But, like I said, if you are moving everything, you can simply backup and restore, and then update DNS.

@JaredBusch said in linphone: remove/hide “default identity”:

@scottalanmiller said in linphone: remove/hide “default identity”:

@JaredBusch said in linphone: remove/hide “default identity”:

@Dashrender said in linphone: remove/hide “default identity”:

@scottalanmiller said in linphone: remove/hide “default identity”:

@Dashrender said in linphone: remove/hide “default identity”:

@scottalanmiller said in linphone: remove/hide “default identity”:

Most enterprise PBXs, and FreePBX is no exception, give you the ENTIRE system. It's an "appliance." You don't download it as software and install on top of an OS as if it were an office suite or note taking application (although that's possible.)

At least not any more, and not for several years... but there was a time, not THAT long ago that you did.

Pretty long ago. Like mid-2000s I'd say. That's more than a generation in IT terms.

That doesn't seem right - I recall building my first FreePBX and that was only like 5-7 years max and you had to install from scripts - they didn't have a DL ISO for install.

If I had to guess, you did PBX in a Flash from Nerdvittles.

That was a scripted install on top of CentOS. But it was still nothing more manual than a single script.

I remember that. "In a Flash", haha.

Compared to the manual processes that existed before then, it was good.

In the end I had issues with the crap that the system pre-setup. It was all at the novice or hobbyist. Not business.

Definitely, it was always very hokey. Way, way too many gizmos and whatevers and way too little "feels enterprise stable."

@EddieJennings said in Script for Creating VMs from Template VM in KVM:

@travisdh1 said in Script for Creating VMs from Template VM in KVM:

@EddieJennings said in Script for Creating VMs from Template VM in KVM:

@Pete-S said in Script for Creating VMs from Template VM in KVM:

Not the exactly the same thing but you might want to look into how to create a VM from scratch.
Meaning a script that will set up a VM with vCPU, memory, storage, network etc and then boot it from iso and have it do an unattended install, create what users you want and install the packages you need.

That's one of the next things I'm looking into.

@EddieJennings Also remember about things like kickstart in RedHat based operating systems. In Fedora/CentOS/RHOS you can use a kickstart file to automatically select all the install time options for the OS. A short time later you've got a fresh server and all the time it took you to setup was running the creation script on your hypervisor.

One of the things I'll need to figure out going the Kickstart route is setting the hostname what I want it to be at the time of installation. Likely not difficult to do, I just have to figure it out. Or perhaps, I can just truly take the approach of just making a clean minimal install, and then later configure to whatever specific thing I'm wanting the VM to do for my lab / testing.

Inside the kickstart file you'll find something like this:

network --hostname=centos8-4.example.com

We use debian as our goto and then it's called a preseed file. The only real thing that can be tricky is to tell the installation what kickstart/preseed file you want to use. You can do it in different ways. If you don't want to rely on dhcp/tftp/pxe etc you can roll your own iso file. I think the kickstart file can also be mounted as a drive that the installation will detect when it starts.

I think the best approach is to make an automated installation with same basic settings and some of those will get changed later in the installation. For example you can use a fixed hostname that is later changed from ansible.

@brandon220 said in Browsing shares from W10 (2004) on a domain:

Thoughts?

Create a shortcut on the desktop for our user to get to the shares they need. If AD is setup, use GP to add them.

@Pete-S said in 4G Failover questions:

@travisdh1 said in 4G Failover questions:

@Dashrender said in 4G Failover questions:

@travisdh1 said in 4G Failover questions:

@scottalanmiller said in 4G Failover questions:

@Dashrender said in 4G Failover questions:

holy crap - it cost you $250 a month to run it at home - WTH?

How can it not? Ever priced out the power costs on a server? It's not cheap.

Yeah, power alone can make moving a server to a colo make a lot of sense.

Sadly, every place that offers 1u of colo space I've looked at has a max power draw of 120w and my current home lab box normally draws around 130w.

Time for a more efficient server?

Maybe in another couple of years. It's a Dell PowerEdge R620, 2 Xeon E5-2660 8core 16 thread CPU, 24 4GB 1333MHz RAM modules, 4 Cruicial MX500 500GB drives, Broadcom 4port BCM5720 Gigabit ethernet adapter, and a single 750 watt power supply. It's currently only drawing 112 Watts, so who knows, maybe I could "get away" with it.

120W is a very low limit, just 1 Amp. Colocation America has 2 Amps , so 240W, which low but still more reasonable.

BTW, your server config is not the most power efficient so there are things you could change if you wanted to that would drop the power requirement a lot.

In no particular order:

drop from two to one CPU replace CPU with E5-2600 V2 series. They use 22nm tech and have about 25% lower energy consumption in the same socket. Up to 12 cores. use low voltage CPU models, for instance E5-2650L V2 (10 cores) replace memory so you use fewer modules with higher density, for instance 16GB or 32GB use low voltage memory modules DDR3L replace the power supply with the titanium model

@notverypunny said in Automation thought:

Syncthing on the reports directory?

Definitely an option.

