纯粹口水一下caddy1遇上的启动报错问题.
报错内容如下
Process: 472999 ExecStart=/usr/bin/caddy -conf /etc/caddy/caddy.conf -root /tmp -agree (code=exited, status=1/FAILURE)
Main PID: 472999 (code=exited, status=1/FAILURE)
CPU: 26ms
Aug 12 11:48:36 klayer systemd[1]: Starting Caddy HTTP/2 web server...
Aug 12 11:48:36 klayer caddy[472992]: Caddyfile is valid
Aug 12 11:48:36 klayer systemd[1]: Started Caddy HTTP/2 web server.
Aug 12 11:48:36 klayer caddy[472999]: Activating privacy features... 2023/08/12 11:48:36 failed storage check: open /var/lib/caddy/rw_test_1203782840230465039>
Aug 12 11:48:36 klayer systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
Aug 12 11:48:36 klayer systemd[1]: caddy.service: Failed with result 'exit-code'.
解决如下
ulimit -n 8192
cat>>/etc/security/limits.conf<<EOF
* soft nofile 65535
* hard nofile 65535
* soft nproc 65535
* hard nproc 65535
root soft nofile 65535
root hard nofile 65535
root soft nproc 65535
root hard nproc 65535
EOF
useradd -M caddy -s /sbin/nologin
mkdir /var/lib/caddy
chown caddy.caddy /var/lib/caddy
一个是limits系统参数问题,一个/var/lib/caddy目录问题, 如果caddy用户给root权限就没第二个问题.
半夜调路由, 手抖输错个字符还给commit了, BGP给整掉线了, 还好PTP的IP还在线, 顺手记录下
stelnet 目标IP 端口号, 然后回车输入用户密码登录完成.
ssh client first-time enable
stelnet host-ipv4 [ port ] [ [ prefer_kex { dh_group1 | dh_exchange_group } ] | [ prefer_ctos_cipher { des | 3des | aes128 } ] | [ prefer_stoc_cipher { des | 3des | aes128 } ] | [ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 } ] | [ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 } ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]
一般的Linux仓库都有,yum或者apt安装一下就可以用, 相对screen更好使些.
9600是默认波特率, 使用-b参数可以指定
picocom -b 9600 /dev/ttyUSB0
/dev/ttyUSB0为串口设备的路径, 可以用ls查看目录抓取出来所有可用设备.
ls /dev|grep USB
要退出picocom,请使用Ctrl+ a,然后Ctrl + x。
https://gogs.io/
https://gogs.io/docs/installation/install_from_binary
看起来不错 0.5美元/每月/每台设备
https://tenantos.com/
https://www.resell.biz/ 这个是uk2旗下的一级注册商和resellerclub用的是一套系统.
https://www.hexonet.net/ 1API 加拿大一级注册商, (德国马甲名key-systems)
https://www.resellerclub.com/ 这家就没啥说的了
cat>>~/.bash_profile<<EOF
speed(){
virsh domiftune \$1 \$1.0 --current --outbound 2000,2000,2000
virsh domiftune \$1 \$1.0 --current --inbound 2000,2000,2000
}
EOF
export ~/.bash_profile
在机房现场维护用各种远程控制软件太烦人了.
直接某宝买个N6000的小主机, 支持type-c接口PD供电.
连上wifi然后frp穿透连接, 不论是ssh还是windows都很方便, 现场维护人员随身携带也很方便.
frpc客户端
# frpc.ini
[common]
server_addr = FRP服务器IP
server_port = 7000
[rdp]
type = tcp
local_ip = 0.0.0.0
local_port = 3389
remote_port = 23389
将 frp 封装成 windows 后台服务
windows下 frp 程序启动后会有一个cmd窗口,需要一直开着,不能关闭。
以下将 frp 封装成 windows 服务,可以在后台运行,并且开机自启动。
需要下载 NSSM, http://www.nssm.cc/usage, 它可以将普通的 windows 程序封装成服务。
nssm install frpc "C:\frp\frpc.exe"
nssm set frpc AppParameters "-c C:\frp\frpc.ini"
frp启动停止服务
# 启动服务
nssm start frpc
# 停止服务
nssm stop frpc
# 编辑服务配置
nssm edit frpc
# 删除服务
nssm remove frpc
之前发的太拉胯了, 重新写了一份.
