├── dockerfiles ├── hello-world │ ├── app.sh │ └── Dockerfile ├── gosu │ ├── build.sh │ ├── run.sh │ ├── docker-entrypoint.sh │ └── Dockerfile ├── cplusplus_hello-world_multi-stage │ ├── build.sh │ ├── test.cpp │ ├── test.h │ ├── main.cpp │ ├── CMakeLists.txt │ └── Dockerfile ├── cplusplus_hello-world │ ├── test.cpp │ ├── Dockerfile │ ├── test.h │ ├── main.cpp │ ├── CMakeLists.txt │ ├── Dockerfile.build │ └── build.sh ├── baota │ ├── deploy.sh │ └── README.md ├── alpine │ └── Dockerfile ├── ubuntu18.04_ssh │ └── Dockerfile └── ubuntu18.04_zh_CN │ ├── Dockerfile │ └── sources.list ├── imgs ├── Deploy.png └── Deploy.svg ├── docs ├── network │ ├── index.md │ ├── basic │ │ ├── imgs │ │ │ ├── OSI.PNG │ │ │ ├── tcp-ip.PNG │ │ │ ├── ip-address.PNG │ │ │ ├── osi-tcp-ip.PNG │ │ │ ├── network-scope.PNG │ │ │ ├── device-structure.PNG │ │ │ └── URI_syntax_diagram.svg.png │ │ ├── 私有地址.md │ │ ├── 局域网-广域网-互联网-私有专用网.md │ │ ├── 网络体系结构.md │ │ ├── DNS解析过程.md │ │ ├── 路由器-交换机-集线器-中继器.md │ │ ├── URL构成.md │ │ └── ip地址.md │ └── advanced │ │ ├── docker-ubuntu-18_04-网络工具安装.md │ │ ├── ubuntu-18_04-wifi信息查询.md │ │ ├── netstat-端口查询.md │ │ ├── 阿里云-域名解析-URL转发.md │ │ ├── nc-远程端口查询.md │ │ ├── namesilo-dnspod-域名申请和解析.md │ │ ├── netplan.md │ │ ├── nslookup-域名解析.md │ │ └── ubuntu-18_04-公共DNS设置.md ├── requirements.txt ├── docker │ ├── basic │ │ ├── imgs │ │ │ ├── VM@2x.png │ │ │ ├── Container@2x.png │ │ │ ├── commit-options.png │ │ │ ├── engine-components-flow.png │ │ │ └── laurel-docker-containers.png │ │ ├── 镜像和容器.md │ │ ├── 保存容器为镜像.md │ │ ├── 镜像迁移.md │ │ ├── 守护进程管理.md │ │ ├── 可选设置.md │ │ ├── docker定位.md │ │ ├── 搜索镜像.md │ │ ├── docker安装.md │ │ └── docker-hub使用.md │ ├── advanced │ │ ├── imgs │ │ │ ├── go-format.png │ │ │ ├── match_rule.png │ │ │ ├── diff_dev_prod.png │ │ │ └── docker-nvidia.png │ │ ├── docker-DNS设置.md │ │ ├── 在容器内部使用docker.md │ │ ├── aliyun-镜像加速.md │ │ ├── dockerignore.md │ │ ├── hello-world.md │ │ ├── ubuntu-nvidia-docker安装.md │ │ ├── ubuntu-18_04-中文环境配置.md │ │ ├── 译-Docker开发最佳实践.md │ │ ├── docker-ssh-远程登录.md │ │ └── alpine-源配置.md │ ├── storage │ │ ├── imgs │ │ │ ├── types-of-mounts.png │ │ │ ├── propagation-options.png │ │ │ ├── types-of-mounts-bind.png │ │ │ └── types-of-mounts-volume.png │ │ ├── bind-propagation设置.md │ │ ├── 创建和管理卷.md │ │ ├── 绑定挂载.md │ │ ├── 挂载标识符解析.md │ │ ├── 使用卷管理数据.md │ │ ├── gosu-绑定挂载最佳实践.md │ │ └── 译-在Docker中管理数据.md │ ├── dockerfile │ │ ├── imgs │ │ │ └── cmd-entrypoint.png │ │ ├── SHELL.md │ │ ├── WORKDIR.md │ │ ├── LABEL.md │ │ ├── EXPOSE.md │ │ ├── CMD.md │ │ ├── RUN.md │ │ ├── ENV.md │ │ ├── FROM.md │ │ ├── dockerfile编写.md │ │ ├── ADD和COPY.md │ │ ├── ARG.md │ │ └── ENTRYPOINT.md │ ├── gui │ │ ├── index.md │ │ ├── wps.md │ │ ├── deepwine.md │ │ └── 最佳实践.md │ └── index.md ├── tomcat │ ├── imgs │ │ └── tomcat-8080.png │ ├── 关于Tomcat.md │ ├── 非root用户运行.md │ └── ubuntu-16_02-tomcat9安装.md ├── compose │ ├── imgs │ │ └── compose-docker.png │ ├── docker-compose-docker-run.md │ ├── 版本依赖.md │ ├── compose安装.md │ ├── 文件格式概述.md │ ├── 文件格式-存储设置.md │ ├── 文件格式-service设置.md │ └── 译-docker-compose概述.md ├── nginx │ ├── base │ │ ├── imgs │ │ │ ├── first-index.png │ │ │ └── welcome_nginx.png │ │ ├── 中文乱码.md │ │ ├── 测试.md │ │ ├── 安装.md │ │ ├── 托管网站.md │ │ └── 配置.md │ └── advanced │ │ ├── imgs │ │ ├── aliyun-ca.png │ │ ├── hello-nginx.png │ │ ├── nginx-jenkins.png │ │ ├── purchased-ca.png │ │ ├── reverse_proxy.png │ │ └── welcome-nginx.png │ │ ├── 多域名配置同一端口.md │ │ ├── 文件共享服务.md │ │ ├── 腾讯云-配置https.md │ │ ├── 反向代理.md │ │ ├── docker-nginx.md │ │ └── 阿里云-配置https.md ├── penetration │ ├── imgs │ │ ├── oray-login.png │ │ ├── port-setting.png │ │ ├── switch-account.png │ │ └── router-visual-setting.png │ ├── n2n │ │ ├── imgs │ │ │ ├── n2n_com.png │ │ │ ├── n2n_nat.png │ │ │ └── n2n_network.png │ │ └── n2n原理.md │ ├── ngrok │ │ ├── imgs │ │ │ ├── ngrok.png │ │ │ ├── ngrok-connect.png │ │ │ ├── ngrok_online.png │ │ │ ├── ngrok_online2.png │ │ │ └── tunnels_online.png │ │ ├── index.md │ │ ├── ngrok-docker.md │ │ ├── ubuntu-service.md │ │ └── tcp-http-连接配置.md │ ├── index.md │ ├── 路由器-虚拟服务器.md │ └── 花生壳.md ├── index.md ├── ssh │ ├── base │ │ ├── ssh-常用工具.md │ │ ├── http和ssh协议.md │ │ ├── ssh-客户端配置文件.md │ │ ├── ssh-生成密钥.md │ │ └── ssh-远程连接.md │ └── advanced │ │ ├── ssh-禁用公钥检查.md │ │ ├── ssh-agent-代理设置.md │ │ ├── 端口转发.md │ │ ├── 复制公钥到远程服务器.md │ │ └── 添加私钥缓存.md ├── ci │ └── jenkins.md └── flask │ └── 文件服务器.md ├── requirements.txt ├── flaskapps └── fileserver │ ├── uploads │ └── lena.jpg │ ├── __init__.py │ └── app.py ├── .readthedocs.yaml ├── .github └── stale.yml └── README.md /dockerfiles/hello-world/app.sh: -------------------------------------------------------------------------------- 1 | echo 'Hello World' 2 | -------------------------------------------------------------------------------- /imgs/Deploy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/imgs/Deploy.png -------------------------------------------------------------------------------- /docs/network/index.md: -------------------------------------------------------------------------------- 1 | 2 | # 引言 3 | 4 | * **基础**介绍了网络相关概念 5 | * **进阶**介绍了网络相关操作 -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | # Automatically generated by https://github.com/damnever/pigar. 2 | -------------------------------------------------------------------------------- /dockerfiles/gosu/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -eux 4 | 5 | docker build -t gosu_test . -------------------------------------------------------------------------------- /docs/requirements.txt: -------------------------------------------------------------------------------- 1 | mkdocs>=1.1.2 2 | mkdocs-material>=7.0.5 3 | mkdocs-material-extensions>=1.0.1 -------------------------------------------------------------------------------- /docs/docker/basic/imgs/VM@2x.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/basic/imgs/VM@2x.png -------------------------------------------------------------------------------- /docs/network/basic/imgs/OSI.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/OSI.PNG -------------------------------------------------------------------------------- /docs/tomcat/imgs/tomcat-8080.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/tomcat/imgs/tomcat-8080.png -------------------------------------------------------------------------------- /docs/network/basic/imgs/tcp-ip.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/tcp-ip.PNG -------------------------------------------------------------------------------- /docs/compose/imgs/compose-docker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/compose/imgs/compose-docker.png -------------------------------------------------------------------------------- /docs/nginx/base/imgs/first-index.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/base/imgs/first-index.png -------------------------------------------------------------------------------- /docs/penetration/imgs/oray-login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/imgs/oray-login.png -------------------------------------------------------------------------------- /docs/penetration/n2n/imgs/n2n_com.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/n2n/imgs/n2n_com.png -------------------------------------------------------------------------------- /docs/penetration/n2n/imgs/n2n_nat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/n2n/imgs/n2n_nat.png -------------------------------------------------------------------------------- /docs/penetration/ngrok/imgs/ngrok.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/ngrok/imgs/ngrok.png -------------------------------------------------------------------------------- /flaskapps/fileserver/uploads/lena.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/flaskapps/fileserver/uploads/lena.jpg -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world_multi-stage/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -eux 4 | 5 | docker build -t zjykzj/hello:latest . -------------------------------------------------------------------------------- /docs/docker/advanced/imgs/go-format.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/advanced/imgs/go-format.png -------------------------------------------------------------------------------- /docs/docker/advanced/imgs/match_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/advanced/imgs/match_rule.png -------------------------------------------------------------------------------- /docs/docker/basic/imgs/Container@2x.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/basic/imgs/Container@2x.png -------------------------------------------------------------------------------- /docs/network/basic/imgs/ip-address.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/ip-address.PNG -------------------------------------------------------------------------------- /docs/network/basic/imgs/osi-tcp-ip.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/osi-tcp-ip.PNG -------------------------------------------------------------------------------- /docs/nginx/advanced/imgs/aliyun-ca.