I have set up a very simple Hypervisor using Alpine Linux and my VM sees all traffic coming from the IP of the hypervisor. Which also means if fail2ban tries to block attacks, it always blocks the hypervisors IP How can I have the VM see the real IP Adresses and not just the IP … Read more
server { listen 80; server_name example.com www.example.com; location /consol { if ($request_method !~ ^(GET|POST)$) { return 405 “Not allowed”; } set $consolalb alb.backend; proxy_pass http://$consolalb/workspace/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection ‘upgrade’; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Custom-Forwarded-Proto $http_x_forwarded_proto; proxy_cache_bypass $http_upgrade; } } I have the scenario where the user request reaches … Read more
I am trying to configure frrouting to use RPKI over ssh on Alpine Linux 3.14.2. After installing FRRouting using apk add frr frr-rpki (installs version 7.5.1) and adding rpki cache example.com 22 rtr-ssh ./ssh_key/id_rsa ./ssh_key/id_rsa.pub preference 1 to /etc/frr/bgpd.conf, If I run bgpd manually, I see: $ /usr/lib/frr/bgpd -F traditional -A 127.0.0.1 -M rpki ssh … Read more
Last week we updated several wordpress sites which are running Alpine Linux as containers inside a host (Ubuntu 20.04) through LXD. A summary of the update is as follows: Alpine Linux v3.8 -> 3.14 PHP 5.3.6 -> 7.4.24 Wordpress 5.0.3 -> 5.7.3 Problem We started having issues with the server performance after those updates and … Read more
I am trying to install Alpine Linux on Oracle Cloud AArch64 VM. I had already installed bootloader (Grub, arm64-efi), kernel (5.10.75) and userspace on it. In order to debug boot issues, I setup the serial console by appending console=tty0 console=ttyS0,115200 to the kernel cmdline. After booting, I can see the Grub output and kernel dmesg … Read more
My host node is RHEL7 running KVM from the ‘updates’ repo. On the host node, the permissions for /dev/null are: crw-rw-rw-. 1 root root 1, 3 Dec 18 04:45 /dev/null In an Alpine KVM guest (5.14, but same behavior on other versions), the permissions are missing the “others”: crw-rw—- 1 root root 1, 3 Dec … Read more
I am trying to use PAM to authenticate OpenVPN against 2FA (not important info). Here is my PAM configuration: account required pam_permit.so auth required pam_google_authenticator.so secret=/etc/openvpn/google-authenticator/${USER} user=root forward_pass nullok debug authtok_prompt=pin I have an issue in the first line (or wherever I put it). Using the line as shown causes the PAM configuration to break … Read more
I’m trying to configure an SSH key on my Jenkins instance with the SSH Agent Plugin. Jenkins is using Kubernetes containers as workers. My worker container image is alpine based, and just installs ansible and sshd. If I run a container locally, I am able to configure my keys and connect to my ssh servers … Read more
I try to configure postfix relay in kubernetes on Alpine using saslauthd. Dockerfile: FROM alpine:3.15 RUN apk update && \ apk add –no-cache postfix \ libsasl \ cyrus-sasl \ cyrus-sasl-login \ cyrus-sasl-plain \ openssl \ shadow \ ca-certificates \ bash \ rsyslog \ supervisor && \ /usr/bin/newaliases && \ cp /etc/passwd /etc/passwd_orig && \ # … Read more
I need to install the control group tools on Alpine Linux; on some distros there is a cgroup-tools package or equivalent, but not on Alpine Linux. I have looked for the a package containing any cg* file on the contents pane at https://pkgs.alpinelinux.org/, but nothing turns up related to control groups, and searched high and … Read more