针对后台文件夹更名后, 用try_files判断,免去写白名单验证了, 官方爱咋折腾出了问题再说了.
CUSTOMADMINPATH为匹配后台自定义admin目录
location ~ [^/]\.php(/|$) { YOUR php-fpm configure in HERE }
location ~ ^/{ try_files $uri $uri/ /index.php?rp=$uri; }
location ~ ^/(admin|CUSTOMADMINPATH_1|CUSTOMADMINPATH_2)/ { try_files $uri $uri/ index.php?rp=$uri; }
原始的弃用了:
location ~ /templates/.*\.tpl$ { return 404; }
location ^~ /vendor/ { return 404; }
location ~ ^/(images/em|invoice|login|password|account|store|download|knowledgebase|announcements|clientarea/ssl-certificates|user/(verification|accounts|profile|password|security|verify)|cart/(domain/renew)|domain/pricing|cart/order|images/kb)/?(.*)$ { rewrite (.*) /index.php?rp=$uri last; }
location ~ ^/(.*)/(client|client!\.php|client/(.*)|table/(.*)|search!\.php|search/(.*)|apps|billing|setup|user|services|addons|domains|utilitiesemailmarketer!\.php|utilities/(.*)|logs|help!\.php|help/license|modules|image/(recent|upload)|validation_com/(.*))/?(.*)$ { try_files $uri $uri/ /$1/index.php?rp=$uri; }
如果whmcs放在二级目录下则小改一下.
把uri改成rewrite 的正则匹配.
上传固件文件可以用scp或者tftp下载.
先启用scp服务
[~huawei] scp server enable
[~huawei] commit
用scp传文件到NE20E(100.164.6.1换成路由的IP)
scp NE20E-S2F-V800R012C10SPC300.cc [email protected]:
回到NE20E上面
#检查文件
check system-software cfcard:/NE20E-S2F-V800R012C10SPC300.cc
#执行升级
startup system-software cfcard:/NE20E-S2F-V800R012C10SPC300.cc all
检查startup
dis startup
看到 Next startup system software: cfcard:/NE20E-S2F-V800R012C10SPC300.cc就可以执行reboot了.
reboot
如果在上传文件过程中发现空间不足
dir查看文件目录
dir /all
删除文件
delete 文件名
清空回收站
reset recycle-bin
wget https://dl.dell.com/FOLDER05818335M/1/DellEMC-iDRACTools-Web-LX-9.3.1-3669_A00.tar.gz -O -| tar xz
yum -y install iDRACTools/racadm/RHEL7/x86_64/srvadmin-*.rpm
alternatives --install /usr/sbin/racadm racadm /opt/dell/srvadmin/sbin/racadm 1
racadm getniccfg
racadm racreset
原文出自https://gist.github.com/inscite/e5c6f95fbf25379c400e9ea76f2360ec
git clone https://github.com/kalcaddle/kodbox.git
chmod -Rf 777 ./kodbox/*
要php支持 bu shu部署设置很简单.
