The Church Rejoices + Daniil Metropolitan of Vidin chosen and Enthroned as Head of Bulgarian Orthodox Church. Dostoin / Axios !


July 3rd, 2024

The Church Rejoices + Daniil Metropolitan of Vidin chosen and Enthroned as Head of Bulgarian Orthodox Church. Dostoin / Axios !

Patriarch_Daniil-the-new-canonically-and-officially-elected-Patriarch-of-Bulgaria-and-Metropolitan-of-Sofia

Metropolitan Daniil is our Officially and canonically elected Patriarch of Bulgaria and Metropolitan of Sofia (the choice was made in a complex selection system) during a Church national Assembly on 30th of June 2024.

The whole Church rejoices as a dark cloud was over the Church as people were scared, un-worthy patriarch might be selected.

The procedure of selection of new patriarch depends on matching, certain criterias for the candidate.

According to the Ustav of Bulgarian Orthodox Church (Establishment Law document, Church established rules statues)

New Patriarch Candidate should match following criterias:

  • To have been on a cathedra as metropolitan and have governed a diocese for at least 5 years
  • To be not be younger than 50 years of age (should be 50+ years old).
  • To be distinguished within the Church to have right thoughts on the Orthodox faith and the exact observance of church order and laws.
  • To enjoy a good and honorable name both before the people and before the government of the country

Procedure for electing a patriarch

On 20th of June of 2024, after internal voting in the Holy Synod, following the Church statuses, after 42 turns of votes of individually each Bishop and Metropolitan voting for his favorite, the 3 candidates for patriarch were emitted.

1. In the first round, the candidate who collected 2/3 of the votes of the voters present wins
2. If this does not happen, a second round is reached with the two candidates who received the most votes in the first round
3. In the second round, the candidate with a simple majority wins.

The results out of the elections on the Patriarchical choice National Church assembly results were as so:

Three Patriarchical Candidates

 

Three-candidates-for-Patriarch-na-Bulgaria-as-of-20-June-2024.
 

Name Candidate 1st voting 2nd voting
Daniil Metropolitan Vidinsky 51 votes 69 votes
Grigoriy Metropolitan Vrachanski 64 votes 66 votes
Gavriil Metropolitan Lovchanski 19 vote does not qualify


Patriarch Daniel (Bulgarian: Патриарх Даниил, romanized: Patriarh Daniil) has received his monk name after Saint Daniil the Stylite, one of the most notable Stylites in the Church history.

Early life and Education

Secular name Atanas Trendafilov Nikolov (Bulgarian: Атанас Трендафилов Николов; born 2 March 1972) in a town of Smolyan. He was born in a good and healthy family, his father Trendafil Nikolov is born in a small village near Smolyan (Kremene) and served as a police officer, his mother Zlatka Nikolova used to be a  teacher in the field of Informatics in Economy scohol in Smolyan.

He completed his primary and secondary education in his hometown and later served in the military. In 1996, he began studying English Philology at Sofia University, but being grown in the spirit of love for history and the motherland Bulgaria, he soon found out field of Philosophy does not provide enough to match his wide interests in history of the world and history of Bulgaria. Being touched by Gods love and having a desire to learn more about Christianity and his homeland orthodox christianity and learn more about philosophy but from the perspective of the Orthodoxy obviously guided by Gods provide, the following year during the hard years of national financial catastrophe and church schism in 1997 he transferred to the Faculty of Theology of the same university Saint Kliment Ohridski

In 1997 he also become candidate for monk novice in the notorious monastery of Hadji Dimovo (in honour of Saint Great Martyr George)  which was at that time of Spiritual Leadership of Metropolitan Natanail of Nevrokop, where he graduated in 2002 and which was one of the best monasteries capable of giving a solid basis for true and high standard spiritual life.

Becoming a Monk

On August 7, 1999, he was ordained a monk by him and the next day he was ordained as a hierodeacon. On July 21, 2004, he was sent for obedience to the Nativity of the Virgin Monastery (Rojenski Monastery) in Rozhen, and on November 27, he was ordained a hieromonk by his diocesan bishop.
On June 1, 2006, he was elevated to the rank of archimandrite.

Daniil-as-vicar-Bishop-of-Metropolitan-Joseph-of-America-of-Bulgarian-Orthodox-Church


Recognized as exceptional choosen person and Levereged to a Bishop by metropolitan Natanail Nevrokopski
Note: Nevrokov Eparchy is the eparchy in which Saint John of Rila Monastery belongs to, Metropolitan Natanail was among the most loved person in Bulgarian Church

On January 20, 2008, he was ordained as a Bishop with the title of Dragovitski and was appointed vicar of the Metropolitan of Neurokop Natanail

Nevrokopski-Metropolitan-Natanail
Metropolitan Nathanail Nevrokopsky (titled as the consience of the Bulgarian Church)

His ordination was carried out by Patriarch Maxim (the previous patriarch before Patriarch Neofit) in collaboration with Metropolitans + Ioanikiy of Sliven, + Dometian Vidinsky, + Kyril Metropolitan of Varna and Veliko Preslav, Grigoriy of Velikoturnovsky, Neofit of Rusensky, Natanail of Nevrokopsky, Gavriil Lovchansky and bishops Evlogius of Adrianople, Abbot of the Rila Monastery, Naum Stobiyski at that time Chief Secretary of The Holy Synod, Theodosius of Devol, Constantine of Marcianopol and John of Znepol (currently Metropolitan of Varna and Veliko Preslav chosen after decease of Metr. Kiril).

Hadji Dimovski monastery become also famous also for being the spiritual school for  Metropolitan Serafim of Nevrokop (chosen after's Metropolitan Natanail Nevrokopsky pass away to Christ).

On 15 June 2010, Daniel was appointed vicar of the diocese in the US, Canada and Australia of the Bulgarian Patriarchate. On 2 December 2011, the Holy Synod "took note of the letter from Metropolitan Joseph of the USA, Canada and Australia, notifying that permission had been received from the American emigration authorities to fulfill the obedience assigned by the Holy Synod to Bishop Daniel of Dragovitski who can already leave and take on responsibilities, as metropolitan vicar of the USA, Canada and Australia".
He was considered the most likely successor to Metropolitan Joseph of America (Bosakov).

Served as vicar bishop in the American, Canadian and Australian dioceses from 2011 until February 4, 2018 (for 7 years).
He was chosen to become the Metropolitan of Vidin (after the decease of Metr. Dometian) from February 4, 2018 to June 30, 2024.

In December 2018, Metropolitan Daniel condemned the Unification Council in Kyiv, calling it uncanonical. In his opinion, the actions of Patriarch Bartholomew are non-canonical, since he encroached on someone else's canonical territory.

Daniil is the originator of the introduction of religious education in the Bulgarian school and for many years worked for it to be included as a subject in the curricula.

On 21 July 2004, Daniel was sent for obedience to the Rozhen Monastery of the Nativity of the Blessed Virgin Mary. On 27 November of the same year he was ordained hieromonk by his diocesan bishop. On 1 June 2006, he was elevated to the rank of archimandrite. On 20 January 2008, he was consecrated Bishop of Dragovitia and vicar of the diocese of Nevrokop diocese.

Metropolitan of Vidin 4 February 2018 – 30 June 2024

Metropolitan-Daniil-in-times-as-a-Metropolitan-of-Vidin

On 4 February 2018, he was elected by the Synod to the post of Metropolitan of Vidin. Vidin was the last city that fall under the Ottoman hordes, and perhaps his zeal for truthfulness and orthodoxy and the Bulgarian nation was the reason Gods providence in that hard times to have chosen him to be head of this small but historically rich and important eparchy.

In December 2018, Metropolitan Daniel condemned the Unification Council in Kyiv, calling it uncanonical. In his opinion (based on Church Canons of Ecumenical Councils), the actions of Patriarch Bartholomew are non-canonical, since he encroached on someone else's canonical territory.

https://pc-freak.net/images/Patriarch-Daniil-Bartholomeow-patriarch-of_Constantinople-guest-on-patriarhical-enthronement

Perhaps for the Ecumenical Patriarch Bartholomew, the selection by the Gods providence for Daniil to be the next patriarch of Bulgaria, was quite a shock as the expected patriarch to choose was Gregory who if chosen should have been titled Gregory the II-nd as we already had a patriarch with this name , during the Second Bulgarian Kingdom  (saying this by memory), but mans thoughts are very different from Gods thoughts as the Holy scriptures says.

After the death of the former Patriarch of the Bulgarian Orthodox Church Neophyte in March 2024 and respective mourning period, then Metropolitan of Vidin, Daniel was one of the three shortlisted candidates to ocuppy the patriach position together with Metropolitan Gregory of Vratsa and Metropolitan Arsenius of Sliven.[7] On 30 June 2024, at the patriarchal electoral Church-People's Council in Sofia, Metropolitan Daniel was elected the new Patriarch of Bulgaria, Metropolitan of Sofia.

Patrirach-Daniil-of-Bulgaria-Blessing-soon-after-his-selection
Picture of Patriarch Daniil Blessing, right after his selection and his "radiation" with Patriarchal Ensignias, the Patriarchical Wand stick, The Cross, Panagias …

Daniil-Metropolitan-of-Sofia-and-Patriarch-of-Bulgaria

Pre-selected moments of the enthronization of new Bulgarian Patriarch Daniil of Bulgaria by Sonya Ankova

Currently he is the canonical 4th Patriarch of the new History of the Bulgarian  Orthodox Church, currently serving as Patriarch of All Bulgaria since June 30 !

His choosing and Enthroning was surprise for many influential people in the history and was just another proof the Church of Bulgaria is Governed by Jesus Christ and the selection was made by the Holy Spirit of God itself !

 

Daniil the New Bulgarian Patrhiarch, the Forth Patriarch by Bulgarian National TV (BNT) Chapter I

Lets all say Достоин / Axios !!!, just like many has proclaimed during the official introduction of Daniil as Patriarch with a special enthronization Ceremony.
The selection day 30 of June this year was by God's providence on the Sunday of All Saints, this year this day coincided also with the Assembly of All Holy Apostles day commemoration dedicated to All Apostles of Christ (the 12, the 70th of desciples and the rest of rings of desciples  of Christ who have done apostolic mission sent by him). The Assembly of Apostles feast is always celebrated  in the Church always 1 day after the Great feast of Saint Apostle Peter and Apostle Paul's day. 
The day after on the day the first Holy Liturgy was served by tradition by the new Patriarch and it was the Summer Feast of Saint Cosmo and Damianos  and  one of the 3 major feasts of Saint John of Rila (The Return of the Holy Relics of Saint John of Rila into Bulgaria) .

Patriarch Daniil  is the youngest patriarch of Bulgaria in our history of the Bulgarian Church, currently aged 51, since its establishment in year 870 (1154 years ago) and a lot of hope by many, that his Church rulership will be mostly beneficial for the whole Church and nation and will raise up the confidence and self-esteem of the nation, and shed light on the nation and attract more of the youth, that is living a life away from the Church even though baptized,  back in the Church.

Lets pray and wish the new Patriarch Daniil, a lot of increasement of Health, Love and Faith for everyone and Wisdom to guide the flock of Christ through the hardships of current turmoiled times of desperation and confusion as well as good health to serve as a Patriarch for Many Years !

For Many and Blessed Years his Holiness Patriarch of Daniil ! Metropolitan of Sofia and Patriarch of All Bulgaria !

