編輯 .m2/settings.xml 內容如下
<?xml version="1.0"?>
<settings >
<mirrors >
<mirror >
<id>maven</id >
<name>Maven Repository Manager running on https://repo.maven.apache.org/maven2 </name >
<url>http://artipie.loc:8085/maven/ </url >
<mirrorOf>central</mirrorOf >
</mirror >
</mirrors >
</settings >
測試
mvn dependency:get -DgroupId=junit -DartifactId=junit -Dversion=4.13.2 -Dtransitive=false -s ~/.m2/settings.xml -X
apt install -y default-jre
新增帳號 artipie
mkdir -p /opt/artipie
wget https://github.com/artipie/artipie/releases/download/v1.17.16/artipie-v1.17.16-jar-with-dependencies.jar -O /opt/artipie/artipie.jar
mkdir -p /home/artipie/data
mkdir -p /home/artipie/repo
編輯 /home/artipie/artipie.yaml
meta:
storage:
type: fs
path: /var/artipie/repo
編輯 /home/artipie/repo/maven.yaml
repo:
type: maven-proxy
remotes:
- url: https://repo.maven.apache.org/maven2
storage:
type: fs
path: /var/artipie/data
ln -s /home/artipie/ /var/artipie
編輯 /etc/systemd/system/artipie.service
[Unit]
Description=Artipie Server
[Service]
Type=simple
ExecStart=java -jar /opt/artipie/artipie.jar --config-file=/var/artipie/artipie.yaml --port=8085
Restart=always
User=artipie
Group=artipie
[Install]
WantedBy=multi-user.target
chmod a+x /etc/systemd/system/artipie.service
systemctl daemon-reload
安裝相關軟體環境
apt update && apt upgrade -y
apt install unzip wget
apt -y install apache2 libapache2-mod-php -y
apt -y install php php-gd php-json php-mysql php-curl php-mbstring php-intl php-imagick php-xml php-zip
apt -y install libmagickcore-6.q16-6-extra
apt -y install php-gmp
apt -y install php-apcu
apt -y install php-ldap
wget https://download.nextcloud.com/server/releases/nextcloud-31.0.7.zip
unzip nextcloud-31.0.7.zip -d /var/www/html/
chown -R www-data:www-data /var/www/html/nextcloud/
chmod -R 755 /var/www/html/nextcloud/
設定資料庫
apt install mariadb-server mariadb-client -y
mysql_secure_installation
mysql -u root -p
CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'your_password';
FLUSH PRIVILEGES;
EXIT;
設定Apache2
編輯 /etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/nextcloud/
ServerName your-domain.com
Alias /nextcloud "/var/www/html/nextcloud/"
<Directory /var/www/html/nextcloud/>
Options +FollowSymlinks
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined
</VirtualHost>
編輯 /etc/php/8.2/apache2/php.ini 加入
memory_limit = 256M
opcache.interned_strings_buffer=16
a2ensite nextcloud
a2enmod rewrite
a2enmod headers
編輯 /etc/apache2/apache2.conf 加入
Header always set Strict-Transport-Security "max-age=31536000;
systemctl restart apache2
設定NextCloud
使用瀏覽器連線設定 NextCloud
編輯 /var/www/html/nextcloud/config/config.php 加入
'memcache.local' => '\OC\Memcache\APCu',
'default_phone_region' => 'TWN',
cd /var/www/nextcloud
sudo -u www-data php occ maintenance:repair --include-expensive
a2enmod headers
編輯 /etc/apache2/apache2.conf 加入
Header always set Strict-Transport-Security "max-age=31536000;
1. 使用 git clone 指令下載
2. R 安裝指令安裝,install.packages("/path to folder with the package", repos = NULL, type = "source")