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/advanced/imgs/aliyun-ca.png -------------------------------------------------------------------------------- /docs/nginx/advanced/imgs/hello-nginx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/advanced/imgs/hello-nginx.png -------------------------------------------------------------------------------- /docs/nginx/base/imgs/welcome_nginx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/base/imgs/welcome_nginx.png -------------------------------------------------------------------------------- /docs/penetration/imgs/port-setting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/imgs/port-setting.png -------------------------------------------------------------------------------- /docs/penetration/imgs/switch-account.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/imgs/switch-account.png -------------------------------------------------------------------------------- /docs/docker/basic/imgs/commit-options.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/basic/imgs/commit-options.png -------------------------------------------------------------------------------- /docs/network/basic/imgs/network-scope.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/network-scope.PNG -------------------------------------------------------------------------------- /docs/nginx/advanced/imgs/nginx-jenkins.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/advanced/imgs/nginx-jenkins.png -------------------------------------------------------------------------------- /docs/nginx/advanced/imgs/purchased-ca.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/advanced/imgs/purchased-ca.png -------------------------------------------------------------------------------- /docs/nginx/advanced/imgs/reverse_proxy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/advanced/imgs/reverse_proxy.png -------------------------------------------------------------------------------- /docs/nginx/advanced/imgs/welcome-nginx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/nginx/advanced/imgs/welcome-nginx.png -------------------------------------------------------------------------------- /docs/penetration/n2n/imgs/n2n_network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/n2n/imgs/n2n_network.png -------------------------------------------------------------------------------- /docs/docker/advanced/imgs/diff_dev_prod.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/advanced/imgs/diff_dev_prod.png -------------------------------------------------------------------------------- /docs/docker/advanced/imgs/docker-nvidia.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/advanced/imgs/docker-nvidia.png -------------------------------------------------------------------------------- /docs/docker/storage/imgs/types-of-mounts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/storage/imgs/types-of-mounts.png -------------------------------------------------------------------------------- /docs/network/basic/imgs/device-structure.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/device-structure.PNG -------------------------------------------------------------------------------- /docs/penetration/ngrok/imgs/ngrok-connect.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/ngrok/imgs/ngrok-connect.png -------------------------------------------------------------------------------- /docs/penetration/ngrok/imgs/ngrok_online.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/ngrok/imgs/ngrok_online.png -------------------------------------------------------------------------------- /docs/penetration/ngrok/imgs/ngrok_online2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/ngrok/imgs/ngrok_online2.png -------------------------------------------------------------------------------- /docs/docker/dockerfile/imgs/cmd-entrypoint.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/dockerfile/imgs/cmd-entrypoint.png -------------------------------------------------------------------------------- /docs/penetration/imgs/router-visual-setting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/imgs/router-visual-setting.png -------------------------------------------------------------------------------- /docs/penetration/ngrok/imgs/tunnels_online.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/penetration/ngrok/imgs/tunnels_online.png -------------------------------------------------------------------------------- /dockerfiles/hello-world/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | LABEL maintainer "zhujian " 3 | 4 | COPY . /app 5 | CMD sh /app/app.sh -------------------------------------------------------------------------------- /docs/docker/basic/imgs/engine-components-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/basic/imgs/engine-components-flow.png -------------------------------------------------------------------------------- /docs/docker/storage/imgs/propagation-options.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/storage/imgs/propagation-options.png -------------------------------------------------------------------------------- /docs/docker/storage/imgs/types-of-mounts-bind.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/storage/imgs/types-of-mounts-bind.png -------------------------------------------------------------------------------- /docs/network/basic/imgs/URI_syntax_diagram.svg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/network/basic/imgs/URI_syntax_diagram.svg.png -------------------------------------------------------------------------------- /docs/docker/basic/imgs/laurel-docker-containers.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/basic/imgs/laurel-docker-containers.png -------------------------------------------------------------------------------- /docs/docker/storage/imgs/types-of-mounts-volume.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ZJDoc/Deploy/HEAD/docs/docker/storage/imgs/types-of-mounts-volume.png -------------------------------------------------------------------------------- /docs/docker/basic/镜像和容器.md: -------------------------------------------------------------------------------- 1 | 2 | # 镜像和容器 3 | 4 | 镜像(`image`)是一个可执行包,包含了运行应用需要的代码、运行环境、库、环境变量和配置文件 5 | 6 | 容器是镜像的运行实例,可以称为有状态的镜像或者是一个用户进程。一个镜像可以产生多个容器 7 | 8 | -------------------------------------------------------------------------------- /dockerfiles/gosu/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -eux 4 | 5 | docker run -it --rm -e LOCAL_USER_ID=`id -u ${USER}` -v ${HOME}/storage:/home/user/storage gosu_test bash -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/test.cpp: -------------------------------------------------------------------------------- 1 | #include "test.h" 2 | #include 3 | 4 | void Test::PrintHello() { 5 | std::cout << "Hello World" << std::endl; 6 | } -------------------------------------------------------------------------------- /docs/docker/gui/index.md: -------------------------------------------------------------------------------- 1 | 2 | # 引言 3 | 4 | 因为`Docker`的沙盒特性, 让很多人想要通过`Docker`构建`GUI`应用。我也不例外,找了很多的资料进行学习和实践。经过一段时间的体验后发现`Docker`并不是一个完美的`GUI`容器实践方案,加上中文化的过程中往往会遇到很多问题,不再继续下去 -------------------------------------------------------------------------------- /flaskapps/fileserver/__init__.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | """ 4 | @date: 2024/11/9 下午9:25 5 | @file: __init__.py.py 6 | @author: zj 7 | @description: 8 | """ 9 | -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:latest 2 | LABEL maintainer "zhujian " 3 | 4 | WORKDIR /root/ 5 | COPY app . 6 | ENTRYPOINT ["./app"] -------------------------------------------------------------------------------- /dockerfiles/baota/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | docker run -tid --name baota --net=host --privileged=true --shm-size=1g --restart always -v ~/wwwroot:/www/wwwroot pch18/baota 4 | -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/test.h: -------------------------------------------------------------------------------- 1 | #ifndef MULTI_TEST_H 2 | #define MULTI_TEST_H 3 | 4 | class Test { 5 | public: 6 | void PrintHello(); 7 | }; 8 | 9 | #endif //MULTI_TEST_H -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world_multi-stage/test.cpp: -------------------------------------------------------------------------------- 1 | #include "test.h" 2 | #include 3 | 4 | void Test::PrintHello() { 5 | std::cout << "Hello World" << std::endl; 6 | } -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world_multi-stage/test.h: -------------------------------------------------------------------------------- 1 | #ifndef MULTI_TEST_H 2 | #define MULTI_TEST_H 3 | 4 | class Test { 5 | public: 6 | void PrintHello(); 7 | }; 8 | 9 | #endif //MULTI_TEST_H -------------------------------------------------------------------------------- /dockerfiles/alpine/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:latest 2 | LABEL maintainer "zhujian " 3 | 4 | RUN set -eux && sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/main.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include "test.h" 3 | 4 | int main() { 5 | Test test; 6 | test.PrintHello(); 7 | 8 | std::cout << "Hello, World!" << std::endl; 9 | return 0; 10 | } -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.1) 2 | project(multi) 3 | 4 | set(CMAKE_CXX_FLAGS "-static ${CMAKE_CXX_FLAGS}") 5 | set(CMAKE_CXX_STANDARD 11) 6 | 7 | add_executable(app main.cpp test.cpp test.h) -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world_multi-stage/main.