Okay - Can we stop now? Going back and forth isn’t healthy.

Why apt-get over apt

Okay, the question stemmed from a Raspberry Pi 3b+ running DietPi. I’m not going to elude that I know how much is or isn’t available in this system, but it’s stripped pretty well from the bits I have read.

It’s what the DietPi Updater used. It isn’t my typing the command ad hoc. So - you can quit the beatings as they aren’t going to help me any.

On my NC instance running 18.04 - I use sudo apt update. So,.. there is that.

apt install man
Could I install this? Yep - you guessed it, - I can. Do I want to, I’m not certain. Will I, again, I’m not certain.

Now - here is a cup of coffee for both you. This topic is closed.

Those aren't even business class companies. Focus on that... consumer service and total lack of support sold at crazy high cost to gullible customers. Verizon, Comcast, Cox, Intermedia... these are the anti-shortlist of companies. The ones no one evaluating anything would talk to. Anyone who knows the vendors and basic business approaches would have ruled these out without having ever talked to them. There are loads of good vendors out there, these are famous as the "never, ever talk to them scammers." Other than Intermedia, famous for having bad support and insane prices, the others are ISPs, which violates basic business common sense.

That's not a rant, that's explaining what your tactics should be based on. Sure they are big, that's not their problem. These are shitting companies preying on the gullible. They have no incentive to make a good product or support the customer. They aren't cost effective, they lack modern (meaning post-2000) protections and flexibility that's just assumed to exist in any real business, they don't have good support, they put the customer at risk.

You clearly stated fail2ban actions not iptables actions. They are not the same thing.

@scottalanmiller said in Fanvil possible firmware issue, non-standard port:

We've seen that kill fail2ban so that it ties up so many CPU cycles that performance drops.

That said, managing iptbales would be the admin's job. Monitoring the bans and jsut blocking entire CIDR would be a normal need.

Preemptive IP blacklisting is also a normal, intelligent thing to do. By geo, common known CIDR, etc.

There is zero reason to leave any PBX system, for a typical American SMB, open to the entire planet by default.

@JaredBusch Yes, I read it, and it appeared to me to be the same issue you described. Don't shoot the messenger just because you didn't like the chosen solution. 🙄 :face_with_raised_eyebrow: :face_with_stuck-out_tongue_winking_eye:

@Dashrender said in Remote VoIP Phone Unifi Network:

@JasGot said in Remote VoIP Phone Unifi Network:

What are your routers? Ubiquiti?

Can you disable SIP ALG on them? (sometimes called SIP transformation on other routers)

He mentioned CONNTRACK - I know that's on USGs.. not sure if it's called that on ER's?

OK the ER does have CONNTRACK.
https://community.ui.com/questions/EdgeRouter-Infinity-conntrack-tuning/efc51d58-8464-41f5-b10e-f7d0fb10968b

All routers have a conntrack table..

Asset Tiger is pretty good in my experience. Hosted and free for 250 assets or less.

@Skyetel said in Skyetel Postcards - What's Needed:

The single login per computer is probably pretty easy to change, and I can add that to the change request.

Seems like this died on the vine 😞
8ef7946f-8922-41b8-93bd-d2fd252f1b73-image.png
2c52ae98-d7b5-46da-9da6-a8576ba99463-image.png

I would love to make use of this if the issues raised above were resolved.

@marcinozga said in Do you add CAA records to your DNS records?:

Yes, but word of caution. If you get certs from multiple different providers, don't forget to add records for all of them. Otherwise getting certs will fail, and it's almost impossible to troubleshoot.

Yes, like this.
caae902b-b24b-46a0-9102-6267aa67770a-image.png

@JasGot

The Xerox line is a work horse. The State pretty much has gone only to them. In the 'new' building I'm assigned to, we have about eight big MFP units per floor set with Follow-You print. It's handy - and yet also some times annoying. More so with being who are WFH and in office - they will some times come up with Printer Offline.

@gjacobse said in How To: for files:

That said, from what you are saying; is my ‘failure’ was omitting the /M which specifies the ‘searchmask’. And because of that omission, it didn’t have the comparative variable, and deleted everything.

There were two things that tripped you up.

The lack of /M to just find *.tmp files Using del *.tmp as the command

First forfiles is a for-loop that executes whatever command you want for each file it finds.
As @JasGot mentioned you will get one hit for each file it will find.

With /D -15 you are specifying that you only want to find files older than 15 days.
With /S you are telling forfiles to look in all subdirectories as well. You may or may not want that.
With /M you can specify a filter which matching filenames you want to search for. Without /Mit will find all the files regardless if it's named 123.tmp or installation.txt

Your initial command would find all files in all subdirectories regardless if it what name it had. That's why you needed /M.

Secondly, forfiles will execute whatever command you want for each and every file it finds.
Since your command was del *.tmp it would delete all tmp files every time it found a file.
What you really wanted was to just delete the file it found.
The @file will have the name of the file so del @file would only delete the file that was found.

Took another look this morning, and it's fixed. No idea what was going on with my account last week.