DAZUKOFS 可堆疊檔案系統
https://github.com/twiddern/dazukofs-linux3.6
Libsqlfs FUSE 模組,允許 sqlite 可透過作業系統級檔案系統介面存取
https://github.com/guardianproject/libsqlfs
loggedfs LoggedFS FUSE 模組,可以記錄其中發生的每個操作
https://github.com/rflament/loggedfs
fuse-nfs NFS協定 FUSE 模組
https://github.com/sahlberg/fuse-nfs
移除 X2GO
執行 regedit
刪除 HKEY_CURRENT_USER\Software\Obviously Nice\x2goclient 資料夾
重新安裝 X2GO
npm install --global verdaccio
adduser verdaccio
su - verdaccio
verdaccio
exit
mkdir -p /etc/verdaccio/
ln -s /etc/verdaccio/config.yaml /home/verdaccio/verdaccio/config.yaml
編輯 /home/verdaccio/verdaccio/config.yaml
storage: /home/verdaccio/verdaccio/storage
listen:
- 0.0.0.0:4873
#auth:
# htpasswd:
# max_users: -1
編輯 /etc/systemd/system/verdaccio.service
[Unit]
Description=Verdaccio lightweight npm proxy registry
[Service]
Type=simple
Restart=on-failure
User=verdaccio
ExecStart=/usr/local/bin/verdaccio --config /etc/verdaccio/config.yaml
[Install]
WantedBy=multi-user.target
使用方式
使用以下指令設定自訂 registry
npm config set registry http://verdaccio.loc:4873
或編輯 ~/.npmrc 內容
registry=http://verdaccio.loc:4873/
終端機下執行 conda 指令
conda config –set proxy_servers.http http://proxy.loc:3128
conda config –set proxy_servers.https http://proxt.loc:3128
或編輯設定檔 ~/.condarc 加入以下內容
proxy_servers:
http: http://proxy.loc:3128
https: http://proxy.loc:3128
檢視 conda 設定,終端機下執行
conda config –show
conda info --all
使用範例
conda config –add channels conda-forge
conda install gcc=12
conda install gxx=12
conda install gcc=12 -c conda-forge
conda install gxx=12 -c conda-forge
Add-VpnConnection -Name "VPN-NAME" -ServerAddress "vpn-server" -PassThru -TunnelType "Automatic"
-TunnelType
指定用於VPN連接的 Tunnel類型。此參數的可接受值為:
PPTP L2TP SSTP IKEv2 Automatic
編輯 /etc/ssh/sshd_config
# override default of no subsystems
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
Match group domain?users
#Match group *,!sudo
#ChrootDirectory /home/%u@loc
ChrootDirectory /home
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
pip install git+https://github.com/popgenmethods/smcpp.git --user
git clone https://github.com/popgenmethods/smcpp.git
cd smcpp
python3 setup.py install --user
錯誤訊息
Wrote out krb5.conf snippet to /var/cache/realmd/adcli-krb5-090dt5/krb5.d/adcli-krb5-conf-uzvObj
* Authenticated as user: Administrator@test.loc
* Using GSS-SPNEGO for SASL bind
! Couldn't authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
adcli: couldn't connect to ssde.sinica domain: Couldn't authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
Insufficient permissions to join the domain
安裝 krb5相關軟體
apt install krb5-user
編輯 /etc/modules 載入相關模組,reboot
# Modules needed for PPP connection
slhc
ppp_generic
ppp_async
# The three following modules are not always needed
zlib_inflate
zlib_deflate
ppp_deflate
# Modules needed for PPP/PPPOE connection
slhc
pppoe
# Modules needed for PPTP connection
pptp
# Modules needed for L2TP connection
slhc
pppol2tp
ppp_mppe
