Need basic help configuring 000-default.conf

I am trying to set up apach2 on an Ubuntu VPS.

$ uname -a
Linux www 5.4.0-58-generic #64-Ubuntu SMP Wed Dec 9 08:16:25 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

$ apache2 -v
Server version: Apache/2.4.41 (Ubuntu)
Server built: 2020-08-12T19:46:17

I bought an SSL cert from namecheap. I used their instructions to setup the SSL, and it seems to working. They have a test for it. But there are a few things I don’t understand.

Should port 80 and 443 both be enabled in 000-default.conf? The instructions gave a 443 template to pasted into the end of the file. I did that. But, it seems to want to default to port 80.

Should I use www.example.com or example.com? I would like users to be able to enter either in the URL.
SEMrush

I am trying to install Moodle in /var/www/html/moodle. I want users to just enter example.com. Do I need to change the server root to /var/www/html/moodle instead of /var/www/html?

Any help appreciated. Thanks in advance.

 

magento2 – configuring elasticsearch in 2.4.0

I installed magento 2.4.0 on sheared hosting with 1 click installation.

I understand that Magento 2.4.0 needs Elasticsearch to operate properly and I have set up an instance with AWS and I’m now trying and failing to configure my magento installation to connect to it.

I’ve entered the credentials into the back end but I’m still getting an error message about no active nodes on my cluster

magento2.3 – Configuring Magento 2.3 MSI (Multi Source Inventory) with Multiple Stocks

I am trying to configure Magento MSI with Multiple Stock for a single Sales Channel but it only allows me to assign single stock to a sales channel. Based on Magento’s documentation, this is how it is expected to work. Is there a way I can modify this behavior to have multiple stocks assigned to a single sales channel?

https://docs.magento.com/user-guide/catalog/inventory-stock.html

Below is my scenario. I have three Vendors and each has its own warehouse. At a time, it only allows assigning Sales Channel to just one stock which is below screenshot is Vendor 1.

enter image description here

Thanks for your help!

network – Seeking Advice/Guidance on configuring VPN to Ubiquiti USG behind Cisco Meraki

Abstract:

Access the USG network via VPN, through a Meraki MX84.

Summary:

I am currently working on setting up some new hardware and re-configuring a network that I am responsible for.

The objective is to have an individual VPN into the USG network.

The USG is on it’s own network behind a Meraki MX84.

The USG is connected to the MX84 via a VLAN configured port (configured within the Meraki Dashboard).

The USG Network can be accessed when connected to the local network that the Meraki is connected to, and can also be accessed when VPNing to the Meraki,

but

I seek to allow a user to VPN directly to the USG network through the MX84, without having to VPN to the Meraki first (without having to double VPN).

Ramblings:

I must admit that this is new to me. I have a general understanding of networking, but a lot of this in unfamiliar grounds.

On the USG side, there are two settings for a VPN (well, three actually, but one doesn’t work with this): Remote VPN and Site-2-site VPN.

I have two different thoughts about this,

I could setup the USG with a Remote VPN and have those seeking to connect with the USG be pushed/ported through via rules on the Meraki,

or

I could link the Meraki and USG via a site-2-site VPN connection via a VLAN.

My Troubles:

I’m not sure which is the best approach.

Also, all of the VPN clients I have used ask for an IP or Name Server (DNS, Domain Name, why is there no standard?), yet, from my understanding, we, via our ISP, are only given one IP address, and the Meraki itself can be given a Domain Name that matches that IP address (as it is set in the settings of the Dashboard), so I am not sure how a remote user can actually get to the USG via a VPN client if the USG isn’t actually visible on the internet.

Another thing, once a remote user connects to the Meraki, how does the Meraki know which data to send to the USG VLAN if all the data is coming from one source without anything distinguishing it from the other data? I recognize that there is a chain in the way data moves through routers and the such, but from my position, how am I to tell my simple VPN client “Go to (IP), and THEN go to (IP).”

I assume there are rules that can be set within the Meraki that will sort all of this out.

I assume I am thinking too hard about this, and/or don’t have enough experience.

amazon web services – Configuring SNS Topic notification IAM Role in Maintenance Window tasks

I currently have an AWS Maintenance Window set up in order to keep certain things up to date across some EC2 instances. I want to set up a SNS Topic to email me when one of the tasks fails to run correctly. So far I have the following Cloudformation template, which deploys fine:

MaintenanceWindowTask1:
Type: AWS::SSM::MaintenanceWindowTask
Properties:
Name: UpdateSSMAgent
WindowId: !Ref MaintenanceWindow
Targets:
– Key: TargetIds
Values:
– !Ref MaintenanceWindowTarget
TaskArn: UpdateSSMAgent
TaskType: RUN_COMMAND
TaskInvocationParameters:
MaintenanceWindowRunCommandParameters:
Parameters:
version:
– “{{ssm:/ssm-version}}”
allowDowngrade:
– “true”
NotificationConfig:
NotificationArn: !Ref SnsTopic
NotificationEvents:
– Failed
NotificationType: Command
Priority: 1
MaxConcurrency: 100%
MaxErrors: 1

The issue with this is that I have no Notification IAM Role defined in the CFN stack, so the topic can’t be published.

I can’t for the life of me find any documentation on what the appropriate definition should be and I don’t want to set the IAM Role the SNS Topic uses via the console.

