location /testz {
default_type text/plain;
echo request_uri "$request_uri";
echo Server addr "$server_addr";
echo remote_addr "$remote_addr";
echo http_x_http_forwarded_for "$http_x_http_forwarded_for";
echo proxy_add_x_forwarded_for "$proxy_add_x_forwarded_for";
echo http_x_forwarded_for "$http_x_forwarded_for";
echo http_accept_language "$http_accept_language";
echo http_user_agent "$http_user_agent";
echo content_length "$content_length";
echo content_type "$content_type";
echo document_root "$document_root";
echo document_uri "$document_uri";
echo limit_rate "$limit_rate";
echo request_method "$request_method";
echo remote_port "$remote_port";
echo remote_user "$remote_user";
echo request_filename "$request_filename";
echo request_uri "$request_uri";
echo query_string "$query_string";
echo args "$args";
echo scheme "$scheme";
echo server_protocol "$server_protocol";
#echo server_addr "$server_addr";
echo server_name "$server_name";
echo server_port "$server_port";
echo URI "$uri";
echo http_referer $http_referer;
echo request $request;
echo connection $connection;
echo remote_user $remote_user;
echo request_time $request_time;
echo hostname $hostname;
echo realpath_root $realpath_root;
echo proxy_protocol_addr $proxy_protocol_addr;
echo http_via $http_via;
echo http_host $http_host;
echo time_local $time_local;
#echo SESSION $session;
echo http_cookie $http_cookie;
echo "man man lai 2";
#echo $http_cookie ;
#echo $user_cookie;
#echo $cookie_PHPSESSID;
#echo $http_host;
set_sha1 $hash_ip $remote_addr;
echo hash_ip $hash_ip;
echo connection $connection;
echo connection_requests $connection_requests;
echo connections_active $connections_active;
echo connections_reading $connections_reading;
echo connections_waiting $connections_waiting;
echo connections_writing $connections_writing;
if ( $http_cookie = '') {echo "You cookie is null";}
#if {$connection_requests >= '100') {echo yes;}
set $testvar 233;
rewrite_by_lua 'ngx.var.testvar = 123';
echo $testvar;
}
cat googleapis.conf
sub_filter_once off;
sub_filter_types text/css text/xml text/javascript;
sub_filter "https://fonts.googleapis.com" "/assets/vendor/googleapis";
sub_filter "//fonts.googleapis.com" "/assets/vendor/googleapis";
sub_filter "https://ajax.googleapis.com" "/assets/vendor/ajax";
sub_filter "https://fonts.gstatic.com" "/assets/vendor/fonts_gstatic";
#sub_filter "https://www.google.com/jsapi" "/assets/vendor/gstatic/charts/loader.js";
proxy_hide_header Link;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
location ~ /assets/vendor/googleapis/ {
proxy_set_header Accept-Encoding "";
rewrite ^/assets/vendor/googleapis/(.+)$ /$1 break;
proxy_pass https://fonts.googleapis.com;
proxy_set_header Host "fonts.googleapis.com";
proxy_set_header User-Agent $http_user_agent;
expires 1d;
sub_filter "https://fonts.gstatic.com" "/assets/vendor/fonts_gstatic";
}
location ~ /assets/vendor/fonts_gstatic/ {
rewrite ^/assets/vendor/fonts_gstatic/(.+)$ /$1 break;
proxy_pass https://fonts.gstatic.com;
proxy_set_header Host "fonts.gstatic.com";
proxy_set_header User-Agent $http_user_agent;
expires 1y;
}
location ~ /assets/vendor/gstatic/ {
rewrite ^/assets/vendor/gstatic/(.+)$ /$1 break;
proxy_pass https://www.gstatic.com;
proxy_set_header Host "www.gstatic.com";
expires 1y;
}
location ~ /assets/vendor/ajax/ {
rewrite ^/assets/vendor/ajax/(.+)$ /$1 break;
proxy_pass https://gajax.googleapis.com;
proxy_set_header Host ajax.googleapis.com;
expires 1y;
}
cat gstatic.conf
sub_filter_once off;
sub_filter_types text/css;
sub_filter https://fonts.gstatic.com/ /gstatic/;
sub_filter https://fonts.googleapis.com/ /googleapis/;
