u
This commit is contained in:
parent
3e513801bd
commit
45edb0c583
@ -5,3 +5,9 @@ RUN apt update && apt install curl -y
|
||||
RUN curl https://git.faronear.org/fon/sysconfig/raw/branch/main/debian-config.sh > ~/debian-config.sh && echo -e "l\n\n\n\n\n" | bash ~/debian-config.sh
|
||||
|
||||
CMD bash
|
||||
|
||||
# docker build -t debian-faronear .
|
||||
# docker tag debian-faronear anolaxy/debian-faronear:11.5-20221205
|
||||
# docker login
|
||||
# docker push anolaxy/debian-faronear:11.5-20221205
|
||||
# docker run -it anolaxy/debian-faronear:11.5-20221205 bash
|
||||
|
||||
@ -1,5 +1,22 @@
|
||||
curl https://dist.ipfs.tech/kubo/v0.16.0/kubo_v0.16.0_linux-amd64.tar.gz -o kubo.tgz
|
||||
defaultVERSION=0.17.0
|
||||
|
||||
if [ $1 ]
|
||||
then
|
||||
VERSION=$1
|
||||
else
|
||||
echo "=== Enter kubo <VERSION> or <leave blank> for default $defaultVERSION"
|
||||
read -p ">>> " VERSION
|
||||
if [ ! $VERSION ]
|
||||
then
|
||||
VERSION=$defaultVERSION
|
||||
echo Use default version $defaultVERSION
|
||||
fi
|
||||
fi
|
||||
|
||||
curl https://dist.ipfs.tech/kubo/v0.16.0/kubo_$VERSION_linux-amd64.tar.gz -o kubo.tgz
|
||||
tar xzf kubo.tgz
|
||||
## install ./kubo/ipfs to /usr/local/bin/ipfs
|
||||
cd kubo && sudo bash install.sh
|
||||
|
||||
# echo "alias ipfs=`pwd`/kubo/ipfs" >> ~/.bashrc_custom
|
||||
# alias ipfs=`pwd`/kubo/ipfs
|
||||
# alias ipfs=`pwd`/kubo/ipfs
|
||||
|
||||
@ -1,42 +0,0 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name ipfs.tic.cc;
|
||||
rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https
|
||||
server_tokens off; # Enables or disables emitting nginx version on error pages and in the "Server" response header field.
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name ipfs.tic.cc;
|
||||
ssl_certificate /faronear/ipfsweb/ssl-fullchain.cer;
|
||||
ssl_certificate_key /faronear/ipfsweb/ssl-ipfs.tic.cc.key;
|
||||
|
||||
server_tokens off;
|
||||
|
||||
ssl_session_timeout 5m;
|
||||
ssl_session_cache shared:SSL:5m;
|
||||
# secure settings (A+ at SSL Labs ssltest at time of writing)
|
||||
# see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
|
||||
ssl_prefer_server_ciphers on;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $server_name;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
|
||||
proxy_read_timeout 1200s;
|
||||
|
||||
# used for view/edit office file via Office Online Server
|
||||
client_max_body_size 0;
|
||||
|
||||
access_log /faronear/ipfsweb/nginx-access.log;
|
||||
error_log /faronear/ipfsweb/nginx-error.log;
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,29 +1,30 @@
|
||||
#!/bin/bash
|
||||
|
||||
echo "Usage: this-script.sh [nodeVersion]"
|
||||
echo "Usage: this-script.sh [VERSION]"
|
||||
|
||||
defaultVersion=16
|
||||
defaultVERSION=18
|
||||
|
||||
if [ $1 ]
|
||||
then
|
||||
nodeVersion=$1
|
||||
VERSION=$1
|
||||
else
|
||||
read -p "Enter nodejs version (leave blank for default $defaultVersion) or 'tools' >> " nodeVersion
|
||||
if [ ! $nodeVersion ]
|
||||
