Copy and paste using the native OpenSSH client on Windows 10 1803 works well.

Backup support from vendors like Veeam makes a difference too.

I've seen all the new ones except for Solo and they are ok. I'm just not a fan of Star Wars. Now if there was a movie based on a game like Star Wars: Knights of the Old Republic, I would definitely be into that.

@jaredbusch said in Interesting Take On A Wiki - Testing Now:

okay, this thing just sucks donkey balls. I spent way the fuck too much time on this and still not working.

Assuming Fedora 27 Minimal

# required packages + nano 
dnf install -y composer git mariadb mariadb-server mcrypt nano php php-cli php-curl php-fpm php-gd php-json php-mbstring php-mysqlnd php-openssl php-pdo php-tidy php-tokenizer php-xml php-zip policycoreutils policycoreutils-python policycoreutils-python-utils
#open HTTP
firewall-cmd --zone=public --add-port=http/tcp --permanent
firewall-cmd --reload
#start and enable mariadb
systemctl start mariadb
systemctl enable mariadb
#start and enable apache
systemctl start httpd
systemctl enable httpd
# Create Database and user with a random password for Bookstack
export DB_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13)"
echo DB_PASS=$DB_PASS
mysql -e "CREATE DATABASE bookstack;"
mysql -e "CREATE USER 'bookstack'@'localhost' IDENTIFIED BY '$DB_PASS';"
mysql -e "GRANT ALL ON bookstack.* TO 'bookstack'@'localhost';"
mysql -e "FLUSH PRIVILEGES;"
# Secure MariaDB
###################################################
##############CHANGE THE PASSWORD##################
mysql -e "UPDATE mysql.user SET Password=PASSWORD('somesecurepassword') WHERE User='root';"
mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
mysql -e "DELETE FROM mysql.user WHERE User='';"
mysql -e "DROP DATABASE test;"
mysql -e "FLUSH PRIVILEGES;"
# Download BookStack
cd /var/www/html/
git clone https://github.com/ssddanbrown/BookStack.git --branch release --single-branch bookstack
export DIR_BOOKSTACK="/var/www/html/bookstack"
# Install BookStack composer dependancies
cd $DIR_BOOKSTACK
composer install
# Copy and update BookStack environment variables
cp $DIR_BOOKSTACK/.env.example $DIR_BOOKSTACK/.env
sed -i 's/DB_DATABASE=.*$/DB_DATABASE=bookstack/' $DIR_BOOKSTACK/.env
sed -i 's/DB_USERNAME=.*$/DB_USERNAME=bookstack/' $DIR_BOOKSTACK/.env
sed -i "s/DB_PASSWORD=.*\$/DB_PASSWORD=$DB_PASS/" $DIR_BOOKSTACK/.env
# update the apache DocumentRoot
sed -i 's/DocumentRoot "\/var\/www\/html"/DocumentRoot "\/var\/www\/html\/bookstack\/public"/' /etc/httpd/conf/httpd.conf
#setup SELinux permissions
export httpdrw='httpd_sys_rw_content_t'
setsebool -P httpd_can_sendmail 1
setsebool -P httpd_can_network_connect 1
semanage fcontext -a -t ${httpdrw} "${DIR_BOOKSTACK}/storage(/.*)?"
restorecon -R -F ${DIR_BOOKSTACK}/storage
semanage fcontext -a -t ${httpdrw} "${DIR_BOOKSTACK}/bootstrap/cache(/.*)?"
restorecon -R -F ${DIR_BOOKSTACK}/bootstrap/cache
semanage fcontext -a -t ${httpdrw} "${DIR_BOOKSTACK}/public/uploads(/.*)?"
restorecon -R -F ${DIR_BOOKSTACK}/public/uploads
#setup ownership of the bookstrap directory to apache
chown apache:apache -R $DIR_BOOKSTACK
# Generate the application key
php artisan key:generate --no-interaction --force
# Migrate the databases
php artisan migrate --no-interaction --force
#Restart httpd
systemctl restart httpd

Browse to the IP http://yourip and get redirected to http://yourip/login so that application is running.
If I set the APP_URL in the .env file, browsing to http://yourip will redirect to the http://FQDN/login. So yet more proof that the application if running.

But I see this.

I followed your guide except I created a conf file in /etc/httpd/conf.d/wiki.example.com.conf

sudo tee /etc/httpd/conf.d/wiki.example.com.conf <<EOF
<VirtualHost *:80>
    ServerAdmin webmaster@localhost
      <Directory /var/www/html/bookstack/public>
        Require all granted
        AllowOverride All
        #Options +Indexes
      </Directory>
    DocumentRoot /var/www/html/bookstack/public
    ServerName wiki.example.com
    ErrorLog /var/log/httpd/bookstack.error.log
    CustomLog /var/log/httpd/access.log combined
</VirtualHost>
EOF

I pretty much did they same setup like Snipe-IT.

And my APP_URL is APP_URL=https://wiki.example.com

Learning from dirty jobs | Mike Rowe
Youtube Video

Have you tried activating using Windows Software Licensing Management Tool?
slmgr.vbs

Watching my 8 years old voluntarily raking the leaves. Can't tell if she's bored, just wanted to do it, or planning on using it has a bargaining chip.