Console Video edit Rotate, Merge, Scale, Trim add background music to Video files on Linux and UNIX with ffmpeg


June 18th, 2024

https://www.pc-freak.net/images/linux-video-edit-few-basic-tricks-edit-cut-combine-put-background-music-to-video-on-like-os-unix.png

GNU / Linux and other Free as in Beer OS-es such FreeBSD and OpenBSD as well as other UNIX variants are definitely not the best platform to do Video edit, as the best one is obviosuly MAC OS-es for being a veteran in the field of graphic edit for a long time but over the time its capabilities are slowly but surely evolving. 
However Linux users can also do the basic video edit stuff quite easily with ffmpeg and few other tools.
 The general things one faces when snapshotting videos is the video might be turned around or in the wrong angle and you want it to rorate, or you have two three or more video files and you would like to merge the ones in one or you would like to Trim a period in the beginning of a Video or Trim some time you don't need out of the video at the end end, merge multiple MP3 files into single recording or including a background music to a video.

Doing such a things has a lot of possibilities with tools such as ffmpeg, imagemagick and mencoder and it is mostly useful if you're a console guy or you need to write a program that does video rorate or video merge in PHP / Perl / Python etc.
 

1. Rotating Videos in Linux

Rotate a Video in 90 degrees

Rotating a video assuming that you have the ffmpeg tool installed is as easy as:

# ffmpeg -i in-video-file.mov -vf "transpose=1" out-video-file.mov

Supported value arguments for ffmpeg ranspose option
0 = 90CounterCLockwise and Vertical Flip (default)
1 = 90Clockwise
2 = 90CounterClockwise
3 = 90Clockwise and Vertical Flip


2. Flip the video clip Vertically

# ffmpeg -i out.mov -vf "vflip" out2.avi


If you don't have ffmpeg, just install it with apt or yum:

On Debian 

# apt install –yes fmpeg


On Redhat based distros

# yum install -y ffmpeg

ffmpeg is easily installed by bsd ports with the package manager for example on FreeBSD it is up to :

# pkg install ffmpeg


3. Merge (Concatenating) Videos with ffmpeg / mencoder / avimerge on Linux

Go to the directory containing all the videos you would like to merge and merge them with belowsimple one liner:

# ffmpeg -f concat -i \
<(for f in $PWD/*.avi;do echo "file '$f'";done) \
-c copy output.avi


To merge multiple set of lets say ( sequential ) Video files on Linux with mencoder and produce a single video file:

# mencoder -oac copy -ovc copy 1.AVI 2.AVI 3.AVI 4.AVI -o Single-common-out-video.avi

mencoder is available also by default on most distros if not install it with:

On Deb based Linuz:

# apt install mencoder –yes

On Fedora / CentOS … rpm based:

# yum install -y mencoder

The old and now obsolete transcode audio / video converter could also be used:

 # avimerge -i file-input1.avi file-input2.avi -o output-file.avi


4. Scaling a video to a concrete resolution

It might happen to you that some video files could not be concatenated with other video file because its resolution is smaller (or different) than the recorded material,
to come around this you need to scale it.

# Scale video resolution to 1920×1080 pixels

# ffmpeg -i input-video.mp4 -vf scale=1920:1080 output-video.mp4


5. Trimming the beginning of a Video with ffmpeg

A recording will often contain parts in the beginning that you don't need and have to beto be removed from the video stream:

# Remove the first three seconds (Common scenario)

# ffmpeg -i input.mp4 -ss 3 -c copy output.mp4


6. Trimming the end of MP4 video with ffmpeg

The same is true for the end of a video materials often:

# Remove everything after 5 minutes and 32 seconds

#ffmpeg -i input.mp4 -t 00:05:32 -c copy output.mp4

Both, -ss and -t, can also be combined into one command.


7. Adding Background Music to a Video with ffmpeg

To add a concrete background music to a video stream, track the volume had to be lowered first:


7.1 Reduce the volume MP3 music file by 50% with ffmpeg

# ffmpeg -i input.mp3 -filter:a "volume=0.5" output.mp3


7.2 Combine multiple audio tracks into one single recording stream

# Concatenate multiple mp3 voice files into one
# ffmpeg -i "concat:input-song1.mp3|input-song2.mp3|input-song3.mp3" -c copy output-concatenated-single-song.mp3

One thing to consider is that once you want to add a background music stream to a video stream, both the video and the song has to be of the same length, otherwise attempts to merge the background audio track with fail
 due to the length of the audio track not matching the length of the video.
This can be resolved by generating a silent audio track and concatenating it to the end of the audio track to make the video and music match:

# Generate 33 seconds of silence
# ffmpeg -f lavfi -i anullsrc=channel_layout=5.1:sample_rate=48000 -t 33 output.mp3


Finally, to merge the audio track into the video track:

# Merge video with existing audio track and another audio track

# ffmpeg -i input.mp4 -i input.mp3 -filter_complex "[0:a][1:a]amerge=inputs=2[a]" -map 0:v


Sum it up what learned

In this article was shown how to convert multiple Videos into a single one, scaling a video to a graphics resolution, trip a video at the beginning and at the end, add background movie tracks as a sound on Linux.
As you can imagine this stuff is quite useful and used by many, many websites online to do a different Video and sound editing included in a millions of Frontend / Backend webscritt Scripts around silently doing its stuff.
There is much more to be done with this tools, but for a starter of a video edit newbies it should on Linux and enthusiasts to manage own managed small private clouds, hope this stuff will be useful for a introductionary.

Cheers ! 🙂 

How to filter an IP, and IP range or domain to access to access service with /etc/hosts.allow /etc/hosts.deny , filtering Network range to sshd tcp port 22 through sshd service


June 4th, 2024

how-to-allow-and-deny-services-without-firewall-on-linux-logo-picture-tux

If you want to filter a range of IPs to be able to or unable to access a TCP port service because someone is trying to brute force you from the network or just because you don't want a connected LAN IPs to have access to your server for whatever security reasons. The simplest way you can do IP and IP range restrictions to allow or disable access towards a Linux server via defining allow or prohibition rules in  /etc/hosts.allow and /etc/hosts.deny.

This files are there and useful since the beginning of UNIX OS-es and has been widely used on Linux in the past and rarely known by people nowadays.

 

The hosts.allow and hosts.deny files could be used on a Linux system to deny connection attempts from one or more IP addresses, hostnames, or domains. 
/etc/hosts.allow and /etc/hosts.deny are just a plain text configuration file with a rather simple syntax, that can be used for decades to allow or filter IPs without applying a special firewall rules like iptables locally.
It can work with any TCP wrapped service on your system. The hosts.deny file is used in conjunction with hosts.allow to determine whether a connection attempt gets accepted or denied.

In this small tutorial, you will see an example of the hosts.allow file and how to use it to allow or deny connections to IPs or networks, as well as how a simple prohibition to access SSH service only via specific IP network can be done.

For full understanding of hosts.allow / hosts.deny file, check the manuals man hosts.allow , man hosts.deny, man hosts_options, man hosts_options.

root@pcfreak:~# apropos hosts|grep -iE '^hosts.*'
hosts.equiv (5)      – list of hosts and users that are granted "trusted" r command access to your system
hosts (5)            – static table lookup for hostnames
hosts.allow (5)      – format of host access control files
hosts.deny (5)       – format of host access control files
hosts_access (5)     – format of host access control files
hosts_options (5)    – host access control language extensions

General hosts.allow / hosts.deny syntax

The /etc/hosts.allow and /etc/hosts.deny understood syntax form is: 

service : host/network

Each value is separated by a colon :

You can also supply an option, but this is not as common. We will cover some other niche choices below. More options can be added if necessary, with each one separated by another colon.

service : host/network [:

The following line would allow all traffic to the sshd service. ALL is used as a wildcard.

sshd : ALL

Few examples to allow access to SSH Daemon from IPv4 and IPv6
This line would allow connections from all hosts on the 10.11 network. Connections from all other hosts can then be denied by the hosts.deny file. This type of configuration would work as intended since the allow line precedes our corresponding deny line in the other file, thus will be triggered first.

sshd : 10.11


Accept connections from a particular IPv4 and IPv6 address
 

sshd : 10.10.136.241
sshd : [2a02:2143:88f1:5c00:9991:9daa:b580:aee2]

 

Rather than using IPs, you can also specify hostnames to accept or deny connections from.

sshd : some.host

 

Accept connections from all hosts using the main domain .pc-freak.net domain name.

sshd : .pc-freak.net

You can also use a wildcard for both the service and the host/network field. This will accept all connections to any service. This would make all other rules (including those in hosts.deny) irrelevant, as all connections will be accepted by this rule before they have a chance to be denied.

ALL : ALL

The EXCEPT operator can be used to create an exception in an otherwise all allowing rule. 
For example, this rule would allow all connections from the .pc-freak.net domain name, except for one sub-domain org.pc-freak.net

sshd : .pc-freak.net EXCEPT org.pc-freak.net


Allow connectivity towards SSH TCP port 22 for all IP / hosts except for certain IPs and domains
 

To control connectivity towards sshd service via allow hosts  /etc/hosts.allow for all except a bad.host and a certain IP range:

 

sshd : ALL : allow
sshd : bad.host : deny
sshd : 85.5.1. : deny (1)

 

Disable access to all remote services to the network

Lets say if you're running the Linux as  desktop station and you want to disable access to any local services running on TCP ports

If you want to be paranoid and disable all remote access to server to any IP network, you can do it with:

# echo "ALL: ALL" >/etc/hosts.deny


Completely allow access to a certain running TCP port service on server
 

To allow completely access to a service
 

service_name : ALL : allow

Allow access for a a range of IPs subnet

You can also specifcy the IP netmask range to allow, like this:

ALL : 192.168.0.0/255.255.254.0

 

Allow access to all server network services for a domain except for a certain domain
 

Enable access to ALL running server services listening on TCP port except for domain

ALL : .example.com EXCEPT skiddie-attacker.example-domain.com


Allow access to al services except to a service for a local port range via hosts.allow

Here is example onw how to use hosts.allow file to allow connections all running server services except access to VSFTP, coming from Local LAN IPs with netmask /24 (e.g. from the 192.168.0.x.):

ALL EXCEPT vsftpd : 192.168.0

 


Filtering IPs and IP Ranges from within /usr/sbin/sshd openssh service via /etc/ssh/sshd_config (allow and disable access to concrete IPs trying to brute force you)
 


Lets say however, you don't want to do the filtering of openssh connections via hosts.allow / hosts.deny but rather on a SSH Service level, this can be done with the following /etc/ssh/sshd_config configuration.

# vim /etc/ssh/sshd_config

Match Address *,!192.168.1.0/24
    ForceCommand /bin/false

For more on the use of Match Address check documentation with man 5 sshd_config


To re-load the opensshd config

# systemctl restart sshd

 

Of course manually filtering villains is a tedious task and ultimately to save yourself time and inconvenience to regullary look up within /var/log/security or /var/log/messages (depending on the Linux distribution) and the configuration for SSHD to login imposters you would prefer to use fail2ban (if you're not familiar with fail2ban check out my previous article on how to easily Stop ssh bruteforce authentication attempt Attacks with fail2ban or if you want to use the Linux native way check out the article how to prevent SSH and FTP bruteforce attacks with IPtables.

All Debian Linux package repository apt sources.list file for Debian versions 6, 7, 8, 9, 10, 11 and 12


May 31st, 2024

debian-package-management-repositories-for-all-distributions

If you have to administrate legacy Debian servers, that keeps hanging either for historical reasons or just because you didn't have time to upgrade it up to latest versions, machines that are hanging in the hangar or a mid office building Old server room, doing nothing but simply NAT (Network Address Translation), Proxying, serving  traffic via Squid / Haproxy / Apache / Varnish or Nginx server but you still want to have the possibility to extend the OS even though it is out of date / End of Life reached and out of support as well as perhaps full of security holes, but due to its unvisibility on the Internet hanging in a Demilitarized network the machine stayed on the Local (DMZ)-ed network and still for example you need to install simple things for administration reasons locally on the machine, for example nmap or netcat or some of the network tools for monitoring such as iftop or iptraf etc. you might find out unfortunately that this is not possible anymore, because the configured /etc/apt/sources.list repository mirror is no longer available at its URL. Thus to restore the functioning of apt and apt-get pkg management tools on Debian you need to correct the broken missing package mirrors due to resructurings on the network with a correct ones, originally provided by Debian or eventually if this doesn't work a possible Debian package archive URL. 