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include "test.h" 3 | 4 | int main() { 5 | Test test; 6 | test.PrintHello(); 7 | 8 | std::cout << "Hello, World!" << std::endl; 9 | return 0; 10 | } -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world_multi-stage/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.1) 2 | project(multi) 3 | 4 | set(CMAKE_CXX_FLAGS "-static ${CMAKE_CXX_FLAGS}") 5 | set(CMAKE_CXX_STANDARD 11) 6 | 7 | add_executable(app main.cpp test.cpp test.h) -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | # Deploy 2 | 3 | * 网络基础 4 | * 远程连接 5 | * 花生壳 6 | * `n2n` 7 | * `Ngrok` 8 | * `SSH` 9 | * `Web`服务器 10 | * `Tomcat` 11 | * `Nginx` 12 | * `Flask` 13 | * 持续集成 14 | * `Jenkins` 15 | * 容器和编排工具 16 | * `Docker` 17 | * `Docker-Compose` 18 | * 编译工具 19 | * `CMake` -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/Dockerfile.build: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | LABEL maintainer "zhujian " 3 | 4 | RUN set -eux && \ 5 | apt-get update && apt-get install -f && apt-get install -y make cmake gcc g++ 6 | COPY CMakeLists.txt main.cpp test.cpp test.h /app/ 7 | WORKDIR /app 8 | RUN cmake . && make -------------------------------------------------------------------------------- /docs/ssh/base/ssh-常用工具.md: -------------------------------------------------------------------------------- 1 | 2 | # [SSH]常用工具 3 | 4 | [OpenSSH](http://www.openssh.com/)包含了许多`ssh`工具 5 | 6 | 1. `ssh`:远程管理 7 | 2. `scp`:远程传输 8 | 3. `ssh-keygen`:公/私钥生成 9 | 4. `ssh-add/ssh-agent`:私钥缓存 10 | 5. `ssh-copy-id`:复制本地公钥到远程服务器 11 | 12 | ## 相关阅读 13 | 14 | * [OpenSSH-百度百科](https://baike.baidu.com/item/OpenSSH/1137789?fr=aladdin) -------------------------------------------------------------------------------- /dockerfiles/gosu/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [ "$(id -u)" -eq '0' ] 4 | then 5 | USER_ID=${LOCAL_USER_ID:-9001} 6 | 7 | usermod -u ${USER_ID} -g ${USER_ID} user > /dev/null 2>&1 8 | chown -R `id -u user`:`id -u user` /app > /dev/null 2>&1 9 | 10 | export HOME=/home/user 11 | exec gosu user "$0" "$@" 12 | fi 13 | 14 | exec "$@" -------------------------------------------------------------------------------- /.readthedocs.yaml: -------------------------------------------------------------------------------- 1 | # .readthedocs.yaml 2 | # Read the Docs configuration file 3 | # See https://docs.readthedocs.io/en/stable/config-file/v2.html for details 4 | 5 | # Required 6 | version: 2 7 | 8 | mkdocs: 9 | configuration: mkdocs.yml 10 | 11 | # Optionally set the version of Python and requirements required to build your docs 12 | python: 13 | version: 3.8 14 | install: 15 | - requirements: docs/requirements.txt -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -eux 4 | 5 | echo Building zjykzj/hello:build 6 | 7 | docker build -t zjykzj/hello:build . -f Dockerfile.build 8 | 9 | docker container create --name extract zjykzj/hello:build 10 | docker container cp extract:/app/app ./app 11 | docker container rm -f extract 12 | 13 | echo Building zjykzj/hello:latest 14 | 15 | docker build --no-cache -t zjykzj/hello:latest . 16 | rm ./app -------------------------------------------------------------------------------- /docs/penetration/ngrok/index.md: -------------------------------------------------------------------------------- 1 | 2 | # 引言 3 | 4 | [Ngrok](https://github.com/inconshreveable/ngrok)是一个很有效的内网穿透工具,其不仅提供了在线服务,还可以自己搭建服务器进行内网穿透。首先介绍Ngrok进行内网穿透的具体实现,再进一步补充自建服务器的相关操作: 5 | 6 | * [Ngrok实现内网穿透](./ngrok实现.md) 7 | * [[ngrok]TCP和HTTP连接配置](./[ngrok]TCP和HTTP连接配置.md):使用配置文件方式实现`HTTP`和`TCP`连接 8 | * [[ngrok]Ubuntu service实现](./[ngrok]Ubuntu service实现.md):配置`service`文件完成`ngrok`服务 9 | * [[ngrok]docker实现](./[ngrok]docker实现.md):使用`Docker`容器实现`ngrok`服务端 -------------------------------------------------------------------------------- /docs/penetration/index.md: -------------------------------------------------------------------------------- 1 | 2 | # 前言 3 | 4 | 内网穿透,也就是将局域网端口映射到公网。常用的内网穿透方法包括 5 | 6 | 1. 路由器的虚拟服务器设置 7 | 2. 花生壳的内网穿透服务 8 | 3. `n2n`的`p2p`节点连接 9 | 4. `ssh`端口转发 10 | 5. `ngrok`(***推荐***) 11 | 12 | ## 相关阅读 13 | 14 | * [内网穿透](https://baike.baidu.com/item/%E5%86%85%E7%BD%91%E7%A9%BF%E9%80%8F) 15 | 16 | * [nat穿透](https://baike.baidu.com/item/nat%E7%A9%BF%E9%80%8F) 17 | 18 | * [实战 SSH 端口转发](https://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/) -------------------------------------------------------------------------------- /docs/penetration/路由器-虚拟服务器.md: -------------------------------------------------------------------------------- 1 | 2 | # [路由器]虚拟服务器 3 | 4 | 最简单的操作就是通过路由器的虚拟服务器功能进行端口映射 5 | 6 | ## 设置 7 | 8 | 进入设置页面,选择`高级功能`->`虚拟服务器`,点击`新增`按钮 9 | 10 | ![](./imgs/router-visual-setting.png) 11 | 12 | 输入规则名称(*自定义*)、生效接口(*就是WAN口,默认仅有一个WAN1口*)、外部端口、内部端口、内部服务器`IP` 13 | 14 | ## 嵌套局域网 15 | 16 | 如果当前局域网位于另一个局域网之中(比如学校实验室局域网位于学校大局域网中),那么通过路由器的虚拟服务器功能映射出去的端口仍旧处于内网中 17 | 18 | ## 相关阅读 19 | 20 | * [路由器虚拟服务器(端口映射)设置指导](https://service.tp-link.com.cn/detail_article_69.html) -------------------------------------------------------------------------------- /dockerfiles/gosu/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM zjykzj/ubuntu:18.04 2 | LABEL maintainer "zhujian " 3 | 4 | WORKDIR /app 5 | RUN set -eux && \ 6 | apt-get update && \ 7 | apt-get install -y gosu && \ 8 | rm -rf /var/lib/apt/lists/* && \ 9 | # verify that the binary works 10 | gosu nobody true && \ 11 | useradd -s /bin/bash -m user 12 | 13 | COPY docker-entrypoint.sh . 14 | RUN chmod a+x docker-entrypoint.sh 15 | 16 | ENTRYPOINT ["/app/docker-entrypoint.sh"] -------------------------------------------------------------------------------- /dockerfiles/cplusplus_hello-world_multi-stage/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | LABEL maintainer "zhujian " 3 | 4 | RUN set -eux && \ 5 | apt-get update && apt-get install -f && apt-get install -y make cmake gcc g++ 6 | COPY CMakeLists.txt main.cpp test.cpp test.h /app/ 7 | WORKDIR /app 8 | RUN cmake . && make 9 | 10 | FROM alpine:latest 11 | LABEL maintainer "zhujian " 12 | 13 | WORKDIR /root/ 14 | COPY --from=0 /app/app . 15 | ENTRYPOINT ["./app"] -------------------------------------------------------------------------------- /docs/nginx/base/中文乱码.md: -------------------------------------------------------------------------------- 1 | 2 | # 中文乱码 3 | 4 | ## 配置 5 | 6 | 修改配置文件`/etc/nginx/conf.d/default.conf`,添加 7 | 8 | charset utf-8; 9 | 10 | $ cat default.conf 11 | server { 12 | ... 13 | ... 14 | charset utf-8; 15 | #charset koi8-r; 16 | ... 17 | } 18 | 19 | 重启`nginx`服务 20 | 21 | sudo service nginx restart 22 | 23 | 在浏览器刷新页面(`Ctrl+F5`)即可 24 | 25 | ## 相关阅读 26 | 27 | * [Nginx 显示中文乱码解决](https://blog.csdn.net/qq_35448976/article/details/79256873) -------------------------------------------------------------------------------- /docs/docker/dockerfile/SHELL.md: -------------------------------------------------------------------------------- 1 | 2 | # SHELL 3 | 4 | ## 使用 5 | 6 | `SHELL`指令在在`Docker1.12`中添加的,重写用于命令的`shell`形式的默认`shell` 7 | 8 | 对于`Linux`而言是`["/bin/sh", "-c"]`,对于`Windows`而言是`["cmd", "/S", "/C"]` 9 | 10 | ``` 11 | SHELL ["executable", "parameters"] 12 | ``` 13 | 14 | `SHELL`可以在`Dockerfiles`中出现多次,每次`SHELL`指令重写之前的设置,作用于后续的指令 15 | 16 | 其影响下面`3`个指令的`shell`形式 17 | 18 | 1. `RUN` 19 | 2. `CMD` 20 | 3. `ENTRYPOINT` 21 | 22 | ## 相关阅读 23 | 24 | * [SHELL](https://docs.docker.com/engine/reference/builder/#shell) -------------------------------------------------------------------------------- /dockerfiles/baota/README.md: -------------------------------------------------------------------------------- 1 | 2 | # 宝塔面板部署 3 | 4 | ## 安装 5 | 6 | ``` 7 | bash deploy.sh 8 | ``` 9 | 10 | ## 登录方式 11 | 12 | * 登陆地址 http://{{面板ip地址}}:8888 13 | 14 | * 初始账号 username 15 | 16 | * 初始密码 password 17 | 18 | ## 用户名/密码出错 19 | 20 | 参考[初始的用户名密码登陆错误 #66 ](https://github.com/pch18-docker/baota/issues/66) 21 | 22 | ``` 23 | 同密码错误 24 | 解决方法: 25 | docker exec -it baota bash 26 | 进入宝塔的docker容器内部 27 | 输入bt选择5和6修改账号密码 28 | ctrl+d退出容器且保持容器运行 29 | ``` 30 | 31 | ## 相关阅读 32 | 33 | * [宝塔面板一键docker部署](https://hub.docker.com/r/pch18/baota) -------------------------------------------------------------------------------- /docs/docker/index.md: -------------------------------------------------------------------------------- 1 | 2 | # 引言 3 | 4 | ## 章节 5 | 6 | * 入门 7 | * 进阶 8 | * dockerfile语法 9 | * 数据存储 10 | 11 | ## 相关阅读 12 | 13 | * [今天你docker了吗?](https://blog.zhujian.life/posts/5c6c610b.html) 14 | * [[ngrok]docker实现](https://zjdoc-deploy.readthedocs.io/zh_CN/latest/penetration/ngrok/ngrok-docker/) 15 | * [docker安装nginx](https://zjdoc-deploy.readthedocs.io/zh_CN/latest/nginx/advanced/docker-nginx/) 16 | * [在Docker中运行Jenkins](https://blog.zhujian.life/posts/202ee452.html) 17 | * [[Jenkins][GitLab]docker-compose实现](https://blog.zhujian.life/posts/1431c640.html) -------------------------------------------------------------------------------- /docs/network/basic/私有地址.md: -------------------------------------------------------------------------------- 1 | 2 | # 私有地址 3 | 4 | 参考: 5 | 6 | [内网服务](https://cloud.tencent.com/document/product/213/5225) 7 | 8 | [私有地址](https://baike.baidu.com/item/%E7%A7%81%E6%9C%89%E5%9C%B0%E5%9D%80) 9 | 10 | `RFC 1918`指定了`3`个地址块仅能用于内部通信,不能在公网上和其他主机进行通信。