sub_filter http://fonts.gstatic.com/ /gstatic/;
sub_filter http://fonts.googleapis.com/ /googleapis/;
sub_filter //fonts.gstatic.com/ /gstatic/;
sub_filter //fonts.googleapis.com/ /googleapis/;
#proxy_bind $remote_addr transparent;
proxy_hide_header Link;
location /gstatic/ {
resolver 8.8.8.8;
proxy_set_header Host fonts.gstatic.com;
proxy_pass http://fonts.gstatic.com/;
}
location /googleapis/ {
resolver 8.8.8.8;
proxy_set_header Host fonts.googleapis.com;
proxy_pass http://fonts.googleapis.com/;
}
cat error.conf
error_page 404 @404page;
error_page 502 503 504 @502page;
location @502page {
default_type text/plain;
echo "Backend server time out";
}
location @404page {
default_type text/plain;
echo "Not Found";
}
cat cc.conf
set $hash_ip HASHKEY2015$remote_addr;
set_sha1 $hash_var $hash_ip;
if ($cookie_cfcuid != "$hash_var"){
add_header Set-Cookie "cfcuid=$hash_var";
rewrite .* "https://$http_host$uri" redirect;
}
none
看网上没啥人玩,记录一下。
踩了2个坑,一是需要xslt,二是pcre2, 主要看之前编译nginx用的那个pcre版本
大致流程
apt install libxml2-dev libxslt1-dev git curl libpcre2-dev
wget http://nginx.org/download/nginx-1.28.0.tar.gz
tar zxf nginx-1.28.0.tar.gz
cd nginx-1.28.0
git clone https://github.com/nginx/njs
./configure --with-compat --add-dynamic-module=./njs/nginx
make modules
cp objs/ngx_http_js_module.so /usr/lib/nginx/modules/ngx_http_js_module.so
echo "load_module modules/ngx_http_js_module.so;" > /etc/nginx/modules-enabled/50-mod-njs.conf
nginx -t
确定pcre版本
ldd /usr/sbin/nginx | grep pcre
njs确定加载后在http字段引入
http {
js_import my_ua.js;
}
location再调用写好的js内容就可以玩耍了
location / {
js_content my_ua.checkRequest;
}
直接官方仓库安装的就更简单了。
官方项目地址:https://github.com/coder/code-server
现成编译安装包:https://github.com/coder/code-server/releases
docker/podman镜像https://github.com/coder/code-server/pkgs/container/code-server
docker hub地址 https://hub.docker.com/r/codercom/code-server
容器部署方式
podman run -d \
--restart=always \
--name=code-server \
-p 8080:8080 \
-v /opt/:/opt \
-e PASSWORD="密码" \
--user 0:0 \
-e "DOCKER_USER=$USER" \
ghcr.io/coder/code-server:4.106.3-39
Docker Hub
docker.io/codercom/code-server:latest
快速初始化code-server
podman exec -it code-server /bin/bash #进入容器后运行初始化脚本
code-server --install-extension ms-ceintl.vscode-language-pack-zh-hans
code-server --install-extension lkrms.pretty-php
echo '{"locale":"zh-cn"}' > ~/.local/share/code-server/User/argv.json
Nginx反向代理配置
location / {
proxy_pass http://localhost:8080/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Accept-Encoding gzip;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
中间配置nginx的时候出现websockt中断,好像是Accept-Encoding的问题, 折腾了几次后又正常了。
配置好后把root目录拷贝一份,做文件夹映射应该可以下次直接使用。
不知道什么原因定时任务文件没了, 导致ssl没a自动续期,手动恢复下。
cat>/etc/cron.d/clp<<EOF
MAILTO=""
5 0 * * * clp /usr/bin/sudo /etc/init.d/rsyslog restart &> /dev/null
15 2 * * * clp /usr/bin/sudo /usr/bin/systemctl restart clp-agent &> /dev/null
10 3 * * * clp /usr/bin/bash -c "/usr/bin/clpctl monitoring:data:clean" &> /dev/null
15 3 * * * clp /usr/bin/bash -c "/usr/bin/clpctl db:backup --ignoreDatabases='db1,db2' --retentionPeriod=7" &> /dev/null
15 4 * * * clp /home/clp/scripts/create_backup.sh &> /dev/null
10 5 * * * clp /usr/bin/bash -c "/usr/bin/clpctl lets-encrypt:renew:custom-domain:certificate" &> /dev/null
15 5 * * * clp /usr/bin/bash -c "/usr/bin/clpctl lets-encrypt:renew:certificates" &> /dev/null
15 6 * * * clp /usr/bin/bash -c "/usr/bin/clpctl vhost-templates:import --delay=true" &> /dev/null
20 6 * * * clp /usr/bin/bash -c "/usr/bin/clpctl cloudflare:update:ips --delay=true" &> /dev/null
25 6 * * * clp /usr/bin/bash -c "/usr/bin/clpctl app:clean-up:sessions" &> /dev/null
