You are not logged in.
- Topics: Active | Unanswered
#51 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-03 17:35:55
Yes, me too.
I know that is from my apache/postfix guide but I think the steps for this stage (enabling https) will be very similar for nginx and it may prompt you to check the stages:
https://workaround.org/bullseye/tls-enc … rtificate/
#52 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-03 17:09:16
Hi, yes that what I hoped to see: seems OK. Just wanted to check.
Needless to say I'm in the UK, age 71, wake at 7am GMT, so we're all time-shifted.
I went through a similar website setup process myself a few years ago (except I was also setting up a mail server), and using apache, but closely following the guide that I used meant it was relatively painless.
Still can't 'see' your website.
#53 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-03 15:22:55
Just for clarity. You are doing lots of tests in /etc/nginx/sites-available.
Have you enabled the sites? i.e created links (http and https) in /etc/nginx/sites-enabled to the active website in site-available.
NB. Ralph will know this all better than me as he has nginx and I have apache2, but I assume this part works much the same. The simplest way to set these things up is to just follow a good step-by-step guide.
#54 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-01 22:22:45
If I open my web browser on http://66.172.90.106 then, if I click through the warning about https: not enabled I see the webpage banner "Welcome to Realupnow.com!". So nginx is serving the index webpage to the internet.
However if I lookup realupdown,com with dig I still don't get the A record:
marjorie@grendel:~$ dig realupdown.com
; <<>> DiG 9.16.33-Debian <<>> realupdown.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3657
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;realupdown.com. IN A
;; AUTHORITY SECTION:
com. 599 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1672611035 1800 900 604800 86400
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Jan 01 22:16:02 GMT 2023
;; MSG SIZE rcvd: 116It may just be a propagation issue. Or it maybe a real issue with the DNS. I do note that the servers in the AUTHORITY section have changed.
Also despite the apparent success of certbot https is not enabled yet.
#55 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-01 11:16:27
I can now see an A record for unboundtest.com (165.227.59.74, which is on Digital Ocean).
I can't see one for realupnow.com.
Have you got a static IP or just a dynamic one assigned by your ISP? Dynamic IPs periodically change.
By default most ISPs only provide dynamic IPs for domestic users. Business users, who also pay more, usually get a static IP.
And of course you can also run a web and/or mail server in the cloud (such as Digital Ocean).
To run a website accessible on the internet you really need a static IP.
You can check that your ngingx website is running OK by opening it in your browser on its internal (NAT, IP4) network address e.g. http://192.168.50.4 .
I assume there is already a correctly configured index.html in ngingx : on my apache installation there is one there by default that says "Apache2 Debian Default Page: It works!".
I also assume you have opened any firewall on your server for ports 80 and 443.
For now you may need to disable or bypass any automatic redirection from http to https as https won't work until you have a certificate.
My recollection of how my apache server works is that I have automatic redirection set up except for a bypass for letsencrypts certbot, as that obviously needs to see a http site when doing a challenge.
You can then check that it works using its web IP e.g. http://66.172.90.106 (if that's your assigned IP for realudown.com). This doesn't require a DNS lookup.
At this stage you will need to have opened your router firewall for ports 80 and 443 for this to work. On my router I have 'virtual servers' enabled to direct any incoming traffic on posts 80 or 443 to tunnel through to my webserver.
And then you can check that the DNS lookup works OK http://realupnow.com ....
#56 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2022-12-31 23:55:41
Doesn't look like you've set up an A record, or the record hasn't been propagated yet.
digging your website:
; marjorie@grendel:~$ dig realupnow.com
<<>> DiG 9.16.33-Debian <<>> realupnow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 0
;; QUESTION SECTION:
;realupnow.com. IN A
;; AUTHORITY SECTION:
realupnow.com. 3599 IN SOA dns1.registrar-servers.com. hostmaster.registrar-servers.com. 1664668104 43200 3600 604800 3601
;; Query time: 71 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Dec 31 23:48:36 GMT 2022
;; MSG SIZE rcvd: 112While if I dig mine:
; <<>> DiG 9.16.33-Debian <<>> meeble.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62974
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;meeble.net. IN A
;; ANSWER SECTION:
meeble.net. 2399 IN A 88.97.31.244
;; Query time: 99 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Dec 31 23:49:04 GMT 2022
;; MSG SIZE rcvd: 55#57 Re: Desktop and Multimedia » Chromium asking for 'keyring password'? » 2022-12-27 14:12:41
Marjorie wrote:can't recall having any keyring issues
Chromium tries to detect the desktop and it will only show that message if it thinks it's running in GNOME. If you're running Xfce I think it will fall back to basic for the --password-store option, which doesn't need the keyring.