`RFC 6890`全面给出了所有特殊用途的`IPv4`地址,针对这`3`个地址块没有变化 11 | 12 | 1. `10.0.0.0`到`10.255.255.255`(或记为`10.0.0.0/8`,又称为`24`位块,相当于一个`A`类网络) 13 | 2. `172.16.0.0`到`172.31.255.255`(或记为`172.16.0.0/12`,又称为`20`位块,相当于`16`个`B`类网络) 14 | 3. `192.168.0.0`到`192.168.255.255`(或记为`192.168.0.0/16`,又称为`16`位块,相当于`256`个`C`类网络) 15 | -------------------------------------------------------------------------------- /docs/ssh/advanced/ssh-禁用公钥检查.md: -------------------------------------------------------------------------------- 1 | 2 | # [SSH]禁用公钥检查 3 | 4 | ## 配置 5 | 6 | 第一次登录服务器时默认进行服务器公钥检查,可通过设置禁止 7 | 8 | 方法一:在`~/.ssh/config`文件中加入 9 | 10 | Host * 11 | StrictHostKeyChecking no 12 | # 或 13 | echo -e "Host ip-address\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config 14 | 15 | 方法二:在命令中添加禁止公钥检查参数 16 | 17 | $ ssh -o StrictHostKeyChecking=no ip-address 18 | 19 | ## 相关阅读 20 | 21 | * [禁用SSH远程主机的公钥检查](http://www.worldhello.net/2010/04/08/1026.html) 22 | 23 | * [TravisSendToServer](https://github.com/Godi13/TravisSendToServer/blob/master/.travis.yml) 24 | -------------------------------------------------------------------------------- /dockerfiles/ubuntu18.04_ssh/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM zjykzj/ubuntu:18.04 2 | LABEL maintainer "zhujian " 3 | 4 | RUN apt-get update && apt-get install -y openssh-server 5 | RUN mkdir /var/run/sshd 6 | RUN echo 'root:THEPASSWORDYOUCREATED' | chpasswd 7 | RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config 8 | 9 | # SSH login fix. Otherwise user is kicked off after login 10 | RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd 11 | 12 | EXPOSE 22 13 | CMD ["/usr/sbin/sshd", "-D"] -------------------------------------------------------------------------------- /docs/network/advanced/docker-ubuntu-18_04-网络工具安装.md: -------------------------------------------------------------------------------- 1 | 2 | # [Docker][Ubuntu 18.04]网络工具安装 3 | 4 | ## 操作 5 | 6 | `Docker`官方`Ubuntu`镜像不包含`ifconfig/ip/ping`,必须手动安装 7 | 8 | ``` 9 | # ifconfig 10 | $ apt-get install net-tools 11 | # ip 12 | $ apt-get install iproute2 13 | # ping 14 | $ apt-get install iputils-ping 15 | ``` 16 | 17 | ## 相关阅读 18 | 19 | * [Why isn't ifconfig available in Ubuntu Docker container?](https://serverfault.com/questions/613528/why-isnt-ifconfig-available-in-ubuntu-docker-container) 20 | 21 | * [ubuntu 容器安装ping ifconfig ip命令](https://www.cnblogs.com/S--S/p/7209682.html) -------------------------------------------------------------------------------- /docs/nginx/advanced/多域名配置同一端口.md: -------------------------------------------------------------------------------- 1 | 2 | # 多域名配置同一端口 3 | 4 | ## 问题描述 5 | 6 | 有两个域名:`www.aaa.com`和`www.bbb.com`。打算利用`Nginx`配置到同一服务器上,也就是`www.aaa.com`和`www.bbb.com`访问的是同一内容 7 | 8 | 为两个域名都申请了`SSL`证书,那么在`Nginx`上应该如何配置? 9 | 10 | ## 问题解决 11 | 12 | 写两个`server`即可,端口号可以重用的(当前`Nginx`版本为`nginx/1.17.9`) 13 | 14 | ``` 15 | server { 16 | #SSL 访问端口号为 443 17 | listen 443 ssl; 18 | #填写绑定证书的域名 19 | server_name www.aaa.com; 20 | 。。。 21 | 。。。 22 | } 23 | server { 24 | #SSL 访问端口号为 443 25 | listen 443 ssl; 26 | #填写绑定证书的域名 27 | server_name www.bbb.com; 28 | 。。。 29 | 。。。 30 | } 31 | ``` -------------------------------------------------------------------------------- /docs/ssh/advanced/ssh-agent-代理设置.md: -------------------------------------------------------------------------------- 1 | 2 | # [ssh-agent]代理设置 3 | 4 | ## 配置 5 | 6 | 生成新的`ssh`密钥之后,可以添加私钥到`ssh-agent`,这样之后拉取新的仓库或测试时就不再需要输入密码了 7 | 8 | 1. 启动`ssh-agent` 9 | 10 | $ eval "$(ssh-agent -s)" 11 | Agent pid 7804 12 | 13 | 2. 添加`ssh`私钥 14 | 15 | $ ssh-add ~/.ssh/xxx_id_rsa 16 | Enter passphrase for /home/zj/.ssh/github_id_rsa: 17 | Identity added: /home/zj/.ssh/github_id_rsa (/home/zj/.ssh/github_id_rsa) 18 | 19 | ## 相关阅读 20 | 21 | * [Adding your SSH key to the ssh-agent](https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#adding-your-ssh-key-to-the-ssh-agent) -------------------------------------------------------------------------------- /docs/network/advanced/ubuntu-18_04-wifi信息查询.md: -------------------------------------------------------------------------------- 1 | 2 | # [Ubuntu 18.04]wifi信息查询 3 | 4 | 在修改本地`DNS`设置的时候无意间发现`wifi`信息查询。从`Ubuntu 18.04`开始使用`netplan`管理网络操作,其配置文件如下: 5 | 6 | ``` 7 | $ pwd 8 | /etc/netplan 9 | $ cat 01-network-manager-all.yaml 10 | # Let NetworkManager manage all devices on this system 11 | network: 12 | version: 2 13 | renderer: NetworkManager 14 | ``` 15 | 16 | `netplan`利用`NetworkManager`来管理网络相关操作,而`NetworkManager`的配置文件路径位于 17 | 18 | ``` 19 | $ pwd 20 | /etc/NetworkManager 21 | $ ls 22 | conf.d dispatcher.d dnsmasq.d dnsmasq-shared.d NetworkManager.conf system-connections 23 | ``` 24 | 25 | 进入`system-connections`文件夹,即可发现过往连接过的`wifi`日志 -------------------------------------------------------------------------------- /docs/docker/dockerfile/WORKDIR.md: -------------------------------------------------------------------------------- 1 | 2 | # WORKDIR 3 | 4 | `WORKDIR`指令为`RUN,CMD,ENTRYPOINT,COPY`和`ADD`指令设置了工作路径 5 | 6 | ## 语法 7 | 8 | ``` 9 | WORKDIR /path/to/workdir 10 | ``` 11 | 12 | * `Dockerfile`文件中可以设置多条`WORKDIR`指令,其作用于后续的指令 13 | * 可以设置`WORKDIR`为相对路径,其相对于上一条`WORKDIR`指令的路径 14 | * 可以使用`ENV`设定的环境变量 15 | 16 | ## 示例 17 | 18 | 19 | ``` 20 | WORKDIR /a 21 | WORKDIR b 22 | WORKDIR c 23 | RUN pwd 24 | ``` 25 | 26 | 最后的`pwd`命令输出为`/a/b/c` 27 | 28 | ``` 29 | ENV DIRPATH /path 30 | WORKDIR $DIRPATH/$DIRNAME 31 | RUN pwd 32 | ``` 33 | 34 | 最后的`pwd`命令输出为`/path/$DIRNAME` 35 | 36 | ## 相关阅读 37 | 38 | * [WORKDIR](https://docs.docker.com/engine/reference/builder/#workdir) -------------------------------------------------------------------------------- /docs/docker/advanced/docker-DNS设置.md: -------------------------------------------------------------------------------- 1 | 2 | # [Docker]DNS设置 3 | 4 | ## 全局设置 5 | 6 | 在`docker`配置文件`/etc/docker/daemon.json`中设置 7 | 8 | ``` 9 | $ cat /etc/docker/daemon.json 10 | { 11 | "dns": ["119.29.29.29", "223.5.5.5", "223.6.6.6"] 12 | } 13 | ``` 14 | 15 | 重新启动`docker`服务 16 | 17 | ``` 18 | $ sudo /etc/init.d/docker restart 19 | ``` 20 | 21 | ## 容器设置 22 | 23 | 使用属性`--dns`指定要载入容器的`DNS` 24 | 25 | ``` 26 | $ docker run -it --dns 233.5.5.5 --dns 233.6.6.6 ubuntu bash 27 | ``` 28 | 29 | ## 相关阅读 30 | 31 | * [daemon](https://docs.docker.com/engine/reference/commandline/dockerd/) 32 | 33 | * [Container networking](https://docs.docker.com/config/containers/container-networking/) 34 | -------------------------------------------------------------------------------- /docs/tomcat/关于Tomcat.md: -------------------------------------------------------------------------------- 1 | 2 | # 关于Tomcat 3 | 4 | `Tomcat`文档在开头提供了一些重要的信息和内容 - [Introduction](https://tomcat.apache.org/tomcat-9.0-doc/introduction.html#CATALINA_HOME_and_CATALINA_BASE) 5 | 6 | ## 术语 7 | 8 | 具体规范参考:[Servlet and JSP specifications](https://wiki.apache.org/tomcat/Specifications)。比如 9 | 10 | * `Context` - 表示一个`Web`应用程序 11 | 12 | ## 目录和文件 13 | 14 | 重要的`tomcat`目录: 15 | 16 | 1. `/bin`:启动、关闭以及其他一些脚本 17 | 2. `/conf`:配置文件和相关的`DTDs`,其中最重要的配置文件就是`server.xml` 18 | 3. `/logs`:默认放置的日志目录 19 | 4. `/webapps`:`webapp`存放的目录 20 | 21 | ## CATALINA_HOME和CATALINA_BASE 22 | 23 | 需要设置两个重要的环境变量: 24 | 25 | 1. `CATALINA_HOME`:表示`Tomcat`安装路径 26 | 2. `CATALINA_BASE`:表示特定`Tomcat`实例的运行时配置的根路径 27 | 28 | 默认情况下,两个环境变量设置为相同路径 -------------------------------------------------------------------------------- /docs/ssh/advanced/端口转发.md: -------------------------------------------------------------------------------- 1 | 2 | # [SSH -L]端口转发 3 | 4 | ## 定义 5 | 6 | `ssh`命令使用参数`-L`能够实现端口转发功能,设置如下 7 | 8 | ``` 9 | $ ssh -L 7788:127.0.0.1:8888 xxx@xxx.xxx.xx 10 | ``` 11 | 12 | 上述命令将本地`7788`端口映射到远程服务器`8888`端口 13 | 14 | ## 使用 15 | 16 | 在远程服务端打开`jupyter notebook`: 17 | 18 | ``` 19 | jupyter notebook --ip 0.0.0.0 --allow-root 20 | ``` 21 | 22 | 在本地就可以通过`127.0.0.1:7788?xxxxx`打开 23 | 24 | ## 相关阅读 25 | 26 | * [WEB安全-端口转发](https://zhuanlan.zhihu.com/p/80834638) 27 | 28 | * [SSH Port Forwarding Example](https://www.ssh.com/ssh/tunneling/example) 29 | 30 | * [ssh tunnel refusing connections with “channel 2: open failed”](https://serverfault.com/questions/489192/ssh-tunnel-refusing-connections-with-channel-2-open-failed) -------------------------------------------------------------------------------- /docs/docker/gui/wps.md: -------------------------------------------------------------------------------- 1 | 2 | # WPS 3 | 4 | ## 关键依赖 5 | 6 | * [xdg-icon-resource ](https://command-not-found.com/xdg-icon-resource) 7 | 8 | ## 相关阅读 9 | 10 | * [WPS Office (简体中文)](https://wiki.archlinux.org/index.php/WPS_Office_(简体中文)) 11 | * [linux wps英文版 如何改为中文版](https://blog.csdn.net/kinggang2017/article/details/89600217) 12 | * [关于Ubuntu16.04中WPS不能输入中文的问题](https://blog.csdn.net/wangdong2017/article/details/83928729) 13 | * [在Linux Mint 19上安装中文输入法](http://leetschau.github.io/zai-linux-mint-19shang-an-zhuang-zhong-wen-shu-ru-fa.html) 14 | * [在ubuntu中安装中文字体](https://blog.csdn.net/zapperstab/article/details/18602969) 15 | * [在CentOS中安装中文字体](https://javawind.net/p130) 16 | * [字体](https://download.csdn.net/download/wl1524520/6333049) -------------------------------------------------------------------------------- /docs/nginx/advanced/文件共享服务.md: -------------------------------------------------------------------------------- 1 | 2 | # 文件共享服务 3 | 4 | 通过`Nginx`实现文件共享服务,类似于文件服务器功能 5 | 6 | ## 配置文件 7 | 8 | 创建配置文件`share.conf`: 9 | 10 | ``` 11 | $ cat share.conf 12 | server { 13 | listen 12xxx; 14 | server_name xxx.xxx.xxx.xxx; 15 | 16 | # 避免中文乱码 17 | charset utf-8; 18 | 19 | # 存放文件的目录 20 | root /app/share; 21 | 22 | location / { 23 | # 索引 24 | autoindex