PHP 時區設定

編輯 /etc/php/8.2/cli/php.ini   /etc/php/8.2/apache2/php.ini 加入
date.timezone = 'Asia/Taipei'


程式中設定
date_default_timezone_set( 'Asia/Taipei')

Apache2 安全設定相關項目

隱藏 Apache 版本、作業系統、PHP 版本
設定 HTTP 嚴格傳輸安全 (HSTS)
自定錯誤訊息
加密設定
HTTP 自動導向 HTTPS

Apache2 錯誤訊息 SSLEngine

錯誤訊息
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration

執行
a2enmod ssl

Debian NGINX 設定 SSH Over HTTPS

安裝
apt install -y nginx libnginx-mod-stream

建立 NGINX 憑證
mkdir -p /etc/nginx/ssl
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt

編輯 /etc/nginx/nginx.conf 加入
stream {
    server {
        listen 443 ssl; # Or 80 for HTTP
        proxy_pass ssh_backend;
        ssl_certificate /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key /etc/nginx/ssl/nginx.key;
    }

    upstream ssh_backend {
        server 127.0.0.1:22; # Or the actual SSH server IP and port
    }
}

編輯 /etc/nginx/nginx.conf
設定  HTTP Options
server_tokens off;

編輯 /etc/ssh/sshd_config 加入
DebianBanner no

連線方式
ssh -o ProxyCommand="openssl s_client -servername localhost -connect <nginx server>:443 2>&1" root@l -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o LogLevel=ERROR

ssh -o ProxyCommand="openssl s_client -connect <nginx server>:443 2>&1" user@ -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o LogLevel=ERROR

使用 artipie 作為 Maven cache server

編輯 .m2/settings.xml 內容如下
<?xml version="1.0"?>
<settings >
  <mirrors >
    <mirror >
      <id>maven</id >
      <name>Maven Repository Manager running on https://repo.maven.apache.org/maven2 </name >
      <url>http://artipie.loc:8085/maven/ </url >
      <mirrorOf>central</mirrorOf >
    </mirror >
  </mirrors >
</settings >

測試
mvn dependency:get -DgroupId=junit -DartifactId=junit -Dversion=4.13.2 -Dtransitive=false -s ~/.m2/settings.xml -X

Debian 12 Artipie 安裝設定

apt install -y default-jre   

新增帳號 artipie

mkdir -p /opt/artipie
wget https://github.com/artipie/artipie/releases/download/v1.17.16/artipie-v1.17.16-jar-with-dependencies.jar -O /opt/artipie/artipie.jar

mkdir -p /home/artipie/data
mkdir -p /home/artipie/repo

編輯 /home/artipie/artipie.yaml
meta:
  storage:
    type: fs
    path: /var/artipie/repo

編輯 /home/artipie/repo/maven.yaml
repo:
 type: maven-proxy
 remotes:
  - url: https://repo.maven.apache.org/maven2
   storage:
    type: fs
    path: /var/artipie/data

ln -s /home/artipie/ /var/artipie

編輯  /etc/systemd/system/artipie.service
[Unit]
Description=Artipie Server

[Service]
Type=simple
ExecStart=java -jar /opt/artipie/artipie.jar --config-file=/var/artipie/artipie.yaml --port=8085
Restart=always

User=artipie
Group=artipie

[Install]
WantedBy=multi-user.target

chmod a+x /etc/systemd/system/artipie.service
systemctl daemon-reload

Debian 12 安裝 NextCloud

安裝相關軟體環境
apt update && apt upgrade -y
apt install unzip wget

apt -y install apache2 libapache2-mod-php -y
apt -y install php php-gd php-json php-mysql php-curl php-mbstring php-intl php-imagick php-xml php-zip

apt -y install libmagickcore-6.q16-6-extra
apt -y install php-gmp
apt -y install php-apcu
apt -y install php-ldap

wget https://download.nextcloud.com/server/releases/nextcloud-31.0.7.zip
unzip nextcloud-31.0.7.zip -d /var/www/html/
chown -R www-data:www-data /var/www/html/nextcloud/
chmod -R 755 /var/www/html/nextcloud/

設定資料庫
apt install mariadb-server mariadb-client -y
mysql_secure_installation

mysql -u root -p

CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'your_password';
FLUSH PRIVILEGES;
EXIT;

設定Apache2
編輯 /etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
  ServerAdmin admin@example.com
  DocumentRoot /var/www/html/nextcloud/
  ServerName your-domain.com
  Alias /nextcloud "/var/www/html/nextcloud/"
  <Directory /var/www/html/nextcloud/>
   Options +FollowSymlinks
    AllowOverride All
    Require all granted
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
  ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
  CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined

</VirtualHost>

編輯 /etc/php/8.2/apache2/php.ini  加入
memory_limit = 256M
opcache.interned_strings_buffer=16

a2ensite nextcloud
a2enmod rewrite
a2enmod headers

編輯 /etc/apache2/apache2.conf  加入
Header always set Strict-Transport-Security "max-age=31536000;

systemctl restart apache2

設定NextCloud
使用瀏覽器連線設定 NextCloud

編輯 /var/www/html/nextcloud/config/config.php  加入
'memcache.local' => '\OC\Memcache\APCu',
'default_phone_region' => 'TWN',

cd /var/www/nextcloud
sudo -u www-data php occ maintenance:repair --include-expensive

Apache2 設定 HTTP 嚴格傳輸安全 (HSTS)

a2enmod headers

編輯 /etc/apache2/apache2.conf  加入

Header always set Strict-Transport-Security "max-age=31536000;