Hello,
Here is an example of me using the Xen Shell rescue environment to
diagnose and fix a booting issue with a customer's VPS.
Sorry about the long pauses. It's recorded in realtime, I needed to look
some things up, and you can't edit an asciinema.
https://asciinema.org/a/RXb6KGR7aXGZwRhfQkeUi8RUj (7m47s)
For those wanting to avoid spoilers, the next email is going to contain
some comments about what the problem here actually was.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Hi,
Every VPS now includes 2GiB of backup space for use with our local
backups service, for free. More info on the local backups service:
https://tools.bitfolk.com/wiki/Backups
You still need to let us know what to back up before any backups
will take place, so if you are not currently a user of the backups
service and wish to enable it please follow the procedure here:
https://tools.bitfolk.com/wiki/Backups#Setup
If you are already a user of the backups service then 2GiB has
simply been added to your quota.
There is now no excuse for important configs and data to not be
backed up. ☺
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi,
I've discussed this issue with Andy and he has asked me to post it here for
wider discussion. I've not yet succesfully performed the upgrade yet. I'd
be interested to hear what others have done or are intending to do.
8<-----
I've received the attached regarding some apt security problems that
involve HTTP redirects.
The message says that some mirrors have trouble with it and, indeed, when I
try it against the http://apt-cacher.lon.bitfolk.com mirrors,
`sudo apt -o Acquire::http::AllowRedirect=false update` gives me
-----
...
Fetched 15.5 kB in 4s (3,224 B/s)
W: Failed to fetch
http://apt-cacher.lon.bitfolk.com/debian/security.debian.org/dists/jessie/u…
302 Found
W: Failed to fetch
http://apt-cacher.lon.bitfolk.com/debian/security.debian.org/dists/jessie/u…
302 Found
-----
and
`sudo apt -o Acquire::http::AllowRedirect=false upgrade`
gives me
-----
...
WARNING: The following packages cannot be authenticated!
...
-----
I guess I can follow the advice in the message and use the original server
for this upgrade but I thought I'd make you aware of it.
Perhaps if the cache was already populated it would work OK?
Regards,
@ndy
--
andyjpb(a)ashurst.eu.org
http://www.ashurst.eu.org/
0x7EBA75FF
Hi,
Here is a list of open feature requests and the number of votes
they have received:
https://tools.bitfolk.com/redmine/issues?query_id=1
(You can vote an issue up or down once you are logged in and viewing
it)
I am currently working on making a "billing" role for the address
book, so that invoices can be sent to different/multiple people.
That was actually the most desired thing of the whole "address book"
feature and will allow for getting rid of a few cumbersome mail
aliases that we have.
I can take it as said that everyone wants "better spec VPSes for
less money" but after I'm done with the billing role I'll move on to
something else and I will use this list of issues and their votes to
help me make that decision¹.
At the moment it's looking like people really want to be able to add
and remove secondary DNS domains from the panel.
Next up is an SMS alerting method for Nagios, which I suppose now
carries over for Icinga2. I am really sceptical about this. Mainly
I worry that very few people will actually use it, and every SMS
sent costs BitFolk money, so is it a good use of resources? If I
don't charge for it then every customer not making use of it will be
subsidising those who do. And as some people let alerts just fire
over and over.
Charging for it brings other issues, chiefly that once real money is
being charged everything becomes much more serious; I start to
wonder if this may be appropriate for a service whose main purpose
is monitoring your stuff, but not for one that throws in monitoring
as a free perk.
I would be more comfortable implementing Pushover alerts as these
are free to send (within some massive limit). There is a one-off fee
to the Pushover app developers per receiving device. I will not do
that however unless there is at least 1 person who might use it. If
you are such a person, please vote it up:
https://tools.bitfolk.com/redmine/issues/174
Further down the list, the configurable lead time for raising
invoices it quite likely to happen. There's a couple of corporate
customers who regularly complain that 30 days is not enough time to
pay an invoice and are unable/unwilling to do Direct Debit. I'm not
extending credit terms any further than 30 days so the solution for
them will be to have invoices raised and sent to them sooner.
If you have any comments on these feature requests, or ideas for new
ones, ideally please submit them at:
https://tools.bitfolk.com/redmine/projects
but posting here is okay if you feel it needs a more conversational
start.