on; 25 | # 显示文件大小 26 | autoindex_exact_size on; 27 | # 显示文件时间 28 | autoindex_localtime on; 29 | } 30 | } 31 | ``` 32 | 33 | ## 启动 34 | 35 | 启动`Nginx`后,将文件放置于`/app/share`路径下,即可通过地址`http://xxx.xxx.xxx.xxx:12xxx`进行访问 36 | 37 | ## 相关阅读 38 | 39 | * [11.Nginx搭建简单的文件共享服务](https://www.jianshu.com/p/985946e8aa4d) -------------------------------------------------------------------------------- /docs/network/advanced/netstat-端口查询.md: -------------------------------------------------------------------------------- 1 | 2 | # [netstat]端口查询 3 | 4 | 使用命令`netstat`进行端口查询 5 | 6 | ## 查询被占用的端口 7 | 8 | ``` 9 | $ sudo netstat -lnp | grep xxx 10 | ``` 11 | 12 | 比如查询占用`1080`的进程 13 | 14 | ``` 15 | $ sudo netstat -lnp | grep 1080 16 | tcp 0 0 127.0.0.1:1080 0.0.0.0:* LISTEN 5482/python 17 | udp 0 0 127.0.0.1:1080 0.0.0.0:* 5482/python 18 | ``` 19 | 20 | 端口`1080`被进程`id`为`5482`的应用占据,查询该应用并`kill` 21 | 22 | ``` 23 | $ ps aux | grep 5482 24 | root 5482 0.0 0.0 48020 11940 ? Ss 18:10 0:00 python local.py -d start 25 | zj 8708 0.0 0.0 15964 1020 pts/21 S+ 18:51 0:00 grep --color=auto 5482 26 | $ sudo kill 5482 27 | ``` -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Number of days of inactivity before an issue becomes stale 2 | daysUntilStale: 60 3 | # Number of days of inactivity before a stale issue is closed 4 | daysUntilClose: 7 5 | # Issues with these labels will never be considered stale 6 | exemptLabels: 7 | - pinned 8 | - security 9 | # Label to use when marking an issue as stale 10 | staleLabel: wontfix 11 | # Comment to post when marking an issue as stale. Set to `false` to disable 12 | markComment: > 13 | This issue has been automatically marked as stale because it has not had 14 | recent activity. It will be closed if no further activity occurs. Thank you 15 | for your contributions. 16 | # Comment to post when closing a stale issue. Set to `false` to disable 17 | closeComment: false -------------------------------------------------------------------------------- /docs/docker/basic/保存容器为镜像.md: -------------------------------------------------------------------------------- 1 | 2 | # 保存容器为镜像 3 | 4 | 保存已修改后的容器为新的镜像 5 | 6 | ## 语法 7 | 8 | ``` 9 | docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] 10 | ``` 11 | 12 | * 参数`CONTAINER`指定容器`ID` 13 | * 参数`REPOSITORY`指定新的镜像名,格式为 14 | * 参数`TAG`指定额外标记,比如版本号 15 | 16 | 可添加额外选项,指定作者名,提交信息,是否在提交时暂停容器以及是否应用`Dockerfile`指令到创建的镜像 17 | 18 | ![](./imgs/commit-options.png) 19 | 20 | ## 示例 21 | 22 | ``` 23 | $ docker commit --author zjykzj --message "using aliyun mirrors" f8f8 zjykzj/ubuntu:18.04 24 | sha256:5493327e7708602f5ebb0b42d638234bf47ff4ee23804dxxxxxx4c8dcec3 25 | 26 | $ docker image ls 27 | REPOSITORY TAG IMAGE ID CREATED SIZE 28 | zjykzj/ubuntu 18.04 5493327e7708 19 seconds ago 109MB 29 | ``` -------------------------------------------------------------------------------- /dockerfiles/ubuntu18.04_zh_CN/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | LABEL maintainer "zhujian " 3 | 4 | COPY sources.list . 5 | ENV DEBIAN_FRONTEND=noninteractive 6 | RUN set -eux && \ 7 | rm /etc/apt/sources.list && \ 8 | mv sources.list /etc/apt/sources.list && \ 9 | apt-get update && \ 10 | apt-get install -y locales tzdata xfonts-wqy && \ 11 | locale-gen zh_CN.UTF-8 && \ 12 | update-locale LANG=zh_CN.UTF-8 LANGUAGE=zh_CN.UTF-8 LC_ALL=zh_CN.UTF-8 && \ 13 | ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ 14 | dpkg-reconfigure --frontend noninteractive tzdata && \ 15 | find /var/lib/apt/lists -type f -delete && \ 16 | find /var/cache -type f -delete 17 | 18 | ENV LANG=zh_CN.UTF-8 LANGUAGE=zh_CN.UTF-8 LC_ALL=zh_CN.UTF-8 -------------------------------------------------------------------------------- /docs/penetration/n2n/n2n原理.md: -------------------------------------------------------------------------------- 1 | 2 | # n2n原理 3 | 4 | [n2n](https://www.ntop.org/products/n2n/#)是一个开源的`2`层`P2P`架构`VPN`,有如下特点: 5 | 6 | 1. 基于`P2P`协议的加密`2`层专用网络 7 | 2. 边缘节点(`edge node`)的加密是使用带有用户自定义密码的开放协议 8 | 3. 每个`n2n`用户可以同时加入不同的网络(或称为社区) 9 | 4. `n2n`能够以反向流量方向(即从外部到内部)跨越`NAT`和防火墙。防火墙不再是`IP`级别直接通信的障碍。 10 | 5. `n2n`网络并不意味着是独立的:可以通过`n2n`和非`n2n`网络连接。 11 | 12 | ## 网络结构 13 | 14 | `n2n`是一个`2`层网络架构,分别由核心节点(`supernode`)和边缘节点(`edgenode`)构成 15 | 16 | ![](./imgs/n2n_network.png) 17 | 18 | 边缘节点运行在客户端,通过创建虚拟网卡作为`n2n`网络的入口 19 | 20 | 核心节点作为服务器端,作为边缘节点的目录寄存器(`directory register`)和包路由器(`packet router`) 21 | 22 | ## `n2n`优势 23 | 24 | `n2n`网络通过虚拟网卡,利用`UDP`协议进行通信,每个边缘节点(客户端)可以创建多个虚拟网卡,可以从属于多个不同网络 25 | 26 | ![](./imgs/n2n_com.png) 27 | 28 | 边缘节点通过核心节点握手后可以直接通信,这样能够降低通信的延时,也能够减轻核心节点的带宽压力 29 | 30 | ![](./imgs/n2n_nat.png) 31 | 32 | -------------------------------------------------------------------------------- /docs/network/advanced/阿里云-域名解析-URL转发.md: -------------------------------------------------------------------------------- 1 | 2 | # [阿里云][域名解析]URL转发 3 | 4 | ## 需求描述 5 | 6 | 在远程服务器上使用`9980`端口实现`HTTPs`服务,直接访问方式如下: 7 | 8 | ``` 9 | https://www.test.com:9980 10 | ``` 11 | 12 | 理想状态下是希望只输入域名而不需要额外端口号,解析后跳转到新地址并且能够指定端口,比如: 13 | 14 | ``` 15 | http://www.xxx.com -> https://www.test.com:9980 16 | ``` 17 | 18 | ## URL转发 19 | 20 | 阿里云域名解析服务提供了`URL转发`功能,能够实现`域名+端口`的绑定。实现如下: 21 | 22 | 1. 在记录类型中选择`显性URL`或者`隐性URL` 23 | 2. 记录值中可以输入域名+端口,比如`https://www.xxx.com:9980` 24 | 25 | `显性URL`和`隐性URL`的区别在于`显性URL`服务会重定向到真实目标地址(也就是会在地址栏暴露端口号),而`隐形URL`服务会隐藏真实地址 26 | 27 | **注意:`URL`转发前域名支持`HTTP`,不支持`HTTPS`,转发后的目标地址支持`HTTP、HTTPS`** 28 | 29 | ## 相关阅读 30 | 31 | * [添加网站解析](https://help.aliyun.com/document_detail/106535.html?spm=a2c4g.11186623.2.12.936e52fbvbu0gM) 32 | 33 | * [URL转发类问题排查](https://help.aliyun.com/knowledge_detail/118166.html) 34 | -------------------------------------------------------------------------------- /docs/docker/dockerfile/LABEL.md: -------------------------------------------------------------------------------- 1 | 2 | # LABEL 3 | 4 | `LABEL`指令为镜像添加元数据 5 | 6 | ## 语法 7 | 8 | ``` 9 | LABEL = = = ... 10 | ``` 11 | 12 | 使用键值对形式,单个`LABEL`指令可以添加一个或多个键值对,一个`Dockerfile`文件中可以包含多个`LABEL`指令 13 | 14 | **如果键值对存在空格或者过长,可以使用双引号和反斜杠** 15 | 16 | ``` 17 | LABEL "com.example.vendor"="ACME Incorporated" 18 | LABEL com.example.label-with-value="foo" 19 | LABEL multi.label1="value1" multi.label2="value2" other="value3" 20 | LABEL multi.label1="value1" \ 21 | multi.label2="value2" \ 22 | other="value3" 23 | ``` 24 | 25 | ## 继承 26 | 27 | 新的镜像可以继承来自基镜像或者父镜像的`LABEL`信息,如果设置了同名键值对,则会覆盖之前的信息 28 | 29 | ## 查询 30 | 31 | 使用命令`docker inspect`进行查询 32 | 33 | ``` 34 | $ docker inspect IMAGE | grep -i LABEL 35 | ``` 36 | 37 | ## 相关阅读 38 | 39 | * [LABEL](https://docs.docker.com/engine/reference/builder/#label) -------------------------------------------------------------------------------- /docs/penetration/ngrok/ngrok-docker.md: -------------------------------------------------------------------------------- 1 | 2 | # docker实现 3 | 4 | 通过`docker`容器实现`ngrok`服务端 5 | 6 | ## Dockerfile 7 | 8 | ``` 9 | FROM zjzstu/ubuntu:latest 10 | LABEL Author="zhujian " 11 | 12 | COPY . /app 13 | 14 | WORKDIR /app 15 | 16 | ENTRYPOINT ["/app/ngrokd.sh"] 17 | ``` 18 | 19 | 将证书/应用以及脚本复制到容器内,执行脚本 20 | 21 | ## docker-compose.yml 22 | 23 | ``` 24 | version: "3.7" 25 | services: 26 | ngrok: 27 | labels: 28 | AUTHOR: "zhujian " 29 | container_name: ngrokd 30 | image: zjzstu/ngrok:server 31 | build: . 32 | environment: 33 | - DOMAIN=xxx.xxx.xxx 34 | ports: 35 | - "xxx:xxx" 36 | restart: always 37 | tty: true 38 | stdin_open: true 39 | ``` 40 | 41 | 使用`docker-compose`完成镜像创建和启动,指定`ngrok`使用的端口 42 | 43 | ## 使用 44 | 45 | ``` 46 | # 后台启动 47 | $ docker-compose up -d 48 | ``` -------------------------------------------------------------------------------- /docs/nginx/base/测试.md: -------------------------------------------------------------------------------- 1 | 2 | # 测试 3 | 4 | ## 操作 5 | 6 | `nginx`占用`80`端口,确保未被使用 7 | 8 | $ sudo netstat -lnp | grep 80 9 | tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 22308/nginx: master 10 | 11 | 如果已被占用则退出该进程 12 | 13 | $ sudo kill 22308 14 | 15 | 启动`nginx` 16 | 17 | $ sudo nginx 18 | $ ps -ef | grep nginx 19 | root 1068 1 0 16:31 ? 00:00:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; 20 | nginx 1069 1068 0 16:31 ? 