In this article, I'll simply provide such URLs you might use to correct your no longer functioning package manager due to package repositoriy unavailibility, below are the URLs (most of which that should be working as of year 2024). To resolve the issues edit and place the correct Debian version you're using.

1. Check the version of the Debian Linux

# cat /etc/debian_version


or use the universal way to check the linux OS, that should be working on almost all Linux distributions

# cat /etc/issue
Debian GNU/Linux 9 \n \l

2. Modify /etc/apt/sources.list and place URL according to Debian distro version

# vim /etc/apt/sources.list


3. Repositories URL list Original and Archived for .deb packages according to Debian distro release
Debian 6 (Wheezy)

Original repostiroes (Not Available and Not working anymore as of year 2024)

 

Old Archived .deb repository for 6 Squeeze

deb http://archive.debian.org/debian squeeze main
deb http://archive.debian.org/debian squeeze-lts main


​Debian 7 (Wheezy)

Original repostiroes (Not Available and Not working anymore as of year 2024)

Old Archived .deb repository for Jessie (still working as of 2024) :

deb http://archive.debian.org/debian wheezy main contrib non-free
deb http://archive.debian.org/debian-security wheezy/updates main

( Security updates are not provided anymore.)

NOTE:  If you get an error about keyrings, just install it
 

# apt-get install debian-archive-keyring


Debian 8 (Jessie)
Original .deb package repository with non-free included for Debian 8 "Jessie"

deb http://deb.debian.org/debian/ jessie main contrib non-free
deb http://ftp.debian.org/debian/ jessie-updates main contrib
deb http://security.debian.org/ jessie/updates main contrib non-free

Old Archived .deb repository for 8 Jessie (still working as of 2024):

deb http://archive.debian.org/debian/ jessie main non-free contrib
deb-src http://archive.debian.org/debian/ jessie main non-free contrib
deb http://archive.debian.org/debian-security/ jessie/updates main non-free contrib
deb-src http://archive.debian.org/debian-security/ jessie/updates main non-free contrib

 

# echo "Acquire::Check-Valid-Until false;" | tee -a /etc/apt/apt.conf.d/10-nocheckvalid

# apt-get update

# apt-get update && apt-get upgrade

 

 If you need backports, first be warned that these are archived and no longer being updated; they may have security bugs or other major issues. They are not supported in any way.

deb http://archive.debian.org/debian/ jessie-backports main


Debian 9 (Stretch)
Original .deb package repository with non-free included for Debian 9 "Stretch":

 

deb http://deb.debian.org/debian/ stretch main contrib non-free
deb http://deb.debian.org/debian/ stretch-updates main contrib non-free
deb http://security.debian.org/ stretch/updates main contrib non-free

Archived old repository .deb for Stretch :

deb http://archive.debian.org/debian/ stretch main contrib non-free
deb http://archive.debian.org/debian/ stretch-proposed-updates main contrib non-free
deb http://archive.debian.org/debian-security stretch/updates main contrib non-free


Debian 10 (Buster)
Origian repository URL:

deb http://deb.debian.org/debian/ buster main non-free contrib
deb http://deb.debian.org/debian/ buster-updates main non-free contrib
deb http://security.debian.org/ buster/updates main non-free contrib

 

Fixing unworking backports for Debian 10 Buster


Change the /etc/apt/sources.list URL with this one

deb http://archive.debian.org/debian buster-backports main contrib non-free


If you want to list packages installed via the backports repository only, that needs to be replaced with newer versions (if such available from the repository)

# apt list –installed | grep backports
# dpkg –list | grep bpo
# dpkg –list | grep -E '^ii.*bpo.*'

ii  libpopt0:amd64                        1.18-2                         amd64        lib for parsing cmdline parameters
ii  libuutil3linux                        2.0.3-9~bpo10+1                amd64        Solaris userland utility library for Linux
ii  libzfs4linux                          2.0.3-9~bpo10+1                amd64        OpenZFS filesystem library for Linux


Debian 11 (Bullseye)
Origianl repository address:

deb http://deb.debian.org/debian bullseye main contrib non-free
deb http://deb.debian.org/debian bullseye-updates main contrib non-free
deb http://security.debian.org/debian-security bullseye-security main contrib non-free

Debian 12 (Bookworm)
Original Repository :

 

deb http://deb.debian.org/debian bookworm main contrib non-free-firmware non-free
deb http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware non-free
deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware non-free

Add Backports to sources.list

deb http://deb.debian.org/debian bookworm-backports main


Thats all, hopefully that would help some sysadmin out there. Enjoy !

How to view WIFI Passwords for Profile from command line with netsh on Windows 10


May 29th, 2024

how-to-find-out-your-wifi-password-on-windows-10

The common way, if you have connected to a Wireless Network Access Point and saved the password in Windows is to view the password via Windows GUI interface, via menus following few easy steps:

1. Settings -> Network and Internet -> Network and Sharing Center

network-and-sharing-center
2. Click on (Wifi Network name) for which you need password and 
3. In View your active networks section

select-wifi
4. When the Wi-Fi network status window opens, click Wireless Properties

wireless-properties
5. Move to the Security Tab and check the checkbox, next to "Show Characters" to view the network password.

show-wifi-password-windows-10
 

Nevertheless as a system administrator you might have wondered, how you can easily review in plain text Saved Wireless Networks Wi-FI passwords, without using the Graphical Interface via a direct command line cmd.exe?
Such thing is helpful on maintaining multiple Windows 10 hosts, especially if you have a telnet or SSH remote administration enabled or you have a domain of PCs.
To do so open cmd.exe command prompt and run:

C:\Users> netsh

netsh>wlan show profile

Profiles on interface Wi-Fi:

Group policy profiles (read only)
———————————

User profiles
————-
All User Profile : WIFI_Pofile-name
All User Profile: Hotel stage 2
All User Profile: Home Wifi
All User Profile: HP_Custom

Now lets review the clear text password of the profile from netsh console:

netsh>wlan show profile "WIFI_Pofile-name" key=clear

Profile WIFI_Pofile-name on interface Wi-Fi:
===================================================

Applied: All User Profile

Profile information
——————-
Version : 1
Type : Wireless LAN
Name : WIFI_Pofile-name
Control options :
Connection mode : Connect automatically
Network broadcast : Connect only if this network is broadcasting
AutoSwitch : Do not switch to other networks
MAC Randomization : Disabled

Connectivity settings
———————
Number of SSIDs : 1
SSID name : "WIFI_Pofile-name"
Network type : Infrastructure
Radio type : [ Any Radio Type ]
Vendor extension : Not present

Security settings
—————–
Authentication : WPA2-Personal
Cipher : CCMP
Authentication : WPA2-Personal
Cipher : GCMP
Security key : Present
Key Content : Very-secret-password-for-WIFI-plain-text

TADADAM !

We see the password key text Saved WIFI Passwords plain text !

Note that sometimes, if you have a Hidden Wifi Network the command to use to reveal the plain text password with netsh would be:

C:\Users> netsh wlan show profile "name=SSID hidden WiFi Net" key=clear


This trick is very much used today by "hackers" e.g. script kiddies, who break up into others windows.
It is also useful if you want to have a quick way to review plain text passwords for WIFI accounts with organization, lets say if you're a security expert and doing some kind of periodic Security audits within a corporation on multiple Domain attached computers.

Thanks to Martin Petrov (Amridikon) for his trick as I've learned first time from his blog https://mpetrov.net, which is full of many computer geek goodies stuff.

Of course this approach can be easily scripted with a short PowerShell script:
 

netsh wlan show profile |
    Select-String '(?<=All User Profile\s+:\s).+' |
    ForEach-Object {
        $wlan = $_.Matches.Value
        $passw = netsh wlan show profile $wlan key=clear |
            Select-String '(?<=Key Content\s+:\s).+'

        [pscustomobject]@{
            Name     = $wlan
            Password = $passw.Matches.Value
        }
    }

 

If you need the script View-all-wifi-passwords-plaintext-windows10.ps1 to reuse it download it from here.
 

Windows-WiFi-PasswordRevealer-ScreenShot
There is also some freeware tools online which can help you reveal passwords, saving you any typing, that might be useful if you want to delegate the task to a non-sysadmin user, you can simply point him and ask him to install a GUI Win tool like Wifi Password revealer (that makes showing plain text passwords piece of cake) and let user reveal his passwords for himself, if needs the password to share it to a colleague 🙂
That's all folks, Happy hacking !

How to run multiple processes in parallel with xargs


May 29th, 2024

In our company there is a legacy application which developers run in multiple consoles launching its in intedependent components together in different consoles by simply running each component, the question comes then how this can be scripted so no waste of people is done to manually run the different componets from different parallel consoles. To achive the run in parallel of the multiple programs in parallel and background it with xargs and eval (integrated bash command) in Linux from a single script you can use a simple one liner like in the example.

#run in parallel
xargs -P <n> allows you to run <n> commands in parallel.
time xargs -P 3 -I {} sh -c 'eval "$1"' – {} <<'EOF'
program1; sleep 1; echo 1
program2 ; sleep 2; echo 2
program3; sleep 3; echo 3
echo 4
EOF

You can attune the delay up to the exact requirements or completely remove it and the multi run script is ready, enjoy.

Our baby Ekaterina becomes 6 months on 17 of May, 5 days after our boy Dimitar become 4 years. Sum it up my year 2023 experience, lessons learned.


May 17th, 2024

Our baby Ekaterina becomes 6 months on 17 of May, 5 days after our boy Dimitar become 4 years. Sum it up my year 2023 lessons learned.

This article is a bit late in time but I started writing it quite a long time ago in the beginning of 2024.
But as my various duties as a husband, employee, a volunteer in the Church and computer hobbyist as well as the attempts to still keep up some normality with all the stressful kind of wife that is in the large cities as Sofia.
I could post it just today and what has reminded me is simply our daughter Ekaterina has a half birthday today.
Below I'll pinpoint some important things that happened through the year, starting with a harsh and gloomy Intro 

A bit of Overview, things globally seem to be worsening

Life is ticking fast. Life is more boring than thought. Finding a cell people to hang on around is a difficult and almost impossible task. Real People are becoming less and less. Consumerism is already the only thing that matters for most people.

Love between people (unconditional love) is almost gone. Money are the ones dictating what people should do. No real communities anymore exists (COVID-19) has messed up the heads of people.
Christianity is severily partitioned as schisms are seen to plague even the True Christian faith of Eastern Orthodoxy, a hidden persecution against the true pastors is ongoing in many orthodox Churches. War in Ukraine a total disaster for everyone. Politicians as usual using Church to force their own agenda lead by territory and monetary interests. There is a brutal onging economic crisis turmouling the world noone speaks seriosly about. The usual work duties requirements are increasing but sallary payments decreasins.Life expenses are gradually raising as the World Economic Crisis is firing.

People who has suffered COVID numerous times has certainly bad effects on health, many people who have survived COVID and the rest of numerous viruses that has hit us over the past had worsened vision and hearing.

The Artificial Intelligence (AI) starts to kicks and puts even more mess in the already messy world especially as it is some kind of another marketing baloon similar to the WWW Domains business baloon. The AI such as ChatGPT, WormGPT, Google Bard said to outsmart our professions (though the facts are still not encouraging enough as the Hype is great, plus the results with collaboration with AI seems to not be fact proof enough yet). The Rapid evolution of technologies has put many moral dilemas and life is becoming harder to bear as the stress of using techonlogies and the higher expectations by humans and their constant requirement to collaborate with technologies (Smart Phone, Tablets Computers, ATMs, Terminals, Cars, Banks, Cards, Virtual currencies and complex systems which claim to simplify life of man makes the human body more fragile sick.

