No Image

Debian 11 and Podman: fixing ping inside the containers

28/09/2021 juliogonzalez 0

After updating one of my servers to from Debian 10 to Debian 11 I decided to get start getting rid of Docker and use Podman instead.

One of the containers is running checkmk, and after switching to Podman, everything was working except that the ping command failed to ping any IP or hostname at all. Same for the check_icmp and check_ping commands that were working just fine at Docker.

First stop: containers do not have NET_RAW capability by default. But even specifying it, or even using –cap-add=ALL, the container could still not ping anything.

It seems that enabling net.ipv4.ping_group_range is required, and despite systemd 243 should have it according to the link, systemd 247 on Debian 11 does not configure it.

So while that is sorted out, I ran:

sysctl net.ipv4.ping_group_range="0 2147483647" 

And then created a file /etc/sysctl.d/ping_group_range.conf with the following content (for persistance):

net.ipv4.ping_group_range = 0 2147483647

And ping, as well as check_icmp and check_ping started to work again

No Image

Watchdog for network devices with Tasmota

22/11/2020 juliogonzalez 26

I don’t know how many times I had routers providing access to the internet that would not reboot in case there are problems. Or sometimes the problem is a Raspberry crashing from time to time that I don’t have time to debug.

If it’s the router, the solution would be replacing the router, but it’s not always so trivial. Sometimes you are forced to use your ISP’s router. Sometimes the technology your ISP is using makes very difficult considering an alternative. Remember: here in Spain they sometimes do not disclose connection details or VoIP configuration details. And if you problem is with a Raspberry, you

First advice: if your problem is a router and if you can replace it, go ahead. And consider buying one that supports OpenWrt.

(more…)
No Image

Fixing pymssql 2.1.5 from pip to work on CentOS7

26/09/2020 juliogonzalez 0

Updating the tds_fdw Continuous Integration to test CentOS7, I noticed pymsql 2.1.5 could not connect anymore to our Azure SQL Database and all I could get was:

pymssql.OperationalError: (20002, 'DB-Lib error message 20002, severity 9:\nAdaptive Server connection failed (instance.database.windows.net)\n')

Enabling TDS debugging revealed that, for some reason, the Azure SQL database just rejected the logging information:

(more…)
No Image

optirun/primusrun on openSUSE Leap 15.2

05/09/2020 juliogonzalez 0

After updating to from openSUSE Leap 15.1 to openSUSE Leap 15.2, the good optirun command stopped working, even with all the Nvidia required packages installed:

$ optirun -b primus ./start.sh  
primus: fatal: failed to load any of the libraries: /usr/lib64/nvidia/libGL.so.1:/usr/lib/nvidia/libGL.so.1
/usr/lib64/nvidia/libGL.so.1: cannot open shared object file: No such file or directory
/usr/lib/nvidia/libGL.so.1: cannot open shared object file: No such file or directory

The thing is that in the end I do not want to switch the graphics card using prime-select, as that means using the card for everything, and requires closing the session.

So thanks to this reddit post I noticed that there could be a solution.

Running (as root):

ln -s /usr/X11R6/lib/libGL.so.1 /usr/lib/nvidia/libGL.so.1
ln -s /usr/X11R6/lib64/libGL.so.1 /usr/lib64/nvidia/libGL.so.1

And ready, optirun runs fine once again. And it seems primusrun works as well.

No Image

Debian 10: some docker containers are not starting

31/08/2019 juliogonzalez 1

I just updated several of my boxes to Debian 10 Buster, including one virtual server I have to build and update Docker images for CI purposes.

Suddenly the containers for CentOS6 using centos:centos6 image refused to start for no reason. It didn’t matter if I tried to run sh or bash (for example with docker run -ti -u root --rm centos:centos6 /bin/bash). No error from the command docker at all. Just the prompt again.

The exact same Docker image worked fine on my openSUSE Leap 15.1.

(more…)

No Image

How to unbrick a TP-Link TL-WA860RE v1

17/09/2018 juliogonzalez 2

Short story: a member of my family got a refurbished TP-Link repeater TL-WA860RE v1 from Amazon a while ago . He tried to configure it but could not, so just stored it in the box until last month, I came to his home and asked him about the repeater (at that point warranty was already expired).

As he told me he was not able to make it work, I gave it a try: The repeater was able to provide an IP address with DHCP to any computer connected to the Ethernet port, but status LED was always yellow, the WebUI was not available, and of course there was no way of configuring it (no telnet, no SSH, nothing).

In the end I discovered that the previous owner failed to flash a firmware on the device, so I saw a lot of errors regarding USB subsystem, kernel modules and even Squash Filesystem: (more…)

No Image

Let’s encrypt SSL certificates at cPanel automatically and without native support (for example at Namecheap)

20/11/2016 juliogonzalez 23

IMPORTANT: acme.sh now supports deploying to cPanel, so my method is deprecated. Please use the official acme.sh method instead.

If you want to use Let’s Encrypt free certificates with some virtual shared hosting providers such as Namecheap, you could find that there is no official support.

While using the certificates is not a problem, as it is possible from the WebUI, having then renewed and automatically installed can be a different story.

In my case, one of the providers is Namecheap, an they decided not to integrate Let’s Encrypt support into cPanel because (they say) it requires a big amount of changes to their infrastructure.

(more…)