Proxmox ve zfs 新增swap

zfs create -V 12G rpool/swap
zfs set checksum=off rpool/swap
zfs set dd:swap=on rpool/swap   
mkswap  /dev/zvol/rpool/swap
swapon  /dev/zvol/rpool/swap

編輯 /etc/fstab 加入
/dev/zvol/rpool/swap  none  swap  sw  0  0

WDFS WebDav Fuse mount 安裝摘要

apt install -y gcc make fuse libneon27-dev libfuse-dev libglib2.0
wget -q -O- http://noedler.de/projekte/wdfs/wdfs-1.4.2.tar.gz |tar zx --

cd wdfs-1.4.2
./configure && make
./src/wdfs

參考資料
http://noedler.de/projekte/wdfs/
https://github.com/jmesmon/wdfs

建置 Debian mirror site

安裝相關軟體
wget -q -O- https://ftp-master.debian.org/ftpsync.tar.gz|tar zxv

編輯設定檔 distrib/etc/ftpsync.conf
cat <<EOF>distrib/etc/ftpsync.conf
MIRRORNAME=`hostname -f`
TO="/srv/mirrors/debian/"
RSYNC_HOST=ftp.us.debian.org
RSYNC_PATH="debian"
ARCH_INCLUDE="amd64"
EXCLUDE="--exclude=jessie* --exclude=oldstable* --exclude=sid* --exclude=testing* --exclude=unstable* --exclude=experimental* --exclude=Debian* --exclude=stable*"

EOF

定期執行
./distrib/bin/ftpsync

JupyterHub 整合 R

apt -y install r-base

apt-get install libcurl4-openssl-dev libssl-dev -y

R
install.packages("devtools")
install.packages('IRkernel')
IRkernel::installspec()
IRkernel::installspec(user = FALSE)

Debian 11 安裝 JupyterHub

apt-get install nodejs npm pip
python3 -m pip install jupyterhub
npm install -g configurable-http-proxy
python3 -m pip install jupyterlab notebook

pip install jupyterlab-language-pack-zh-TW

編輯  /etc/systemd/system/jupyterhub.service
# Template file for JupyterHub systemd service
# Uses simple string.format() for 'templating'
# /etc/systemd/system/jupyterhub.service
# /etc/systemd/system/multi-user.target.wants/jupyterhub.service
[Unit]
#Requires=traefik.service
#After=traefik.service

[Service]
User=root
Restart=always
WorkingDirectory=/opt/jupyterhub

# Protect bits that are normally shared across the system
PrivateTmp=yes
PrivateDevices=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes

#Environment=TLJH_INSTALL_PREFIX=/opt/tljh
# Run upgrade-db before starting, in case Hub version has changed

# This is a no-op when no db exists or no upgrades are needed
ExecStart=/usr/local/bin/jupyterhub

[Install]
# Start service when system boots
WantedBy=multi-user.target

編輯 /opt/jupyterhub/bootstrap.sh
#!/bin/bash
USER=$1
USERHOME=$(eval "echo ~${USER}")
[ "$USER" == "" ]&&exit 0;
[ -d "$USERHOME" ]&&exit 0;

mkdir -p $(dirname $USERHOME);
cp -r /etc/skel $USERHOME;
uid=$(id $USER|tr \( \ |xargs -n 1|grep uid|cut -d= -f2)
gid=$(id $USER|tr \( \ |xargs -n 1|grep gid|cut -d= -f2)
chown -R $uid.$gid $USERHOME  && chmod 0700 $USERHOME;
exit 0

編輯/opt/jupyterhub/jupyterhub_config.py 加入

import subprocess

def pre_spawn_hook(spawner):

    username = spawner.user.name

    subprocess.check_call(['./bootstrap.sh', username])

c.Spawner.pre_spawn_hook = pre_spawn_hook

The Littlest JupyterHub 帳號管理命令列指令

增加具管理權限帳號
tljh-config add-item users.admin <username>
tljh-config reload

移除帳號管理權限
tljh-config remove-item users.admin <username>
tljh-config reload

pip / pip3 指定安裝來源

方法1. 使用 pip.conf 設定檔
mkdir ~/.pip;

cat <<EOF >~/.pip/pip.conf
[global]
index-url = http://mysite.loc/pypi/simple/
[install]
trusted-host=mysite.loc
EOF

方法2. 命令列指定
pip3 install hail -i http://mysite.loc/pypi/simple --trusted-host mysite.loc

Debian 10 升級 11

apt update && apt upgrade

mv /etc/apt/sources.list /etc/apt/sources.list.bak

cat <<EOF >/etc/apt/sources.list
deb http://ftp.tw.debian.org/debian bullseye main contrib
deb http://ftp.tw.debian.org/debian bullseye-updates main contrib
# security updates
deb http://security.debian.org bullseye-security main contrib
EOF

apt update && apt full-upgrade

debian 11 安裝 proxmox backup client

wget https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg

cat <<EOF > /etc/apt/sources.list.d/pbs-no-subscription.list
# PBS pbs-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pbs bullseye pbs-no-subscription
EOF

apt update && apt install proxmox-backup-client -y

Proxmox ve pct 執行複雜 bash script

pct exec 100 -- bash -c 'date >/tmp/d;date'

x= 'date >/tmp/d;date';
pct exec 40010 -- bash -c "$x"

Proxmox ve 移除 node known_hosts 異常

After removal of the node, its SSH fingerprint will still reside in the known_hosts of the other nodes. If you receive an SSH error after rejoining a node with the same IP or hostname, run pvecm updatecerts once on the re-added node to update its fingerprint cluster wide.

Debian 11 安裝 proxmox-offline-mirror

安裝
wget https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg

echo "deb http://download.proxmox.com/debian/pbs-client bullseye main" >/etc/apt/sources.list.d/pbs-client.list

apt update && apt install proxmox-offline-mirror -y

mkdir -p  /pom/mirror/base-dir

新增 mirror
proxmox-offline-mirror config mirror add \
 --id debian-bullseye-security \
 --architectures amd64 \
 --architectures all \
 --repository 'deb http://deb.debian.org/debian-security bullseye-security main contrib non-free' \
 --key-path /etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.gpg \
 --sync true \
 --verify true \
 --base-dir /pom/mirror/base-dir

proxmox-offline-mirror config mirror add \
 --id debian-bullseye \
 --architectures amd64 \
 --architectures all \
 --repository 'deb http://deb.debian.org/debian bullseye main contrib' \
 --key-path /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg \
 --sync true \
 --verify true \
 --base-dir /pom/mirror/base-dir

proxmox-offline-mirror config mirror add \
 --id debian-bullseye-updates \
 --architectures amd64 \
 --architectures all \
 --repository 'deb http://deb.debian.org/debian bullseye-updates main contrib' \
 --key-path /etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.gpg \
 --sync true \
 --verify true \
 --base-dir /pom/mirror/base-dir

同步 mirror
proxmox-offline-mirror mirror snapshot create debian-bullseye-security
proxmox-offline-mirror mirror snapshot create debian-bullseye
proxmox-offline-mirror mirror snapshot create debian-bullseye-updates

相關設定檔
/etc/proxmox-offline-mirror.cfg

SSSD Status:GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database

可能是 /etc/krb5.keytab 異常或毀損，重新加入網域