The lack of good and ecologically brew food is also a great factor, as most people who live in large cities eats mostly industrial quality food (and there is no real way to find out whether a food is really ecological even if it is sold as such). In Todays more and more tech inter connected world between People noone can live a normal private life (as often our datas shared on line are leaked to hacker groups after a resource or system is hacked), that poses a number of other challenages and dangers.
Privacy has also become almost impossible task, as we don't have a real or full knowledge on how much of our data seen or processed on our phones is staying at our side and how much shared with Security agencies such as CIA, Musad and KGB etc.

Everything is steering us Camares, Phones, Photos, Social Networks and loneliness is often felt so real. 
Most people living in economic slavery, even though doesn't really even recognize the cell they live in due to the smartphones and many virtual false options given. Complexity of life is increasing as one should have too much skills to manage even simple tasks. Lack of people to fill in open gaps about professions and work, same time generally not too much work capacity or willingness to do people is also a great of issue.

The world is more and more starting to look like it is described in anti-utopias books like Brave new World, 1984, Animal Farm.

Even though this hardships and birth pains, that are typically described by Saint Evangelist John in the Book of Reveleation,


The Birth of Ekaterina on 17th November 2023 another hope for the World


With every new kid coming to this earth it is a God blessing for everyone and another oportunity for individuals to grow and raise another meaningful person, that might make the world a little bit of a better place. Even though today is scary to have a kid because of the harsh situation, it is better to stay helpful for the best and share the joy to have second kid born.

i'm happy for God blessed me with second child a baby Ekaterina born on 17 of November 2023.

https://www.pc-freak.net/images/Snimka_izpisvane_Ekaterina-S_Vasko-Kolev-i-Mitko-Ivanov.jpg
Day of Discharge of the Sheinovo Child Birth Hospital, Sofia with Little Baby Ekaterina

During birth Baby Ekaterina was born around 3300 gr of weight, thanksfully the birth of wife was a natural birth. But sadly I had to in parallel take care about the other kid Dimitar, (since he did not attend the Kindergarden for some time), Clean up the house and prepare everything for the acceptance at home of new baby, and buy threats to treat multitude of people who are close and nearby. I'm thankful to Vasil Kolev and Mitko for attending the Official hospital Discharge.

Sheinovo-s-Vasko-Ekaterina-Dimi-i-Svetlana

Dimi-s-Ekaterina

Below is another picture of the now grown baby Ekaterina 4 months later for a one day trip to Balchik (sea resort) near my home city Dobrich

Ekaterina-na-4-Meseca
 

Exactly today on 17th of May 2024 on the feast day of Saint Nicolas (New Martyr of Sofia)  and the feast of Gathering of Bataks New Martyrs (we have been in the Batak basilica of the martyrdom, during Svetlana was pregnant with the baby).  Ekaterina becomes exactly 6 months she is a very lively baby in the moment she had some temporature and on a baby antibiotics but her overall look and development looks very good thankfully !

During this year personally review the 2023, Helped as Alter server (ipodeacon) in the Holy Liturgies in Saint George (Dyrvenica) https://www.svgeorgi.com as a ipodeacon, on many services, together with Archimandrite Father Flavian.
Summery time i was able to Visited many monasteries nearby

Sofia with Father Flavian. Just to name a few of the multitude of monasteries visited, The 7 Thrones, Praveshki Monastery Saint Teodor Tiron, Seslavski Monastery near Sofia, Saint Petka (near Bankia), Etropolski Monastery, Rilski Monastery, Troyan Monastery, German Monastery, Kremikovski monastery, Glozhenski monastery, Tetevensky monastery Saint Ilija Travelled to Teteven and many others.
Just for reference the monasteries and holy places one could visit in Bulgaria are thousands and this makes the country quite interesting to travel around. The high spirituality which the nation had in the past has left a lot of spiritual inheritance for us. Which however nowadays, we do not value and protect …

Has visited multiple times, monastery of Saint Marina situated near village of Krumovo in between Dobrich and Varna. Also visited Ahtopol (i won't say i'm too impressed – maybe i was in the wrong season and with a pregnant woman) and Tsarevo, Pomorie and Nessebar (for the Feast of Dormition of Holy Theotokos).

To speak the truth has been a heavy and hard year a lot of spiritual sorrow, sicknesses and lack of direction, internal family problems between me wife, my nerves totally strained and I have no clear direction as eyes sems to be deteriorating and I often though about leaving it all behind and going to a monastery. Quite disappointed from the realities I've seen. Bulgaria is very beautiful country but everything seemed too messed … 

Also i've had too many temptations, drived a lot our old minivan KIA Carens 2006, which helped me to significantly increase my car driving habits, and hopefully now I become a better driver .
Middle of May had to pay car taxes and expenses in SDI, paid for standard Vignette starting from June as prior year.

Tried to read my prayers daily Morning and Evening prayers + (rule), that turned to be much harder than thought as it takes up to 30 minutes morning and 1 hour evening times (with some of the additional prayers I try to keep).
Also had been blessed to be able to receive the Holy Communion many, many, many times.

Tried to bring the Kid Dimitar regularly on a Church services in Holy Trinity Church (the Slatina (an ex-village) and Sofia district main temple), situated 10 minutes from Svetlostruy where we live currently, as well as bring him to Dyrvenica regulary, and thanksfully he also took part in Christ misteries for many, many times throughout the year.

Spend and I have to say perhaps lost a lot of time hanging with Alexander (The singer), drinking beers – that was a bad idea but as this helped me a bit to get away my focus from sad stuff and cheer me up, it had a positive effect as well. Health, seems to be critical, especially with the high stresses I experienced before and near birth of our daughter Ekaterina. I was also heavily involved in taking care for our kid who is now 3.8 years next year 12 of May to become 4 years. 

Also I sung a lot on services as a main singer mainly Evening services as often due to the lack of people to sing the service there is necessity to sing services, sing also a few times a Holy Liturgy and as usual sung every Monday and Friday for the Sanctification of Waters and on a Akathist prayer to the Holy Theotokos (Mother of God). Lately don't have enough time to read too much books.
My Work computer notebook (failed to apply) Windows Updates shipped by WL and I've been sent a new laptop which came early 2024. Exchanging work computer due to failing update is funny and absurd but I survived this one too …
In the begining of 2024, our beloved colleague Dimitar Paskalev has left our team in Worldline and that also one of the hardships, we have to bear an extra amount of things to do when he is gone as he is an excellent system administrator, programmer and business consultant consultant.

People's knowledge thought increasing makes things hard to be fixed more and more. As finding a solution becomes more expensive or sometimes impossible to resolve software issues on a hardware that cannot be tracked it is way easier to simply exchange the hardware. Same is true nowadays for both computers, cars and pretty much everything. If it breaks don't fix it but exchange it with a new, that seems to be valid more and more.

This is product of hardcore consumerism society, we humanity turned out and this is going to destroy the planet obsiously but seems noone really cares, even with the International Summits for reduce of Emitions etc., i'm pretty convinced from what I see is done that is just a pure marketing for countries as well as simple populism.
 Ecology is something people has to seriously think about though, because the life style with driving cars everything as we did and hyper consumption is destructional for both people, environment (nature), animals, this is pretty clear observing how the natural environments gets destroed more and more due to conustruction works and industrial waste etc.

The news read about Ukraine and Israel has been mostly troubling and together with the techonlogization and degradation of Society has convinced me the hope for this world is almost gone. Doesn't look like there is any "Road Ahead" as some "visionaries" are foreseeing (i'm talking about the insane book of Bill Gates, called the "Road Ahead", which is picturing a great future with a lot of developments due to technology (what a blatant non-sense). It seems what we observe is starting to become quite opposite to Bill Gates, Ilon Musk and the rest of "visionaire" idols of the world visions as all is falling apart more and more and unresolvable issues are much more.


The technological enslavement of people has been continuing, though it has been presenting as this is making people much more free and happy, it is exactly the opposite, prople become more and more dependent on technology and on the road to become a subordinates of technology than controillers.
 Most young people are suffering completely of addictions to technology, has very low literacy and I'm noticing most of teenagers couldn't properly express themselves, quite sadding. A lot of young people seeing the sad reality are turning to sub-culture, just like it was in the end of 1990s but the difference is now, people are separated each one hanging in his tech device and community across the common problem of isolation of the individual, that was sharing and communing with others is not really too much possible in the 21 century.

Many good peoples in the Church has passed away, I've suffered a lot during the summer from the heat, hardly beated. After the COVID seems to have passed through a long COVID and some depressions, which I don''t know whether managed to deal with even now, the Church has helped a lot to keep on track as feelings were overwhelming, most likely due to the nightmare war between orthodox Russia and Ukraine (remember The Gospel says it God''s punishment becomes from his own people). We Bulgarians are at mind wars, as some people take Russia's' positions and others Ukraine (Pro and Anti-Russian attitudes) prevail, everywhere. The same is I guess among all ex-USSR countries The Patriarch Neofit become quite sick. In terms of Work the first part of Year up to end of Summer has been more heavy, but mainly stress at work is not from work complexity but the messiness in the Company Worldline.
In end of Autumn passed all required company trainings. Tried also to blog as regularly as I could but blogging is becoming harder and harder task, as my eyes degrades. Tried to play some Arcades as that has been funny for me but nowadays don't have too much of a free time to play on the handheld consoles. Life in Sofia is quite heavy as distances are putting its toll ((though there is pretty much everyhing) the amount of stress is destructionary for the personality.

I did not have much of achievements this year at work but I guess with years, the energy of person is reducing (just like the motivation due to the messy stuff that is unvailing in the world). With age seems one can do less and less except if he is not some kind of mania mode.
Also the lack of recognition for what is done at work and the type of Corporate stuff that is mostly like a (Social) Socialist company, makes one to be not much motivated to complete much, the other issue is it seems times ticks too fast (just as Christ says in the Gospel because of lawfulness of people, time will be shortened this prophecy seems to be fulfilling and for those who can see it they can see how time reduces and one can do much less than he could some years ago).  Days are flying quickly. There are too many experienes all the time and due to information overburn, the mind becomes very unfocused.
Having any even simple kind of focus becomes a luxury nowadays, as we''re bombarded from everywhere with false preaches of advertisement and people's idea and stereotypes of the world.

I remeber about my youth and how simple we lived with my grand parents, and how much happiness was in that and compare to noaways over-stressed and complex world and often, miss that old times (that even though) physically harsh has been much more graceful than today.

In terms of technology I have the desire to go out of the Technological slavery but for that you need to have a co-minded person ( wife), which agrees to live a more simple wife, which i don't have in the moment.

Why I saw technological slavery, well it is what it is, in the past technology was really making the life of one easier and even today, many technologies are doing so. However being online 10 to 12 hours a day is no longer a conforting, especially if about 6 to 8 hours of your midful time is to be hired at work and stay on a chair in front of the computer and to do complex mind stuff, that after 10-15 to 20 years, destroys the psyche and the body .

Being intelligent is also a big problem in the 21 century as you see much more of the usual people and you see most interactions between people are simply manipulative and dictated by the desire to attain something.
The communication between most people is based on "receive" as much as you could and give out as little as possible and on the principle of always do gain in everything.  People do things to receive and not to give including me … that is totally the opposite of the teaching of Christ who says "It is more blessed to give, than to take".

About entertainment for the year was mostly traveling and going for a Night dinners in Emilian with Angel, Alexander and gathering together with Vasil Kolev (A researcher in the Bulgarian Academy of Science BAN, specalist in the field of Frequencies and Signals) and a very good Christian and man who helped a lot together with Emilian and Angel.
Perhaps part of the entertainment was our after-work stuff we did with Dimitar Paskalev and Georgi Stoyanov which was more happening in beginning of 2023 and has deteoriated as I had a lot of personal issues and did not have enough time to do computer stuff together after work.

