Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Tlug Digest, Vol 160, Issue 4
- Date: Tue, 16 Apr 2019 12:10:36 +0900
- From: Jack Halpern <jack@example.com>
- Subject: Re: [tlug] Tlug Digest, Vol 160, Issue 4
- References: <mailman.1.1555383602.4651.tlug@tlug.jp>
tlug-request@example.com wrote... >Send Tlug mailing list submissions to > tlug@example.com UNSUBSCRIBE. I asked for this several times but t ono avail. Pleeeeeease unsubscribe me. >To subscribe or unsubscribe via the World Wide Web, visit > http://lists.tlug.jp/mailman/listinfo/tlug >or, via email, send a message with subject or body 'help' to > tlug-request@example.com > >You can reach the person managing the list at > tlug-owner@example.com > >When replying, please edit your Subject line so it is more specific >than "Re: Contents of Tlug digest..." > > >Today's Topics: > > 1. What do you use for simple monitoring? (Christian Horn) > 2. Re: What do you use for simple monitoring? (Scott Robbins) > 3. Fujitsu Lifebook PH50/E needing repair help... anyone? > (AbH Belxjander Draconis Serechai) > 4. Re: What do you use for simple monitoring? (Furkan Mustafa) > 5. Re: What do you use for simple monitoring? (Chris Salisbury) > 6. Note to server admins: you're breaking DKIM (Chris) > 7. Re: Note to server admins: you're breaking DKIM (Chris) > > >---------------------------------------------------------------- ------ > >Message: 1 >Date: Mon, 15 Apr 2019 14:17:04 +0200 >From: Christian Horn <chorn@example.com> >Subject: [tlug] What do you use for simple monitoring? >To: tlug@example.com >Message-ID: <20190415121704.qar6vdihov7hrf2x@example.com> >Content-Type: text/plain; charset=us-ascii > >Hi tlug, > >I am running a single server, with some services like >named, webserver, MTA. > >I just configured DNSSEC for my domains, and think that I should >setup something simple to notice when a service goes down. > >For availability monitoring, something like Nagios or Zabbix >comes to mind, but this is to heavy for my single server with >just some services. > >I consider to just use a shellscript which checks some things >and sends an email if a returncode is not as expected. > >What are you guys doing to monitor simple, single services? > >cheers, >Chris > > > >------------------------------ > >Message: 2 >Date: Mon, 15 Apr 2019 09:14:10 -0400 >From: Scott Robbins <scottro@example.com> >Subject: Re: [tlug] What do you use for simple monitoring? >To: Tokyo Linux Users Group <tlug@example.com> >Message-ID: <20190415131410.2eru7izwhhzvzlji@example.com> >Content-Type: text/plain; charset=utf-8 > >On Mon, Apr 15, 2019 at 02:17:04PM +0200, Christian Horn wrote: >> Hi tlug, >> >> >> For availability monitoring, something like Nagios or Zabbix >> comes to mind, but this is to heavy for my single server with >> just some services. >> >> I consider to just use a shellscript which checks some things >> and sends an email if a returncode is not as expected. > >What about monit? I don't think it's too heavy, and it usually notices a >service is down and tries to restart it. > >I think there's a default monit.conf with examples, but a typical entry >for a DNS server > >eck process named with pidfile /var/run/named/pid > start program = "/etc/rc.d/named start" > stop program = "/etc/rc.d/named stop" > >It can also easily be configured to send notifications. > > >-- >Scott Robbins >PGP keyID EB3467D6 >( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) >gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 > > > > >------------------------------ > >Message: 3 >Date: Tue, 16 Apr 2019 07:27:55 +1800 >From: AbH Belxjander Draconis Serechai <belxjander@example.com> >Subject: [tlug] Fujitsu Lifebook PH50/E needing repair help... > anyone? >To: Tokyo Linux Users Group <tlug@example.com>, Christian Horn > <chorn@example.com> >Message-ID: > <CAFNLyStfTsTKj8ByqRd1CS+EtQc9+9KT6wt+V08_NBfuAoMzHw@example.com> >Content-Type: text/plain; charset="UTF-8" > >Hello everyone... normally I would lurk however... > >I have a Fujitsu Lifebook PH50/E Laptop and I am needing to sort out >reflashing the EFI firmware and resetting the NVRAM content equivalent >to a "factory" state. > >I have managed to boot this laptop *once* with Ubuntu Linux however on >resetting the Windows 10 installation weas no longer bootable, nor >would it respond to the built-in keyboard. >Firmware runs, excessively delayed before any form of display occurs >then will sit in a halt state indefinitely. > >if anyone is able to offer advice or possibly help in restoring the >laptop here back to a workable condition? > >If anyone with the same type of laptop is willing to help "reset" the >firmware and nvram on this problem machine? > > > >------------------------------ > >Message: 4 >Date: Mon, 15 Apr 2019 22:58:27 +0900 >From: Furkan Mustafa <furkan@example.com> >Subject: Re: [tlug] What do you use for simple monitoring? >To: Christian Horn <chorn@example.com>, tlug@example.com >Message-ID: <b1d72f09e679bd8bccdbc526f9610e77@example.com> >Content-Type: text/plain; charset=US-ASCII; format=flowed > >Hello, > >On 2019-04-15 21:17, Christian Horn wrote: >> I consider to just use a shellscript which checks some things >> and sends an email if a returncode is not as expected. >> >> What are you guys doing to monitor simple, single services? > >We have a python program for simple checks and sending emails >or chat messages when a failure is detected. It might be a bit >messy now, but it works. > >https://git.rlab.io/system/healthcheck > >Hope it helps > >Furkan Mustafa >https://rainlab.co.jp > > > >------------------------------ > >Message: 5 >Date: Tue, 16 Apr 2019 09:52:30 +0900 >From: Chris Salisbury <chris.salisbury@example.com> >Subject: Re: [tlug] What do you use for simple monitoring? >To: Tokyo Linux Users Group <tlug@example.com> >Message-ID: > <CAH2XypHHXY9C1fOo0 +=YRBTobXprQGayeq9HDfyZcfvne3Udng@example.com> >Content-Type: text/plain; charset="utf-8" > >>with some services >Seems like you should be using whatever you use to manage the service >itself for monitoring and triggering events on failure (or any service >life-cycle event). I think all of the popular ones support this. The >emailing part makes sense to be in a script which is triggered by the >service manager, though. If you aren't using a service manager, I would >recommend doing so! My 2 yen: for things that don't need to scale, systemd >makes sense -- and for things that do need to scale, kubernetes makes sense. > >On Mon, Apr 15, 2019 at 11:17 PM Furkan Mustafa <furkan@example.com> >wrote: > >> Hello, >> >> On 2019-04-15 21:17, Christian Horn wrote: >> > I consider to just use a shellscript which checks some things >> > and sends an email if a returncode is not as expected. >> > >> > What are you guys doing to monitor simple, single services? >> >> We have a python program for simple checks and sending emails >> or chat messages when a failure is detected. It might be a bit >> messy now, but it works. >> >> https://git.rlab.io/system/healthcheck >> >> Hope it helps >> >> Furkan Mustafa >> https://rainlab.co.jp >> >> -- >> To unsubscribe from this mailing list, >> please see the instructions at http://lists.tlug.jp/list.html >> >> The TLUG mailing list is hosted by ASAHI Net, provider of mobile and >> fixed broadband Internet services to individuals and corporations. >> Visit ASAHI Net's English-language Web page: http://asahi-net.jp/en/ >> >-------------- next part -------------- >An HTML attachment was scrubbed... >URL: https://lists.tlug.jp/ML/attachments/20190416/6af88a05/attachment.html > >------------------------------ > >Message: 6 >Date: Tue, 16 Apr 2019 10:11:45 +0900 >From: Chris <chris@example.com> >Subject: [tlug] Note to server admins: you're breaking DKIM >To: tlug@example.com >Message-ID: <20190416011145.GA7656@basementcat> >Content-Type: text/plain; charset="utf-8" > >TLUG server admins, > >You might want to consider stripping the DKIM headers from inbound messages. > >You're passing them along to the list intact, which breaks the signature. Run >a message from someone using gmail through opendkim; you'll see what I'm talking >about. > >Cheers, >-- > >-- Chris > GPG key fingerprint A582 1BB2 6E72 49BF D4BA 25B4 E40C 37F9 199C 6964 >-------------- next part -------------- >A non-text attachment was scrubbed... >Name: not available >Type: application/pgp-signature >Size: 833 bytes >Desc: not available >Url : https://lists.tlug.jp/ML/attachments/20190416/9d8d9d61/attachment.bin > >------------------------------ > >Message: 7 >Date: Tue, 16 Apr 2019 10:38:23 +0900 >From: Chris <chris@example.com> >Subject: Re: [tlug] Note to server admins: you're breaking DKIM >To: tlug@example.com >Message-ID: <20190416013822.GB7656@basementcat> >Content-Type: text/plain; charset="utf-8" > >... and the TLS ciphers are weird: > >Apr 16 10:21:39 random postfix/smtp[2507]: SSL_connect error to kirakira.tlug.jp[202.224.46.216]:25: -1 >Apr 16 10:21:39 random postfix/smtp[2507]: warning: TLS library problem: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:/usr/src/crypto/openssl/ssl/s23_clnt.c:802: >Apr 16 10:21:39 random postfix/smtp[2507]: 1AA41DAD36: Cannot start TLS: handshake failure > >If you're using postfix, try this (and adjust cert paths for Linux, this example >is for NetBSD): > > smtpd_use_tls = yes > smtpd_tls_auth_only = yes > smtpd_tls_key_file = /etc/postfix/privkey.pem > smtpd_tls_cert_file = /etc/postfix/fullchain.pem > smtpd_tls_CAfile = /etc/postfix/fullchain.pem > smtpd_tls_received_header = yes > smtpd_tls_session_cache_timeout = 3600s > smtpd_tls_loglevel = 1 > smtpd_tls_ask_ccert = yes > > smtpd_tls_security_level = may > smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 > smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 > smtpd_tls_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1 > smtpd_tls_mandatory_ciphers = medium > tls_medium_cipherlist = AES128+EECDH:AES128+EDH > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > smtpd_tls_dh512_param_file = /etc/postfix/dh512.pem > > smtp_tls_CAfile = /usr/local/share/certs/ca-root-nss.crt > smtp_use_tls = yes > smtp_tls_security_level = may > smtp_enforce_tls = no > smtp_tls_loglevel = 1 > smtp_tls_key_file = /etc/postfix/privkey.pem > smtp_tls_cert_file = /etc/postfix/fullchain.pem > >-- > >-- Chris > GPG key fingerprint A582 1BB2 6E72 49BF D4BA 25B4 E40C 37F9 199C 6964 >-------------- next part -------------- >A non-text attachment was scrubbed... >Name: not available >Type: application/pgp-signature >Size: 833 bytes >Desc: not available >Url : https://lists.tlug.jp/ML/attachments/20190416/4bd003a3/attachment.bin > >------------------------------ > >-- >To unsubscribe from this mailing list, >please see the instructions at http://lists.tlug.jp/list.html > >The TLUG mailing list is hosted by ASAHI Net, provider of mobile and >fixed broadband Internet services to individuals and corporations. >Visit ASAHI Net's English-language Web page: http://asahi-net.jp/en/ > >End of Tlug Digest, Vol 160, Issue 4 >************************************
- Prev by Date: Re: [tlug] Note to server admins: you're breaking DKIM
- Next by Date: Re: [tlug] Note to server admins: you're breaking DKIM
- Previous by thread: Re: [tlug] Note to server admins: you're breaking DKIM
- Next by thread: [tlug] Another note to server admins: fix kirakira's cert
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |