呜呜呜,小瞧你了,caddy
caddy
首先安装go
wget https://go.dev/dl/go1.21.3.linux-amd64.tar.gz
tar -zxvf
mkdir -p /opt/devtools
mv go /opt/devtools/go
mkdir -p ${HOME}/gopath/{src,bin,pkg}
|
vim /etc/profile
export GOROOT='/opt/devtools/go'
export GOPATH="${HOME}/gopath"
export PATH="${GOROOT}/bin:${GOPATH}/bin:${PATH}"
source /etc/profile
|
然后安装xcaddy2
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-xcaddy-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-xcaddy.list
sudo apt update
sudo apt install xcaddy
|
export version=$(curl -s "https://api.github.com/repos/caddyserver/caddy/releases/latest" | jq -r .tag_name)
xcaddy build v2.7.5 \
--output ./caddy_v2.7.5 \
--with github.com/abiosoft/caddy-exec \
--with github.com/caddy-dns/cloudflare \
--with github.com/caddy-dns/dnspod \
--with github.com/caddy-dns/duckdns \
--with github.com/caddy-dns/gandi \
--with github.com/caddy-dns/route53 \
--with github.com/greenpau/caddy-authorize \
--with github.com/greenpau/caddy-auth-portal \
--with github.com/greenpau/caddy-trace \
--with github.com/hairyhenderson/caddy-teapot-module \
--with github.com/kirsch33/realip \
--with github.com/porech/caddy-maxmind-geolocation \
--with github.com/caddyserver/transform-encoder \
--with github.com/mholt/caddy-webdav
|
安装并替换
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy
systemctl stop caddy
rm -f /usr/bin/caddy
mv ./caddy_v2.7.5 /usr/bin/caddy
|
siren.blue {
root * /data/disk/www/html
encode gzip
php_fastcgi unix//var/run/php/php8.1-fpm.sock
file_server
}
|
修改/lib/systemd/system/caddy.service后需要执行sudo systemctl daemon-reload
配置文件还是在/etc/caddy/Caddyfile
过多重定向
大坑
原因
开启SSL证书后选择灵活SSL,由于灵活的SSL强制通过未加密的HTTP连接到源Web服务器,然而web服务器只能以https的方式进行访问,结果http就被拒之门外了。
解决方法
对于采用cloudflare提供的CDN加速来说,将灵活ssl切换到完全的SSL。
补充
灵活 SSL 选项允许在访问者和 Cloudflare 之间建立安全的 HTTPS 连接,但会强制 Cloudflare 通过未加密的 HTTP 连接到源 Web 服务器。源 Web 服务器不需要拥有SSL 证书,但访问者仍然会浏览该网站的 HTTPS 版本。如果您的网站上有任何敏感信息,则不建议使用灵活选项。只有在用户无法在自己的源 Web 服务器上设置 SSL 时,才使用灵活作为最后的手段。
完全可确保访问者与 Cloudflare 域之间以及 Cloudflare 与 Web 服务器之间的安全连接。完全 SSL 选项不会在源中验证 SSL 证书的真实性。源 Web 服务器上允许使用自签名证书。要在启用完全 SSL 选项之前避免 525 错误,请将源 Web 服务器配置为允许端口 443 上的 HTTPS 连接,并提供自签名 SSL 证书
麻了
还是cloudfare吊销证书
重新安装吧
绷不住了
配置文件里加一句吧
tls /data/caddy/dionysus.zip.pem /data/caddy/dionysus.zip.key
tls /data/disk/caddy/siren.blue.pem /data/disk/caddy/siren.blue.key
真的难崩
未知 以及文件读写问题
把php的默认用户组改成了caddy,未知好坏
vim /etc/php/8.1/fpm/pool.d/www.conf
sudo systemctl restart php8.1-fpm
sudo systemctl restart caddy.service
所以无法写入的原因是caddy的目录但是php-fpm是www-data吗
一些用法
caddy file-server --listen ":9999" --browse ui挺好看的,下载文件
好多镜像,麻了
ls /etc/apt/sources.list.d/
/etc/apt/sources.list
lazy-vim
git clone https://github.com/LazyVim/starter ~/.config/nvim
nvim直接启动
jetbrains-mono-nerd
`git clone https://github.com/LazyVim/starter ~/.config/nvim
sudo mkdir -p /usr/share/fonts/truetype/
sudo mv ~/Downloads/JetBrainsMonoNerdFont-Regular.ttf /usr/share/fonts/truetype/
sudo fc-cache -fv
mysql
安装完后启动
mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
systemctl start mariadb
jenv
mkdir -p ~/.jenv/versions
jenv add /usr/lib/jvm/xxx
viper
好容易忘,唉
端口在55555
nginx的验证是root/dionysus
里面还有一层是root/dionysus-sein
唉,真难
docker
apt update
apt upgrade -y
apt install curl vim wget gnupg dpkg apt-transport-https lsb-release ca-certificates
curl -sSL https://download.docker.com/linux/debian/gpg | gpg --dearmor > /usr/share/keyrings/docker-ce.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce.gpg] https://download.docker.com/linux/debian $(lsb_release -sc) stable" > /etc/apt/sources.list.d/docker.list
curl -sSL https://download.docker.com/linux/debian/gpg | gpg --dearmor > /usr/share/keyrings/docker-ce.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -sc) stable" > /etc/apt/sources.list.d/docker.list
apt update
apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
|
compose
curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
|
呃呃,感觉不如pip
nginx
好久没用nginx了,备个份
#user http;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
types_hash_max_size 4096;
types_hash_bucket_size 128;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /usr/share/nginx/html/;
index index.html index.htm index.php;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
|
事前要安装好php-fpm
证书
openssl req -new -newkey rsa:2048 -nodes -keyout xxxx.key -out xxxx.csr
这个xxxx填写域名
我的建议还是直接cloudfare
apache
/etc/httpd/conf/httpd.conf
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
还要添加
LoadModule php_module modules/libphp.so
AddHandler php-script .php
Include conf/extra/php_module.conf
|
httpd -V
根据 Apache 的输出,其配置文件应该在 /etc/httpd/conf/httpd.conf。这是因为:
SERVER_CONFIG_FILE="conf/httpd.conf" 表示配置文件是 httpd.conf。HTTPD_ROOT="/etc/httpd" 表示 Apache 的根目录是 /etc/httpd。
openresty
实在不行把他当nginx吧QWQ
sudo openresty -t检验配置
可以和apache一起使用
配置文件真吉尔烦
/opt/openresty/nginx/conf/nginx.conf
真吉尔麻烦,php-fpm和openresty的用户全部改成普通用户吧,低能,不如root全图图了
Windows
设置git-bash为默认ssh终端
notepad C:\ProgramData\ssh\sshd_config
ForceCommand "C:/Program Files/Git/bin/bash.exe" -i
|
腾讯CDN
大概是
域名siren.blue=>CDN=>主机siren.blue
所以这
双系统
pacman -S os-prober
nvim /etc/default/grub
取消该行注释
sudo grub-mkconfig -o /boot/grub/grub.cfg
|
没有的话手动添加/etc/grub.d/40_custom,不过已经忘了怎么操作的了