00:00:00 nginx: worker process 21 | ubuntu 15252 1320 0 19:13 pts/0 00:00:00 grep --color=auto nginx 22 | 23 | 打开浏览器,访问该机器的`ip`,即会出现`nginx`欢迎页面 24 | 25 | ![](./imgs/welcome-nginx.png) 26 | 27 | ## 相关阅读 28 | 29 | * [linux下解决80端口被占用](https://blog.csdn.net/w592376568/article/details/82862249) 30 | 31 | * [Nginx安装](http://www.nginx.cn/install) -------------------------------------------------------------------------------- /docs/ssh/base/http和ssh协议.md: -------------------------------------------------------------------------------- 1 | 2 | # http和ssh协议 3 | 4 | 大多数`git`托管网站都支持使用`http`协议或`ssh`协议进行代码拉取和推送操作 5 | 6 | ## `http` 7 | 8 | 其命名方式如下: 9 | 10 | https:////.git 11 | 12 | # github仓库 13 | https://github.com/zjZSTU/zjzstu.github.com.git 14 | # gitee仓库 15 | https://gitee.com/zjZSTU/zjzstu.gitee.io.git 16 | 17 | 使用`http`协议的优点在于每次推送都需要进行授权验证,服务器会提示你输入用户名和密码 18 | 19 | ## `ssh` 20 | 21 | 其命名方式如下: 22 | 23 | git@:/.git 24 | 25 | # github仓库 26 | git@github.com:zjZSTU/zjzstu.github.com.git 27 | # gitee仓库 28 | git@gitee.com:zjZSTU/zjzstu.gitee.io.git 29 | 30 | 使用`ssh`协议进行代码推送之前需要进行`ssh`密钥认证,在本地生成`ssh`密钥,上传`ssh`公钥到托管网站,这样每次推送就能自动认证 31 | 32 | ## 相关阅读 33 | 34 | * [4.1 服务器上的 Git - 协议](https://git-scm.com/book/zh/v2/%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B8%8A%E7%9A%84-Git-%E5%8D%8F%E8%AE%AE) -------------------------------------------------------------------------------- /docs/nginx/base/安装.md: -------------------------------------------------------------------------------- 1 | 2 | # 安装 3 | 4 | 当前在`Ubuntu 16.04`下安装`Nginx` 5 | 6 | 安装预置应用 7 | 8 | sudo apt install curl gnupg2 ca-certificates lsb-release 9 | 10 | 安装稳定版`nginx` 11 | 12 | echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \ 13 | | sudo tee /etc/apt/sources.list.d/nginx.list 14 | 15 | 导入官方`nginx`签名密钥 16 | 17 | curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add - 18 | 19 | 验证 20 | 21 | sudo apt-key fingerprint ABF5BD827BD9BF62 22 | 23 | 结果如下 24 | 25 | pub 2048R/7BD9BF62 2011-08-19 [expires: 2024-06-14] 26 | Key fingerprint = 573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62 27 | uid nginx signing key 28 | 29 | 安装`nginx` 30 | 31 | sudo apt update 32 | sudo apt install nginx 33 | 34 | ## 相关阅读 35 | 36 | * [Installing nginx](http://nginx.org/en/docs/install.html) -------------------------------------------------------------------------------- /docs/compose/docker-compose-docker-run.md: -------------------------------------------------------------------------------- 1 | 2 | # 使用docker-compose还是docker run 3 | 4 | 学习了`Docker`和`Docker Compose`,通过`Dockerfile`文件进行镜像的构建,通过`docker-compose.yml`文件进行容器的编排 5 | 6 | 在实际操作过程中,`docker-compose`操作的优点很明显 7 | 8 | 1. 通过`docker-compose.yml`文件配置容器启动选项,结构清晰 9 | 2. 能够实现多容器的管理 10 | 11 | 不过`docker-compose`还在不断更新中,存在不少问题: 12 | 13 | 1. 在`docker-compose.yml`中仅能使用环境变量,无法操作`shell`命令 14 | 15 | 比如获取当前用户信息 16 | 17 | ``` 18 | $ id -u 19 | $ id -g 20 | ``` 21 | 22 | 2. 在语法版本`3.7`中无法设置`NVIDIA` 23 | 24 | 参考: 25 | 26 | [Support for NVIDIA GPUs under Docker Compose #6691](https://github.com/docker/compose/issues/6691) 27 | 28 | [docker-compose support #1073](https://github.com/NVIDIA/nvidia-docker/issues/1073) 29 | 30 | [NVIDIA Container Toolkit](https://github.com/NVIDIA/nvidia-docker) 31 | 32 | >Please note that this native GPU support has not landed in docker-compose yet. Refer to this issue for discussion. -------------------------------------------------------------------------------- /docs/network/advanced/nc-远程端口查询.md: -------------------------------------------------------------------------------- 1 | 2 | # [nc]远程端口查询 3 | 4 | ## 使用 5 | 6 | ``` 7 | nc -vz [-w <超时秒数>] host port 8 | ``` 9 | 10 | * 参数`-v`表示显示指令执行过程 11 | * 参数`-z`表示使用`0`输入/输出模式,只在扫描通信端口时使用 12 | 13 | 指定远程地址`host`,以及端口号`port`(*可以指定某一范围内的端口*)。默认使用`tcp`进行检测,如果需要`udp`, 设置参数`-u` 14 | 15 | ## 示例 16 | 17 | 测试单个端口号 18 | 19 | ``` 20 | $ nc -vz 148.xxx.xxx.9 12xxx 21 | Connection to 148.70.133.9 12xxx port [tcp/*] succeeded! 22 | ``` 23 | 24 | 测试连续多个端口号 25 | 26 | ``` 27 | $ nc -vz -w 2 148.xxx.xxx.9 12344-12346 28 | nc: connect to 148.70.133.9 port 12344 (tcp) timed out: Operation now in progress 29 | Connection to 148.70.133.9 12345 port [tcp/*] succeeded! 30 | nc: connect to 148.70.133.9 port 12346 (tcp) failed: Connection refused 31 | ``` 32 | 33 | ## 相关阅读 34 | 35 | * [Linux测试远程端口是否开放](https://blog.csdn.net/calmboy_/article/details/89455925) 36 | * [Linux nc命令](https://www.runoob.com/linux/linux-comm-nc.html) 37 | -------------------------------------------------------------------------------- /docs/ssh/advanced/复制公钥到远程服务器.md: -------------------------------------------------------------------------------- 1 | 2 | # [ssh-copy-id]复制公钥到远程服务器 3 | 4 | 创建密钥后,需要添加公钥内容追加到远程服务器的`authorized_keys`文件 5 | 6 | 添加到远程服务器有两种方式: 7 | 8 | 1. 使用命令`ssh-copy-id` 9 | 2. 手动复制公钥到远程 10 | 11 | ## `ssh-copy-id` 12 | 13 | 命令`ssh-copy-id`使用本地公钥认证远程服务器 14 | 15 | ``` 16 | $ ssh-copy-id -i ~/.ssh/id_rsa.pub lab305@192.168.0.144 17 | /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/zj/.ssh/id_rsa.pub" 18 | /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed 19 | /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys 20 | Received disconnect from 192.168.0.144 port 22:2: Too many authentication failures 21 | Connection to 192.168.0.144 closed by remote host. 22 | ``` 23 | 24 | 参数`-i`输入本地公钥文件 25 | 26 | ## 手动复制 27 | 28 | 使用命令`>>`追加到文件末尾 29 | 30 | ``` 31 | $ cat id_rsa.pub >> authorized_keys 32 | ``` -------------------------------------------------------------------------------- /docs/docker/basic/镜像迁移.md: -------------------------------------------------------------------------------- 1 | 2 | # 镜像迁移 3 | 4 | 在服务器下载`docker`镜像太慢了,想着能不能在本地下载完成后迁移到服务器上 5 | 6 | ## docker save 7 | 8 | 保存一个或多个镜像为归档文件 9 | 10 | ``` 11 | $ docker save --help 12 | 13 | Usage: docker save [OPTIONS] IMAGE [IMAGE...] 14 | 15 | Save one or more images to a tar archive (streamed to STDOUT by default) 16 | 17 | Options: 18 | -o, --output string Write to a file, instead of STDOUT 19 | ``` 20 | 21 | ## docker load 22 | 23 | 从归档文件中加载镜像 24 | 25 | ``` 26 | $ docker load --help 27 | 28 | Usage: docker load [OPTIONS] 29 | 30 | Load an image from a tar archive or STDIN 31 | 32 | Options: 33 | -i, --input string Read from tar archive file, instead of STDIN 34 | -q, --quiet Suppress the load output 35 | ``` 36 | 37 | ## 示例 38 | 39 | ``` 40 | # 打包 41 | $ docker save nginx:latest -o nginx.tar.gz 42 | # 加载 43 | $ docker load -i nginx.tar.gz 44 | ``` 45 | 46 | ## 相关阅读 47 | 48 | * [Docker镜像迁移](https://blog.csdn.net/sunbocong/article/details/78928535) -------------------------------------------------------------------------------- /docs/docker/dockerfile/EXPOSE.md: -------------------------------------------------------------------------------- 1 | 2 | # EXPOSE 3 | 4 | `EXPOSE`指令通知`docker`容器在运行时侦听指定的网络端口 5 | 6 | ## 语法 7 | 8 | ``` 9 | EXPOSE [/...] 10 | ``` 11 | 12 | * 端口号可以任意指定 13 | * 协议指定端口是侦听`TCP`还是`UDP`,默认为`TCP` 14 | 15 | ``` 16 | # 指定TCP协议端口为80 17 | EXPOSE 80 18 | # 指定UDP协议端口为80 19 | EXPOSE 80/udp 20 | ``` 21 | 22 | ## 作用 23 | 24 | `EXPOSE`指令实际上并不发布端口,它用于提示要发布的端口。使用`docker run`启动容器时,有`2`种方式指定容器监听的端口号 25 | 26 | 1. 使用标识符`-P, --publish-all`来发布`EXPOSE`指定的端口,`docker`会随机映射主机端口到容器的侦听端口 27 | 2. 使用标识符`-p, --publish`指定容器和主机的映射端口 28 | 29 | -p host-port:container-port/ 30 | # 比如映射主机端口号80到容器8080端口,侦听TCP协议 31 | -p 80:8080/tcp 32 | 33 | ## 示例 34 | 35 | 可以同时设定`TCP`和`UDP`监听端口为同一个,因为容器会将其映射到不同的主机端口 36 | 37 | ``` 38 | EXPOSE 80/tcp 39 | EXPOSE 80/udp 40 | ``` 41 | 42 | 使用`-p`标识符指定映射端口如下: 43 | 44 | ``` 45 | $ docker run -it -p 10001:80/tcp -p 10002:80/udp ... 46 | ``` 47 | 48 | ## 相关阅读 49 | 50 | * [EXPOSE](https://docs.docker.com/engine/reference/builder/#expose) -------------------------------------------------------------------------------- /dockerfiles/ubuntu18.04_zh_CN/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse 2 | 3 | deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse 4 | 5 | deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse 6 | 7 | deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse 8 | 9 | deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse 10 | 11 | deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse 12 | 13 | deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse 14 | 15 | deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse 16 | 17 | deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse 18 | 19 | deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse -------------------------------------------------------------------------------- /docs/network/basic/局域网-广域网-互联网-私有专用网.md: -------------------------------------------------------------------------------- 1 | 2 | # 局域网、广域网、互联网和私有专用网 3 | 4 | ## 局域网 5 | 6 | [局域网(Local Area NetWork, LAN)](https://baike.baidu.com/item/%E5%B1%80%E5%9F%9F%E7%BD%91)指在某一区域内由多台计算机互联组成的计算机网络。局域网内的主机通过同一个路由器对外传输和转发数据,通过若干个集线器或交换机进行内部交流。局域网通常覆盖的地理范围小,建设、维护和扩展灵活,同时网络延时低,数据传输率高,可靠性高 7 | 8 | ## 广域网 9 | 10 | [广域网(Wide Area Network, WAN)](https://baike.baidu.com/item/%E5%B9%BF%E5%9F%9F%E7%BD%91)指的是连接多个局域网或城域网通信的计算机网络 11 | 12 | ## 互联网 13 | 14 | [互联网(Internet)](https://baike.baidu.com/item/%E4%BA%92%E8%81%94%E7%BD%91/199186)指的是通过一组通用协议来串联不同广域网从而得到的计算机网络 15 | 16 | ## 虚拟专用网 17 | 18 | [虚拟专用网(Visual Private Network, VPN)](https://baike.baidu.com/item/%E8%99%9A%E6%8B%9F%E4%B8%93%E7%94%A8%E7%BD%91)在公网上建立专用网络,进行加密通讯。它模拟了单个局域网内的通信,但实际是通过公网进行不同局域网之间的远程通信 19 | 20 | ## 相互关系 21 | 22 | ![](./imgs/network-scope.PNG) 23 | 24 | ## 相关阅读 25 | 26 | * [局域网](https://www.zhihu.com/topic/19562846/intro) 27 | * [局域网,广域网,因特网之间的区别和联系?](https://www.zhihu.com/question/51295773) 28 | * [VPN](https://www.zhihu.com/topic/19551882/hot) -------------------------------------------------------------------------------- /docs/network/advanced/namesilo-dnspod-域名申请和解析.md: -------------------------------------------------------------------------------- 1 | 2 | # [namesilo][dnspod]域名申请和解析 3 | 4 | 之前在阿里云大陆地区申请了域名,并搭建了一个博客网站。前几天腾讯云客服通知我整改博客中存在外部链接的问题。因为不想要做任何限制,所以打算在香港申请服务器进行网站搭建,顺便也在国外注册了一个域名 5 | 6 | ## 域名选择 7 | 8 | 在[namesilo](https://www.namesilo.com/)上注册域名 9 | 10 | ## namesilo域名申请 11 | 12 | 注册完成用户后,选择自己喜欢的域名,购买即可 13 | 14 | ## dnspod域名解析 15 | 16 | `namesilo`自带了域名解析服务,但是还是选择了国内的域名解析厂商[DNSPod](https://www.dnspod.cn)。