# Modules needed for PPPOA connection
# An ATM adapter module must be loaded for this to work
# (e.g. unicorn_pci_atm or unicorn_usb_atm)
slhc
ppp_generic
pppoatm
安裝 accelppp accelppp pppscrpt libpcre libsnmp
編輯 /etc/accel-ppp.conf
chap-secrets
[chap-secrets]
chap-secrets=/etc/ppp/chap-secrets
編輯 /etc/ppp/chap-secrets
帳號密碼設定檔 共四欄
# 第一欄為連線帳號,
# 第二欄要設定成/etc/accel-ppp.conf 中的name
# 第三欄為密碼
# 第四欄為連線IP
設定 shorewall
編輯 /etc/shorewall/rules加入
ACCEPT net fw tcp 1723
ACCEPT net fw udp 1701
Ping(ACCEPT) vpn fw
編輯 /etc/shorewall/zones 加入
vpn ipv4
編輯 /etc/shorewall/interfaces 加入
vpn ppp+
編輯 /etc/shorewall/policy 加入
vpn loc ACCEPT
編輯/etc/shorewall/masq
eth0 192.168.2.0/24
參考文件
https://docs.accel-ppp.org/configuration/configuration.html
相關 module
nf_nat_pptp
Apache2 錯誤訊息
Invalid command 'Header', perhaps misspelled or defined by a module not included in the server configuration
缺相關 Module
a2enmod headers
apache2ctl -M | grep headers_module
/etc/vzdump.conf 增加
script: /etc/your-custom-script.sh
編輯 /etc/your-custom-script.sh 內容如下
#!/bin/bash
# $1=post-restart $2=snapshot <backup Mode> $3=100 <lxc id>
# STOREID=local
# TARGET=/var/lib/vz/dump/vzdump-lxc-100.tar.zst
# VMTYPE=lxc
if [ "$1" == "post-restart" ]; then
do something
fi
if [ "$1" == "job-end" ]; then
do something else
fi
exit 0
SQLite Encryption Extension (SEE)
https://sqlite.org/com/see.html
sqlcipher
https://www.zetetic.net/sqlcipher/
https://github.com/zhouchangsheng/sqlcipher
apt install -y sqlcipher
sqlite-encrypt
https://github.com/jingqi/sqlite-encrypt/blob/master/README.md
SQLiteCrypt
https://www.sqlite-crypt.com/
sudo apt remove docker docker-engine docker.io containerd runc
sudo apt update
sudo apt install -y ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
sudo usermod -aG docker $(whoami)
安裝devpi
apt install pip -y
mv /usr/lib/python3.11/EXTERNALLY-MANAGED /usr/lib/python3.11/EXTERNALLY-MANAGED.bk
pip install -q -U devpi-server devpi-web --root-user-action=ignore
產生設定檔
adduser devpi
su devpi -
cd ~
devpi-init
devpi-gen-config --host 0.0.0.0 --port 3141
安裝服務
cp /home/devpi/gen-config/devpi.service /etc/systemd/system/
systemctl enable devpi
測試
http://127.0.0.1:3141/
http://127.0.0.1:3141/root/pypi/+simple/
相關指令及目錄
devpi-gen-config --help
/usr/local/bin/devpi-server
/home/devpi/.devpi
使用方式
使用指令列安裝加入相關參數
pip install -i http://devpi.loc/root/pypi/+simple/ –trusted-host devpi.loc package_name
或編輯 ~/.pip/pip.conf 設定檔
[global]
index-url = http://devpi.loc/root/pypi/+simple/
[install]
trusted-host=devpi.loc
pip install -i http://<devpi-host>:3141/root/pypi/+simple/ simplejson --break-system-packages --trusted-host <devpi-host>
相關文件
https://devpi.net/docs/devpi/devpi/6.13/+d/index.html
安裝編輯環境
apt install -y gcc linux-headers-$(uname -r)
hello.c 內容
#include <linux/module.h> /* Needed by all modules */
#include <linux/kernel.h> /* Needed for KERN_INFO */
int init_module(void)
{
printk(KERN_INFO "Hello world 1.\n");
/*
* A non 0 return means init_module failed; module can't be loaded.
