分类: Linux

自定义树莓派系统镜像

# 获取最新的树莓派系统镜像
wget https://downloads.raspberrypi.org/raspbian_lite_latest

# 解压系统
unzip raspbian_lite_latest

# 查看系统分区信息
fdisk -lu 2021-01-11-raspios-buster-armhf-lite.img

# 挂载第一个分区 Fat32 格式
mount -o loop,offset=4194304 2021-01-11-raspios-buster-armhf-lite.img /mnt/

# 开启 SSH 
touch /mnt/ssh

# Wifi 自动连接
echo "country=CN
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="WIFI"
    psk="12345678"
    priority=1
    key_mgmt=WPA-PSK
}
" >> /mnt/wpa_supplicant.conf

# 卸载第一个分区
umount /mnt/

# 挂载第二个分区 Ext4 格式
mount -o loop,offset=272629760 2021-01-11-raspios-buster-armhf-lite.img /mnt

# 开启 root 用户登录
sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /mnt/etc/ssh/sshd_config

# root 密码
openssl passwd -1 123456
sed -i "s/root:*:/root:$1$WnVLEqxw$RtbKjeiasCwcJONnUjAby0:/g" /mnt/etc/shadow

# SSH 服务优化
sed -i "s/#UseDNS no/UseDNS no/g" /mnt/etc/ssh/sshd_config

# 清空登录提示信息
echo "" > /mnt/etc/motd

# 更换阿里云镜像源
echo "deb https://mirrors.aliyun.com/raspbian/raspbian/ buster main non-free contrib
deb-src https://mirrors.aliyun.com/raspbian/raspbian/ buster main non-free contrib" > /mnt/etc/apt/sources.list
sed -i "s/deb http/#deb http/g" /mnt/etc/apt/sources.list.d/raspi.list

# 卸载第二个分区
umount /mnt/
发布于
归类为Linux

SSH配置多密钥登录

修改 SSH 服务配置文件 #~/.ssh/config 

Host *
    Compression yes
    ServerAliveInterval 60
    ServerAliveCountMax 20

Host centos
    HostName 0.0.0.0
    User root
    IdentityFile ~/.ssh/root.pem
发布于
归类为Linux

Unit with Python

yum install -y gcc wget python-devel

wget https://github.com/nginx/unit/archive/1.4.tar.gz

tar zxf 1.4.tar.gz
cd unit-1.4
./configure --prefix=/usr/local/unit
./configure python
make && make install

ln -s /usr/local/unit/sbin/unitd /usr/sbin/

unitd --control 127.0.0.1:9800

echo "def application(environ, start_response):
    start_response('200 OK', [('Content-Type', 'text/html')])
    return '
Hello, web!
'" > /www/html/wsgi.py

echo '{"listeners":{"*:9801":{"application":"test"}},"applications":{"test":{"type":"python","path":"/www/html","module":"wsgi"}}}' > /tmp/app.json

curl -X PUT -d @/tmp/app.json '127.0.0.1:9800/config'
发布于
归类为Linux

配置systemd启动文件

目录:/usr/lib/systemd/system
文件:name.service

[Unit]
Description=Service Name
After=network.target

[Service]
ExecStart=/usr/bin/python my.py
Restart=always
User=nobody
Group=nobody

[Install]
WantedBy=multi-user.target
发布于
归类为Linux

CentOS7设置静态IP


TYPE="Ethernet"
BOOTPROTO="static"
DEFROUTE="yes"
IPV6INIT="no"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="10.0.0.4"
GATEWAY="10.0.0.1"
NETMASK="255.255.255.0"
DNS1="223.5.5.5"
DNS2="223.6.6.6"
发布于
归类为Linux

SSH服务优化

# /etc/ssh/sshd_config
Port 2222
ListenAddress 0.0.0.0
UseDNS no
ClientAliveInterval 10
ClientAliveCountMax 3
发布于
归类为Linux

CentOS远程重做系统

wget https://mirrors.aliyun.com/centos/6.9/os/x86_64/images/pxeboot/initrd.img
wget https://mirrors.aliyun.com/centos/6.9/os/x86_64/images/pxeboot/vmlinuz

mv vmlinuz /boot/vmlinuz.cent.pxe
mv initrd.img /boot/initrd.img.cent.pxe

vi /boot/grub/grub.conf

title Centos Install (PXE)
    root (hd0,0)
    kernel /boot/vmlinuz.cent.pxe
    initrd /boot/initrd.img.cent.pxe
发布于
归类为Linux

使用acme.sh申请SSL证书

# Install
curl https://get.acme.sh | sh
ln -s /root/.acme.sh/acme.sh /usr/local/bin/

# Use
acme.sh --issue -d www.mogublog.net --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please
# Edit Domain TXT Record
acme.sh --renew -d www.mogublog.cn --yes-I-know-dns-manual-mode-enough-go-ahead-please

# Cert
ls /root/.acme.sh/www.mogublog.net/
发布于
归类为Linux

申请SSL泛域名证书

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
mv certbot-auto /usr/local/bin/certbot
certbot --server https://acme-v02.api.letsencrypt.org/directory -d *.test.cn -d test.cn --manual --preferred-challenges dns-01 certonly
发布于
归类为Linux

Docker创建Nginx和php-fpm环境


docker image pull nginx

docker image pull php:fpm

docker container run -d -it --name nginx -p 80:80 nginx

docker container run -d -it --name php-fpm -v /www:/www --network=container:nginx php:fpm

echo '

server {
    listen       80;
    server_name  localhost;

    location / {
        root   /www;
        index  index.html index.htm index.php;
    }

    location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /www/$fastcgi_script_name;
        include        fastcgi_params;
    }
}

' > default.conf

docker cp default.conf nginx:/etc/nginx/conf.d/default.conf

docker exec nginx nginx -s reload

mkdir /www

echo '<?php echo time();' > /www/test.php

curl http://127.0.0.1/test.php
发布于
归类为Linux