FWIW I use Cinnamon (=gnome lite).
#58 Re: Desktop and Multimedia » Chromium asking for 'keyring password'? » 2022-12-27 14:04:16
Hello:
I run Devuan Beowulf on a backported kernel [5.10]:
So ...
Just what #$%&'¿ does Chromium want with a keyring PW?Any idea as to what is going on?
Thanks in advance.
A.
I use Chimaera on a 5.15 kernel. Beowulf is a bit old now.
I've got ungoogled-chromium (also 108) installed as a backup for firefox-esr in case it can't render a website (though these days I never seem to need it) and can't recall having any keyring issues.
Is anyone else, who uses the devuan repository chromium on Beowulf, seeing this?
#59 Re: Desktop and Multimedia » [SOLVED] GUI mixer in Daedalus » 2022-12-16 17:05:31
By default Cinnamon uses the applet sound@cinnamon.org.
You'd install it into the panel by right clicking on the panel and choosing Applets then your choice of applet.
By default Cinnamon also uses pulseaudio as middleware on top of alsa.
I'm unclear if the sound applet depends on pulseaudio being installed - as it's not something I've tried to change.
#60 Re: Installation » [SOLVED] Is it possible to exclude a mirror? » 2022-12-07 11:28:00
You could just chose one mirror, from those in the roundrobin, that works for you.
The main purpose of the roundrobin is to spread the load, but if you have a specific need then one person fixing their choice of mirror won't be disruptive.
If lots of you were to need a particular mirror as it was the only one that serves ARM packages then that might be more of a problem, but I don't expect there are that many with that need and I gather than most mirrors would work ok.
I've done this in the past (as I wanted a https connection). It used to work so long as I wasn't trying to download when that site was offline for maintenance, maybe for updating the mirror.
#61 Re: Installation » [SOLVED] linux-image-6.* / Chimaera » 2022-11-22 22:24:52
Agree, the CPU on my 5600G worked fine with 5.10, the issues I had were in support for the integrated GPU. This was improved with new GPU commits from AMD in 5:15.
I also have a nct6687-isa-0a20 fans sensor on the MSI AMD B550 MPG Gaming Plus Motherboard that I needed the 5.15 kernel headers so I could compile in its kernel module.
On my system upgrading to kernels 5.18 and 5.19 caused graphical glitching with Signal Desktop and Zoom and issues with getting reliable hibernation.
#62 Re: Installation » [SOLVED] linux-image-6.* / Chimaera » 2022-11-22 17:28:30
Yes, linux-image-6.0.0.0 and corresponding headers are now available in Chimaera backports.
Do you have newer hardware that actually needs anything later than the stable 5.10 kernel (which is still being updated with security patches)?
In my case I did update from 5.10 to 5.15 when I updated my processor and motherboard to ones that weren't fully covered by 5.10 (AMD 5600G and a new sensors chip on my B550 motherboard) however I found that subsequent kernels 5.18 and 5.19 contained regressions which caused certain programs I use to glitch so I reverted to 5.15.
I might try 6.0 but it's quite possible the regressions are still there and I'll have to revert.
#63 Re: Desktop and Multimedia » Can you suggest some tips and tricks for speed up Devuan? » 2022-11-17 11:55:52
To speed up devuan I've disabled anacron. Sometimes it slows down shutdown.
This strikes me as odd.
Anacron is useful on personal PCs that you turn on and off so that scheduled cron jobs run just after startup (you can set a possibly randomised delay). This avoids cron jobs not being run because your machine would be turned off at the time set for the cron job. On an alway-on server you would typically run such jobs in the small hours.
The jobs run by anacron are those in /etc/cron.hourly/, /etc/cron.daily/, /etc/cron.weekly/ and /etc/cron.monthly. If a job is unnecessary for you then remove it from the respective /etc/cron.*. If you think it's using too much resource consider doing it less frequently.
As I mostly hibernate rather than shut down my personal PC overnight I've also set it up so that it also checks if anacron needs to run any daily, weekly or monthly when its woken.
I can't think of any reason why anacron should delay shutdown.
#64 Re: Other Issues » [SOLVED] Zoom in Devuan » 2022-10-14 15:00:27
Just to update: the issue I was having running Zoom and Signal Desktop on my AMD 5600G with Chimaera and a backported 5:18 kernel, seems to have been addressed and solved in kernel 5.19.
