diff --git a/docs/tech/Commands-for-Server-Operation-and-Maintenance.md b/docs/tech/Commands-for-Server-Operation-and-Maintenance.md index b1787ef..c2a426d 100644 --- a/docs/tech/Commands-for-Server-Operation-and-Maintenance.md +++ b/docs/tech/Commands-for-Server-Operation-and-Maintenance.md @@ -6,7 +6,7 @@ **推送 GitHub 私钥**: -```bash +``` bash # 在 CatTomServer1 处执行 rsync -avP /home/cattom/.ssh/cattomgithub [server_id]:/root/.ssh/ # 指定用户名与 IP @@ -17,7 +17,7 @@ rsync -avP -e 'ssh -p 25800 -i /home/cattom/.ssh/Maria' /home/cattom/.ssh/cattom **编辑 SSH 客户端配置**: -```bash +``` bash sudo nano ~/.ssh/config ``` @@ -34,7 +34,7 @@ IdentityFile "~/.ssh/cattomgithub" **克隆 Maria 仓库**: -```bash +``` bash git clone git@github.com:cattomgithub/maria.git cd maria/script && chmod +x *.sh && ./maria.sh @@ -44,7 +44,7 @@ cd maria/script && chmod +x *.sh && ./maria.sh **推送 Gitea 私钥**: -```bash +``` bash # 在 CatTomServer1 处执行 rsync -avP /home/cattom/.ssh/cattom-gitea [server_id]:/home/cattom/.ssh/ # 指定用户名与 IP @@ -55,7 +55,7 @@ rsync -avP -e 'ssh -p 25800 -i /home/cattom/.ssh/CatTomServer' /home/cattom/.ssh **编辑 SSH 客户端配置**: -```bash +``` bash sudo nano ~/.ssh/config ``` @@ -72,7 +72,7 @@ IdentityFile "~/.ssh/cattom-gitea" **克隆 HomeLab 仓库**: -```bash +``` bash git clone git@gitea.cattom.site:cattom/HomeLab.git cd HomeLab && chmod +x *.sh && ./Ini.sh @@ -82,13 +82,13 @@ cd HomeLab && chmod +x *.sh && ./Ini.sh **启动 SSH 服务**: -```bash +``` bash sudo systemctl enable ssh && sudo systemctl restart ssh && sudo systemctl status ssh ``` **配置 SSH 密钥**: 在 CatTomServer1 终端执行 -```bash +``` bash # Maria ssh-copy-id -i /home/cattom/.ssh/Maria.pub root@[server_ip] # HomeLab @@ -99,7 +99,7 @@ ssh-copy-id -p 25800 ... **修改 SSH 配置**: -```bash +``` bash sudo nano /etc/ssh/sshd_config ``` @@ -112,7 +112,7 @@ sudo nano /etc/ssh/sshd_config ## 恢复备份文件/目录 (可选) -```bash +``` bash cd /root || exit wget -c https://cattom.oss-cn-shenzhen.aliyuncs.com/[server_name]/backup/[file_name].tar.gz tar -zxvf [file_name].tar.gz @@ -127,7 +127,7 @@ sudo rm [file_name].tar.gz 请到 [Releases - traefik/traefik](https://github.com/traefik/traefik/releases/latest) 检查最新版本。 -```bash +``` bash mkdir /root/traefik cd /root/traefik || exit @@ -147,7 +147,7 @@ sudo systemctl enable traefik.service && sudo systemctl restart traefik.service **注意: 请到 [RAM 访问控制](https://ram.console.aliyun.com/) 按照业务需求生成 AccessKey.** -```bash +``` bash cd /root || exit /bin/bash -c "$(curl -fsSL https://aliyuncli.alicdn.com/install.sh)" @@ -157,7 +157,7 @@ aliyun configure set --profile profile1 --mode AK --access-key-id [AccessKeyID] 阿里云 CLI 现已集成 ossutil,示例: -```bash +``` bash # Example 1 aliyun ossutil sync /root/backup/ oss://cattom/${SERVER}/backup/ --force --update --delete -e oss-cn-shenzhen.aliyuncs.com # Example 2 @@ -168,7 +168,7 @@ aliyun ossutil sync /root/blog/site oss://cattom-blog --force --update --delete 安装 Flexget: -```bash +``` bash cd /root || exit sudo apt -y install python3 python3-full python3-pip python3.12-venv python3 -m venv /root/flexget/ @@ -178,7 +178,7 @@ python3 -m venv /root/flexget/ 测试配置并启动后台进程: -```bash +``` bash sudo ln -s /root/maria/config/flexget/config.yml /root/flexget/config.yml /root/flexget/bin/flexget -c /root/flexget/config.yml --test execute /root/flexget/bin/flexget -c /root/flexget/config.yml daemon start -d --autoreload-config @@ -186,7 +186,7 @@ sudo ln -s /root/maria/config/flexget/config.yml /root/flexget/config.yml 设置开机自启动: -```bash +``` bash ( crontab -u $(whoami) -l echo "@reboot /root/flexget/bin/flexget -c /root/flexget/config.yml daemon start -d --autoreload-config" @@ -195,7 +195,7 @@ sudo ln -s /root/maria/config/flexget/config.yml /root/flexget/config.yml 配置 alias: -```bash +``` bash echo 'alias flexget="/root/flexget/bin/flexget -c /root/flexget/config.yml"' >> /root/.bashrc ``` @@ -227,7 +227,7 @@ Maria 非标端口开放表: [^1]: 服务器3的 Prometheus 处于容器内,而 Node Exporter 处于宿主机,必须保留该规则以保持二者连通。 -```bash +``` bash # 重置防火墙 sudo ufw reset # 添加默认条件 @@ -235,7 +235,7 @@ sudo ufw default allow outgoing # 默认允许所有数据出站 sudo ufw default deny incoming # 默认禁止所有数据入站 ``` -```bash +``` bash # SSH sudo ufw allow 25800 # Web @@ -249,7 +249,7 @@ sudo ufw allow from 127.0.0.1 to any port 18080 sudo ufw allow 6888/udp ``` -```bash +``` bash # 启用日志 sudo ufw logging medium # 列出端口开放情况 @@ -260,7 +260,7 @@ sudo ufw enable ## 加载 Docker 容器 -```bash +``` bash sudo docker compose -f /root/maria/config/"${SERVER}"/docker-compose.yml pull sudo docker compose -f /root/maria/config/"${SERVER}"/docker-compose.yml up -d --remove-orphans sudo docker system prune -f @@ -270,7 +270,7 @@ sudo systemctl restart traefik ## 配置自动备份 (可选) -```bash +``` bash ( crontab -u $(whoami) -l echo "0 6 * * * /root/maria/script/backup.sh" @@ -328,7 +328,7 @@ lsmod | grep bbr ## NFS 配置 -```bash +``` bash # Install sudo apt -y update && sudo apt -y install nfs-kernel-server nfs-common # Modify firewall on host diff --git a/docs/tech/Docker-Compose-Limiting-container-resource-usage.md b/docs/tech/Docker-Compose-Limiting-container-resource-usage.md deleted file mode 100644 index 9a1465f..0000000 --- a/docs/tech/Docker-Compose-Limiting-container-resource-usage.md +++ /dev/null @@ -1,23 +0,0 @@ -# Docker Compose: 限制容器的资源使用 - -## 修改 docker-compose.yml - -运用 compose 组件可限制容器的资源使用,以下是示例 docker-compose.yml - -``` yaml title="docker-compose.yml" -services: - : - image: - ## 可用的 CPU 数 - cpus: 1 - ## 内存大小限制 - mem_limit: 1G -``` - -在以上示例中,容器的 CPU 使用数限制在1个,内存使用限制在1G。 - -## 参考 - -[如何在 docker compose file 中限制系統資源的使用 - Zen's Blog](https://www.zenwen.tw/docker-compose-file-limit-resource) - -[Define services in Docker Compose - Docker Docs](https://docs.docker.com/reference/compose-file/services) \ No newline at end of file diff --git a/docs/tech/Snippets.md b/docs/tech/Snippets.md index 4f14032..1cda98c 100644 --- a/docs/tech/Snippets.md +++ b/docs/tech/Snippets.md @@ -102,4 +102,26 @@ git reset --hard origin/main D:\esptool-v5.2.0-windows-amd64\esptool.exe --chip esp32s3 --port [ESP32-S3 设备所对应的串口 e.g.:COM3] erase_flash ``` -显示 `Flash memory erased successfully` 后,你就可以像对待一块全新的 ESP32-S3 一样,用常规方法刷写任何其他固件了。 \ No newline at end of file +显示 `Flash memory erased successfully` 后,你就可以像对待一块全新的 ESP32-S3 一样,用常规方法刷写任何其他固件了。 + +## Docker Compose 限制容器的资源使用 + +运用 compose 组件可限制容器的资源使用,以下是示例: + +``` yaml title="docker-compose.yml" +services: + : + image: + # 可用的 CPU 数 + cpus: 1 + # 内存大小限制 + mem_limit: 1G +``` + +在以上示例中,容器的 CPU 使用数限制在1个,内存使用限制在1G。 + +### 参考 + +[如何在 docker compose file 中限制系統資源的使用 - Zen's Blog](https://www.zenwen.tw/docker-compose-file-limit-resource) + +[Define services in Docker Compose - Docker Docs](https://docs.docker.com/reference/compose-file/services) \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index 0052fa0..6abd9e1 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -101,7 +101,6 @@ nav: - "手把手教你备份和还原 Docker 卷": tech/Backup-and-Restore-of-Docker-Volumes-A-Step-by-Step-Guide.md - "在 Ubuntu 24.04 上添加交换空间": tech/How-to-Add-Swap-Space-on-Ubuntu-2404.md - "安装和配置 Material for MkDocs": tech/Install-Material-for-MkDocs.md - - "Docker Compose: 限制容器的资源使用": tech/Docker-Compose-Limiting-container-resource-usage.md - "Authentik: 搭建属于自己的单点登录服务": tech/Build-Your-Own-SSO.md - "创建和管理 Linux 服务器用于身份验证的 SSH 密钥": tech/Creating-and-Managing-SSH-Keys-for-Authentication-on-Linux-Servers.md - "将已经失效的 Onedrive 账户从资源管理器边侧栏去除": tech/Remove-deactivated-Onedrive-accounts-from-Explorer-sidebar.md