0 */8 * * * clp /usr/bin/bash -c "/usr/bin/clpctl announcement:check" &> /dev/null
EOF
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d 12345 /f
netsh advfirewall firewall add rule name="RDP Custom Port" dir=in action=allow protocol=TCP localport=12345
none
共同特征是卖服务器配件网络设备等东西
价格标得非常低吸引流量,进去就是议价,甚至自己都没有货。。。。
none
ALTER TABLE `sqltable` ADD FULLTEXT `name` (`name`), ADD FULLTEXT `full_tag` (`tag`);
ALTER TABLE `sqltable` ADD FULLTEXT(name, tag);
Thinkphp8查询写法
class Blog extends Model
{
public static function matchSearch($keyword,$field)
{
return self::whereRaw("MATCH($field) AGAINST(? IN NATURAL LANGUAGE MODE)", [$keyword])->select();
}
}
// 调用
$data = Blog:matchSearch('小明','name');
对比redis-search插件方式,SQL可以额外免维护方式比较方便。
debian源的版本比较老,而且redis-redisearch更老。
安装新版本ReJSON和RediSearch啥都有, 就是启动服务的时候官方service加载search就会卡住。
cd /tmp
VER=$(curl -Ss https://api.github.com/repos/redis/redis/releases/latest|grep tag_name|grep -Po '[0-9]+\.[0-9]+\.[0-9]+.*(?=")')
wget https://github.com/redis/redis/archive/refs/tags/${VER}.tar.gz -O - | tar xz
cd redis-${VER}
export BUILD_TLS=yes
export BUILD_WITH_MODULES=yes
export INSTALL_RUST_TOOLCHAIN=yes
export DISABLE_WERRORS=yes
make -j "$(nproc)" all
make install
ln -s /usr/local/bin/redis-server /usr/bin/
cat>>/etc/redis/redis.conf<<EOF
loadmodule /usr/local/lib/redis/modules/redisbloom.so
loadmodule /usr/local/lib/redis/modules/redisearch.so
loadmodule /usr/local/lib/redis/modules/rejson.so
loadmodule /usr/local/lib/redis/modules/redistimeseries.so
EOF
cat>/etc/systemd/system/redis.service<<EOF
[Unit]
Description=Redis In-Memory Data Store
After=network.target
[Service]
ExecStart=/usr/local/bin/redis-server /etc/redis/redis.conf
ExecReload=/bin/kill -s HUP $MAINPID
Type=simple
User=root
Group=root
LimitNOFILE=10032
TimeoutStartSec=300
TimeoutStopSec=60
[Install]
WantedBy=multi-user.target
EOF
systemctl enable redis --now
/usr/local/bin/ #二进制目录
/etc/redis/redis.conf #配置文件目录
# Modules
module:name=search,ver=80402,api=1,filters=0,usedby=[],using=[ReJSON],options=[handle-io-errors]
module:name=vectorset,ver=1,api=1,filters=0,usedby=[],using=[],options=[handle-io-errors|handle-repl-async-load]
module:name=ReJSON,ver=80400,api=1,filters=0,usedby=[search],using=[],options=[handle-io-errors]
module:name=bf,ver=80400,api=1,filters=0,usedby=[],using=[],options=[handle-io-errors]
module:name=timeseries,ver=80400,api=1,filters=0,usedby=[],using=[],options=[handle-io-errors]
官方安装文档地址:
https://redis.io/docs/latest/operate/oss_and_stack/install/build-stack/almalinux-rocky-9/
https://redis.io/docs/latest/operate/oss_and_stack/install/build-stack/debian-bookworm/
https://redis.io/docs/latest/operate/oss_and_stack/install/build-stack/ubuntu-noble/
VScode扩展插件安装pretty-php
apt install php-cli php-mbstring -y
apt install tilix -y
#macos配置文件路径
/Users/用户名Library/Application\ Support/Code/User/settings.json
#Linux配置文件目录
/home/用户名/.config/Code/User/settings.json
{
"workbench.colorTheme": "Default Light Modern",
"editor.accessibilitySupport": "off",
"editor.formatOnType": true,
// ==== PHP ====
"[php]": {
"editor.defaultFormatter": "lkrms.pretty-php",
"editor.formatOnSave": true
},
// ==== HTML ====
"[html]": {
"editor.defaultFormatter": "vscode.html-language-features",
"editor.formatOnSave": true
},
// ==== TPL / 模板 ====
"files.associations": {
"*.tpl": "html",
"*.tpl.php": "html"
},
"html.format.indentInnerHtml": true,
"html.format.wrapLineLength": 600,
"html.format.templating": true,
"html.format.contentUnformatted": "script,style,pre,code,template,meta",
// ==== 编辑器外观 ====