Silvia also helped me a lot with the kid, as I needed help, and suffered with informational and physical overload, perhaps that is common for those with kids.

As said we got born our second baby who my wife decided to name Ekatherina after Saint Ekatherina (St. Catherine of Alexandria), a good selection for name as saint Ekatherina is a great woman martyr saint I love much and that helped me in hardships many times.

Have to say, i am very sad that I don't see people to love each massively, this has to be endured but it is hard. Also I feel sad I can't do much my to change the world for better both by work and action and my weak prayers. 
Near end of year I had severe pain and left leg inflamation, after having a multtiude of health disturbances in parallel with the pregnancy of Svetlana. Also often i feel very disconnected from everything, perhaps I'm seeing much harsh reality than expected and being raised more or less in the spirit of idealism  it is really hard to accept the reality as it is. Also with the aging it is a common and well known fact that we become much less flexible as in the youth age past.
Thanks God the year has passed and in the new year 2024, I hope for the best as everyone but as the monks say Spiritual life is based on  the two columns of "Ora" and "Labora" = Work and Prayer, so the coming year depends heavily on my perseverance to do this two and of course follow God's main commandments love God with all my heart and all my being and love my neighbor as myself !

One very notable event to say is early in 2024 Metropolitan JOANIKIJ (Joanichius) of Sliven has passed to Christ aged 82 on 9 of January (The day on which passed my beloved grandather Marin passed away),  This year it turned 20 years since my beloved grandfather Marin has passed. He used to be a man of honor and goodness that was rare for the 20th century and he is among main persons for example to follow the good path of helping everyone and love everyone.

Let God have mercy on his soul and receive him in Heaven.The brother of Patriarch of Bulgaria Neofitos (The Proto-Psalt and director of the Cathedral Choire of Saint Alexander Nevsky Proto-Psalt Dimitar passed) as well as a lady called Violeta who was helping in Holy Trinity Church and suffering multiple diseases passed to Christ.

Patriarch-Neofit-of-Bulgaria-mourning-the-good-patriarch-of-the-Bulgarian-Church

Soon after our beloved Metropolitan of Sofia and Patriarch Neofit passed away to Christ as well followed by a very sad period of 40 days of moruning ,after his passing as he was the head of the Bulgarian Orthodox Church and has been a true monk, everyone in Bulgaria loved too much – see a biography short article about this great person and perhaps saint of new times here.

To close this article as it could be much, much more lenghtly I can only say.

Thanks God for the 2023 and Lord Jesus Christ have mercy on us the Sinners for the upcoming 2024 !

Haproxy Enable / Disable Application backend server configured to roundrobin in emergency case via haproxy socket command


May 2nd, 2024

haproxy-stats-socket

Haproxy LB backend BACKEND_ROUNDROBIN are configured to roundrobin with check health check port  (check port 33333).
For example letsa say haproxy server is running with a haproxy_roundrobin.cfg like this one.

Under some circumstances however if check port TCP 33333 is UP, but behind 1 or more of Application that is providing the resources to customers misbehaves ,
(app-server1, app-server2, app-server3, app-server4) members , Load Balancer cannot know this, because traffic routing decision is made based on Echo port.

One example scenario when this can happen is if Application server has issue with connectivity towards Database hosts:
(db-host1, db-host2, db-host3, db-host4)

If this happens 25% of traffic might still get balanced to broken Application server. If such scenario happens during OnCall and this is identified as problem,
work around would be to temporary disable the misbehaving App servers member from the 4 configured roundrobin pairs in haproxyproduction.cfg :

For example if app-server3 App node is identified as failing and 25% via LB is lost, to resolve it until broken Application server node is fixed, you will have to temporary exclude it from the ring of roundrobin backend hosts.

1.  Check the status of haproxy backends

echo "show stat" | socat stdio /var/lib/haproxy/stats

As you can see the backend is disabled.

Another way to do it which will make your sessions to the server not directly cut but kept for some time is to put the server you want to exclude from haproxy roundrobin to "maintenace mode".

echo "set server bk_BACKEND_ROUNDROBIN/app-server3 state maint" | socat unix-connect:/var/lib/haproxy/stats stdio

Actually, there is even better and more advanced way to disable backend from a configured rounrobin pair of hosts, with putting the available connections in a long waiting queue in the proxy, and if the App host is inavailable for not too short, haproxy will just ask the remote client to keep the connection for longer and continue the session interaction to remote side and wait for the App server connectivity to go out of maintenance, this is done via "drain" option.

echo "set server bk_BACKEND_ROUNDROBIN/app-server3 state drain" | socat unix-connect:/var/lib/haproxy/stats stdio

 

  • This sets the backend in DRAIN mode. No new connections are accepted and existing connections are drained.

To get a better idea on what is drain state, here is excerpt from haproxy official documentation:

Force a server's administrative state to a new state. This can be useful to
disable load balancing and/or any traffic to a server. Setting the state to
"ready" puts the server in normal mode, and the command is the equivalent of
the "enable server" command. Setting the state to "maint" disables any traffic
to the server as well as any health checks. This is the equivalent of the
"disable server" command. Setting the mode to "drain" only removes the server
from load balancing but still allows it to be checked and to accept new
persistent connections. Changes are propagated to tracking servers if any.


2. Disable backend app-server3 from rounrobin 


 

echo "disable server BACKEND_ROUNDROBIN/app-server3" | socat unix-connect:/var/lib/haproxy/stats stdio

# pxname,svname,qcur,qmax,scur,smax,slim,stot,bin,bout,dreq,dresp,ereq,econ,eresp,wretr,wredis,status,weight,act,bck,chkfail,chkdown,lastchg,downtime,qlimit,pid,iid,sid,throttle,lbtot,tracked,type,rate,rate_lim,rate_max,check_status,check_code,check_duration,hrsp_1xx,hrsp_2xx,hrsp_3xx,hrsp_4xx,hrsp_5xx,hrsp_other,hanafail,req_rate,req_rate_max,req_tot,cli_abrt,srv_abrt,comp_in,comp_out,comp_byp,comp_rsp,lastsess,last_chk,last_agt,qtime,ctime,rtime,ttime,
stats,FRONTEND,,,0,0,3000,0,0,0,0,0,0,,,,,OPEN,,,,,,,,,1,2,0,,,,0,0,0,0,,,,0,0,0,0,0,0,,0,0,0,,,0,0,0,0,,,,,,,,
stats,BACKEND,0,0,0,0,300,0,0,0,0,0,,0,0,0,0,UP,0,0,0,,0,282917,0,,1,2,0,,0,,1,0,,0,,,,0,0,0,0,0,0,,,,,0,0,0,0,0,0,-1,,,0,0,0,0,
Frontend_Name,FRONTEND,,,0,0,3000,0,0,0,0,0,0,,,,,OPEN,,,,,,,,,1,3,0,,,,0,0,0,0,,,,,,,,,,,0,0,0,,,0,0,0,0,,,,,,,,
Backend_Name,app-server4,0,0,0,0,,0,0,0,,0,,0,0,0,0,UP,1,1,0,1,0,282917,0,,1,4,1,,0,,2,0,,0,L4OK,,12,,,,,,,0,,,,0,0,,,,,-1,,,0,0,0,0,
Backend_Name,app-server3,0,0,0,0,,0,0,0,,0,,0,0,0,0,MAINT,1,0,1,1,2,2,23,,1,4,2,,0,,2,0,,0,L4OK,,11,,,,,,,0,,,,0,0,,,,,-1,,,0,0,0,0,
Backend_Name,BACKEND,0,0,0,0,300,0,0,0,0,0,,0,0,0,0,UP,1,1,0,,0,282917,0,,1,4,0,,0,,1,0,,0,,,,,,,,,,,,,,0,0,0,0,0,0,-1,,,0,0,0,0,

Once it is confirmed from Application supprt colleagues, that machine is out of maintenance node and working properly again to reenable it:

3. Enable backend app-server3

echo "enable server bk_BACKEND_ROUNDROBIN/app-server3" | socat unix-connect:/var/lib/haproxy/stats stdio

4. Check backend situation again

echo "show stat" | socat stdio /var/lib/haproxy/stats
# pxname,svname,qcur,qmax,scur,smax,slim,stot,bin,bout,dreq,dresp,ereq,econ,eresp,wretr,wredis,status,weight,act,bck,chkfail,chkdown,lastchg,downtime,qlimit,pid,iid,sid,throttle,lbtot,tracked,type,rate,rate_lim,rate_max,check_status,check_code,check_duration,hrsp_1xx,hrsp_2xx,hrsp_3xx,hrsp_4xx,hrsp_5xx,hrsp_other,hanafail,req_rate,req_rate_max,req_tot,cli_abrt,srv_abrt,comp_in,comp_out,comp_byp,comp_rsp,lastsess,last_chk,last_agt,qtime,ctime,rtime,ttime,
stats,FRONTEND,,,0,0,3000,0,0,0,0,0,0,,,,,OPEN,,,,,,,,,1,2,0,,,,0,0,0,0,,,,0,0,0,0,0,0,,0,0,0,,,0,0,0,0,,,,,,,,
stats,BACKEND,0,0,0,0,300,0,0,0,0,0,,0,0,0,0,UP,0,0,0,,0,282955,0,,1,2,0,,0,,1,0,,0,,,,0,0,0,0,0,0,,,,,0,0,0,0,0,0,-1,,,0,0,0,0,
Frontend_Name,FRONTEND,,,0,0,3000,0,0,0,0,0,0,,,,,OPEN,,,,,,,,,1,3,0,,,,0,0,0,0,,,,,,,,,,,0,0,0,,,0,0,0,0,,,,,,,,
Backend_Name,app-server4,0,0,0,0,,0,0,0,,0,,0,0,0,0,UP,1,1,0,1,0,282955,0,,1,4,1,,0,,2,0,,0,L4OK,,12,,,,,,,0,,,,0,0,,,,,-1,,,0,0,0,0,
Backend_Name,app-server3,0,0,0,0,,0,0,0,,0,,0,0,0,0,UP,1,0,1,1,2,3,58,,1,4,2,,0,,2,0,,0,L4OK,,11,,,,,,,0,,,,0,0,,,,,-1,,,0,0,0,0,
Backend_Name,BACKEND,0,0,0,0,300,0,0,0,0,0,,0,0,0,0,UP,1,1,1,,0,282955,0,,1,4,0,,0,,1,0,,0,,,,,,,,,,,,,,0,0,0,0,0,0,-1,,,0,0,0,0,


You should see the backend enabled again.

NOTE:
If you happen to get some "permission denied" errors when you try to send haproxy commands via the configured haproxy status this might be related to the fact you have enabled the socket in read only mode, if that is so it means the haproxy cannot be written to and therefore you can only read info from it with status commands, but not send any write operations to haproxy via unix socket.

One example haproxy configuration that enables haproxy socket in read only looks like this in haproxy.cfg:
 

 stats socket /var/lib/haproxy/stats


To make the haproxy socket read / write mode, for root superuser and some other users belonging to admin group 'adm', you should set the haproxy.cfg to something like:

stats socket /var/lib/haproxy/stats-qa mode 0660 group adm level admin

or if no special users with a set admin group needed to have access to socket, use instead config like:

stats socket /var/lib/haproxy/stats-qa.sock mode 0600 level admin

Enormous Scandal in the Bulgarian Orthodox Church continues as the Bulgarian Orthodox Church Holy Synod acts as Masonic Lodge not venerating the people’s choice about future Metropolitan of the Eparchy


April 25th, 2024

The times of the Second Coming of Jesus Christ seem to be really near, this is clear from the facts that the corruption and people's degradation has reached a state, where no truthfulness is existing neither in the worldly organizations Countries, governments, parliaments, courts, institutions, companies and even in the Most Holy Church of Christ which he has consecrated by his Holy Blood, through the Crucifixion and Death on the Cross for our sins. 
 

