分类： Linux

首先创建控制台资源

apiVersion: apps/v1
kind: Deployment
metadata:
  name: apisix-dashboard
  namespace: apisix
  labels:
    app: apisix-server
spec:
  replicas: 1
  selector:
    matchLabels:
      app: apisix-server
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: apisix-server
    spec:
      containers:
        - name: apisix-server
          image: docker.io/apache/apisix-dashboard:2.9.0
          imagePullPolicy: Always
          volumeMounts:
            - mountPath: /usr/local/apisix-dashboard/conf/conf.yaml
              name: volume
          ports:
            - name: http
              containerPort: 9000
      volumes:
        - name: volume
          hostPath:
            path: /www/docker/apisix-dashboard/conf.yaml
            type: File

然后创建控制台服务

apiVersion: v1
kind: Service
metadata:
  name: dashboard-service
  namespace: apisix
spec:
  type: NodePort 
  selector:
    app: apisix-server
  ports:
  - port: 9000
    targetPort: 9000
    nodePort: 30083

对外暴露的端口就是 30083

使用多阶段构建 Nginx

#### 第一阶段

# 基础镜像
FROM centos AS Nginx-Pre

# 添加远程文件到当前文件夹
ADD http://nginx.org/download/nginx-1.20.1.tar.gz /usr/local/src/

# 在镜像内运行解压命令
RUN tar zxvf /usr/local/src/nginx-1.20.1.tar.gz -C /usr/local/src/

# 切换目录
WORKDIR /usr/local/src/nginx-1.20.1

# 安装必要的软件
RUN yum install -y gcc gcc-c++ glibc make openssl-devel gd-devel pcre pcre-devel libxslt libxslt-devel

# 编译安装
RUN ./configure --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_degradation_module --with-http_stub_status_module && make && make install

#### 第二阶段

# 基础镜像
FROM centos

# 复制软件包
COPY --from=Nginx-Pre /usr/local/nginx /usr/local/

# 执行启动命令
CMD ["-g", "daemon off;"]

1. 安装

yum install -y aria2

2. 配置开机启动

# /etc/systemd/system/aria2.service
[Unit]
Description=aria2
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/aria2c --conf-path=/usr/local/aria2/aria2.conf
User=www
Group=www

[Install]
WantedBy=network.target

3. 启用服务

systemctl enable aria2
systemctl start aria2

利用 Linux 系统的 Crontab 定时任务管理 Nginx 重启

mkdir ~/crontab
echo "#!/bin/bash

/usr/local/nginx/sbin/nginx -t

if [ $? = "0" ]
then
    /usr/local/nginx/sbin/nginx -s reload
fi
" > ~/crontab/nginx_reload.sh

添加定时任务，每天凌晨定时重启

# nginx reload
00 00 *  *  *    /bin/sh ~/crontab/nginx_reload.sh > /tmp/nginx_reload.log 2>&1

Windows 开发环境：

# 忽略路径中的转义字符

git config --global core.protectNTFS false

# 禁用换行符转换

git config --global core.autocrlf false

自动添加某域名对应的IP地址到防火墙里，允许此IP访问SSH服务

package main

import (
	"fmt"
	"net"
	"os/exec"
	"strings"
)

func main() {
	ip, err := net.ResolveIPAddr("ip4", "test.com")
	if err != nil {
		return
	}
	command, err := exec.Command("bash", "-c", "firewall-cmd --list-all").Output()
	if err != nil {
		return
	}
	if strings.Contains(string(command), ip.String()) {
		return
	}
	comm := `firewall-cmd --add-rich-rule='rule family="ipv4" source address="` + ip.String() + `" port port="22" protocol="tcp" accept'`
	_, err = exec.Command("bash", "-c", comm).Output()
	if err != nil {
		fmt.Println(err.Error())
		return
	}
}

系统： CentOS 7

# /etc/systemd/system/nginx.service

[Unit]
Description=Nginx Web Server
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true

[Install]
WantedBy=network.target

目前比较新的 Linux 发行版都有一个默认配置，就是在同时支持 IPV4 和 IPV6 的服务器上，监听 IPV6 地址端口的时候，系统会自动监听对应的 IPV4 端口。

# 查看 bindv6only 的值
cat /proc/sys/net/ipv6/bindv6only 

默认为0，就是自动绑定 IPV4 和 IPV6

取消自动绑定

sysctl -w net.ipv6.bindv6only=1
echo "net.ipv6.bindv6only = 1" >> /etc/sysctl.d/net-sysctl.conf

#!/bin/bash

curl -O http://nginx.org/download/nginx-1.16.1.tar.gz
tar zxf nginx-1.16.1.tar.gz

curl -O http://zlib.net/zlib-1.2.11.tar.gz
tar zxf zlib-1.2.11.tar.gz

curl -O https://ftp.pcre.org/pub/pcre/pcre-8.44.tar.gz
tar zxf pcre-8.44.tar.gz

cd nginx-1.16.1
sed -i '' 's/CFLAGS="$CFLAGS -g"/# CFLAGS="$CFLAGS -g"/g' auto/cc/gcc
./configure --prefix=/usr/local/nginx \
--with-zlib=../zlib-1.2.11 --with-pcre=../pcre-8.44
--with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-http_sub_module \
--with-stream --with-stream_ssl_module --with-http_v2_module \
--with-http_mp4_module --with-http_secure_link_module --with-http_auth_request_module
make
sudo make install

dd if=2020-02-05-raspbian-buster-lite.img of=/dev/sdb bs=1M

打开另一个终端，使用以下命令来查看进度

pkill -USR1 -n -x dd