Correction: it seems it still isn't fixed in 5.19, at least if I'd had the system running for a while/been hibernated. So have reverted to kernel 5:15 again.
#65 Re: Hardware & System Configuration » [SOLVED] TP-Link AX3000 (Archer TX3000E) PCIe WiFi card not working on Refracta » 2022-10-10 16:48:23
Having checked your AX210 is a wi-fi 6E card, while my AX200 is only wi-fi 6.
The AX210 is only supported by linux kernels >= 5.10, i.e. the standard Chimaera kernel.
https://wireless.wiki.kernel.org/en/use … rs/iwlwifi
Nevertheless, even though you say its Beowulf based Linux refracta 5.10.0-0.deb10.16-amd64 is presumably a 5:10 kernel.
#66 Re: Hardware & System Configuration » [SOLVED] TP-Link AX3000 (Archer TX3000E) PCIe WiFi card not working on Refracta » 2022-10-10 09:54:55
Which iwlwifi and kernel versions are you using? This is quite a new wifi card compared to beowulf. You may need a backported kernel as well or even an upgrade to Chimaera.
I have a working AX200 card (earlier than yours, which is AX210) on Chimaera. My ifwlwifi is version 20210315-3.
This is from my dmesg:
dmesg |grep iwlwifi
[ 5.797902] iwlwifi 0000:21:00.0: firmware: failed to load iwlwifi-cc-a0-66.ucode (-2)
[ 5.797969] iwlwifi 0000:21:00.0: Direct firmware load for iwlwifi-cc-a0-66.ucode failed with error -2
[ 5.797979] iwlwifi 0000:21:00.0: firmware: failed to load iwlwifi-cc-a0-65.ucode (-2)
[ 5.798003] iwlwifi 0000:21:00.0: Direct firmware load for iwlwifi-cc-a0-65.ucode failed with error -2
[ 5.798010] iwlwifi 0000:21:00.0: firmware: failed to load iwlwifi-cc-a0-64.ucode (-2)
[ 5.798034] iwlwifi 0000:21:00.0: Direct firmware load for iwlwifi-cc-a0-64.ucode failed with error -2
[ 5.798041] iwlwifi 0000:21:00.0: firmware: failed to load iwlwifi-cc-a0-63.ucode (-2)
[ 5.798064] iwlwifi 0000:21:00.0: Direct firmware load for iwlwifi-cc-a0-63.ucode failed with error -2
[ 5.801899] iwlwifi 0000:21:00.0: firmware: direct-loading firmware iwlwifi-cc-a0-62.ucode
[ 5.801904] iwlwifi 0000:21:00.0: api flags index 2 larger than supported by driver
[ 5.801910] iwlwifi 0000:21:00.0: TLV_FW_FSEQ_VERSION: FSEQ Version: 89.3.35.37
[ 5.802068] iwlwifi 0000:21:00.0: loaded firmware version 62.49eeb572.0 cc-a0-62.ucode op_mode iwlmvm
[ 5.802081] iwlwifi 0000:21:00.0: firmware: failed to load iwl-debug-yoyo.bin (-2)
[ 5.870642] iwlwifi 0000:21:00.0: Detected Intel(R) Wi-Fi 6 AX200 160MHz, REV=0x340
[ 6.000186] iwlwifi 0000:21:00.0: Detected RF HR B3, rfid=0x10a100
[ 6.065031] iwlwifi 0000:21:00.0: base HW address: dc:21:48:57:1b:5b
[12516.990241] (NULL device *): firmware: direct-loading firmware iwlwifi-cc-a0-62.ucodeI note that I finally get my slightly older card running on iwlwifi-cc-a0-62.ucode, which is a higher number than any your system tries to load: iwlwifi-ty-a0-gf-a0-59.ucode down to iwlwifi-ty-a0-gf-a0-39.ucode.
#67 Re: Other Issues » [SOLVED] Zoom in Devuan » 2022-10-03 21:44:54
Well I've no reason to believe that appimage would solve the issue.
And I wouldn't want to start using appimage just to solve this issue given all the issues that all such similar solutions (appimage, flatpack, etc.) bring.
Remember I'm on Chimaera. I only upgraded to backports in the first instance to handle my newish hardware (AMD Zen3 5600G, B550 motherboard) and some issues with suspend/hibernate. If 5.15 works why upgrade further to a newer kernel if that has a regression?
But I an happy to try and pinpoint what that regression is, so that when I do move to a stable Daedalus and no doubt even newer kernel it has been solved.
#68 Re: Other Issues » [SOLVED] Zoom in Devuan » 2022-10-03 18:08:37
Not keen on using appimage.