It seems today, neither the low ordinary people neither the high and eligible and most honored Bishops and even Metropolitans are in a such a bad careless state, that they only care about their own wordly interests and the interests of a few of other servitudes nearby, neglecting the interest of the Holy Church of Christ (which is the Assembly of believers in the Lord Christ Jesus, who breath and live being in the world but , “My kingdom is not of this world. If My kingdom were of this world, My servants would fight, so that I should not be delivered to the Jews; but now My kingdom is not from here.” John 18:36.

What happens now about 2000 years, later in Christ Church is absotely the same. Just like Jesus, his true followers has been rejected to be accepted by his own people. In same way his true people are always, being rejected to take their ruling place, but instead in the world the Lies and manipulations are taking place to crucify the true servents of God.

The Holy Gospel seems to repeat itself again and again all the time through the ages. This time the stage is different this is not ancient Israel with the Assembly of Synodrion and the Old Testament's Church of God and his People the Israelites. But the Holy Synod of the Bulgarian Church and the Bulgarian Orthodox Church with his people the new Israel the Christians.

Get to know the facts on Bulgarian Church Scandal Escalasion for New Metropolitan of Sliven voting – situation as of 24th April 2024

The Holy Synod of the Bulgarian Church  has made another and strange untransparent decision once again, right after the Enormous Scandal with the cassation of legal choice of People of Sliven for best candidates Ierotey and Mihail (amongs which Ierotey is preferred), as the Metropolia of Sliven is still mourining on the beloved pontiff his holiness Metropolitan Ioanikij, less than 3 months before his blessed passing to Christ.

prayer-for-the-Soul-fo-His-Holiness-Metropolitan-Ioanikij

The decision of Eparchal voters among which nuns, monks (archimandrites), priests and layman was cleartly to have Metropolitan to have Ierotey as a first and most wanted candidate and Mihail as a second that was made on 18 of February (Eparchy voters in Sliven elected the two bishops, of whom St. The Synod will elect a new Metropolitan of Sliven.

Dioceses_of_the_Bulgarian_Orthodox_Church_Sliven_Eparchy

Map of Spiritual Eparchies in Bulgaria of Bulgarian Orthodox Church Bulgarian Patriarchy (BPC-BP)
Sliven_Diocese_spiritual_regions-map

Territorial Map of Sliven Eparchy according to the Local Spiritual districts belonging to Sliven Metropoly

Shortly after, it was decided to stop the legal procedure for choosing between bishop Ierotey and bishop Michail and overwritte the Synod accepted and agreed own legal document to follow on different church casuses,  the ' the Church statuses regulations (Устав на БПЦ Българска Патриаршия = Bulgarian Orthodox Church Regulation Rules document decided to be followed by everyone in the Church including the bishops and metropolitans on a National Church Assembly) right during a procedure for enthronization of next Metropolitan of Sliven.

The new "regulation" they tried to push "in the shadows (illegally against the Church statues)" was written in a way to make the choice of new Metropolitans to be done only by Metropolitan assembly the Synod, without taking in considerating the christian people preference for such, something scandal as this was not so during the last 150 years since we have restored the Bulgarian Church Excharchy.

 For more see whole case described in Enormous Church Scandal in the Bulgarian Orthodox Church on the selection of new Metropolitan for one of Biggest Church Eparchies the Eparchy of Sliven.

Out of this a great number of discussions started by Christian laity in facebook, viber and in the media of multitude of people, priests and cleargy from Sliven Eparchy complaining and protesting first infront of the Metroplitan Palace in Sliven

Prayer-Vigil-peaceful-protests-in-front-of-Sliven-Metropolia
Sliven Church Priests, Monks and Layman gathered in front of Sliven Eparchy Metropolitan governing building

As this protests were not considered seriously by many of Elders of the Synod, the same protest with much more participant occured in front of Synodal Palace (the ruling ministry of the Bulgarian Church seat place) in Sofia as well as purely physical by presence with Prayer Vigils to the Holy Synod because of their unwillingness to accept the Synod unargumented decision to stop the procedure for choice of new metropolitan.

Unofficially it was was said the reason behind the solution is accusation against Ierotey and Michail for being involved in unwaful selling of Church lands. These facts were publicly checked by documents (see them here) presented by the court clearly prooving the accusations of two brother priests Silvester and Evgeny (which has a history of being involved in many anti-church activities and scandals) are fake.

Bishop Mihail has also been accused by others for the same illegal church land resell activities, and he came with official answer on the Bulgarian Orthodox Church (official site) see the document here.

Prayer-Vigil-Protest-in-front-of-Holy-Synod

Peaceful objection Vigil Prayer in front of Holy Synod by Sliven Clergy and Laymen, Poster reads:
"Do not exchange our Good shepherd, which gives his soul for the sheep with a mercenary, we do not know !"
Second Poster on the background is "Against the New Order", meant the new Order to not venerate People's choice during voting of new Metropolitans

Prayer-Vigil-in-front-of-Holy-Synod-by-Sliven-Priests-and-Clergy

The outcome of the protest in front of the Synodal bulding palace in Sofia, Bulgaria was to cancel the votings for Metropolitan and do the whole voting procedure from the beginning.
The people accepted the decision of the Synod even though the synod took this decision to not put in place 'new order' in favour if existing norms of the Churh statuses on the background of multitude of protesting priests, monks and layman from Sliven Eparchy and other eparchies which is well documented well in below video.

Synodal Prayer Vigil against the cassation of choice for future Metropolitan of Sliven

On the protests along with Church people and clergy from Sliven was present people from other Eparchies as well as key well known priests and monks that are from Sofia and the Sofia Metropolitan to tell their unwillingness for overriding the Church established rules "Statuses", as well as to express their support for Sliven Eparchy whose Church people will is to have venerated their up to the rules selection of Bishop Ierotey to become the next Vicar (Metropolitan) of Sliven.

On many TV medias this protest was not shown and the organized fake "contra-protest" of Metropolitan Nikolay and his people who were anti-protesting against people will was shown as it was paid for that (another proof for lack of enough freedom of speech and transparency of Bulgarian mass medias).

holy-synod-contraprotest-for-the-choice-of-new-sliven-metropolitan

The contra-protesters from Plovdvid Eparchy that came with buses from Plovdiv eparchy enforced by Metropolitan Nikolay, very much in the old spirit of manifestations during the totalitarian regime of communism (notice the obviousness of the protest is fake from the exactly same looking slogans held mainly by priests)

As a result people from Sliven Eparchy accepted the fact that the Holy Synod decided to finally cassate (cancel) the procedure for choice of new Sliven Metropolitan and organize a new list of Worthy and dostopochteni (venerable) Bishops among which Sliven's people should make the choice again.
The people accepted this as they hoped the Holy Synod elders, might have been misled by the false accusation reports of the two brother priests Silvester and Evgeny Yanakievi (who by the way are very active on facebook) against Ierotey, and thus by organizing the choice once again officially the choice will take case in a transparent way and according to the Church rules statuses and then they can again vote for bishop Ierotey and double verify their initial choice.

However what happened now is far from that. Contrary to any logic (and as provocation), the list of venerable Bishops was made by the Holy Synod, during the Great Lent on 22 of April, a time in which people should concentrate on their repentance and spiritual growing and spiritual preparation to accept the Fest of Feasts, The Resurresction of Christ Easter.

Contrary and again unvenerating the Church clergy and people's will of Sliven the new list of Bishops does not included neither Ierotey nor Mihail and included only 6 Bishops claimed to be venerable !!!


1. Velichki Bishop Sionij
2. Znepolski Bishop Arsenij
3. Melnishki Bishop Gerasim
4. Branitcki Bishop Pahomij
5. Glavnicki Bishop Makarij
6. Velbyzdhski Bishop Isaak

 

Here is a tiny biographies and only few rumored things about the Bishops, synod have been included and listed them according to seniority on when they become bishops. 

1. The first listed Bishop Sionij (Velichki) completed Cherepish Spiritual Seminary (Academy) in 1990. Become monk in 1991.
Completed Theology in 1994 in Saint Kliment Ohridski. 1995-1996 specialezed in Erlangen Germany. Become monk from Metropolitan Dometian (Vidinski) in Klisurski Monastery soon after become hieromonk. In 1992 – 1995 has been abbot of Klisura Monastery. In 1996 has become deacon of Sofia's Theological Seminary Saint John of Rila (he was later removed because of scandals, a boy died and accused by pupil parents for pedophilia, a sad fact that was hidden with time, due to many publications you can find online …). 
In 1998 has been raised to archimandrite by Patriarch Maxim in Dolni Lozen Monastery St. Peter and Paul.
In March 2007 has been ordinated as Bishop Velichki in Saint Alexander Nevski Cathedral. In 2009 become vicar of Vidin Metropolitan Dometian In 1 May 2014 become an abbot of Troyan monastery, 3rd April 2019 he has become an abbot also to Bachkovo Monastery.
Bishop Sionij is among the most scandalous persons in Bulgarian Orthodox Church, many  media scandals assigning his name tо pedophilia and homosexuality through the time. It is claimed by medias he is involved with mafia (and especially with Church mafia). There was even a person who says to have been involved in this affairs with him that publicly has given interview for "Tzanov"'s self financed youtube channel Napred i Nagore"  (video titled: "The Church of Sin").
Currently paradoxically he is an abbot of 2 of the biggest and 2 second richest monasteries in Bulgaria Troyanski and Bachkovki.. His family is known in Sofia for years for being one of the most richest people in Sofia.
Currently aged 56 yrs.

2. Second one Arsenij gruaded high school 2006 in Stara Zagora in village Osetenovo. Completed Saint John of Rila seminary in 2006, was student in Saint Ohridski Theology and continued his education in Plovdiv  University, saint Paisios of Hilendar, said to have graduated 2009. Tonsured monk in 2007, became hierodeacon and consequentially same year 2008 hieromonk. 6th December he was raised by Metr. Nikolay to Bishop. He has been a director of Plovdiv's Orthodox  TV since 2009 and Plovdiv Seminary 2010 (seminary initiated again by by Metr. Nikolay). In 2012 he was given to be a head of Metropolitan cathedral in Plovdvid saint Marina.
On June 2014 he was raised to bishop after offer was to the Holy Synod, by Metr. Nikolay. 
Hierotony was made by then very old Metropolitan Ioanikiy of Sliven in collaboration with Metropolitans Dometian of Vidinsky (now deceased), Grigoriy of Velikotarnovsky, Ignatius of Pleven and Nikolay of Plovdiv.

Iinterestingly he is titled as protegee of Metr. Nikolay who orchestrates the decisions in the Holy Synod for the last years (fact known by most people who even had a slight idea of what is going on internally in the Church). The backstage ruling of the Synod and the place is said to be easy for the Metr. Nikolay, since patriarch Neofit was severely sick and in practice inactive as patriarch. According to official information that leaked from Synod, it was exactly Arsenij the choice of Metr. Nikolay and his group of metropolitans (most of whom doesn't have the necessery support from anyone such as DS (Dyrzhavna Sigurnost) to which Metr. Nikolay is said to have the support and in which Metr. Nikolay's father was important ranked person). Thus according to different medias the legative choice of Sliven people was cancelled by the Synod by Metr. Nikolay and his group in attempt to install the already pre-chosen Arsenij in any means.