Cheers,
Andy
¹ Though just because people want something doesn't mean that it's
easy or even possible, so the feature requests made and the votes
they have are only one factor, not the deciding factor.
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Hi,
Host snaps unexpectedly rebooted approximately 15 minutes ago. I'm
not in front of a computer at the moment so will have to investigate
later. I believe it will be the same bug that has plaguedusers of
"hen". If so then at least snaps has now booted with the settings
that are hoped will avoid the issue in future.
Apologies for the disruption.
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Folks,
I've been tasked with finding a way for our directors emails to be
delivered to two servers (somewhat simultaneously). They use their "work
email addresses" as personal accounts, as well as business accounts (don't
get me started), and they don't want to be reliant on connectivity to the
corporate Exchange servers, so I've set up a Docker mail server on their
home network, but getting their mail delivered to both that MTA and the
Exchange servers is above my knowledge grade.
I've patiently tried to explain that "that's not how SMTP works", but I'm
being met with recalcitrance and "you need to be a solutions provider", so
I thought I'd put this in front of the hivemind and see if any of you know
of an easy way to do this?
Bit of background to help - the only way that I can think of possibly doing
this is to MITM it (stick another MTA server outside our network, have it
send the emails for the directors to two destination servers and just pass
all the other mail to our Exchange infrastructure, if that's even possible
without darkweb solutions), and I won't be allowed to use a cloud email
service to do this as they are vehemently opposed to "The Cloud" (again,
don't get me started).
Kind regards
Murray Crane
Hi,
You can now add contacts to the "Data Transfer" role of the address
book:
https://panel.bitfolk.com/account/contacts/#toc-roles
If you do that then these will be the only addresses that receive
emails about your weekly data transfer stats, predicted overage,
actual overage etc.
I am also going through and rewriting documentation to reflect the
new policy that no overage will be allowed without prior
confirmation, i.e. we'll turn off your network rather than allow you
to run up a bill, unless you indicate otherwise. If you spot any
that's out of date after a few days from now, please do let me know.
(Those handful of customers that regularly incur overage bills
should assume that this will continue to be the case. I'm talking
about for people we haven't spoken to about overage before.)
I hope to get on to splitting out the billing functions into a
billing role next.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Oops, I've just noticed that this only went to users@, not announce@. Sorry about the extra copy some of you are now getting. :(
Cheers,
Andy
----- Forwarded message from Andy Smith <andy(a)bitfolk.com> -----
Date: Fri, 21 Dec 2018 14:49:34 +0000
From: Andy Smith <andy(a)bitfolk.com>
To: users(a)lists.bitfolk.com
Subject: Re: [bitfolk] Host "hen" crashed again (Was: Re: Host "hen" unexpectedly rebooted 2018-11-26 22:24)
User-Agent: Mutt/1.5.23 (2014-03-12)
Reply-To: users(a)lists.bitfolk.com
Hi,
This happened again a few minutes ago.
IPv6 failover appears to have happened correctly due to some fixes
since last time - hence no v6 outage until manual intervention.
hen has now booted with some settings which it is hoped will avoid
the problem in future.
I'm not in front of a computer at the moment so later today I'll
review what was logged.
Apologies for the ongoing hassle.
Cheers,
Andy
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi,
There's a long-standing request to implement a way for customers to
disable password authentication on their Xen Shell SSH accounts
(i.e. ssh username(a)username.console.bitfolk.com):
https://tools.bitfolk.com/redmine/issues/116
This has now been implemented¹, so if you go to:
https://panel.bitfolk.com/account/security/#toc-allow-xen-shell-ssh-access-…
you can set that if you wish. You will first need to have added at
least one SSH public key, as that is the only way you'll be able to
log in to the Xen Shell after that.
I don't anticipate many people using this or it changing frequently,
so I haven't bothered to implement immediate update of our SSH
config. Instead you might have to wait up to 30 minutes for the
sshd_config on the host machine to actually be updated.
The other already existing way to further secure your Xen Shell
login is to use 2 factor authentication, as described on the same
page. Enabling that will require you to supply a code from a TOTP
app such as Google Authenticator, 1Password, etc.
Cheers,
Andy
¹ 11 days short of 5 years since it was requested, woohoo!
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce