OpenVPN Troubleshooting

Recently I tried installing and setting up OpenVPN on my home server. I ran into a problem I had had before. Both the installation of the .deb package and the init script would hang.

I found the –verbose switch to the /usr/local/openvpn_as/bin/ovpn-init command. it would always hang right after “Generating init scripts auto command”. As generating the init scripts should be instantaneous, this was frustrating. At one point in the script is calls /usr/local/openvpn_as/bin/_ovpn-init and attempts to list the iptables config with iptable –list and put it into a variable. My iptables list is LARGE and uses the hostnames of several IPs I want blocked. (Think asian and Russian sites.) That iptables command it uses does DNS on every hostname. It should use (and I changed the script) to use iptables –list -n which skips DNS.

Now the ovpn-init script runs and doesn’t hang.

Zabbix and Percona

I am staging a Zabbix v3 install and needed to monitor MySQL with Percona. I used the Zabbix Template from this page, and ran into errors:

Invalid tag “/zabbix_export/templates/template(1)/items/item(1)”: the tag “snmp_community” is missing.

Among others.

It looks like the template from Percona is a bit outdated for Zabbix v3. I spent a few hours fixing it. Here it is, fixed.

 

Continue reading “Zabbix and Percona”

rake gitlab:check complains about git version

With the 5.2 version of gitlab, the

bundle exec rake gitlab:check RAILS_ENV=production

command complains about the current distro’s version of git:

Your git bin path is “/usr/bin/git”
Git version >= 1.7.10 ? … no
Try fixing it:
Update your git to a version >= 1.7.10 from 1.7.9
Please fix the error above and rerun the checks.

Checking GitLab … Finished

Here’s how to compile from source to a local (or system wide) location.

Continue reading “rake gitlab:check complains about git version”

Fixing gitlab errors with git operations

Recenlty, I was able to install the 5.2 branch of gitlab for work.

I ran into the following error when cloning a repo:

git pull
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

yet, ssh and ssh keys were working:

ssh -T git@gitlab.lib.unc.edu
Welcome to GitLab, Anonymous!

It took a while, but I found a way to check what gitlab-shell is doing:

gitlab-shell/bin/check

Check GitLab API access: FAILED. code: 302

Check directories and files:
/home/git/repositories: OK
/home/git/.ssh/authorized_keys: OK

This does make sense because it set up SSL in the apache conf for gitlab using the example conf file. It seems that gitlab-shell isn’t smart enough to handle a redirect to the https side. So in the gitlab-shell/config.yml make sure the gitlab_url setting has https set. Also, you may need to make sure your /etc/hosts has the name of the virtual host (if you are running it that way) pointing to the right interface.

Keep in mind, gitlab-shell doesn’t play nice with self-signed certs. I had to revert some things on another gitlab install.

After fixing this, ssh-ing into the server worked right:

ssh -T git@gitlab.lib.unc.edu
Welcome to GitLab, <user>!