Bishop Arsenij  is known amoung the clergy in Church for becoming a bishop officially against the Church statuses, not having the Statuses set fulfilled years, becoming bishop before his 30s in 28 years, according to Church rules of statuses regulations of BPC-BP he should have had been at least 35 years, 2 more years than Christs age of crucifix. The other break of Church statuses regulations with his hierotony was that he did not have 10 years as a clergy person in Bulgarian Orthodox Church.
Currently 37 yrs old (has 10 years served as Bishop)

3. Bishop Gerasim (Melnishki) is famous for having a professional Actors education, before deciding to become monk and start his new career in the Church. He has not have officially any Theological Education diploma till the moment he decided to walk the spiritual path, but received such by specialization in Moscow 2 years in a newly created faculty by Metropolitan Ilarion Alfeev (faculty created 2012) and no longer existing. The Diplomas from Russia are not really considered officially by Bulgarian Government due to legislative reasons. Even though that he managed to be chosen somehow and become the Secretary of Holy Synod, and have signed documents that he has a higher Theological education which he at that time doesn't. He seemed to have served as a head of saint Alexander Nevsky and in this service  
He is said by some medias to have closed his eyes and signed the documents for requirements of higher education for the job of Synodal Secratary as a preliminary to the function of Secratary. He is known to often serve Liturgy in the Russian Church among which was a lot of scandals last year and which kept closed for quite some time, due to clergy in the Russian Church Clergy in (Sofia) Bulgaria being accused for serving for FSB (Russian Secret Services). He is also accused by  medias for organizing an official business dinner  for donation to collect money from businessmen for the sake of restoration of  Biggest Cathedral in Bulgaria St. Alexander Nevsky. It should be said his service in saint Alexander Nevsky as a head of it for some years was okay, no big scandals like the previous head archim. Dionisij Mishev.
Have to say it is strange why such a cathedral as Saint Alexander Nevsky, has to collect donations for its restoration, especially since the Bulgarian church Sofia Metropoly has a lot of land properties and stores on the city center that given for rent and should be bringing money to mitropoly along with the so called "vladichnina" amount of whole profit which every Church on territory of eparchy has to pay to the metropoly, especially as the Church st. Alexander Nevsky is a common tourist destination in Sofia for people all around the world and that should be supposably another way to collect money for its restoration. He is neither famous nor infamous and that is perhaps his main places of service was Saint Alexander Nevsky and as Synodal Secretary.
Currently he is aged 44 yrs. Served as Bishop 8 yrs.

4. Bishop Pahomij (Branicki) has been made a monk and hieromonk  again by Metr. Nikolay, his elder was proto-abbot Benedict from Holy Mount Athos Zograph in Divotinski Monastery, near Bankya in 2002 in 2004 he become abbot of Divotinsky Monastery. For 2004 till 2010 he had managed to gather brotherhood and helped to recover a Chapel Saint Anna and rerecover the 70 Apostles Church buildings and the Main Church Holy Trinity (which is considered his greatest achievements) his fame amount the Orthodox christian youth has been positive as he managed to have a good charisma and attract young people in his monastery during his abbotship. In 2015 he become hieromonk.
bishop (hierotony by current Metropolitan of Vratza and some other bishops who is temporary substitute for patriarch Neofit's passing till the new choice of patriarch completes.). In 12.06.2017 he was made a bishop in Rila Monastery, again – according to some sources he did not have the Higher Theological education at that time for the post of bishopship, requirement according to Statuses of Bulgarian Orthodox Church. Currently he is aged 45 yrs. Served as Bishop 7 yrs

5. bishop Makarij (Glavnicki) has completed Plovdiv's Spiritual Seminary (whose deacan at that time was Bishop Evlogij Adrianopolski), finished Theology school in Bucharest in 2004 and Master degree in Thessaloniki (Solun) completed in 2010. In march 2007 become a novice monk in Rila Monastery Saint John of Rila. In 2008 during Lent become Hierodeacon, by bishop Evlogij. April 2011 become a hieromonk (priest monk). In March 2017 become a bishop. After becoming metropolitan he is now a vicar Bishop of Metropolitan Naum. He is perhaps among the most educated bishops of Bulgarian Church at present. Due to his studies in Greece, some people which play a kind of rloe of 'whisle-blower' but also do distribute some false mirrors, he might be a man of the Ecumenical patriarch.
It is interesting fact that his hierotony as bishop did not happen in Saint John of Rila monastery but in Troyan Monastery (The Old Practice of Bulgarian Orthodox Church was to create new bishops in the Capital Sofia in Saint Alexander Nevsky – nowadays changed – some speculate this is done to escape from the anaxios (unworthy) that someone might scream during the services of new hierotony to stop the ceremony). In Troyan monastery as of time of writting this article the abbot is bishop Sionij Velichki. Also it is a bit strange the person who pushed his career forward Bishop Evlogij of Rila Monastery did not take part in the hierotony in Troyan monastery.
Current aged 42 yrs. Serves as Bishop 7 yrs

6. Bishop Isaak (Velbyzhdski), started and completed aged 13 in Saint John of Rila seminary in Sofia, which he complated in 2001. In 2001 he started working in Seminary administration. Completed Sofia, Theological School saint Kliment Ohridski in 2008 (Bachelor). In 2009 in Vidin he become monk by Dometian of Vidin under spiritual guidance of Biship Sionij Velichki. In 2010, was raised to hieromonk in Saint Nicolas Church and in parallel works in Sofia Seminary as а tutor (ethnical bulgarians living abroad).
In 2011, with blessing of Metr. Dometian he has become episcopal vicar of Lom Spiritual district. In 2012 in Dormition of Theotokos Chapel (which he headed) he was raised to archimandrite. In 2012 he started studying postgraduate studies in Moscow. In June 2023 he was raised to bishop with the title Bishop Velbyzhdski and given the role of second patriarch Neofit's vicar, as first is Bishop Polikarp. According to rumors, he is said according to some media news to have some connections with FSB due to his studies in Russia (and the common Russians practice to try to recruit their students to work for Russian agencies). Also according to some medias he had public appearance speach, staying behind Russia's official position for holy war, held against the evil (Russia as a Third Rome idea which currently Russian Church embraces).
Serves as Bishop 1 yr


Bishop Ierotey Agathopolski (Kosakov)

The Seventh Bishop that is excluded from list, Ierotey (Agathopolski) was selected by Sliven Eparchy Priest, Monks and Laity
to become the 7th Metropolitan of Sliven is Ierotey (The Voice of the People, The Voice of God) !

Bishop Ierotey (Agathopolski) in 2003  completed, Parallel course of Sofia Theological Seminary. December 22, 2003, Metropolitan Ioannikiy (Nedelchev) of Sliven tonsured him as a monk in brotherhood of the Holy Great Martyr George in the city of Pomorie.
Archimandrite Theodosius (abbot of) Pomorie monastery at that time became his spiritual mentor. 
May 11, 2004, Metropolitan Ioanikiy of Sliven in the Church of Saints Cyril and Methodius in Burgas ordained hierodeacon.
On May 16 of the same year, Metropolitan Ioanikiy of Sliven in the Church of the Most Holy Theotokos in Nessebar was ordained to the rank of hieromonk.
On January 1, 2005, he was appointed abbot of the Monastery of the Holy Great Martyr George in Pomorie.
He made a significant contribution to the development of the Pomorie monastery and its influence on Christian life in the region.
Christian children's camps were organized annually at the monastery, a week of Orthodox singing introduced. Many hopeless and lonely and people with problems found a hospitality and spiritual help and resort in the monastery.
On May 6, 2008 he was elevated to the rank of archimandrite. In 2010 he graduated  Master Degree of Theology of Shumen University, Bishop Konstantin Preslavsky. 
September 18, 2014, by decision of the Holy Synod of the Bulgarian Orthodox Church, he was elected vicar of the Sliven diocese, bishop with the title of Agathopol (Agathopolski).
October 1 was chiratonized to Bishop rank by Metropolitan Ioanikij (Nedelchev) Slivenski, Metropolitan Grogorij (Stefanov) of Tarnovo, Metropolitan Starozagorsky Galaktion (Tabakov), Metropolitan Nikolay Plovdivsky (Sevastyanov), Metropolitan Ambrosij (Ambrosius) Dorostolsky (Parashkevov), Metropolitan of Nevrokop Seraphim (Dinkov), Bishop of Trayanopol Cyprian (Kazandzhiev), Bishop of Znepol Arseniy (Lazarov).
Served as Bishop 10 years


I believe there is nearly no person who has even encountered to meet Ierotey (Kosakov) Bishop Ierotey and interacted and doesn't have a good memory of that time, or have some bad impression.
Not that I know him presonally but that person has always tried to help everyone in everything, this is really rare in our mostly egoistical world. Perhaps only envious and people obsessed with money or material goods can criticize him for the reason, he lives a true monk, and as every true monk and as Saint John of Rila adviced in His Covenant, "From all the things, most beware of money, for they are the root of all evil.".

It happens Slivens Eparchy is full of material goods due to its strategic location nearby see and due to tourism, and of course this eparchy is interested to be at the hands of businesses who can built freely and sell for cheap to big investors lands for the sake of increasement of tourism in the region, as Bishop Ierotey might be a factor against that (as he has refused to cooparete in building of 200 rooms Hotel accomodation at lands of Pomorie Monastery to Silvester Yanakiev, now there are some people leading fierce company to remove him from the vote and destroy his good name reputation.).

From the Holy Synod, there is no official explanation on why Bishop Ierotey is removed from the vote list during the new choice, but for everyone who has even the slightest idea of what is going on in the Church higher stages of power it is fully clear.

The wing of Metropolitan Nikolay and his protegees Metropolitans has risen their voices against the inclusion of Ierotey in the list. In order to make it not clear that Ierotey is the real target, few others were also removed who were in practice "un-votable" as their personal life has spots.

This just like the first time of decision to halt the process of voting even thugh two candidates for metropolitan were chosen (none of which that seems to fit the desires of the Dark Cardinal of the Bulgarian Church Metr. Nikolay and his synodal group of dependent people who are kept silent and obedient due to compromates against them or with financial donations).

It is not secret and not new the backstage dictation of Metropolitan Nikolay to his band (Synodal wing) of bishops many of whom are known to have a lot of homosexual (homophilia) and even pedophilia  and other abnormal sexual activities, as well as activities related to the dark business schemes in bulgarian businesses and money laundary for which people know from mouth to mouth information spreading for years in the Church.

What is now stunning is that these people has become so unscrupulous, that they're ready to get over any person or group of people and even against a whole Eparchy of the Bulgarian Orthodox Church that perhaps nominally might be around 1 million people !!!

These peoples's believe, that us the ordinary believers of the Bulgarian Orthodox Church are stupid and easily managable and they can do with them whatever they want because they're a higher class and very few of people are really regularly going to Church or actively parcipating in the Church Mysteries (Holy Communion and the other 7 sacraments).

What is striking, the Synodal elders are shameless, they think they're the Church, forgetting the word Ecclesia meaning.

"Ecclesia (or Ekklesia) in Christian theology means both: a particular body of faithful people, and the whole body of the faithful."

Seems like now our many of our Synodal Elders understand the Church (Ecclesia) as them and the servitude of faithful to Christ people who should obey them for the only reason, they have taken the seat of the Holy Apostles (that is the metropolitan seat = bishopship seat + administrative obediences).

It is interesting to say the modern understanding of Ecclesia in Western Modern Catholicism does well fit the understanding that the powerful of the day in the Synod that are trying to push out their agendas against the people will and choice, below is a definition.
 

Christian understanding of Church
 

If one speaks of the whole body of Christian faithful, then there are included not only the members of the Church who are alive on earth but all who were members of the church before. Some churches therefore describe the Church as being composed of the Church Militant (Christians on Earth) and the Church Triumphant (Christians in Heaven). In Catholic theology, there is also the Church Suffering (Christians still in purgatory).

The Christian family, the most basic unit of Church life, is sometimes called the domestic Church.[2]

Finally, 'The Church' may sometimes be used, especially in Catholic theology, to speak of those who exercise the office of teaching and ruling the faithful, the Ecclesia Docens, or again (more rarely) the governed as distinguished from their pastors, the Ecclesia Discens.
 

What else is really not Okay with how the selection of Bishops are reduced from 10 to 6 venerable to take the seat of Sliven Metropolitan
 

All this events happen during the Great Lent and for every True Christian it is well known the old Church practice, that important decisions should not be taken during the great Lent period as usually such decisions are wrong and could create havoc, due to the highest degree of temptations that are let around by the Almighty God for the spiritual grow and healing of his faithful childs the Christians.