"editor.fontFamily": "Menlo, Monaco, 'Courier New', JetBrains Mono, monospace",
"editor.fontSize": 14,
"continue.showInlineTip": false,
"editor.tokenColorCustomizations": {},
"editor.defaultFormatter": "lkrms.pretty-php",
"editor.formatOnPaste": true,
"css.format.braceStyle": "expand",
"amazonQ.allowFeatureDevelopmentToRunCodeAndTests": {
}
}
sudo apt update
sudo apt install -y \
build-essential \
cmake \
g++ \
git \
libssl-dev \
libboost-all-dev \
libjemalloc-dev \
pkg-config
sudo apt install build-essential llvm cmake libclang1 libclang-dev cargo
git clone --recursive https://github.com/RediSearch/RediSearch.git
cd RediSearch
sudo make setup
make build
git clone https://github.com/RedisJSON/RedisJSON.git
cd RedisJSON
make
编译太麻烦了从docker镜像直接拉现成的
podman pull docker.io/redislabs/redisearch:latest
podman run -d --name redisearch -p 6379:6379 docker.io/redislabs/redisearch:latest
none
#!/bin/bash
TOP_N=${2:-10}
PID=$(pgrep -o -x mysqld)
[ -z "$PID" ] && PID=$(pgrep -o -x mariadbd)
TID=`top -H -p $PID -b -n 1 | tail -n +8 | awk -v pid="$PID" '$1 != pid {printf "%s\t%s\n",$1,$9}' | sort -k2 -nr | head -n $TOP_N|awk '{ print $1 }'|paste -sd ',' -`
mariadb -h'127.0.0.1' -P'3306' -u'root' -p'密码' -e "SELECT * FROM information_schema.processlist WHERE tid IN ($TID) ORDER BY time DESC;"
根据MariaDB的PID查询出PID,再根据TID去information_schema.processlist里面找出对应的sql查询。
none
最近需遍历查看几十万个图片文件, 虽然能通过http进行遍历,但涉及到操作文件要另外写代码。
kasmweb的ubuntu-jammy-desktop镜像帮我省掉了很多事, 直接进去操作,整体很流畅。
podman run -d \
--restart=unless-stopped \
--name ubuntu-desktop \
--hostname ubuntu-desktop \
--shm-size=5120m \
-p 6901:6901 \
-e VNC_PW=password \
-e LANG=zh_CN.UTF-8 \
-e LANGUAGE=zh_CN:zh \
-e LC_ALL=zh_CN.UTF-8 \
-v /www:/www \
--user 0:0 \
docker.io/kasmweb/ubuntu-jammy-desktop:1.18.0
使用 --user 0:0 提权为root
-p是端口映射
容器启动后访问 https://IP:6901 有条件的做个反向代理
默认访问用户名是kasm-user密码则是 -e VNC_PW参数
禁用自带的401验证的podman参数
-e VNCOPTIONS="-disableBasicAuth" \
进入root方法
podman exec -it -u root ubuntu-desktop bash
sudo -i
出现401验证错误解决办法
podman exec -it -u root ubuntu-desktop bash
#进入容器后重置密码
VNC_PW=密码
echo -e "${VNC_PW}\n${VNC_PW}\n" | kasmvncpasswd -u kasm_user -wo
echo -e "${VNC_PW}\n${VNC_PW}\n" | kasmvncpasswd -u kasm_viewer -r
备份vscode TG数据办法
mkdir /data/opt -p
podman cp ubuntu-desktop :/opt /data/opt
#重新创建容器加上参数
-v /data/opt:/opt \
重启容器
podman restart ubuntu-desktop
停止和删除容器
podman stop ubuntu-desktop
podman rm ubuntu-desktop
官方网址https://kasm.com/kasmvnc
docker镜像网址 https://hub.docker.com/r/kasmweb/ubuntu-jammy-desktop
Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)
Mozilla/5.0 (Linux;u;Android 4.2.2;zh-cn;) AppleWebKit/534.46 (KHTML,like Gecko) Version/5.1 Mobile Safari/10600.6.3 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)
Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)
Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)
Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)
Mozilla/5.0 (Linux;u;Android 4.2.2;zh-cn;) AppleWebKit/534.46 (KHTML,likeGecko) Version/5.1 Mobile Safari/10600.6.3 (compatible; Baiduspider/2.0;+http://www.baidu.com/search/spider.html)
Baiduspider ( http://www.baidu.com/search/spider.htm)
Baiduspider-image+(+http://www.baidu.com/search/spider.htm)
Mozilla/5.0 (compatible; Baiduspider/2.0;+http://www.baidu.com/search/spider.html)
Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html
Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html
none
发现缓存数量无限增多,好像是没有自动清除过期缓存,如果是SSD硬盘要注意大量文件读写问题导致过度消耗硬盘寿命。
最好还是redis缓存为好。
none
modprobe nbd max_part=8
qemu-nbd --connect=/dev/nbd0 /path/to/disk.qcow2
#fdisk -l /dev/nbd0
fsck -y /dev/nbd0p1
qemu-nbd --disconnect /dev/nbd0
none
- 1
- 2
- 3
- 4
- ...
- 60
- »
