edit Commands-for-Server-Operation-and-Maintenance
All checks were successful
Deploy / deploy (push) Successful in 35s
All checks were successful
Deploy / deploy (push) Successful in 35s
This commit is contained in:
Cat Tom
@@ -18,17 +18,20 @@ Maria:
|
|||||||
sudo systemctl enable ssh && sudo systemctl restart ssh && sudo systemctl status ssh
|
sudo systemctl enable ssh && sudo systemctl restart ssh && sudo systemctl status ssh
|
||||||
```
|
```
|
||||||
|
|
||||||
接着,生成 SSH 密钥。进入 CatTomServer3-1 的终端,然后执行:
|
接着,生成并配置 SSH 密钥。进入 CatTomServer3-1 的终端,然后执行:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
ssh-keygen -m PEM -t rsa -b 4096 -C "[username]@[server_ip]" -f ~/.ssh/[server_name]
|
||||||
|
|
||||||
ssh-copy-id -i /home/cattom/.ssh/[server_name].pub root@[server_ip]
|
ssh-copy-id -i /home/cattom/.ssh/[server_name].pub root@[server_ip]
|
||||||
```
|
```
|
||||||
|
|
||||||
最后,修改 `/etc/ssh/sshd_config`:
|
最后,修改 `/etc/ssh/sshd_config`:
|
||||||
|
|
||||||
- Port 22 → Port 25800
|
- Port 22 → **Port 25800**
|
||||||
- PermitRootLogin prohibit-password (取消该行注释)
|
- PermitRootLogin **prohibit-password** (取消该行注释)
|
||||||
- PasswordAuthentication yes → PasswordAuthentication no
|
- PasswordAuthentication yes → PasswordAuthentication **no**
|
||||||
|
- (可选) PubkeyAuthentication **yes**
|
||||||
|
|
||||||
重启 SSH 服务以刷新配置: `sudo systemctl restart ssh`
|
重启 SSH 服务以刷新配置: `sudo systemctl restart ssh`
|
||||||
|
|
||||||
@@ -36,14 +39,14 @@ Maria:
|
|||||||
|
|
||||||
```bash
|
```bash
|
||||||
cd /root || exit
|
cd /root || exit
|
||||||
wget -c https://cattom.oss-cn-shenzhen.aliyuncs.com/"${SERVER}"/backup/[file_name].tar.gz
|
wget -c https://cattom.oss-cn-shenzhen.aliyuncs.com/[server_name]/backup/[file_name].tar.gz
|
||||||
tar -zxvf [file_name].tar.gz
|
tar -zxvf [file_name].tar.gz
|
||||||
sudo rm [file_name].tar.gz
|
sudo rm [file_name].tar.gz
|
||||||
```
|
```
|
||||||
|
|
||||||
## 安装业务程序 (按需安装)
|
## 安装业务程序 (按需安装)
|
||||||
|
|
||||||
Traefik:
|
### Traefik
|
||||||
|
|
||||||
请到 [Releases - traefik/traefik](https://github.com/traefik/traefik/releases/latest) 检查最新版本。
|
请到 [Releases - traefik/traefik](https://github.com/traefik/traefik/releases/latest) 检查最新版本。
|
||||||
|
|
||||||
@@ -56,13 +59,14 @@ Traefik:
|
|||||||
wget -c [link]
|
wget -c [link]
|
||||||
tar -zxvf [file_name] && rm [file_name] LICENSE.md CHANGELOG.md && mv traefik /usr/local/bin/traefik
|
tar -zxvf [file_name] && rm [file_name] LICENSE.md CHANGELOG.md && mv traefik /usr/local/bin/traefik
|
||||||
|
|
||||||
ln -s /root/maria/config/traefik/static.yaml /root/traefik/static.yaml && ln -s /root/maria/config/${SERVER}/traefik.yaml /root/traefik/dynamic.yaml
|
ln -s /root/maria/config/traefik/static.yaml /root/traefik/static.yaml
|
||||||
|
ln -s /root/maria/config/${SERVER}/traefik.yaml /root/traefik/dynamic.yaml
|
||||||
|
|
||||||
ln -s /root/maria/config/systemd/traefik.service /etc/systemd/system/traefik.service && sudo systemctl daemon-reload
|
ln -s /root/maria/config/systemd/traefik.service /etc/systemd/system/traefik.service && sudo systemctl daemon-reload
|
||||||
sudo systemctl enable traefik.service && sudo systemctl restart traefik.service
|
sudo systemctl enable traefik.service && sudo systemctl restart traefik.service
|
||||||
```
|
```
|
||||||
|
|
||||||
阿里云 CLI:
|
### 阿里云 CLI
|
||||||
|
|
||||||
**注意: 请到 [RAM 访问控制](https://ram.console.aliyun.com/) 按照业务需求生成 AccessKey.**
|
**注意: 请到 [RAM 访问控制](https://ram.console.aliyun.com/) 按照业务需求生成 AccessKey.**
|
||||||
|
|
||||||
@@ -74,7 +78,7 @@ Traefik:
|
|||||||
