W dzisiejszym wpisie z cyklu Porady Admina zajmiemy się poleceniem uname. „uname” oznacza „Unix Name”, a samo polecenie ma na celu dostarczenie kluczowych szczegółów na temat Twojego systemu Linux. https://linuxiarze.pl/porady-admina-coreutils-uname/ #linux #porady #admin #coreutils

Message aux admins : le scraping par les IA devient de + en + problématique et entraîne des DDOS sur les serveurs
Est ce que vous pensez qu’il serait possible d’intégrer des « poisons »/trappes à IA sur les toots et les images que nous postons pour enshittifier ces saletés ?
Y a-t-il des discussions en ce sens au nv d’activity pub (jsp si ça se passe au niveau du protocole , je suis pas du tout dev) ?
#admin #enshittification #IA

Old comment on forum: Migrating from #postgres 9.5 to 11+ is painful.

Me, migrating from 9.4 to 17.2 for several weeks: Huh, I didn't think about it...

經常用 ADMIN 帳戶易遭黑客攻擊　微軟高層提醒用戶應設分身帳號自保
微軟企業與作業系統安全副總裁 David Weston 近日提醒用戶，長期使用擁有完整系統控制權限的管理員帳戶 […]
The post 經常用 ADMIN 帳戶易遭黑客攻擊　微軟高層提醒用戶應設分身帳號自保 appeared first on 香港 unwire.hk 玩生活．樂科技.
#科技新聞 #admin account #windows #管理員帳號
https://unwire.hk/2025/05/03/windows-admin-account-easy-to-hack/fun-tech/?utm_source=rss&utm_medium=rss&utm_campaign=windows-admin-account-easy-to-hack

ICYMI: Matthias Wübbeling shows you how to minimize the attack surface in Windows by enabling built-in rules
https://www.admin-magazine.com/Archive/2024/84/Reducing-the-Attack-Surface-in-Windows?utm_source=mam
#security #Windows #attack #defense #infrastructure #admin #firmware #spam #virus

Last lesson from poking with #database ... be paranoid!

Take backup, select before delete , do not trust - even vendor

Give me some feedback about this Idea

#shopware #api #admin #configurable

https://github.com/shopware/shopware/discussions/8858

Things I learnt about DNS:

1. You can't "redirect" an entire domain with CNAME, only subdomains, which is why my website has been broken.

2. You can't specify an AAAA record and use a wildcard for the A record. You have to explicitly put both.

If the IP changes, you have to change it everywhere. I wonder if there is a modern DNS server which lets you avoid this sort of data duplication.

Why Is Mastodon Is Using So Much Storage?

https://video.fedihost.co/w/caYDRrcGDTpy7yLxBKHqzu

Edit: 因为spam账号的涌入暂时关闭无要求注册，Fediverse的朋友们可以用邀请码注册
https://write.otter.homes/invite/YwHNQL

@board Hi大家好，獭站的Writefreely写手站点 https://write.otter.homes 开始试运行并开放注册啦（目前允许5 blogs per user）。

长期以来中国大陆政府对创作者的政治迫害，和肉眼可见的言论和表达的自由越来越被侵占，让我希望为社群的创作自由和表达自由做一些事情。獭站最开始设立的初衷，也是希望在互联网中维护一个所有人可以自由表达的安全社群，没有言论自由其它的自由便无从说起。

海獭写手站是基于开源软件Writefreely，使用ActivityPub协议和联邦宇宙交流的自由、开放、多语言的博客站点。在这里你可以自由进行创作而免于任何政府和大公司的审查。去中心化和匿名化的博客也可以更好地保护作者的身份，并为作者提供真实销毁账号的功能。

注册账号后，你会拥有一个username@write.otter.homes的账号，可以从任何支持ActivityPub的站点关注这个账号并收到文章的推送。

Otter Log不会泄露你的个人数据，你的信息会在加密后存储在数据库中，并在你销毁账号后随之销毁。（同时在这里承诺Otter Log和其它Otter Homes站点永远永远不会将你的数据用于训练GenAI）

微小的反抗可以汇聚成激流。

以下是一些使用writefreely的技巧。

• Writefreely支持Markdown格式，在文章第一行使用 # 标记标题即可添加标题。

• 博客可以以write.otter.homes/horaceyoung/的方式被访问，或是以@horaceyoung@write.otter.homes的方式被其他Fediverse账号关注。同时博客会自动生成一个RSS feed，可以被任何RSS Reader订阅。

• 需要注意Writefreely的博客可见度是在博客层级而不是文章层级。博客的可见度可以在设置里调整。

• 需要插入图片时，使用

  ![图片文本](图床链接)
  

  的方式插入图片。Misskey的drive功能可以作为图床使用。

• Writefreely和mastodon一样支持tag

• 如果你对css有自信的话，可以自由修改博客的主题 https://writefreely.org/docs/main/writer/css

• 感谢salt站长总结的writefreely使用方法 https://writee.org/writee/guide 同时分享一下 gellneko@writee.org的博客装修教程，感谢！https://writee.org/gellneko/tutorials

• 和任何Fediverse网站一样，writefreely的实例有非常多，可以在这里挑选喜欢的站点加入https://writefreely.org/instances

Now updated version...