首先在`namesilo`中修改`nameserver`,添加`DNSPod`地址 17 | 18 | ``` 19 | f1g1ns1.dnspod.net 20 | f1g1ns2.dnspod.net 21 | ``` 22 | 23 | 然后在`DNSPod`上注册账户,添加域名 24 | 25 | **注意:上述两个过程都需要几个小时的解析,耐性等待即可** 26 | 27 | 最后在`DNSPod`上添加解析记录,将域名和服务器`IP`绑定 28 | 29 | ## 后记 30 | 31 | 最开始注册域名的时候缴纳了一年的费用,续缴的时候发现费用非常昂贵(`100+`);同时在开发过程中发现只需要把服务器搬离大陆地区即可,对于域名和`DNS`解析仍旧可以放在大陆地区 32 | 33 | ## 相关阅读 34 | 35 | * [有哪些国外便宜域名注册商是值得推荐的?](https://zhuanlan.zhihu.com/p/63866401) 36 | * [Namesilo 域名购买保姆式教程,赠送1刀优惠码!](https://zhuanlan.zhihu.com/p/82666679) 37 | * [免费namesilo域名注册解析到dnspod教程](https://since1989.org/stuff/dnspod-name-servers-domain.html) -------------------------------------------------------------------------------- /docs/docker/dockerfile/CMD.md: -------------------------------------------------------------------------------- 1 | 2 | # CMD 3 | 4 | 一个`Dockerfile`文件仅能执行一条`CMD`指令。如果存在多条`CMD`指令,仅最后一个`CMD`指令起作用 5 | 6 | ## 语法 7 | 8 | `CMD`指令有`3`种书写格式: 9 | 10 | 1. `CMD ["executable","param1","param2"]`(`exec`形式,推荐) 11 | 2. `CMD ["param1","param2"]`(`ENTRYPOINT`指令的默认参数) 12 | 3. `CMD command param1 param2`(`shell`形式) 13 | 14 | ## 作用 15 | 16 | `CMD`指令的主要目的是提供容器默认操作。可以通过`CMD`指定一个可执行文件,如果在`Dockerfile`中指定了`ENTRYPOINT`,那么`CMD`指定的可执行文件会被忽略 17 | 18 | **注意:如果`CMD`指令用于提供`ENTRYPOINT`指令参数,那么两者必须按`JSON`数组格式编写** 19 | 20 | **注意:如果使用`exec`格式,其将会解析成`JSON`数组,所以必须使用双引号而不是单引号** 21 | 22 | 调用`shell`命令: 23 | 24 | * `exec`形式的`CMD`指令不会调用命令行`shell`,所以如果要使用`shell`命令,必须显示调用`shell`,比如`CMD [ "sh", "-c", "echo $HOME" ]` 25 | * `shell`形式的`CMD`指令可以直接调用,比如`CMD echo $HOME` 26 | 27 | 调用非`shell`命令,必须使用`exec`形式,且使用命令绝对路径,比如`CMD ["/usr/bin/wc","--help"]` 28 | 29 | **如果在运行`docker run`时指定了运行命令,将会覆盖`CMD`指令操作** 30 | 31 | ## RUN vs. CMD 32 | 33 | * `RUN`用于在镜像构建时运行,并提交运行结果 34 | * `CMD`在构建时不执行任何操作,但指定镜像的预期命令 35 | 36 | ## 相关阅读 37 | 38 | * [CMD](https://docs.docker.com/engine/reference/builder/#cmd) -------------------------------------------------------------------------------- /docs/compose/版本依赖.md: -------------------------------------------------------------------------------- 1 | 2 | # Compose版本依赖 3 | 4 | `Docker Compose`分为两个部分:文件格式与应用版本 5 | 6 | ## 文件格式 7 | 8 | `Docker Compose`经历了多次的文件格式调整,不断增加新的内容。其文件格式与`Docker`引擎版本对应如下: 9 | 10 | ![](./imgs/compose-docker.png) 11 | 12 | 当前使用的`Compose`文件格式为版本`3.7`,当前`Docker`引擎版本为 13 | 14 | ``` 15 | $ docker info | grep -i server | grep -i version 16 | Server Version: 19.03.5 17 | ``` 18 | 19 | ## 应用版本 20 | 21 | 直接使用最新版本的程序即可,参考[compose releases](https://github.com/docker/compose/releases/) 22 | 23 | ## 指定版本号 24 | 25 | 在编写`docker-compose.yml`文件时需要指定文件格式版本 26 | 27 | ``` 28 | version: "3.7" 29 | services: 30 | web: 31 | build: . 32 | ports: 33 | - "5000:5000" 34 | volumes: 35 | ... 36 | ... 37 | ``` 38 | 39 | **注意:如果仅指定了主版本号(`3`),没有指定次版本号(`7`),默认添加`0`作为次版本号** 40 | 41 | ``` 42 | version: "3" 43 | # 等价于 44 | version: "3.0" 45 | ``` 46 | 47 | ## 相关阅读 48 | 49 | * [Compose and Docker compatibility matrix](https://docs.docker.com/compose/compose-file/#compose-and-docker-compatibility-matrix) 50 | * [Compose file versions and upgrading](https://docs.docker.com/compose/compose-file/compose-versioning/) -------------------------------------------------------------------------------- /docs/docker/dockerfile/RUN.md: -------------------------------------------------------------------------------- 1 | 2 | # RUN 3 | 4 | `RUN`指令在当前镜像上执行操作,然后将提交结果为新的镜像,作用于`Dockerfile`的下一步 5 | 6 | ## 语法 7 | 8 | `RUN`指令有`2`种格式: 9 | 10 | * `RUN `(`shell`形式,命令运行在一个`shell`上。对`Linux`而言,默认是`/bin/sh -c`;对`Windows`而言,默认是`cmd /S /C`) 11 | * `RUN ["executable", "param1", "param2"]`(`exec`形式) 12 | 13 | 注意一:使用`shell`形式,可以使用反斜线(`\, backslash`)将单行`RUN`指令扩展成多行,有助于配置和理解 14 | 15 | ``` 16 | RUN apt-get update && \ 17 | apt-get install -f \ 18 | apt-get install -y net-tools 19 | ``` 20 | 21 | 注意二:`exec`形式必须使用双引号而不是单引号 22 | 23 | 注意三:`exec`形式的`RUN`指令不会调用命令`shell`,必须显式调用`shell` 24 | 25 | ``` 26 | RUN ["sh", "-c", "echo hello"] 27 | ``` 28 | 29 | 对于`Windows`系统而言,需要转义反斜杠,比如`RUN ["c:\\windows\\system32\\tasklist.exe"]` 30 | 31 | ## 缓存 32 | 33 | `RUN`指令的缓存不会在下一个生成期间自动失效,所以`RUN apt-get dist-upgrade -y`的缓存将在下次构建时使用 34 | 35 | 设置缓存内容失效,需要在构建时设置标识符`--no-cache`,比如`docker build --no-cache .` 36 | 37 | ## 不同shell 38 | 39 | 如果要使用不同`shell`,操作如下: 40 | 41 | * 使用绝对路径指定新的`shell` 42 | * 使用`SHELL`指令更新 43 | 44 | ``` 45 | RUN ["/bin/bash", "-c", "echo hello"] 46 | ``` 47 | 48 | ## 相关阅读 49 | 50 | * [RUN](https://docs.docker.com/engine/reference/builder/#run) -------------------------------------------------------------------------------- /docs/network/advanced/netplan.md: -------------------------------------------------------------------------------- 1 | 2 | # netplan 3 | 4 | 从`Ubuntu 18.04`开始,使用`netplan`统一管理网络配置,其配置文件位于`/etc/netplan`,通过`YAML`文件进行网络配置 5 | 6 | 默认包含了一个配置文件`01-network-manager-all.yaml` 7 | 8 | ``` 9 | /etc/netplan$ cat 01-network-manager-all.yaml 10 | # Let NetworkManager manage all devices on this system 11 | network: 12 | version: 2 13 | renderer: NetworkManager 14 | ``` 15 | 16 | 关于netplan的使用示例参考[Netplan configuration examples](https://netplan.io/examples),其具体属性参考[Ubuntu 18.04 网络配置介绍](https://developer.aliyun.com/article/744737) 17 | 18 | 当前电脑在Wifi环境下,所以配置文件修改如下: 19 | 20 | ``` 21 | # Let NetworkManager manage all devices on this system 22 | network: 23 | version: 2 24 | renderer: NetworkManager 25 | # 在wifi环境下配置,在以太网下面使用ethernets 26 | wifis: 27 | # 网卡名 28 | wlp2s0b1: 29 | # 开启使用ipv4/ipv6的DHCP,默认是关闭 30 | dhcp4: no 31 | dhcp6: no 32 | # 对应网卡配置的静态ip地址,是ip/掩码的格式 33 | addresses: [192.168.0.184/24] 34 | # 默认网关 35 | gateway4: 192.168.0.1 36 | # 设置DNS服务器 37 | nameservers: 38 | addresses: [119.29.29.29, 223.5.5.5, 223.6.6.6] 39 | ``` 40 | 41 | 修改完成后执行更新命令 42 | 43 | ``` 44 | $ sudo netplan try 45 | $ sudo netplan apply 46 | ``` 47 | -------------------------------------------------------------------------------- /docs/network/basic/网络体系结构.md: -------------------------------------------------------------------------------- 1 | 2 | # 网络体系结构 3 | 4 | 计算机网络的各层及其协议的集合就是计算机网络体系结构。其设计目的是通过对网络的分层,将各个系统硬软件的差异转化成较小的局部问题,更易于研究和处理,最终保证遵循同一套体系结构的系统能够相互通信 5 | 6 | 目前并行有两套网络体系结构: 7 | 8 | 1. 开放系统互联基本参考模型`OSI/RM` 9 | 2. `TCP/IP`体系结构 10 | 11 | ## 开放系统互联基本参考模型OSI/RM 12 | 13 | 开发系统互联基本参考模型(`Open Systems Interconnection Reference Model, OSI/RM`)是国际标准化组织`ISO`制定的,在`1983`年形成正式的文件,即`ISO 7498`国际标准,简称为`OSI` 14 | 15 | `OSI`是一个`7`层协议的体系结构,从上到下分别是应用层、会话层、表示层、运输层、网络层、数据链路层、物理层 16 | 17 | ![](./imgs/OSI.PNG) 18 | 19 | *`OSI`并没有获得大规模的应用,因为同一时期出现的`TCP/IP`四层网络系统结构已经抢先在全世界大范围的运行* 20 | 21 | ## TCP/IP体系结构 22 | 23 | `TCP/IP`体系结构共`4`层,分别由应用层、运输层、网际层和网络接口层构成 24 | 25 | ![](./imgs/tcp-ip.PNG) 26 | 27 | 其与`OSI`体系结构对应如下 28 | 29 | ![](./imgs/osi-tcp-ip.PNG) 30 | 31 | ## 层解析 32 | 33 | 1. 应用层(`application layer`):其任务是通过应用进程间的交互来完成特定网络应用 34 | 2. 运输层(`transport layer`):其任务是负责向两台主机之间的通信提供通用的数据传输服务。应用进程通过该服务来传送`应用层报文` 35 | 3. 网络层(`network layer`):负责为分组交换网上的不同主机提供通信服务。在发送数据时,将运输层生成的`报文段`或`用户数据报`封装成`分组`或`包`进行传送 36 | 4. 数据链路层(`data link layer`):负责两台主机之间的数据在链路上的传输。将网络层得到的`数据包`封装成`帧` 37 | 5. 物理层(`physical layer`):确定电压大小(多大是`1`、多大是`0`)以及接收方如何识别发送方所发送的比特等关于硬件的参数 38 | 39 | ## 相关阅读 40 | 41 | * [OSI七层模型和两主机传输过程(转)](https://www.jianshu.com/p/d8dbe0798d4c) -------------------------------------------------------------------------------- /docs/docker/advanced/在容器内部使用docker.md: -------------------------------------------------------------------------------- 1 | 2 | # 在容器内部使用docker 3 | 4 | ## 操作 5 | 6 | ``` 7 | $ docker run -it -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker --privileged ubuntu:18.04 bash 8 | ``` 9 | 10 | ## 问题 11 | 12 | ``` 13 | $ docker ps 14 | Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied 15 | ``` 16 | 17 | ## 解决 18 | 19 | 打开一个新窗口,以`root`身份登录容器 20 | 21 | ``` 22 | $ docker exec -it -u root bash 23 | ``` 24 | 25 | 创建`docker`组并添加用户 26 | 27 | ``` 28 | $ groupadd docker && usermode -aG docker 29 | ``` 30 | 31 | 设置普通用户可以操作`docker.sock` 32 | 33 | ``` 34 | $ chmod 777 /var/run/docker.sock 35 | ``` 36 | 37 | ## 相关阅读 38 | 39 | * [How to use docker from inside Jenkins docker container](https://stackoverflow.com/questions/45447434/how-to-use-docker-from-inside-jenkins-docker-container) 40 | * [在docker容器内部使用docker build](https://blog.csdn.net/vah101/article/details/104973772) 41 | * [Jenkins Environment using Docker](https://joachim8675309.medium.com/jenkins-environment-using-docker-6a12603ebf9) -------------------------------------------------------------------------------- /docs/network/advanced/nslookup-域名解析.md: -------------------------------------------------------------------------------- 1 | 2 | # [nslookup]域名解析 3 | 4 | [nslookup](https://en.wikipedia.org/wiki/Nslookup)是一个域名解析工具,用于查询域名对应的`IP`地址 5 | 6 | 有两种使用方式 7 | 8 | 1. 交互式(`interactive`) 9 | 2. 