Using well-known path looks like a better approach.

https://community.letsencrypt.org/t/auto-renewal-with-nginx-without-downtime/7814/2

https://community.letsencrypt.org/t/auto-renewal-with-nginx-without-downtime/7814/4

https://github.com/mbrugger/letsencrypt-nginx-docker/blob/master/README.md

Deploying chocolatey packages via ansible playbook to several interview room computers. Very cool.

@scottalanmiller said in Ubiquity Security appliance:

@ccwtech said in Ubiquity Security appliance:

Ok, in that case, why not just use the router that the ISP provides (vs. Ubiquity) for a small business?

Good question. Several reasons, I think.

1. Trust. I've never met an ISP router I would trust on my network. They are easily compromised and insecure. In many cases, they ship already compromised. I have no way to know if the ISP has installed backdoors and to whom they've granted access. It's not a trustable device, it's a rogue actor.
2. Performance and stability. ISP routers are generally garbage. Literally the cheapest crap they could get their hands on. They are rarely reliable.
3. Monitoring. I've never seen an ISP router with SNMP, but they might offer it. But that's the best you can hope for. How will you integrate it into your network monitoring and management infrastructure?
4. Management. Every router would be different and even a few minutes of lost time from trying to figure each one out would pay for replacing it.
5. Standardization. You know what to patch, where to get patches, how to get patches, that patches will work, and when patches are available for all devices at once, rather than one at a time.
6. Patching. Will an ISP router even get updates?
7. Features. While you don't want a UTM, there are important features that might be needed for a business firewall like VLAN support, QoS, ALGs, advanced firewall configuration, etc. Plus CLI, SSH, console and other access methods unlikely to be available.

Flexibility. Switching ISPs is more easier.

@Obsolesce said in CA Validity Periods:

@black3dynamite said in CA Validity Periods:

@Obsolesce So when year 20 comes around, you just redeploy a new RootCA server?

Oh, to specifically answer your question. You don't need to redeploy the RootCA unless there's a reason to.

If you turn on the offline RootCA 8 years later to renew your SubCA cert, where's the issue? So long as you can reissue the cert and the cert still meets all security requirements, issue the cert, or renew yoru RootCA cert first then reissue the SubCA cert, then turn it off again for 8 more years and re-evaluate then. It's offline, and turned off... literally zero changes, it should come back upjust fine in theory.

If you have it turned on and networked for 8-20 years or whatever, i'm sure it's more likely to fuck up than if it's turned off.

Wouldn’t it be wise to keep OpenSSL/LibreSSL updated at least?

@dafyre said in UrBackup and FreeNAS Jurassic Park Effect:

@black3dynamite said in UrBackup and FreeNAS Jurassic Park Effect:

@dbeato said in UrBackup and FreeNAS Jurassic Park Effect:

@dustinb3403 said in UrBackup and FreeNAS Jurassic Park Effect:

@dbeato said in UrBackup and FreeNAS Jurassic Park Effect:

Last time I used UrBackup was trying to replace Amanda Backup and Bacula.

Did you succeed?

It worked great on the web interface but it was for a small non profit organization so it works and I believe it is still working. At the time I didn't think of this limitations:

Is UrBackup more geared toward Windows?

I think he was referring to the 2TB limitation for VHD files?

Why VHD instead of VHDX? Better yet, why not use qcow2 or raw images?

Upgrading Zabbix 3.4 to 4.0 on CentOS.

Force SSL Plugin
https://wordpress.org/plugins/wp-force-ssl/

Administrator over SSL
https://codex.wordpress.org/Administration_Over_SSL

Vigilance Elite - Concealed Carry Tips with a Navy SEAL
Youtube Video

I never used this before but you can try creating a URL Rule in LastPass.
Log in at lastpass.com, go to Account Settings > URL Rules and click Add.

Domain or Host: example.com
Path:
Exact Host Match: Yes
Exact Port Match: No

@WrCombs said in What Are You Doing Right Now:

@black3dynamite said in What Are You Doing Right Now:

@WrCombs said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@WrCombs said in What Are You Doing Right Now:

@black3dynamite said in What Are You Doing Right Now:

@WrCombs said in What Are You Doing Right Now:

@black3dynamite said in What Are You Doing Right Now:

Enjoying some reading on this forum.

it's pretty entertaining no?

Between this and Telegram, hell yeah.

I need to catch up on the telegram convo I usually just mark as read and continue on my day.

I gave up, it's SO far behind.

im at least 500 behind and dont want to even try catching up at this point, Maybe the next conversation that arrises

Its can be difficult to join a conversation without knowing source of the conversation.

exactly why I decide to leave it alone .

When I need to get out of a situation at work, I just a unmute and let rain alerts.

Use Get-Content.

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-content?view=powershell-6

For those who installed Pi-Hole on a Fedora Server minimal install should update.
This update includes the fix for installing sqlite package. Now you will be able flush logs via the GUI and CLI.

Instead of using Fedora as a firewall VM, how about using VyOS?
https://wiki.vyos.net/wiki/User_Guide