It seems to fail when trying to fetch the challenge via https://<TLD>/.well-known/acme-challenge/<CHALLENGE ID>.
Reason is "<IP>: Invalid response from https://<TLD>/.well-known/acme-challenge/<CHALLENGE ID>: 400".
When accessing the above url you get an http 400 error with the content path...
Gotta say that while this option might have some security implications it would be very useful and handy.
I as an example am using proxmox for a small project and usually access my ct's over this shell.
However now I would like to authenticate via authentik(-realm) instead of root@pam since...
I am experiencing the same issues.
Email from is set to pbs@domain.tld under Configuration>Other>Email from address but log shows email from as root@pbs.domain.tld
Here's the output from proxmox-backup-manager versions --verbose:
proxmox-backup 2.4-1 running kernel...
I just tried to set up exactly this to use my internal mailcow server.
I always got:
REDACTED postfix/error[3029476]: 40F413A0BB5: to=<admin@REDACTED>, relay=none, delay=0.04, delays=0.03/0/0/0.01, dsn=5.0.0, status=bounced (REDACTED:587)
What fixed it in the end was adding default_transport =...
I just talked to a technician and the network card is onboard (should've known that).
Seems like it won't be possible then.
I am currently debating on getting a 10g connection for better (self-made) ddos protection.
Maybe it will work with the 10g one.
That's what I am doing right now.
However, I have occasional ddos attacks and it puts load on both the vm and host (I have multiqueue enabled).
In the end it would save a good amount of resources for this case.
I have tried to find an acs option in the bios but only found sr-iov support which I enabled.
(My hardware is of hetzner's ax51-nvme which uses an amd3700x processor)
I additionally enabled the following boot config: GRUB_CMDLINE_LINUX_DEFAULT="quiet amd_iommu=on...
Hello all,
I currently have a single nic on my proxmox host and am using two bridges as wan and lan for my pfsense vm where all traffic goes through.
Now I wanted to passthrough the nic into the vm in order to allow for better performance.
I followed the info at...
Thanks a lot for the fast reply :D
But doing that did not download/reinstall any new packages, sadly.
About the disk space problem:
I have enough space on my hard drives to extend the volumes.
My partitions look like this: https://hastebin.com/qixuguluve.sql (The screenshot is from after the...
Today I wanted to update/upgrade my lxcs and proxmox itself. I did the following:
I used this script to update all lxc instances
Afterwards I used the gui's update button to update proxmox.
This is the full output of the upgrade: https://hastebin.com/ruzixoquti.sql
I noticed the following error...
Ah. That makes sense.
I am not sure what the right way to "fix" this would be.
Using ``chmod 444 /proc/kmsg`` and would this pose any security risks?
Edit:
``chmod 444 /proc/kmsg`` on the node did not help :(
I have just looked and seen that other files ``/proc`` can be opened. Example ``/proc/uptime``.
Edit:
The permissions between kmsg and keys are different but should be readable by root. I am able to open keys however and not kmsg.
Imgur-Link if the attachment does not open...
Hello, I have the following problem on an Ubuntu 21.10 LXC:
``
Apr 27 17:48:40 game-dev rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Permission denied.
Apr 27 17:48:40 game-dev rsyslogd: activation of module imklog failed [v8.2102.0 try https://www.rsyslog.com/e/2145 ]
``
I found it...
Today I added an ipv6 adress to my proxmox instance. However, I found out that pinging the ipv6-ip only works with disabled firewall.
I have attached the firewall rules and the network-config. Any ideas what could cause this / how to fix it?
Datacenter:
Node:
Networking:
Yes. I think that is the cause.
I don't think it is stress as the server runs relatively chill (15% cpu, 0.4% io delay, nvme ssd)
However, I do suspect that the nic's drivers might be causing this issue. Running lspci gives me this result:
Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.