Does anybody have a solution or know the correct CFN definition for a SNS notification IAM Role?

Server running on Windows 10 as a service, OWIN self-hosted with WebAPI endpoints making an SSL connection without configuring a private key

I have created a prototype application the runs on Windows 10 that communicates with a server (described in the title) running as a service on a different system and successfully got SSL working but I’m missing something because I never seemed to generate any keys. I only just self-taught myself how to use PowerShell to create the self-signed certificate (so bare with me) using New-SelfSignedCertificate but I have very little insight into why this worked at all. From my very limited understanding a private key on the server is absolutely required for SSL to work, and I never associated one with my certificate… but it’s working and I think I’m fooling myself.

All I did was create the certificate with New-SelfSignedCertificate -Subject "CN=My Server Name"
Then add the binding with netsh http add sslcert certhash=<the thumbprint> appid={the app id}
And add the reservation for the service with netsh http add urlacl url="https://+:<my port number>/" user='NT AUTHORITYLocalService'

This all works, but I’m not sure I understand how because I never configured a private key. I know it must need to be expanded upon somehow to make it more secure because every single tutorial out there talks about making the certificate trustworthy and assigning a private key to the cert… but I’ve done none of that and it still appears to work. Granted, the client is not a web browser and will never care about the authenticity of the server because of the context in which this particular application will run (It’s to connect scientific components together in a lab, and there’s almost no exposure outside the network).

What am I missing here? Did Windows 10 provide a private key anyway? How can it really be encrypted if I didn’t need to specify these things? I also never moved the certificate to a trusted store of any kind because it frankly didn’t seem necessary since the client is just a proprietary front-end application.

networking – Configuring two network cards so that I can access them at the same time on Linux

I’m a bit of a beginner in Linux (I’m using CentOS 7). I have a workstation with two network cards. I configured them so that each has its own WAN. However, I can’t access (using ping) them at the same time.

  • 1st WAN: 172.16.0.1
  • 2nd WAN: 10.101.0.10

Please have a look at the following outputs for more details:

(root@localhost network-scripts)# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    101    0        0 ens192
default         gateway         0.0.0.0         UG    102    0        0 ens160
10.101.0.0      0.0.0.0         255.255.0.0     U     102    0        0 ens160
172.16.0.0      0.0.0.0         255.255.255.0   U     101    0        0 ens192
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0


Emad Helal <emadbadr2011@gmail.com>
00:22 (5 minutes ago)
to me

ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:bf:9c:a5 brd ff:ff:ff:ff:ff:ff
    inet 10.101.3.44/16 brd 10.101.255.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::b66e:4822:ba8c:e806/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:bf:9c:af brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.8/24 brd 172.16.0.255 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:febf:9caf/64 scope link
       valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:72:52:14 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:72:52:14 brd ff:ff:ff:ff:ff:ff
(root@localhost network-scripts)# ping www.google.com
PING www.google.com (216.58.205.196) 56(84) bytes of data.
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=1 ttl=115 time=38.1 ms
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=2 ttl=115 time=38.1 ms
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=3 ttl=115 time=38.1 ms
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=4 ttl=115 time=38.1 ms
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=5 ttl=115 time=38.2 ms
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=6 ttl=115 time=38.4 ms
64 bytes from mrs09s09-in-f4.1e100.net (216.58.205.196): icmp_seq=7 ttl=115 time=38.2 ms
^C
--- www.google.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6007ms
rtt min/avg/max/mdev = 38.117/38.215/38.482/0.119 ms
(root@localhost network-scripts)# ping 172.16.0.1    
PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
64 bytes from 172.16.0.1: icmp_seq=1 ttl=255 time=1.64 ms
64 bytes from 172.16.0.1: icmp_seq=2 ttl=255 time=0.536 ms
64 bytes from 172.16.0.1: icmp_seq=3 ttl=255 time=0.536 ms
64 bytes from 172.16.0.1: icmp_seq=4 ttl=255 time=0.554 ms
64 bytes from 172.16.0.1: icmp_seq=5 ttl=255 time=0.554 ms
64 bytes from 172.16.0.1: icmp_seq=6 ttl=255 time=0.552 ms
64 bytes from 172.16.0.1: icmp_seq=7 ttl=255 time=0.550 ms
^Z
(1)+  Stopped                 ping 172.16.0.1
(root@localhost network-scripts)# ping 10.127.111.1
PING 10.127.111.1 (10.127.111.1) 56(84) bytes of data.

Please, note that the IP 10.127.111.1 is related to the leased-line with GW: 172.16.0.1. When i close the second network card (WAN: 10.101.0.10) 10.127.111.1 replays. How can i receive from both cards.

Thanks a lot 🙂

ssis – Configuring 2017 SQL Server SSISDB Server-wide Default Logging Level does not seem to work

Using SSMS, I have changed the SSIS Catalog Logging Level from Basic to Performance to a Custom Logging Level in a 2017 SQL Server Instance and then I run the report: “All Executions”. It doesn’t seem to matter what Logging Level I am at, the amount of data/detail that is included in the SSIS Catalog Report remains the same. I would think the amount of detail would change with each Logging Level.

If the SSIS Catalog Reports do not change when the Logging Level changes, then how do I see the changes to the Logging Levels? Otherwise, if the SSIS Catalog Reports are suppose change, can someone please point me in the correct path to get the SSIS Catalog Reports to change?