Posts

Remote kubectl x509: certificate is valid for 127.0.0.1

-
E0829 10:19:51.734979   13883 memcache.go:265] couldn't get current server API group list: Get "https://x.x.x.x:6443/api? Unable to connect to the server: tls: failed to verify certificate: x509: certificate is valid for 10.43.0.1, 127.0.0.1, 172.31.4.10, ::1, not 13.126.42.175 Solution: edit /etc/systemd/system/k3s.service ExecStart=/usr/local/bin/k3s \    server \       '–advertise-address=106.xx.xx.xx' \       '-tls-san=106.xx.xx.xx' \  ## this is important and kubectl -n kube-system delete secrets/k3s-serving mv /var/lib/rancher/k3s/server/tls/dynamic-cert.json /tmp/dynamic-cert.json systemctl restart k3s
Read more

DevSecOps github

-
https://github.com/sottlmarek/DevSecOps  
Read more

PG::Error: ERROR: new encoding (UTF8) is incompatible

-
First, we need to drop template1. Templates can't be dropped, so we first modify it so t's an ordinary database: UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1'; Now we can drop it: DROP DATABASE template1; Now its time to create database from template0, with a new default encoding: CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE'; Now modify template1 so it's actually a template: UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1'; Now switch to template1 and VACUUM FREEZE the template: \c template1 VACUUM FREEZE; Problem should be resolved.
Read more

Download the secure file to local machine or view its content in Azure DevOps with build administrator privilege

-
Create a pipeline and execute. trigger: - main pool:   vmImage: ubuntu-latest steps: - task: DownloadSecureFile@1   displayName: 'Download secure file'   inputs:     secureFile: <securefilename> - task: PublishBuildArtifacts@1   displayName: 'Publish Artifact: drop'   inputs:     PathtoPublish: '$(DOWNLOADSECUREFILE.SECUREFILEPATH)'
Read more

.gitlab-ci.yaml use image with a specific user

-
In yaml Instead of image : xyz you can do image:  name: xyz  docker:    user: root
Read more

ProxMox LxC container open vpn Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

-
Adding the following to /etc/pve/lxc/xxx.conf solves the problem: lxc.cgroup.devices.allow: c 10:200 rwm lxc.mount.entry: /dev/net dev/net none bind,create=dir
Read more

VPN Support with WSL2

-
update to WSL offers experimental features which resolve the issue for me. I'm using WSL2 on Windows 11 with Global protect. Add the following flags  C:\Users\_username_\.wslconfig  file: [experimental] networkingMode=mirrored dnsTunneling=true Or in wsl specific distro vim /etc/wsl.conf [experimental] networkingMode=mirrored dnsTunneling=true
Read more