*/
return 0;
}
void cleanup_module(void)
{ printk(KERN_INFO "Goodbye world 1.\n"); }
MODULE_LICENSE("L");
MODULE_AUTHOR("Taiwan");
MODULE_DESCRIPTION("Taiwan");
MODULE_VERSION("1");
obj-m += hello.o
all:
make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
clean:
make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
<?php
$f = "1.woff";
$fi = new finfo(FILEINFO_MIME_TYPE);
$mime_type = $fi->file($f);
echo $mime_type;
echo (new finfo(FILEINFO_MIME_TYPE))->file($f);
?>
安裝
apt install -y novnc apache2 php
Apache Module 設定
a2enmod rewrite
a2enmod headers
Apache VirtualHost <Directory> or <Location>設定
Header set Cache-Control "no-cache"
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [L]
index.php 內容
<?php
$NOVNC = "/usr/share/novnc/vnc.html";
$NOVNC = "/usr/share/novnc/v.html";
$NOVNC_DIR = dirname($NOVNC);
if($_SERVER["SCRIPT_URL"]=="/xxx") {
if($_REQUEST['host']!='') exit();
header("Content-Type: text/html");
readfile($NOVNC);
exit();
}
//novnc file_exists
$_t = $NOVNC_DIR . $_SERVER["SCRIPT_URL"];
if(file_exists($_t)) {
switch(pathinfo($_t, PATHINFO_EXTENSION)){
case "":
case "htm":
case "html":
case "pl":
case "md": exit(); break;
case "css": $x = "text/css"; break;
case "js" : $x = "text/javascript"; break;
default: $x = (new finfo(FILEINFO_MIME_TYPE))->file($_t);
}
header("Content-Type: $x");
readfile($_t);
exit();
}
?>
隱藏 Clipboard Connection Controls
修改 /usr/share/novnc/vnc.html
<!-- Clipboard -->
<input type="hidden" alt="Clipboard" src="app/images/clipboard.svg"
id="noVNC_clipboard_button" class="noVNC_button"
<!-- Connection Controls -->
<input type="hidden" alt="Disconnect" src="app/images/disconnect.svg"
id="noVNC_disconnect_button" class="noVNC_button"
title="Disconnect">
系統最低需求
PHP 8.1.0 (Modules: json, simplexml, dom, zlib, gd, mysqlnd or pdo_mysql or pdo_pgsql)
MySQL 8.0.13 / MariaDB 10.4.0 / PostgreSQL 12.0
Apache 2.4 / Nginx 1.21 / Microsoft IIS 10
安裝範例
apt update;apt upgrade -y;apt install -y busybox wget
apt install nginx / apt install -y apache2
apt install -y php php-common php-curl php-fpm php-imap php-cli php-xml php-zip php-mbstring php-gd php-mysql
apt install -y mariadb-server mariadb-client
systemctl start mariadb;systemctl enable mariadb
export h=/var/www/html/joomla
mkdir -p ${h}; cd ${h}
wget -q -O- https://downloads.joomla.org/zh/cms/joomla5/5-2-4/Joomla_5-2-4-Stable-Full_Package.zip?format=zip|busybox unzip -
chown -R www-data:www-data ${h}
cd -
mysql -u root
MariaDB [(none)]> CREATE DATABASE joomla_db;
MariaDB [(none)]> CREATE USER joomla_user@'localhost' IDENTIFIED BY 'joomla5_p@ssw0rd';
MariaDB [(none)]> GRANT ALL on joomla_db.* to joomla_user@localhost;
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT
安裝
apt install -y pip
pip install bandersnatch --break-system-packages
產生 /etc/bandersnatch.conf 設定檔
bandersnatch mirror
修改 /etc/bandersnatch.conf 設定檔
執行同步
bandersnatch mirror
安裝
apt install -y apt-cacher
編輯 /etc/apt-cacher/apt-cacher.conf
allowed_hosts = 192.168.0.0/16
allowed_hosts = *
相關目錄
/var/cache/apt-cacher
使用端設定
編輯 /etc/apt/apt.conf.d/90-apt-proxy.conf 加入
Acquire::http::Proxy "http://<apt-cacher-host>:3142";
Acquire::https::Proxy "http://<apt-cacher-host>:3142";
Acquire::HTTPS::proxy "DIRECT";