echo "=== Enter nodejs version (leave blank for default $defaultVERSION) or 'tools'"
|
||||
read -p ">>> " VERSION
|
||||
if [ ! $VERSION ]
|
||||
then
|
||||
nodeVersion=$defaultVersion
|
||||
echo Use default nodejs version $defaultVersion
|
||||
VERSION=$defaultVERSION
|
||||
echo Use default nodejs version $defaultVERSION
|
||||
fi
|
||||
fi
|
||||
|
||||
sudo apt update
|
||||
|
||||
if [ $nodeVersion != "tools" ]
|
||||
if [ $VERSION != "tools" ]
|
||||
then
|
||||
echo "######## Installing nodejs v$nodeVersion ########"
|
||||
curl -sL https://deb.nodesource.com/setup_$nodeVersion.x | sudo bash - && sudo apt install nodejs -y
|
||||
# for centos: curl --silent --location https://rpm.nodesource.com/setup_$nodeVersion.x | sudo bash
|
||||
echo "######## nodejs v$nodeVersion installed completely! ########"
|
||||
echo "######## Installing nodejs v$VERSION ########"
|
||||
curl -sL https://deb.nodesource.com/setup_$VERSION.x | sudo bash - && sudo apt install nodejs -y
|
||||
# for centos: curl --silent --location https://rpm.nodesource.com/setup_$VERSION.x | sudo bash
|
||||
echo "######## nodejs v$VERSION installed completely! ########"
|
||||
fi
|
||||
|
||||
echo "######## Installing C++ build tools for Linux ########"
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
|
||||
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.2/install.sh | bash
|
||||
|
||||
pushd /faronear/fon/sysconfig
|
||||
# 取消被默认添加到 .bashrc 的设置,already integrated in .bashrc
|
||||
|
||||
@ -1,4 +1,9 @@
|
||||
echo "=== 需要查看的端口号:"
|
||||
read -p ">>> " PORT
|
||||
if [ "$1" ]
|
||||
then
|
||||
PORT=$1
|
||||
else
|
||||
echo "=== 需要查看的端口号:"
|
||||
read -p ">>> " PORT
|
||||
fi
|
||||
|
||||
netstat -tunlp | grep $PORT
|
||||
|
||||
9
portscan-mac.sh
Normal file
9
portscan-mac.sh
Normal file
@ -0,0 +1,9 @@
|
||||
if [ "$1" ]
|
||||
then
|
||||
PORT=$1
|
||||
else
|
||||
echo "=== 需要查看的端口号:"
|
||||
read -p ">>> " PORT
|
||||
fi
|
||||
|
||||
lsof -i tcp:$PORT
|
||||
@ -8,5 +8,7 @@
|
||||
|
||||
netstat -aon |findstr %PORT%
|
||||
|
||||
@echo;
|
||||
|
||||
@echo "tasklist |findstr [PID]": to find the process,
|
||||
@echo "taskkill /T /F /PID [PID]": to kill the process.
|
||||
0
ssh-pubkey-to-remote.sh → scp-pubkey-to-remote.sh
Executable file → Normal file
0
ssh-pubkey-to-remote.sh → scp-pubkey-to-remote.sh
Executable file → Normal file
@ -9,16 +9,22 @@ sudo apt-get install python3 python3-setuptools python3-pip python3-ldap sqlite3
|
||||
## for seafile 9.*:
|
||||
# sudo pip3 install --timeout=3600 django==3.2.* future Pillow pylibmc captcha jinja2 sqlalchemy==1.4.3 psd-tools django-pylibmc django-simple-captcha pycryptodome==3.12.0
|
||||
|
||||
echo "=== Enter <version number> to install, or <leave blank> for default 9.0.10:"
|
||||
read -p ">>> " SFVERSION
|
||||
if [ ! "$SFVERSION" ]
|
||||
then
|
||||
SFVERSION="9.0.10"
|
||||
fi
|
||||
|
||||
|
||||
pushd /faronear
|
||||
sudo mkdir bin-seafile
|
||||
cd bin-seafile
|
||||
sudo wget https://seafile-downloads.oss-cn-shanghai.aliyuncs.com/seafile-server_8.0.8_x86-64.tar.gz