It is up to Christian people to now proof them once the Great Lent is over after the Glorious Resurrection Day they're wrong and that people will not let the God given eparchy of Sliven to be ruled by dependent Metropolitan to Metr. Nikolay.

It is up to us to proof we're not sheepsand that people's will on matters of higher hierarchy of Church and their deeds should not be unmonitored and unpunished as it was in a higher degree over the last years !!!

People should rise of their indifference and show they still care about the Pureness of the Church and the legitimity of the Church Law of Selection of new Highest Hierarchical heads of the Church.
It is last time and last chances until we still have Church, especially considering the Apocalyptic times in which we seem to be living.

If you dear brothers and sisters in Christ not react and not fight for the truthful selection of a list with really venerable bishops that is transparent and argumented as it should be, another satellite Metropolitan will be installed to fit the plans of the ex-communist DS (Dyrzhavna Sigurnost) and the Ruling elite. If that happens soon we'll not only have a Real Orthodox Church Hierarchy chosen according to canons and due to Church Statues as it should be but an Assembly of Pseudo Hierarchs who acts in secrecy and conspiracy schemes in the same way as any Masonic Lodge.

In other words, we'll have Church but a faked artificial business and party like organization, where decisions are not taken by the Creator of the Church the Lord Jesus Christ and his true followers the Apostles (that are the Bishops and Metropolitans), but we'll have a secular organization with Big beauty Church temple (museums without real cleargy) and a Monasteries full of pedophiles, gays and people who want to live an easy life and enjoy themselves instead of spiritually persevere and lead the hard spiritual fight and pray for the well-being of Bulgarians, Bulgaria and the Rest of the Christians.

Lets pray fervently until the end of the fasting, that the Metropolitans who took that bad decision will change their mind and put back in the list the real venerable people and not have a list of people who are dependent and unworthy due to lack of Higher education, a personal scandals, they were involved like Bishop Sionij or have another kind of spots, that can be easily researched even by a simple few Internet searches in Google.

Nomatter who is worthy or not, the main thing is that Sliven Eparchy should be headed by a person who is wanted in the Eparchy and such person according to the clear votes of Eparchical electors is Ierotey, the problem is that Ierotey is not playing well with the dark businesses and does count the interest of people, and does not randomly do what is being asked for with the only goal to make money and he doesn't follow blindly rules by Metr. Nikolay or whoever else that is not working for the good of True Church of Christ (the assembly of all people believing in Jesus Christ as we theEastern Orthodox believe) and thus he is automatically becoming unworthy. As worthy is considered those who serves the Business and the Internet of the powerful authorities of this day.

 

Improve haproxy logging with custom log-format for better readiability


April 12th, 2024

Haproxy logging is a very big topic, worthy of many articles, but unfortunately not enough is written on the topic, perhaps for the reason haproxy is free software and most people who use it doesn't follow the philosophy of free software sharing but want to keep, the acquired knowledge on the topic for their own and if possible in the capitalist world most of us live to use it for a Load Balancer haproxy consultancy, consultancy fee or in their daily job as system administrators (web and middleware) or cloud specialist etc. 🙂

Having a good haproxy logging is very important as you need to debug issues with backend machines or some other devices throwing traffic to the HA Proxy.
Thus it is important to build a haproxy logging in a way that it provides most important information and the information is as simple as possible, so everyone can understand what is in without much effort and same time it contains enough debug information, to help you if you want to use the output logs with Graylog filters or process data with some monitoring advanced tool as Prometheus etc.

In our effort to optimize the way haproxy logs via a configured handler that sends the haproxy output to logging handler configured to log through rsyslog, we have done some experiments with logging arguments and came up with few variants, that we liked. In that article the idea is I share this set of logging  parameters with hope to help some other guy that starts with haproxy to build a good logging readable and easy to process with scripts log output from haproxy.

The criterias for a decent haproxy logging used are:

1. Log should be simple but not dumb
2. Should be concrete (and not too much complicated)
3. Should be easy to read for the novice and advanced sysadmin

Before starting, have to say that building the logging format seems tedious task but to make it fit your preference could take a lot of time, especially as logging parameters naming is hard to remember, thus the haproxy logging documentation log-format description table comes really handy:

Haproxy log-format paremeters ASCII table
 

 Please refer to the table for log-format defined variables :
 

+---+------+-----------------------------------------------+-------------+
| R | var  | field name (8.2.2 and 8.2.3 for description)  | type        |
+---+------+-----------------------------------------------+-------------+
|   | %o   | special variable, apply flags on all next var |             |
+---+------+-----------------------------------------------+-------------+
|   | %B   | bytes_read           (from server to client)  | numeric     |
| H | %CC  | captured_request_cookie                       | string      |
| H | %CS  | captured_response_cookie                      | string      |
|   | %H   | hostname                                      | string      |
| H | %HM  | HTTP method (ex: POST)                        | string      |
| H | %HP  | HTTP request URI without query string (path)  | string      |
| H | %HQ  | HTTP request URI query string (ex: ?bar=baz)  | string      |
| H | %HU  | HTTP request URI (ex: /foo?bar=baz)           | string      |
| H | %HV  | HTTP version (ex: HTTP/1.0)                   | string      |
|   | %ID  | unique-id                                     | string      |
|   | %ST  | status_code                                   | numeric     |
|   | %T   | gmt_date_time                                 | date        |
|   | %Ta  | Active time of the request (from TR to end)   | numeric     |
|   | %Tc  | Tc                                            | numeric     |
|   | %Td  | Td = Tt - (Tq + Tw + Tc + Tr)                 | numeric     |
|   | %Tl  | local_date_time                               | date        |
|   | %Th  | connection handshake time (SSL, PROXY proto)  | numeric     |
| H | %Ti  | idle time before the HTTP request             | numeric     |
| H | %Tq  | Th + Ti + TR                                  | numeric     |
| H | %TR  | time to receive the full request from 1st byte| numeric     |
| H | %Tr  | Tr (response time)                            | numeric     |
|   | %Ts  | timestamp                                     | numeric     |
|   | %Tt  | Tt                                            | numeric     |
|   | %Tw  | Tw                                            | numeric     |
|   | %U   | bytes_uploaded       (from client to server)  | numeric     |
|   | %ac  | actconn                                       | numeric     |
|   | %b   | backend_name                                  | string      |
|   | %bc  | beconn      (backend concurrent connections)  | numeric     |
|   | %bi  | backend_source_ip       (connecting address)  | IP          |
|   | %bp  | backend_source_port     (connecting address)  | numeric     |
|   | %bq  | backend_queue                                 | numeric     |
|   | %ci  | client_ip                 (accepted address)  | IP          |
|   | %cp  | client_port               (accepted address)  | numeric     |
|   | %f   | frontend_name                                 | string      |
|   | %fc  | feconn     (frontend concurrent connections)  | numeric     |
|   | %fi  | frontend_ip              (accepting address)  | IP          |
|   | %fp  | frontend_port            (accepting address)  | numeric     |
|   | %ft  | frontend_name_transport ('~' suffix for SSL)  | string      |
|   | %lc  | frontend_log_counter                          | numeric     |
|   | %hr  | captured_request_headers default style        | string      |
|   | %hrl | captured_request_headers CLF style            | string list |
|   | %hs  | captured_response_headers default style       | string      |
|   | %hsl | captured_response_headers CLF style           | string list |
|   | %ms  | accept date milliseconds (left-padded with 0) | numeric     |
|   | %pid | PID                                           | numeric     |
| H | %r   | http_request                                  | string      |
|   | %rc  | retries                                       | numeric     |
|   | %rt  | request_counter (HTTP req or TCP session)     | numeric     |
|   | %s   | server_name                                   | string      |
|   | %sc  | srv_conn     (server concurrent connections)  | numeric     |
|   | %si  | server_IP                   (target address)  | IP          |
|   | %sp  | server_port                 (target address)  | numeric     |
|   | %sq  | srv_queue                                     | numeric     |
| S | %sslc| ssl_ciphers (ex: AES-SHA)                     | string      |
| S | %sslv| ssl_version (ex: TLSv1)                       | string      |
|   | %t   | date_time      (with millisecond resolution)  | date        |
| H | %tr  | date_time of HTTP request                     | date        |
| H | %trg | gmt_date_time of start of HTTP request        | date        |
| H | %trl | local_date_time of start of HTTP request      | date        |
|   | %ts  | termination_state                             | string      |
| H | %tsc | termination_state with cookie status          | string      |
+---+------+-----------------------------------------------+-------------+
R = Restrictions : H = mode http only ; S = SSL only


Our custom log-format built in order to fulfill our needs is as this:

log-format %ci:%cp\ %H\ [%t]\ [%f\ %fi:%fp]\ [%b/%s\ %si:%sp]\ %Tw/%Tc/%Tt\ %B\ %ts\ %ac/%fc/%bc/%sc/%sq/%bq


Once you place the log-format as a default for all haproxy frontend / backends or for a custom defined ones, the output you will get when tailing the log is:

# tail -f /var/log/haproxy.log

Apr  5 21:47:19  10.42.73.83:23262 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:23.879] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME/bk_appserv3 10.75.226.88:61310] 1/0/55250 55 sD 4/2/1/0/0/0
Apr  5 21:48:14  10.42.73.83:57506 haproxy-fqdn-hostname.com [05/Apr/2024:21:47:18.925] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME//bk_appserv1 10.35.242.134:61310] 1/0/55236 55 sD 4/2/1/0/0/0
Apr  5 21:49:09  10.42.73.83:46520 haproxy-fqdn-hostname.com [05/Apr/2024:21:48:13.956] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME//bk_appserv2 10.75.226.89:61310] 1/0/55209 55 sD 4/2/1/0/0/0


If you don't care about extra space and logs being filled with more naming, another variant of above log-format, that makes it even more readable even for most novice sys admin or programmer would look like this:

log-format [%t]\ %H\ [IN_IP]\ %ci:%cp\ [FT_NAME]\ %f:%fp\ [FT_IP]\ %fi:%fp\ [BK_NAME]\ [%b/%s:%sp]\ [BK_IP]\ %si:%sp\ [TIME_WAIT]\ {%Tw/%Tc/%Tt}\ [CONN_STATE]\ {%B\ %ts}\ [STATUS]\ [%ac/%fc/%bc/%sc/%sq/%bq]

Once you apply the config test the haproxy.cfg to make sure no syntax errors during copy / paste from this page

haproxy-serv:~# haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid


Next restart graceously haproxy 

haproxy-serv:~# /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)


Once you reload haproxy graceously without loosing the established connections in stead of restarting it completely via systemd sysctl restart haproxy:

 

2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.200.198.195:50714 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:03.012] [FrotnendProd 10.55.0.20:27800] [BackendProd/<NOSRV> -:-] -1/-1/0 0 — 4/1/0/0/0/0
2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.100.193.189:54290 haproxy-fqdn-hostname.com
[05/Apr/2024:21:46:03.056] [FrotnendProd 10.55.0.20:27900] [BackendProd/<NOSRV> -:-] -1/-1/0 0 — 4/4/3/0/0/0
2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.100.193.190:26778 haproxy-fqdn-hostname.com
[05/Apr/2024:21:46:03.134] [FrotnendProd 10.55.0.20:27900] [BackendProd/tsefas02s 10.35.242.134:27900] 1/-1/0 0 CC 4/4/3/0/0/0

Note that in that log localhost haproxy[pid] is written by rsyslog, you can filter it out by modifying rsyslogd configurations

The only problem with this log-format is not everyone wants to have to much repeating information pointer on which field is what, but I personally liked this one as well because using it even though occuping much more space, makes the log much easier to process with perl or python scripting for data visualize and very for programs that does data or even "big data" analysis.