aliyun configure set --profile profile1 --mode AK --access-key-id [AccessKeyID] --access-key-secret [AccessKeySecret] --region "cn-shenzhen"
|
aliyun configure set --profile profile1 --mode AK --access-key-id [AccessKeyID] --access-key-secret [AccessKeySecret] --region "cn-shenzhen"
|
||||||
```
|
```
|
||||||
|
|
||||||
阿里云 CLI 现已集成阿里云 ossutil,示例:
|
阿里云 CLI 现已集成 ossutil,示例:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Example 1
|
# Example 1
|
||||||
@@ -83,24 +87,38 @@ Traefik:
|
|||||||
aliyun ossutil sync /root/blog/site oss://cattom-blog --force --update --delete --region cn-hongkong
|
aliyun ossutil sync /root/blog/site oss://cattom-blog --force --update --delete --region cn-hongkong
|
||||||
```
|
```
|
||||||
|
|
||||||
Flexget:
|
### Flexget
|
||||||
|
|
||||||
|
安装 Flexget:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# 安装 Flexget
|
|
||||||
cd /root || exit
|
cd /root || exit
|
||||||
sudo apt -y install python3 python3-full python3-pip python3.12-venv
|
sudo apt -y install python3 python3-full python3-pip python3.12-venv
|
||||||
python3 -m venv /root/flexget/
|
python3 -m venv /root/flexget/
|
||||||
/root/flexget/bin/pip install --upgrade pip setuptools && /root/flexget/bin/pip install flexget
|
/root/flexget/bin/pip install --upgrade pip setuptools
|
||||||
|
/root/flexget/bin/pip install flexget
|
||||||
|
```
|
||||||
|
|
||||||
# 测试配置并启动后台进程
|
测试配置并启动后台进程:
|
||||||
|
|
||||||
|
```bash
|
||||||
sudo ln -s /root/maria/config/flexget/config.yml /root/flexget/config.yml
|
sudo ln -s /root/maria/config/flexget/config.yml /root/flexget/config.yml
|
||||||
/root/flexget/bin/flexget -c /root/flexget/config.yml --test execute
|
/root/flexget/bin/flexget -c /root/flexget/config.yml --test execute
|
||||||
/root/flexget/bin/flexget -c /root/flexget/config.yml daemon start -d --autoreload-config
|
/root/flexget/bin/flexget -c /root/flexget/config.yml daemon start -d --autoreload-config
|
||||||
|
```
|
||||||
|
|
||||||
# 设置开机自启动
|
设置开机自启动:
|
||||||
(crontab -u $(whoami) -l echo "@reboot /root/flexget/bin/flexget -c /root/flexget/config.yml daemon start -d --autoreload-config") | crontab -u $(whoami) -
|
|
||||||
|
|
||||||
# 配置 alias
|
```bash
|
||||||
|
(
|
||||||
|
crontab -u $(whoami) -l
|
||||||
|
echo "@reboot /root/flexget/bin/flexget -c /root/flexget/config.yml daemon start -d --autoreload-config"
|
||||||
|
) | crontab -u $(whoami) -
|
||||||
|
```
|
||||||
|
|
||||||
|
配置 alias:
|
||||||
|
|
||||||
|
```bash
|
||||||
echo 'alias flexget="/root/flexget/bin/flexget -c /root/flexget/config.yml"' >> /root/.bashrc
|
echo 'alias flexget="/root/flexget/bin/flexget -c /root/flexget/config.yml"' >> /root/.bashrc
|
||||||
```
|
```
|
||||||
|
|
||||||
@@ -112,7 +130,7 @@ Flexget:
|
|||||||
|
|
||||||
所有在 Docker Compose 文件中没有定义特定监听地址的端口都不需要在 UFW 中放行。
|
所有在 Docker Compose 文件中没有定义特定监听地址的端口都不需要在 UFW 中放行。
|
||||||
|
|
||||||
Maria 端口开放表:
|
Maria 非标端口开放表:
|
||||||
|
|
||||||
| 服务器 | 端口 | 来源IP/IP段 | 目标IP/IP段 | 协议 | 备注 |
|
| 服务器 | 端口 | 来源IP/IP段 | 目标IP/IP段 | 协议 | 备注 |
|
||||||
| :----: | :---: | :---------: | :---------: | :---: | :-----------: |
|
| :----: | :---: | :---------: | :---------: | :---: | :-----------: |
|
||||||
@@ -176,7 +194,10 @@ Maria 端口开放表:
|
|||||||
## 配置自动备份 (可选)
|
## 配置自动备份 (可选)
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
(crontab -u $(whoami) -l echo "0 6 * * * /root/maria/script/backup.sh") | crontab -u $(whoami) -
|
(
|
||||||
|
crontab -u $(whoami) -l
|
||||||
|
echo "0 6 * * * /root/maria/script/backup.sh"
|
||||||
|
) | crontab -u $(whoami) -
|
||||||
```
|
```
|
||||||
|
|
||||||
## 进入 Docker 容器的终端
|
## 进入 Docker 容器的终端
|
||||||
|
|||||||
Reference in New Issue
Block a user