|
||||
## for seafile 9.*: https://seafile-downloads.oss-cn-shanghai.aliyuncs.com/seafile-server_9.0.2_x86-64.tar.gz
|
||||
sudo tar -xzf seafile-server_*
|
||||
cd seafile-server-*
|
||||
sudo ./setup-seafile.sh
|
||||
|
||||
ln -s seafile-server-8.0.8 sea
|
||||
sudo wget https://seafile-downloads.oss-cn-shanghai.aliyuncs.com/seafile-server_$SFVERSION_x86-64.tar.gz
|
||||
sudo tar -xzf seafile-server_$SFVERSION_x86-64.tar.gz
|
||||
ln -s seafile-server-$SFVERSION sea
|
||||
cd sea
|
||||
sudo ./setup-seafile.sh # to setup seafile+sqlite (setup-seafile-mysql.sh is for mysql). this will create ccnet,conf,seafile-data,seahub-data,seahub.db inside the parent folder /faronear/bin-seafile
|
||||
|
||||
sudo ./seafile.sh start
|
||||
|
||||
@ -26,12 +32,12 @@ sudo ./seafile.sh start
|
||||
# sudo sed -i "s/127\.0\.0\.1/0.0.0.0/g" ../conf/gunicorn.conf.py
|
||||
## to change seahub port, to edit gunicorn.conf.py, it works although it still promts "Starting seahub at port 8000 ...".
|
||||
## (Directly `./seahub.sh start <PORT>` prompts "Starting seahub at port <PORT> ..." but it actually doesn't listen on <PORT>.)
|
||||
sudo ./seahub.sh start
|
||||
sudo ./seahub.sh start # the first run will asks to setup an admin account
|
||||
|
||||
popd
|
||||
|
||||
sudo apt install nginx -y
|
||||
rm /etc/nginx/sites-enabled/default
|
||||
cp /faronear/fon/sysconfig/seafile-nginx-http.conf /faronear/bin-seafile/
|
||||
ln -s /faronear/bin-seafile/seafile-nginx-http.conf /etc/nginx/sites-enabled/
|
||||
service nginx restart
|
||||
# sudo apt install nginx -y
|
||||
# rm -fr /etc/nginx/sites-enabled/default
|
||||
# cp /faronear/fon/sysconfig/seafile-nginx-http.conf /faronear/bin-seafile/
|
||||
# ln -s /faronear/bin-seafile/seafile-nginx-http.conf /etc/nginx/sites-enabled/
|
||||
# service nginx restart
|
||||
|
||||
0
acme-install.sh → ssl-acme-install.sh
Executable file → Normal file
0
acme-install.sh → ssl-acme-install.sh
Executable file → Normal file
0
acme-setup-ssl.sh → ssl-acme-setup-all.sh
Executable file → Normal file
0
acme-setup-ssl.sh → ssl-acme-setup-all.sh
Executable file → Normal file
@ -9,9 +9,8 @@ EXPOSE 8080
|
||||
|
||||
CMD cd /uniapp-cli && npm run serve
|
||||
|
||||
# docker commit [container-id] [new-image-name]
|
||||
# docker build -t [image-name] .
|
||||
# docker tag [image-name] anolaxy/uniapp-cli:node16.18-alpine3.16
|
||||
# docker build -t uniapp-cli .
|
||||
# docker tag uniapp-cli anolaxy/uniapp-cli:node16.18-debian11.5 // alpine3.16
|
||||
# docker login
|
||||
# docker push anolaxy/uniapp-cli:node16.18-alpine3.16
|
||||
# docker run -d -p 8080:8080 -v /home/adot/pex-user-uniapp:/uniapp-cli/src anolaxy/uniapp-cli:node16.18-alpine3.16
|
||||
# docker push anolaxy/uniapp-cli:node16.18-debian11.5 // alpine3.16
|
||||
# docker run -d -p 8080:8080 -v /home/adot/pex-user-uniapp:/uniapp-cli/src anolaxy/uniapp-cli:node16.18-debian11.5 // alpine3.16
|
||||
|
||||
Loading…
Reference in New Issue
Block a user