>You've probably written your rules to include something like (.*).primitiv.media and that includes (www, dungeon, all other subdomains )
20:29<Abi12>www is a subdomain just like dungeon bobby
20:30<bobby>https://bpaste.net/show/c280105266a3
20:30<bobby>dis what i got
20:30<bobby>trying nginx instead of httpd
20:33<bobby>idk why its difficult like this for certs
20:34<Abi12>Is that your full configuration?
20:34<bobby>thats my primitiv.media.conf
20:39-!-The-spiki [~spiki@0001014f.user.oftc.net] has joined #linode
20:39-!-The-spiki is "Nenad Spirkoski" on #linode
20:40<bobby>is it imcorrect
20:42<Abi12>I've never used nginx before. You may need to wait until someone who has more knowledge on the matter wakes up.
20:42<Abi12>bobby: try adding www.primitiv.media to server name field though
20:42<Abi12>server_name test.com www.test.com;
20:43<bobby>just did
20:43<bobby>restarted nginx
20:43<bobby>ahhh
20:43<Abi12>I think you've set the dungeon.primitiv.media as your default site too BTW. I'd set your primitiv.media site has the default.
20:43<bobby>now it doesnt show phpmyadmin!
20:44<bobby>how do you figure?
20:45<Abi12>Well. I'm not entirely sure. I can visit https://test.primitiv.media/ and it'll follow the same rules your dungeon subdomain is following, but using the http://test.primitiv.media url uses some other ruleset.
20:46-!-spiki [~spiki@0001014f.user.oftc.net] has quit [Ping timeout: 480 seconds]
20:46<bobby>how is this possible...
20:46<bobby>i only have dungeon as a subdomain..
20:48<Abi12>That's something you'll need to configure with whomever manages your DNS records. Probably your registrar. There's wildcard options where every single *.primitiv.media domain name will be redirected to the A record of primitiv.media
20:48<Abi12>( atleast I think so )
20:49<bobby>oh
20:49<bobby>i had * and @
20:51<Abi12>You should probably be careful abot hosting your phpMyAdmin panel so openly. Those bots will find it ;)
20:52<Abi12>You could set it to bind onto a seperate port and configure your firewall rules to only allow your home I.P
20:54<Abi12>bobby: fyi - your earlier question about the sftp setup. I referenced this article alot https://www.tecmint.com/restrict-sftp-user-home-directories-using-chroot/
20:54<bobby>dpo i need the @ and * setup as A records
20:55<bobby>https://www.krizna.com/centos/setup-ftp-server-centos-7-vsftp/ this is what i followed although its out of date
20:55<Abi12>The * A record is wildcard one
20:55<Abi12>is the* wildcard one*
20:56<Abi12>You can remove that one. That's causing the *.example.com stuff.
21:01<Cromulent>just to throw this out there you can use MySQL Workbench and an SSH tunnel to your server which should remove the need for phpMyAdmin
21:12<bobby>cromulent do you reckon its as easy to use and more secure this way?
21:12<bobby>can i access this remotely if ever needed?
21:13<bobby>also does https://www.primitiv.media/ work for you now?
21:17<Abi12>You'll need to setup a rule to only allow your ip over the tunnel or else everyone has access to it.
21:18<Abi12>bobby: yes it works.
21:25<bobby>DNS_PROBE_FINISHED_NXDOMAIN why do i get this lol
21:26<bobby>what fi you try test.primitiv.media
21:33-!-bobby [~oftc-webi@107-190-62-156.cpe.teksavvy.com] has quit [Quit: Page closed]
22:14-!-V-Pariah [viciouspar@c-24-61-207-78.hsd1.ma.comcast.net] has quit [Read error: Connection reset by peer]
22:42-!-V-Pariah [~viciouspa@c-24-61-207-78.hsd1.ma.comcast.net] has joined #linode
22:42-!-V-Pariah is "Vicious Pariah" on #linode
22:49-!-montigny34 [~oftc-webi@107-190-62-156.cpe.teksavvy.com] has joined #linode
22:49-!-montigny34 is "OFTC WebIRC Client" on #linode
22:49<montigny34>varnishd[26108]: Error: Could not get socket :80: Address already in use
22:49<montigny34>any idea why
22:55<Cromulent>montigny34: are you running an HTTP server on the box as well?
22:57<montigny34>no only nginx
22:57<montigny34>but nginx is still running on 80 from what i cansee
22:57<Cromulent>... nginx is a HTTP server
22:57<montigny34>https://www.tecmint.com/install-varnish-cache-for-nginx-on-centos-7/
22:58<montigny34>it should b running on port 8080
23:05-!-thiras [~thiras@195.174.215.70] has quit [Ping timeout: 480 seconds]
23:09-!-ckuehl [~ckuehl@2604:5500:c2c7:0:4ecc:6aff:fe8c:d243] has quit [Ping timeout: 480 seconds]
23:16<montigny34>how do i make nginx run on port 8080
23:16<montigny34>or listen sorry
23:19-!-copart [~copart@00027003.user.oftc.net] has joined #linode
23:19-!-copart is "copart" on #linode
23:21-!-toby [~oftc-webi@2a00:23c5:440a:5900:ad45:45e4:4dcc:e59e] has joined #linode
23:21-!-toby is "OFTC WebIRC Client" on #linode
23:21<montigny34>nobody
23:22<toby>hello?
23:22-!-toby [~oftc-webi@2a00:23c5:440a:5900:ad45:45e4:4dcc:e59e] has quit []
23:25<montigny34>hi
23:29<montigny34>nginx is running on 80 and 8080
23:38-!-Cruiser [Cruiser@136.33.104.17] has quit [Read error: Connection reset by peer]
23:38-!-Cruiser [Cruiser@136.33.104.17] has joined #linode
23:38-!-Cruiser is "Cruiser" on #linode
23:50-!-montigny34 [~oftc-webi@107-190-62-156.cpe.teksavvy.com] has quit [Quit: Page closed]
---Logclosed Sat Mar 30 00:00:34 2019