It was #DNS
in #ACME scripts
because systemd-timesyncd failed...

After I started my first #IT job (and created my Digital Ocean VPS at that time) I decided to create kind of character card for myself, like in #RPG, for writing down my #sysadmin skill levels and progress. I did it in Postgres, probably because database container was one of first things I had on my VPS then.

I created slightly complex system of arbitrary skill and knowledge points, trying hard to not overestimate my skill levels. Like in standard games there are bigger gaps between higher levels and separate "overall sysadmin level" with own points, indirectly dependent on skills' levels' upgrades (and more directly on other kind of knowledge points). Many things are highly relative here as it is not possible to accurately describe own degree of knowledge in numbers. Also some kind of skills could have more "levels" (e.g. familiarity with more complex software learned gradually with time) than others. I have point scale for 10 levels now. And I am almost sure I wouldn't reach higher than 6-7 "overall sysadmin level" in my lifetime

I didn't update it since October 2023. Today I log in and tried to clean that mess. I feel I should make short paper notes about my progress frequently, like I was doing in previous job. Updates would be easier...

As the admin of a 5 person hosted server, it often feels like we are left out of wider conversations. We don't see all comments from all users on posts of people we follow. Is there anything I can do as an admin to make sure we see as much content as possible? #Mastodon #Mastoadmin #Fediadmin #Admin

@keepassxc
Are there ways for system administrators in a business environment to set system-wide minimum requirements for the master password of KeePassXC-databases?

Otherwise, users could secure valuable collections of access data with a password such as "1234"...

Where can I find documentation about this topic?

Die Plattform https://fomobremen.info/ hat sich für #Bremen etabliert als Portal für alle möglichen alternativen Veranstaltungen. Leider steht schon länger ein Software-Update aus.
Ich hatte Kontakt zu einem der #Admin s. Das Gute: Das Update ist in Arbeit. Allerdings könnten sie dabei Hilfe gebrauchen.
Deshalb: Wenn du ein bisschen Zeit und Ahnung von #Webadministration hast und ein gutes Werk tun willst,
melde dich unter unkonkret@systemli.org
(Fomobremen läuft mit #Mobilizon ).

Some time ago I mentioned here, in half-joking way, self-fixing software I work with. I said Patroni #Postgres has the best regeneration ability I've ever seen. And currently "the best ability" includes:

> After network migrations servers changed IP addresses. It broke etcd config so I had to completely delete that config and initialize etcd cluster again. Which also forced cleaning and renewing Patroni config because it is strongly dependent on etcd. Even when configuration temporarily didn't exist, connection with WAL archives (technically other separate server) wasn't interrupted (I am not even sure if real data transfer could happen at that time). It was seemingly enough to start new #database cluster from last timeline. I don't know WHAT forced servers to immediately pull that data on fresh start. At migration time there weren't any real production data so I didn't even purposely try to restore anything.

> Not so long time later (and now with real production things) some script tests, causing lots of database changes in relatively short time, beyond former server's capacity, killed master server. Patroni switched as intended and I could work on increasing server's capacity (had to do it live, not very convenient). First server finally decided data corruption was too big and to fix it automatically deleted whole /var/lib/postgresql/* directory and started to recreate thing from scratch, using data from new master server (and was doing it with at least 2 GB/s speed because why not? ).

> During above mentioned process impatient tester hit again with their not optimised scripts, finally killing whole cluster. Swearing silently I increased remaining servers as it was only thing I really could do. Postgresql API mostly wasn't responsive, it had limited info about last state before final failure. It wasn't possible to force any change or affect it in any way.
First server decided to delete whole directory again and recreate it (at least this time I saw exact moment in logs), at the same time second server did rewind to state of third server (why??). All these things happened automatically, without my help. I wouldn't even know what to do

And it's only beginning when we use it on production. Now I wait for stubborn users to do some more unintended durability tests... Maybe I would see it's even more invincible

Some of woof.group's queue workers (the daemons that pull down new posts from other instances, and the ones that put posts into your timelines) crashed last night at roughly 0100 UTC, just in time for your admins to fall asleep. Fixed this morning; workers are catching up now. #admin

#Admin #IndiewebSocial

IMPORTANT SERVER NEWS: "The Next Stage for Indieweb.social

"I’d been looking for a way to transition this from a small self-run server, admin-centric place—and to turn it into a more user-managed one...I am grateful to have found a solution for all of these needs for this community:

As of April, IndieWeb.social will be owned and managed by the Newsmast Foundation while they move its governance to a user-managed direction..."

Full details:

https://www.timothychambers.net/2025/03/27/the-next-stage-for-indiewebsocial.html

W dzisiejszym tutorialu z cyklu Porady Admina zajmiemy się programem certbot. Certbot to klient ACME Electronic Frontier Foundation, napisany jest w Pythonie. Certbot może uzyskać i zainstalować certyfikaty HTTPS/TLS/SSL. https://linuxiarze.pl/porady-admina-certbot/ #linux #porady #admin #certbot #ssl