[<username>]
user = $pool
group = $pool
listen = /var/run/php-fpm-$pool.sock
listen.owner = nginx
listen.group = nginx
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /php-fpm-status
ping.path = /php-fpm-ping
access.log = /home/www/$pool/chroot/log/php-fpm-pool.log
slowlog = /home/www/$pool/chroot/log/php-fpm-slow.log
request_slowlog_timeout = 15s
request_terminate_timeout = 20s
chroot = /home/www/$pool/chroot/
chdir = /
; Flags & limits
php_flag[display_errors] = off
php_admin_flag[log_errors] = on
php_admin_flag[expose_php] = off
php_admin_value[memory_limit] = 32M
php_admin_value[post_max_size] = 24M
php_admin_value[upload_max_filesize] = 20M
php_admin_value[cgi.fix_pathinfo] = 0
php_admin_value[disable_functions] = apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_lookup_uri,apache_note,apache_request_headers,apache_reset_timeout,apache_response_headers,apache_setenv,getallheaders,virtual,chdir,chroot,exec,passthru,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,system,chgrp,chown,disk_free_space,disk_total_space,diskfreespace,filegroup,fileinode,fileowner,lchgrp,lchown,link,linkinfo,lstat,pclose,popen,readlink,symlink,umask,cli_get_process_title,cli_set_process_title,dl,gc_collect_cycles,gc_disable,gc_enable,get_current_user,getmygid,getmyinode,getmypid,getmyuid,php_ini_loaded_file,php_ini_scanned_files,php_logo_guid,php_sapi_name,php_uname,sys_get_temp_dir,zend_logo_guid,zend_thread_id,highlight_file,php_check_syntax,show_source,sys_getloadavg,closelog,define_syslog_variables,openlog,pfsockopen,syslog,nsapi_request_headers,nsapi_response_headers,nsapi_virtual,pcntl_alarm,pcntl_errno,pcntl_exec,pcntl_fork,pcntl_get_last_error,pcntl_getpriority,pcntl_setpriority,pcntl_signal_dispatch,pcntl_signal,pcntl_sigprocmask,pcntl_sigtimedwait,pcntl_sigwaitinfo,pcntl_strerror,pcntl_wait,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,posix_access,posix_ctermid,posix_errno,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_initgroups,posix_isatty,posix_kill,posix_mkfifo,posix_mknod,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname,setproctitle,setthreadtitle,shmop_close,shmop_delete,shmop_open,shmop_read,shmop_size,shmop_write,opcache_compile_file,opcache_get_configuration,opcache_get_status,opcache_invalidate,opcache_is_script_cached,opcache_reset
; Session
php_admin_value[session.entropy_length] = 1024
php_admin_value[session.cookie_httponly] = on
php_admin_value[session.hash_function] = sha512
php_admin_value[session.hash_bits_per_character] = 6
php_admin_value[session.gc_probability] = 1
php_admin_value[session.gc_divisor] = 1000
php_admin_value[session.gc_maxlifetime] = 1440
; Pathes
php_admin_value[include_path] = .
php_admin_value[open_basedir] = /data/:/tmp/misc/:/tmp/upload/:/dev/urandom
php_admin_value[sys_temp-dir] = /tmp/misc
php_admin_value[upload_tmp_dir] = /tmp/upload
php_admin_value[session.save_path] = /tmp/session
php_admin_value[soap.wsdl_cache_dir] = /tmp/wsdl
php_admin_value[sendmail_path] = /bin/sendmail -f -i
php_admin_value[session.entropy_file] = /dev/urandom
php_admin_value[openssl.capath] = /etc/ssl/certs
php7的最后一个版本在centos9上由于openssl以及net-snmp新版本不兼容了, 得打2个补丁才能安装
source /etc/os-release
yum -y -q --skip-broken install tcpdump iftop net-tools rsync vim-enhanced subversion git curl nss zip unzip wget crontabs iptables file mlocate flex diffutils dnf dnf-plugins-core
yum -y -q install https://rpms.remirepo.net/enterprise/remi-release-${VERSION_ID}.rpm
dnf config-manager --set-enabled remi #centos7/8
dnf config-manager --set-enable crb #centos9
dnf config-manager --set-enabled powertools #centos8
