# 获取最新的树莓派系统镜像
wget https://downloads.raspberrypi.org/raspbian_lite_latest
# 解压系统
unzip raspbian_lite_latest
# 查看系统分区信息
fdisk -lu 2021-01-11-raspios-buster-armhf-lite.img
# 挂载第一个分区 Fat32 格式
mount -o loop,offset=4194304 2021-01-11-raspios-buster-armhf-lite.img /mnt/
# 开启 SSH
touch /mnt/ssh
# Wifi 自动连接
echo "country=CN
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
ssid="WIFI"
psk="12345678"
priority=1
key_mgmt=WPA-PSK
}
" >> /mnt/wpa_supplicant.conf
# 卸载第一个分区
umount /mnt/
# 挂载第二个分区 Ext4 格式
mount -o loop,offset=272629760 2021-01-11-raspios-buster-armhf-lite.img /mnt
# 开启 root 用户登录
sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /mnt/etc/ssh/sshd_config
# root 密码
openssl passwd -1 123456
sed -i "s/root:*:/root:$1$WnVLEqxw$RtbKjeiasCwcJONnUjAby0:/g" /mnt/etc/shadow
# SSH 服务优化
sed -i "s/#UseDNS no/UseDNS no/g" /mnt/etc/ssh/sshd_config
# 清空登录提示信息
echo "" > /mnt/etc/motd
# 更换阿里云镜像源
echo "deb https://mirrors.aliyun.com/raspbian/raspbian/ buster main non-free contrib
deb-src https://mirrors.aliyun.com/raspbian/raspbian/ buster main non-free contrib" > /mnt/etc/apt/sources.list
sed -i "s/deb http/#deb http/g" /mnt/etc/apt/sources.list.d/raspi.list
# 卸载第二个分区
umount /mnt/
分类: Linux
SSH配置多密钥登录
修改 SSH 服务配置文件 #~/.ssh/config
Host *
Compression yes
ServerAliveInterval 60
ServerAliveCountMax 20
Host centos
HostName 0.0.0.0
User root
IdentityFile ~/.ssh/root.pem
Unit with Python
yum install -y gcc wget python-devel
wget https://github.com/nginx/unit/archive/1.4.tar.gz
tar zxf 1.4.tar.gz
cd unit-1.4
./configure --prefix=/usr/local/unit
./configure python
make && make install
ln -s /usr/local/unit/sbin/unitd /usr/sbin/
unitd --control 127.0.0.1:9800
echo "def application(environ, start_response):
start_response('200 OK', [('Content-Type', 'text/html')])
return 'Hello, web!
'" > /www/html/wsgi.py
echo '{"listeners":{"*:9801":{"application":"test"}},"applications":{"test":{"type":"python","path":"/www/html","module":"wsgi"}}}' > /tmp/app.json
curl -X PUT -d @/tmp/app.json '127.0.0.1:9800/config'
配置systemd启动文件
目录:/usr/lib/systemd/system
文件:name.service
[Unit]
Description=Service Name
After=network.target
[Service]
ExecStart=/usr/bin/python my.py
Restart=always
User=nobody
Group=nobody
[Install]
WantedBy=multi-user.target
CentOS7设置静态IP
TYPE="Ethernet"
BOOTPROTO="static"
DEFROUTE="yes"
IPV6INIT="no"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="10.0.0.4"
GATEWAY="10.0.0.1"
NETMASK="255.255.255.0"
DNS1="223.5.5.5"
DNS2="223.6.6.6"
SSH服务优化
# /etc/ssh/sshd_config
Port 2222
ListenAddress 0.0.0.0
UseDNS no
ClientAliveInterval 10
ClientAliveCountMax 3
CentOS远程重做系统
wget https://mirrors.aliyun.com/centos/6.9/os/x86_64/images/pxeboot/initrd.img
wget https://mirrors.aliyun.com/centos/6.9/os/x86_64/images/pxeboot/vmlinuz
mv vmlinuz /boot/vmlinuz.cent.pxe
mv initrd.img /boot/initrd.img.cent.pxe
vi /boot/grub/grub.conf
title Centos Install (PXE)
root (hd0,0)
kernel /boot/vmlinuz.cent.pxe
initrd /boot/initrd.img.cent.pxe
使用acme.sh申请SSL证书
# Install
curl https://get.acme.sh | sh
ln -s /root/.acme.sh/acme.sh /usr/local/bin/
# Use
acme.sh --issue -d www.mogublog.net --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please
# Edit Domain TXT Record
acme.sh --renew -d www.mogublog.cn --yes-I-know-dns-manual-mode-enough-go-ahead-please
# Cert
ls /root/.acme.sh/www.mogublog.net/
申请SSL泛域名证书
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
mv certbot-auto /usr/local/bin/certbot
certbot --server https://acme-v02.api.letsencrypt.org/directory -d *.test.cn -d test.cn --manual --preferred-challenges dns-01 certonly
Docker创建Nginx和php-fpm环境
docker image pull nginx
docker image pull php:fpm
docker container run -d -it --name nginx -p 80:80 nginx
docker container run -d -it --name php-fpm -v /www:/www --network=container:nginx php:fpm
echo '
server {
listen 80;
server_name localhost;
location / {
root /www;
index index.html index.htm index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /www/$fastcgi_script_name;
include fastcgi_params;
}
}
' > default.conf
docker cp default.conf nginx:/etc/nginx/conf.d/default.conf
docker exec nginx nginx -s reload
mkdir /www
echo '<?php echo time();' > /www/test.php
curl http://127.0.0.1/test.php