安裝
sudo apt install -y clamav clamav-daemon clamtk
相關服務
clamav-daemon
clamav-daemon.socket
clamav-freshclam
相關設定檔案及目錄
/var/lib/clamav
/var/log/clamav
/etc/clamav/freshclam.conf
/etc/clamav/clamd.conf
~/.clamtk/db/freshclam.conf
病毒碼 更新 Proxy
編輯 /etc/freshclam.conf 加入
# Proxy settings
# Default: disabled
#HTTPProxyServer myproxy.com
#HTTPProxyPort 1234
#HTTPProxyUsername myusername
#HTTPProxyPassword mypass
# If your servers are behind a firewall/proxy which applies User-Agent
# filtering you can use this option to force the use of a different
# User-Agent header.
# Default: clamav/version_number
#HTTPUserAgent SomeUserAgentIdString
手動掃描
clamscan /path/to/directory
clamscan -r --remove /path/to/directory
clamscan -r --bell -i /path/to/directory
安裝環境設定
apt install git gcc libconfig-dev libcairo2-dev libxi-dev libx11-dev x11proto-core-dev x11proto-dev \
libxt-dev libxext-dev libxfixes-dev libxinerama-dev libxrandr-dev libwayland-dev wayland-protocols
安裝
git clone https://github.com/MrGlockenspiel/activate-linux
cd activate-linux/
make
make install
執行
export DISPLAY=:0.0;
/usr/local/bin/activate-linux
安裝
apt install -y nginx libnginx-mod-stream
編輯 /etc/nginx/nginx.conf 加入
stream {
server {
listen 3389;
proxy_pass 10.10.10.10:3389;
}
}
stream {
server {
listen 443;
proxy_pass admin;
}
upstream admin {
server 10.10.10.10:443;
}
}
<?php
$cmd = "sqlite3 1.db ";
$interactive_cmd = "insert into a (a1,a2) values('中文','許');";
$descriptorspec = array(
0 => array("pipe", "r"), // stdin
1 => array("pipe", "w"), // stdout
2 => array("pipe", "w") // stderr ?? instead of a file
);
$stdout = "";
$stderr = "";
$process = proc_open($cmd, $descriptorspec, $pipes, NULL);
if (is_resource($process)) {
fwrite($pipes[0], $interactive_cmd . PHP_EOL);
fclose($pipes[0]);
while($s= fgets($pipes[1], 1024)) $stdout .= $s; // read from the pipe
fclose($pipes[1]);
// stderr optional:
while($s= fgets($pipes[2], 1024)) $stderr .= $s;
fclose($pipes[2]);
}
echo "stdout: $stdout \nstderr: $stderr\n";
?>
編輯 /etc/udisks2/mount_options.conf 加入
[defaults]
defaults=ro
allow=exec,noexec,nodev,nosuid,atime,noatime,nodiratime,ro,sync,dirsync,noload
重新啟動服務
systemctl restart udisks2
參考
https://storaged.org/doc/udisks2-api/latest/mount_options.html
編輯 /etc/pam.d/login 加入
account required /lib/security/pam_access.so
編輯 /etc/security/access.conf 加入
-:ALL EXCEPT root:tty1 tty2 tty3 tty4 tty5 tty6
安裝
apt install -y ibus-table
apt install -y ibus-chewing ibus-zhuyin ibus-table-easy ibus-table-easy-big
相關目錄
/usr/share/ibus-table/tables/
/usr/share/ibus-table/icons/
相關指令
ibus-table-createdb
ibus-setup
ibus restart
im-config #apt install -y zenity
安裝
sudo apt install fcitx5 fcitx5-* # 全部Fcitx5支援的輸入法
sudo apt install fcitx5-chinese-addons fcitx5-chewing # 只安裝新酷音注音
sudo apt install fcitx5-table-easy-large fcitx5-chinese-addons #只安裝輕鬆
sudo apt install fcitx5-frontend-gtk2 fcitx5-frontend-gtk3 fcitx5-frontend-gtk4 fcitx5-frontend-qt5 fcitx5-frontend-qt6
執行
export GTK_IM_MODULE=fcitx
export QT_IM_MODULE=fcitx
export XMODIFIERS=@im=fcitx
export DefaultIMModule=fcitx
fcitx-autostart &>/dev/null
相關設定
im-config
fcitx5-configtool
export WAYLAND_DISPLAY='wayland-0' DISPLAY=':0'
sudo apt install ibus-table
git clone https://github.com/daineseh/liu_ibus_table
cd liu_ibus_table
sudo ibus-table-createdb -s liu_ibus_table.txt -n liu.db
sudo cp liu.db /usr/share/ibus-table/tables/
sudo cp liu.png /usr/share/ibus-table/icons/
安裝
sudo apt update && apt upgrade
sudo apt install unattended-upgrades apt-listchanges -y
sudo systemctl enable unattended-upgrades
sudo systemctl start unattended-upgrades
編輯設定檔
/etc/apt/apt.conf.d/50unattended-upgrades
自動執行設定
dpkg-reconfigure unattended-upgrades
dpkg-reconfigure -f noninteractive unattended-upgrades
相關設定檔 /etc/apt/apt.conf.d/20auto-upgrades
測試
unattended-upgrades --dry-run --debug
參考文件
https://wiki.debian.org/UnattendedUpgrades
loginctl list-sessions
loginctl unlock-session SESSION-ID
