Centos下安装部署Vaultwarden和Caddy1

Bitwarden的一个开放项目Vaultwarden基于rust编写, 可以使用Bitwarden的浏览器插件然后配置使用自建的服务器.

Caddy比nginx配置更简单自动SSL方便, teddy有编译好直接拿来用.

配套资料

官方资源页面: https://bitwarden.com/download/

Windows桌面软件: https://vault.bitwarden.com/download/?app=desktop&platform=windows
MacOS APP安装: https://itunes.apple.com/app/bitwarden/id1352778147
Chrome插件: https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb
Firefox插件: https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/
微软EDGE插件: https://microsoftedge.microsoft.com/addons/detail/jbkfoedolllekgbhcbcoahefnbanhhlh

阅读剩余部分...

docker mail server

poste.io
mailu.io
mailcow
docker-mailserver
Mailu
Modoboa

都是docker容器的

sqlite3导出备份恢复

1、备份和还原数据库
sqlite> .backup 'backup.db'
sqlite> .restore 'backup.db'

2、导出及导入SQL脚本
shell方式:
# sqlite3 sqa.db ".dump [mytabl%]" > sqa.sql
# sqlite3 sqb.db < sqa.sql

命令行方式:
sqlite> .output backup.sql
sqlite> .dump [mytabl%]
sqlite> .read backup.sql

阅读剩余部分...

nginx fastcgi中SCRIPT_FILENAME的设置

在官方wiki找到的

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name

在alias下路径报错

-----------------------------------------------------------------------------

fastcgi_param SCRIPT_FILENAME $request_filename

index取值忽略fastcgi_index的设定, 直接取http或者server字段下的index设定值.

 

https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/

keepass/vaultwarden

想装一个玩玩,但是最近没有时间或又没又精力

https://github.com/dani-garcia/vaultwarden

 

https://nodeedge.com/keepass-to-vaultwarden.html

https://zhuanlan.zhihu.com/p/391010360

https://www.uskvm.com/p/196.html

gcc版本切换

yum -y install centos-release-scl
yum -y install devtoolset-6-gcc*
scl enable devtoolset-6 bash

Fedora跨版本升级

最近今天心血来潮又折腾了下fedora, 直接从23跳到34版本.

但是遇上了rpmlib(PayloadIsZstd) <= 5.4.18-1 is needed by 错误.

大致上就是rpmlib依赖包过不去又不想挨个版本升级,

 简单搜索了下解决方案先升级到25 30 32 然后就可以升级至34最新了.

dnf system-upgrade download --releasever=34   --allowerasing --nogpgcheck    -y
dnf system-upgrade reboot

 

顺道看了下fedora自带php7.4 / mariadb 10.5 / nginx 1.20 也有openresty的支持, 其实用于个人的生产环境妥妥的简单省事.

windows终于有个像样的终端了 - Windows Terminal

现在windows10下的PowerShell下命令安装, 或者直接在商店里面搜索Windows Terminal并安装。

winget install --id=Microsoft.WindowsTerminal -e

大致上看了一下可以支持各种配色,除了windows拉跨的字体渲染显示比较拉跨外,其他都还不错。

搭配一下OpenSSH再配置下RSYNC基本上用起来和Linux原生环境差不多了。

 

安装完后在cmd或者powershell里面运行wt就启动了, 接下来配色更换字体等等都可以DIY定制了。

阅读剩余部分...

怀旧系列:重玩Xen

自从Kvm进入内核自带后自己编译Xen内核相对比较麻烦, 已经很多年没玩Xen了.

Centos也停止Xen更新了, 另外还有个crc.id.au的一直在更新维护安装包.

https://xen.crc.id.au/downloads/

https://wiki.centos.org/HowTos/Xen/Xen4QuickStart

由于有现成的安装包, 就不用去编译内核了.

阅读剩余部分...

Centos的remi repo配置引导

https://rpms.remirepo.net/wizard/

yum -y install epel-release -y      
yum install https://rpms.remirepo.net/enterprise/remi-release-8.rpm

 备用记录下, 下次装libzip不用去编译了.

yum -y --enablerepo=remi install libzip-last-devel   

Centos8编译安装php8

yum -y install epel-release
yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y --enablerepo=remi install libzip-last-devel                                                                                                                                                               
yum -y install gcc vim-enhanced gcc-c++ libtool-libs libtool autoconf subversion zip unzip  wget crontabs iptables file bison patch mlocate flex diffutils automake imake make cmake kernel-devel cpp zlib-devel \
libevent-devel libxml2-devel freetype-devel  gd gd-devel libjpeg-devel libpng-devel ncurses-devel  \
curl-devel readline-devel openssl-devel  glibc-devel  glib2-devel bzip2-devel e2fsprogs-devel libidn-devel  gettext-devel expat-devel libcap-devel  libtool-ltdl-devel pam-devel \
libxslt-devel libc-client-devel freetds-devel unixODBC-devel  libXpm-devel krb5-devel libicu-devel icu sqlite-devel libsodium-devel oniguruma-devel