yum -y -q --skip-broken install gcc gcc-c++ autoconf automake imake make cmake patch libtool-libs libtool cronie.x86_64 net-snmp.$(uname -m) net-snmp-utils fping mariadb-server mariadb MySQL-python rrdtool jwhois ipmitool graphviz ImageMagick cpp icu re2c bison mlocate flex diffutils
yum -y -q --skip-broken install {kernel,zlib,libevent,libxml2,freetype,gd,libjpeg,libpng,ncurses,curl,readline,openssl,glibc,glib2,bzip2,e2fsprogs,libidn,gettext,expat,libcap,libtool-ltdl,pam,libxslt,libc-client,freetds,unixODBC,libXpm,krb5,libicu,sqlite,oniguruma,libmcrypt,libsodium,rrdtool,libssh2,net-snmp,libsqlite3x,gmp,libwebp,oniguruma-, rrdtool}-devel
dnf -y install libzip-devel oniguruma-devel rrdtool-devel uw-imap-devel
支持openssl3和net-snmp5.9的补丁
prefix="/opt/php7"
git clone https://github.com/php/php-src.git
cd php-src
git checkout PHP-7.4
autoconf
autoheader
wget http://www.kvm.la/usr/uploads/2023/06/2573259142.patch -O php-7.4-openssl3.0.patch
wget http://www.kvm.la/usr/uploads/2023/06/3393061476.patch -O php-7.4.26-snmp.patch
patch ext/snmp/snmp.c <php-7.4.26-snmp.patch
patch ext/openssl/openssl.c < php-7.4-openssl3.0.patch
./configure --quiet --prefix=$prefix/usr --with-config-file-path=$prefix/etc --with-config-file-scan-dir=$prefix/etc/php.d --sysconfdir=$prefix/etc --sbindir=$prefix/sbin --bindir=$prefix/bin --localstatedir=$prefix/var --enable-fpm --enable-bcmath --enable-exif --enable-ftp --enable-mbstring --enable-soap --enable-sockets --with-curl --with-gettext --with-openssl --with-mhash --with-mysql-sock=/var/lib/mysql/mysql.sock --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-snmp --with-imap --with-imap-ssl --with-kerberos --with-zlib --enable-intl=shared --enable-xml --disable-rpath --enable-shmop --enable-sysvsem --enable-mbregex --enable-pcntl --enable-opcache --enable-exif --with-sqlite3 --with-pdo-sqlite --enable-calendar --with-freetype --with-jpeg --enable-gd --with-webp --with-sodium --with-zip --with-pear --with-gmp --enable-intl --with-libdir=lib64 2>&1 >/dev/null;
make --quiet -j `grep name /proc/cpuinfo|wc -l` 2>&1 >/dev/null
make install 2>&1 >/dev/null
MMP要简单还是直接用remi源安装吧.
dnf install -y http://rpms.remirepo.net/enterprise/remi-release-9.rpm
dnf -y --enablerepo=remi php74 php74-php-{fpm,pdo,gd,mysqlnd,xml,pdo,snmp,imap,bcmath,exif,ftp,mbstring,soap,sockets,opcache,calendar,intl,gmp,pear,sodium} php74-php-pecl-{mysql,ssh2,rrd,zip} --skip-broken
ln -s /etc/opt/remi/php74/ /opt/php7
echo "zend_extension='/opt/ioncube/ioncube_loader_lin_7.4.so'">> /opt/php7/php.ini
prefix=/opt/php7
rm -f $prefix/php-fpm.d/www.conf
cat>$prefix/php-fpm.conf<<EOF
[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = warning
emergency_restart_threshold = 30
emergency_restart_interval = 60s
process_control_timeout = 5s
daemonize = yes
include=$prefix/php-fpm.d/*.conf
EOF
cat>$prefix/php-fpm.d/default.conf<<EOF
[default]
;listen=127.0.0.1:9006
listen=/dev/shm/php7-fpm.sock
listen.mode=0666
user=nobody
group=nobody
pm=dynamic
pm.max_children=128
pm.start_servers=20
pm.min_spare_servers=5
pm.max_spare_servers=35
pm.max_requests=10000
rlimit_files=51200
slowlog=log/\$pool.log.slow
env[PATH] = /usr/local/bin:/usr/bin:/bin:$prefix/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
EOF
systemctl restart php74-php-fpm
php目录/etc/opt/remi/php74/
php.ini目录/etc/opt/remi/php74/php.ini
php-fpm目录/etc/opt/remi/php74/php-fpm.d
php二进制地址 /usr/bin/php74 /usr/bin/php74-cgi /usr/bin/php74-phar
curl https://get.acme.sh | sh -s [email protected]
source ~/.bashrc
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
acme(){
DOMAIN="$1";
acme.sh --issue -d $1 --nginx /etc/nginx/conf/$DOMAIN.conf \
--key-file /etc/nginx/ssl/$DOMAIN.key \
--fullchain-file /etc/nginx/ssl/$DOMAIN.crt \
--reloadcmd "nginx -s reload" --force
}
acmeupdate(){
DOMAIN="$1";
acme.sh --renew -d $DOMAIN --ecc --force
}
- «
- 1
- 2
- 3
- 4
- 5
- 6
- ...
- 61
- »