I did try HOS's suggestion to disable hardware acceleration. That didn't solve the problem.
What does seem to have solved the problem is downgrading my kernel to 5:15 from 5:18 (I needed a backported 5:15+ image as stable 5:10 doesn't address some amdgpu and motherboard chip recognition issues I had).
I can't see any relevant kernel bug reports in 5:16/5:18 or 5:18 so may attempt to at least identify in which kernel the regression occurred and then report it.
I've also found a 'signature' in syslog that occurs while the kernel is glitching:
Sep 19 17:08:35 grendel kernel: [91634.237980] amdgpu 0000:30:00.0: amdgpu: failed to write reg 1a6f4 wait reg 1a706
Sep 19 17:08:56 grendel kernel: [91655.526407] amdgpu 0000:30:00.0: amdgpu: failed to write reg 28b4 wait reg 28c6This was previously reported in association with a resume bug back in kernel 5:05 that was then solved.
#69 Re: Installation » Installing from USB thumb drive » 2022-10-02 09:57:26
But when I plugged the USB drive into the machine and tried to get it to install it complained it could not 'mount' the install media. ??? Didn't it already 'mount' the install media if the installer is running
Just too check: can I assume that having plugged in the usb drive you then rebooted, having prioritised the usb drive over the hard disk(s) in the bios?
#70 Re: Other Issues » [SOLVED] Zoom in Devuan » 2022-09-21 14:42:05
Thanks for the suggestion. I'll try that.
#71 Re: Other Issues » [SOLVED] Zoom in Devuan » 2022-09-21 14:22:49
Currently I'm on the latest 5.11.10 version.
Hhowever recently it [Zoom] become extremely slow starting up, particularly if I've not rebooted the system recently. I'm currently running Chimaera on an AMD 5600G with 16GB RAM and the 5.18.0-0.deb11.4-amd64 kernel.
On my set up at least there does seem a problem with the most recent versions of Zoom.
Start-up is painfully slow, with long pauses while it repaints the screen and meanwhile doesn't respond to the keyboard.
I thought the problem was related to the most recent versions using chromium libraries to write to the screen (signal-desktop uses a similar set-up). I downgraded to an earlier version (5.11.0, downloaded in June) that uses Qt libraries. I thought initially the downgrade sorted the problem but it hasn't. And I'm also now seeing the same problem with signal-desktop.
Hibernating and reawakening (as well the previously mentioned rebooting) does, at least temporarily, restore normal service.
Both Zoom and Signal install in /opt with their own set of libraries. Signal is from the Debian/Devuan repositories.
Any suggestions for what could be causing the problem?
#72 Re: Other Issues » [SOLVED] Zoom in Devuan » 2022-09-14 13:01:35
I've been running Zoom via their site's Debian deb packages since at least June 2020.
Its clearly a 'portable' package (runs on any Debian 9.0+) and installs in /opt.
Download from https://zoom.us/download#client_4meeting
You normally have to check for updates manually as there is no repository. Currently I'm on the latest 5.11.10 version.
Its always worked well, however recently it's become extremely slow starting up, particularly if I've not rebooted the system recently. I'm currently running Chimaera on an AMD 5600G with 16GB RAM and the 5.18.0-0.deb11.4-amd64 kernel.
#73 Re: Other Issues » GRUB update lands at 'grub rescue>' prompt » 2022-09-11 11:36:17
Just for clarification, is this a general problem with the latest upgrade of grub?
I've just been updating my legacy-bios Chimaera installation (using synaptic).
There are lots of upgrades available today, including one to grub-pc, from 2.04-20 to 2:06-3~deb11u1.
I've installed all the other upgrades.
Is this safe to install the grub upgrade or will it just give me a grub rescue> prompt and a headache?
#74 Re: Hardware & System Configuration » [SOLVED] LUKS Full Disk Encryption » 2022-09-11 10:56:35
Does hibernate work with a swap partition inside an LVM?
It does on my PC (AMD5600G, Chimaera, emulated legacy boot, no encryption, kernel 5.18.0-0.deb11.4-amd64. RAID1).
I'm still finding hibernation a bit flaky - sometimes it attempt a reboot and I have to kill it with the power button (but then still resumes OK subsequently).
If you were to try to hibernate to a swapfile one obvious, bur solvable, problem is that you would have to make it significantly larger than 256Mb as it has to have space for what's in your RAM).
#75 Re: Installation » name of log for error/warning messages seen during boot » 2022-09-06 19:26:52
try /var/log/boot ?
Board footer