 

wget https://www.php.net/distributions/php-8.0.11.tar.gz -O - | tar xz
cd  php-8.*
prefix="/opt/php8";
# --with-zip  
 ./configure --quiet --prefix=$prefix/usr --with-config-file-path=$prefix/etc --sysconfdir=$prefix/etc --sbindir=$prefix/sbin --bindir=$prefix/bin --localstatedir=$prefix/var --enable-fpm --enable-bcmath --enable-exif --enable-ftp --enable-mbstring --enable-soap --enable-sockets  --with-curl --with-gettext --with-openssl  --with-mhash  --with-mysql-sock=/var/lib/mysql/mysql.sock --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-imap --with-imap-ssl --with-kerberos --with-zlib --enable-intl=shared --enable-xml --disable-rpath --enable-shmop --enable-sysvsem --enable-mbregex  --enable-pcntl --enable-opcache --enable-exif  --with-sqlite3 --with-pdo-sqlite --enable-calendar --with-freetype --with-jpeg --enable-gd --with-sodium --with-zip --with-libdir=lib64 ;
make -j `grep name /proc/cpuinfo|wc -l`
make install
sed -i 's#expose_php = On#expose_php = Off#'  				php.ini-production
sed -i 's#;date.timezone =#date.timezone=Asia/Shanghai#g'  		php.ini-production
sed -i 's#;cgi.fix_pathinfo=1#cgi.fix_pathinfo=0#g' 			php.ini-production
sed -i 's#enable_dl = Off#enable_dl = On#' 				php.ini-production
sed -i 's#register_argc_argv = Off#register_argc_argv = On#'            php.ini-production
sed -i 's#short_open_tag = Off#short_open_tag = On#'  			php.ini-production
sed -i 's#output_buffering = Off#output_buffering = On#'  		php.ini-production
sed -i 's/memory_limit = 32M/memory_limit = 128M/g' 			php.ini-production
sed -i 's/post_max_size = 8M/post_max_size = 32M/g' 			php.ini-production
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 128M/g' 	php.ini-production
sed -i 's#allow_call_time_pass_reference = Off#allow_call_time_pass_reference = On#' 	php.ini-production
sed -i 's/disable_functions =/disable_functions="passthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket,popen"/g' php.ini-production

mkdir -p $prefix/etc/php-fpm.d
ln -s $prefix/bin/ph* /usr/bin/
ln -s $prefix/sbin/ph* /usr/sbin/
#cp ./sapi/fpm/php-fpm /etc/init.d/php-fpm      #弃用init.d
install -p -D -m 0644 sapi/fpm/php-fpm.service /usr/lib/systemd/system/
install -p -D -m 0644 php.ini-production  $prefix/etc/php.ini

#Set fpm.conf
cat>$prefix/etc/php-fpm.conf<<EOF
[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = warning
emergency_restart_threshold = 30
emergency_restart_interval = 60s
process_control_timeout = 5s
daemonize = yes
include=$prefix/etc/php-fpm.d/*.conf
EOF
cat>$prefix/etc/php-fpm.d/default.conf<<EOF
[default]
;listen=127.0.0.1:9006
listen=/dev/shm/php-fpm.sock
listen.mode=0666
user=nobody
group=nobody
pm=dynamic
pm.max_children=128
pm.start_servers=20
pm.min_spare_servers=5
pm.max_spare_servers=35
pm.max_requests=10000
rlimit_files=51200
slowlog=log/\$pool.log.slow
env[PATH] = /usr/local/bin:/usr/bin:/bin:$prefix/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
EOF

systemctl enable php-fpm
systemctl start php-fpm




macos关闭微软office的自动更新

cd /Library/Application\ Support/Microsoft/MAU2.0
sudo chmod 000 Microsoft\ AutoUpdate.app

设置权限到最低或者直接删掉, 这玩意烦得一逼, 还经常更新失败.

windows10安装OpenSSH

打开PowerShell

查询安装

Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

安装客户端

Add-WindowsCapability -Online -Name OpenSSH.Client

安装服务端

Add-WindowsCapability -Online -Name OpenSSH.Server

平时用于服务器维护只要安装OpenSSH.Client, 然后就可以像linux环境一样直接用ssh scp等命令了.

类似xshell这种玩意没啥必要安装了.

PS: Windows2019 server可以安装, 之前的2016 2012不能默认直接安装, 需要下载安装包.

在AMD Ryzen机器上安装Centos7运行办法

先在机器上安装好Centos7, 然后正常启动会遇上Kernel panic无法启动的问题.

这个问题的主要原因是Centos7默认的Kernel 3.10不支持Ryzen, 需要安装5.2以上版本才能支持.

由于系统无法正常启动,这个时候需要用iso启动一个Rescue系统进去安装内核.

用Centos7的Rescue或者用systemrescuecd都可以.

启动好Rescue后的处理步骤大致如下

mount /dev/磁盘分区 /mnt ; cd /mnt
mount -o bind /dev dev/
mount -o bind /sys sys/
mount -o bind /proc proc/
mount -o bind /sys sys/
chroot /mnt

chroot后就可以用yum进行安装高版本的内核了.
参考文章链接http://kvm.la/1385.html

grub2-mkconfig --output /boot/grub2/grub.cfg

 

如果是chroot进去后可以用mknod创建文件

mknod -m 666 /dev/random c 1 8
mknod -m 666 /dev/urandom c 1 9

Centos7安装高版本内核

Centos7.8后可以安装官方的5.4内核

yum -y update centos-release
yum install -y yum-utils epel-release
yum-config-manager --enable centos-kernel
yum install kernel -y


确认升级完重启, 可以卸载3.10的内核了.

yum remove $(rpm -qa | grep kernel | grep  "3\.10")