非交互式(`non-interactive`) 10 | 11 | ## 安装 12 | 13 | ``` 14 | $ sudo apt install dnsutils 15 | ``` 16 | 17 | ## 交互式 18 | 19 | 首先输入`nslookup`,然后按回车键进入交互界面,再输入相应的域名即可查询对应`IP`,输入`exit`退出 20 | 21 | ``` 22 | $ nslookup 23 | > www.baidu.com 24 | Server: 127.0.1.1 25 | Address: 127.0.1.1#53 26 | 27 | Non-authoritative answer: 28 | www.baidu.com canonical name = www.a.shifen.com. 29 | Name: www.a.shifen.com 30 | 31 | ## Address: 112.80.248.75 32 | Name: www.a.shifen.com 33 | Address: 112.80.248.76 34 | > 35 | > www.google.com 36 | Server: 127.0.1.1 37 | Address: 127.0.1.1#53 38 | 39 | Non-authoritative answer: 40 | Name: www.google.com 41 | Address: 173.252.73.48 42 | > exit 43 | ``` 44 | 45 | ## 非交互式 46 | 47 | 在`nslookup`后跟域名即可 48 | 49 | ``` 50 | $ nslookup www.zhujian.tech 51 | Server: 127.0.1.1 52 | Address: 127.0.1.1#53 53 | 54 | Non-authoritative answer: 55 | Name: www.zhujian.tech 56 | Address: 148.70.133.9 57 | ``` 58 | 59 | ## 相关阅读 60 | 61 | * [nslookup(1) - Linux man page](https://linux.die.net/man/1/nslookup) -------------------------------------------------------------------------------- /docs/tomcat/非root用户运行.md: -------------------------------------------------------------------------------- 1 | 2 | # 非root用户运行 3 | 4 | 默认安装的`tomcat`以`root`用户运行,为保证其安全性,进一步设置`tomcat`以普通用户运行 5 | 6 | ## 创建tomcat用户 7 | 8 | 创建新用户`tomcat`,设置`home`目录为`/opt/tomcat` 9 | 10 | ``` 11 | $ useradd -d /opt/tomcat tomcat 12 | ``` 13 | 14 | 修改`/opt/tomcat`文件属主为`tomcat` 15 | 16 | ``` 17 | $ sudo chown -R tomcat:tomcat apache-tomcat-9.0.27 18 | ``` 19 | 20 | ## 实现 21 | 22 | 切换到`tomcat`用户后进行启动即可;如果是开机自启动,则修改`/etc/rc.local` 23 | 24 | ``` 25 | su tomcat -c "/opt/apache-tomcat-9.0.27/bin/startup.sh" 26 | ``` 27 | 28 | 这篇文章[How To Install Apache Tomcat 8 on Ubuntu 16.04](https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-ubuntu-16-04)也介绍的很详细 29 | 30 | ## 其他实现 31 | 32 | `tomcat`提供了工具`jsvc`,允许`tomcat`以非`root`用户运行,参考[Unixroot daemon](https://tomcat.apache.org/tomcat-9.0-doc/setup.html) 33 | 34 | ## 相关阅读 35 | 36 | * [用非root用户启动tomcat进程](https://rorschachchan.github.io/2018/04/18/%E4%BD%BF%E7%94%A8%E6%99%AE%E9%80%9A%E7%94%A8%E6%88%B7%E5%90%AF%E5%8A%A8tomcat/) 37 | 38 | * [How To Install Apache Tomcat 8 on Ubuntu 16.04](https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-ubuntu-16-04) 39 | 40 | * [Tomcat用普通用户身份运行](http://www.zhengdazhi.com/archives/1382) 41 | -------------------------------------------------------------------------------- /docs/docker/dockerfile/ENV.md: -------------------------------------------------------------------------------- 1 | 2 | # ENV 3 | 4 | `ENV`指令为镜像设置环境变量,将出现在构建阶段所有后续指令的环境中 5 | 6 | ## 语法 7 | 8 | 有`2`种实现方式 9 | 10 | ``` 11 | ENV 12 | ENV = ... 13 | ``` 14 | 15 | 第一种形式只能设置单个变量值,第一个空格后的整个字符串将被视为包含空白字符的变量值,如果使用引号字符需要转义 16 | 17 | 第二种形式可以设置多个键值对,对于空格,可以使用引号或者转义字符设置;可设多行,使用反斜杠结尾 18 | 19 | ``` 20 | ENV myName John Doe 21 | ENV myDog Rex The Dog 22 | ENV myCat fluffy 23 | # 两者等价 24 | ENV myName="John Doe" \ 25 | myDog=Rex\ The\ Dog \ 26 | myCat=fluffy 27 | ``` 28 | 29 | ## 命令行设置 30 | 31 | 可以在启动容器时使用标识符`-e, --env list`设置环境变量 32 | 33 | ``` 34 | $ docker run --env AUTH=zj --env AUTH2=zj2 -it --rm zjzstu/ubuntu:18.04 bash 35 | root@7d1a026785bf:/# echo $AUTH 36 | zj 37 | root@7d1a026785bf:/# echo $AUTH2 38 | zj2 39 | ``` 40 | 41 | ## 查询 42 | 43 | 除了在容器内查询外,还可以使用`docker inspect`查询环境变量 44 | 45 | ``` 46 | "Config": { 47 | ... 48 | ... 49 | "Env": [ 50 | "AUTH=zj", 51 | "AUTH2=zj2", 52 | "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 53 | ], 54 | ... 55 | ... 56 | }, 57 | ``` 58 | 59 | ## 相关阅读 60 | 61 | * [ENV](https://docs.docker.com/engine/reference/builder/#env) -------------------------------------------------------------------------------- /docs/penetration/花生壳.md: -------------------------------------------------------------------------------- 1 | 2 | # 花生壳 3 | 4 | [花生壳](https://b.oray.com/)是一款动态域名解析软件,通过它能够实现端口映射功能 5 | 6 | ## 安装 7 | 8 | 下载[安装包](https://hsk.oray.com/download/#linux),以`root`用户进行安装 9 | 10 | ``` 11 | # 切换为root 12 | $ sudo su 13 | # 安装 14 | $ dpkg -i phddns_3.0_x86_64.deb 15 | ``` 16 | 17 | 安装完成后会生成`SN`用户名和密码 18 | 19 | ![](./imgs/oray-login.png) 20 | 21 | ## `phddns`使用 22 | 23 | ``` 24 | # 当前版本 25 | $ phddns version 26 | # 当前状态 27 | $ phddns status 28 | 29 | # 启动 30 | $ phddns start 31 | # 重启 32 | $ phddns restart 33 | # 停止 34 | $ phddns stop 35 | # 重置 36 | $ phddns reset 37 | ``` 38 | 39 | ## 官网设置 40 | 41 | 登录[网站](https://b.oray.com/forward/),使用之前的生成的`SN`用户名和密码登录,默认会赠送一个域名 42 | 43 | 如果已注册过网站,先使用`SN`用户名和密码登录,然后选择`切换帐号`服务,将`SN`绑定到之前的帐号 44 | 45 | ![](./imgs/switch-account.png) 46 | 47 | 先购买体验版套餐,就可以设置端口映射 48 | 49 | ![](./imgs/port-setting.png) 50 | 51 | ### 添加映射不成功 52 | 53 | 问题:填写完内网`ip`/端口后,点击确定按钮提示不成功 54 | 55 | 解决:1. 确保客户端已启动;2. 使用`SN`用户名和密码登录 56 | 57 | ## 远程登录 58 | 59 | 花生壳同时提供了远程控制工具:[向日葵](https://sunlogin.oray.com/download/) 60 | 61 | ## 相关阅读 62 | 63 | * [如何进入学校内网?花生壳“内网穿透”服务帮上大忙](https://hsk.oray.com/news/6453.html) 64 | 65 | * [用花生壳实现访问局域网内的SVN](http://service.oray.com/question/5575.html) 66 | 67 | * [花生壳 3.0 for Linux 相关安装使用文档](http://service.oray.com/question/4287.html) -------------------------------------------------------------------------------- /docs/docker/basic/守护进程管理.md: -------------------------------------------------------------------------------- 1 | 2 | # 守护进程管理 3 | 4 | 使用命令`systemctl`或`service`实现`docker`守护进程的启动和关闭 5 | 6 | ## systemctl使用 7 | 8 | 查看`docker`状态 9 | 10 | ``` 11 | $ systemctl status docker 12 | ● docker.service - Docker Application Container Engine 13 | Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor preset: enabled) 14 | Active: inactive (dead) since 四 2019-09-19 19:13:51 CST; 3s ago 15 | Docs: https://docs.docker.com 16 | ... 17 | ... 18 | ``` 19 | 20 | 启动`docker` 21 | 22 | ``` 23 | $ systemctl start docker 24 | ``` 25 | 26 | 关闭`docker` 27 | 28 | ``` 29 | $ systemctl stop docker 30 | ``` 31 | 32 | ## service使用 33 | 34 | 查看`docker`状态 35 | 36 | ``` 37 | $ service docker status 38 | ● docker.service - Docker Application Container Engine 39 | Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor preset: enabled) 40 | Active: inactive (dead) since 四 2019-09-19 19:13:51 CST; 2min 51s ago 41 | Docs: https://docs.docker.com 42 | Main PID: 8263 (code=exited, status=0/SUCCESS) 43 | ... 44 | ... 45 | ``` 46 | 47 | 启动`docker` 48 | 49 | ``` 50 | $ service docker start 51 | ``` 52 | 53 | 关闭`docker` 54 | 55 | ``` 56 | $ service docker stop 57 | ``` 58 | 59 | ## 相关阅读 60 | 61 | * [Control Docker with systemd](https://docs.docker.com/config/daemon/systemd/) -------------------------------------------------------------------------------- /docs/docker/advanced/aliyun-镜像加速.md: -------------------------------------------------------------------------------- 1 | 2 | # [Aliyun]镜像加速 3 | 4 | 配置`阿里云镜像加速器`来加快远程镜像下载 5 | 6 | ## 查询加速地址 7 | 8 | 登录[容器镜像服务](https://cr.console.aliyun.com/cn-hangzhou/mirrors)控制台,选择左侧的`镜像加速器`,获取`加速器地址` 9 | 10 | ## `Ubuntu`配置 11 | 12 | 修改配置文件 13 | 14 | # 没有就新建该文件 15 | /etc/docker/daemon.json 16 | 17 | 添加 18 | 19 | { 20 | "registry-mirrors": [""] 21 | } 22 | 23 | ## 测试 24 | 25 | 重启`docker`服务 26 | 27 | $ sudo /etc/init.d/docker restart 28 | [ ok ] Restarting docker (via systemctl): docker.service. 29 | # 或者 30 | $ sudo systemctl daemon-reload 31 | $ sudo systemctl restart docker 32 | 33 | 查看是否已配置 34 | 35 | $ sudo docker info | grep "aliyun" 36 | https://ssws38gn.mirror.aliyuncs.com/ 37 | 38 | 测试命令 39 | 40 | $ sudo docker run -it ubuntu bash 41 | 42 | ## 后记 43 | 44 | 腾讯云以及一些国内高校同样提供了`docker`镜像加速,下载速度不好的试试不同的源地址可能会有帮助 45 | 46 | ## 相关阅读 47 | 48 | * [Aliyun Docker 镜像加速器](https://yq.aliyun.com/articles/29941) 49 | * [Tencent 安装 Docker 并配置镜像加速源](https://cloud.tencent.com/document/product/1207/45596?from=information.detail.%E8%85%BE%E8%AE%AF%E4%BA%91%E5%8A%A0%E9%80%9Fdocker) 50 | * [中科大 Docker CE 源使用帮助](https://mirrors.ustc.edu.cn/help/docker-ce.html) 51 | * [中科大 Docker Hub 源使用帮助](https://mirrors.ustc.edu.cn/help/dockerhub.html) -------------------------------------------------------------------------------- /docs/network/basic/DNS解析过程.md: -------------------------------------------------------------------------------- 1 | 2 | # DNS解析过程 3 | 4 | `DNS`解析过程就是将域名转换成`IP`地址的过程 5 | 6 | ## DNS简介 7 | 8 | `DNS`(`Domain Name System`,称为域名系统),是一种组织成域层次结构的计算机和网络服务命名系统,它作用于`TCP/IP`网络,所提供的服务是用来将主机名和域名转换为`IP`地址的工作 9 | 10 | ## 解析过程 11 | 12 | 浏览器从`URL`中解析出`host`字段后,依次按如下顺序进行查询: 13 | 14 | 1. 从浏览器缓存中查找是否有该域名对应的IP地址。如果没有访问过该域名或者缓存已清空,则使用第二步 15 | 2. 查询系统缓存,从`hosts`文件中查找是否存在该域名以及对应`IP`。如果不存在,使用第三步 16 | 3. 查询路由器缓存 17 | 18 | 以上`3`步均在`DNS`客户端完成,后续操作将请求域名服务器 19 | 20 | ## /etc/hosts 21 | 22 | `hosts`文件是`linux`系统中负责`ip`地址与域名快速解析的文件,`DNS`客户端首先查询缓存,然后查询`hosts`文件,最后查询`DNS`服务器 23 | 24 | `Ubuntu`中的文件地址为`/etc/hosts` 25 | 26 | ``` 27 | $ cat /etc/hosts 28 | 127.0.0.1 localhost 29 | 127.0.1.1 zj-ThinkPad-T470p 30 | 31 | # The following lines are desirable for IPv6 capable hosts 32 | ::1 ip6-localhost ip6-loopback 33 | fe00::0 ip6-localnet 34 | ff00::0 ip6-mcastprefix 35 | ff02::1 ip6-allnodes 36 | ff02::2 ip6-allrouters 37 | 38 | 0.0.0.0 account.jetbrains.com 39 | ``` 40 | 41 | 每行表示一条域名解析,其格式为 42 | 43 | ``` 44 | ip地址 主机名/域名 [主机别名] 45 | ``` 46 | 47 | ## 相关阅读 48 | 49 | * [面试官:讲讲DNS的原理?](https://zhuanlan.zhihu.com/p/79350395) 50 | 51 | * [DNS原理及解析过程详解](https://zhuanlan.zhihu.com/p/88260838) 52 | 53 | * [DNS解析全过程分析](https://www.cnblogs.com/kongtongshu/p/11069559.html) 54 | 55 | * [linux环境下/etc/hosts文件详解](https://www.jianshu.com/p/476a92a39b45) -------------------------------------------------------------------------------- /docs/docker/advanced/dockerignore.md: -------------------------------------------------------------------------------- 1 | 2 | # 编写.dockerignore 3 | 4 | `.dockerignore`的作用和`.gitignore`类似,用于忽略或指定哪些文件不被`ADD`或`COPY`指令操作 5 | 6 | ## 匹配规则 7 | 8 | 其文件匹配规则遵循[Go's func Match](https://golang.org/pkg/path/filepath/#Match) 9 | 10 | ![](./imgs/match_rule.png) 11 | 12 | 其中通配符有星号、问号以及中括号 13 | 14 | * 星号(`*`)表示匹配任何非分隔字符序列 15 | * 问号(`?`)表示匹配任何单个非分隔符字符 16 | * 中括号(`[`)表示匹配位于字符范围内的字符 17 | 18 | `Docker`还提供了一个特殊的通配符字符串`**`,用于匹配任何路径。比如`**/*.go`将匹配所有目录中以`.go`结尾的所有文件,包括生成上下文的根目录 19 | 20 | 以`#`开头的行被视为注释,不起作用 21 | 22 | 以`!`开头的匹配字符串表示指定匹配文件不被忽略 23 | 24 | ## 示例一 25 | 26 | `.dockerignore`文件内容如下: 27 | 28 | ``` 29 | # comment 30 | */temp* 31 | */*/temp* 32 | temp? 33 | ``` 34 | 35 | * 第一行是注释 36 | * 第二行表示忽略所有二级目录中以`temp`开头的文件 37 | * 第三行表示忽略所有三级目录中以`temp`开头的文件 38 | * 第四行表示忽略根目录中以`temp`开头,后跟一个字符的文件 39 | 40 | ## 示例二 41 | 42 | 使用感叹号`!`指定匹配文件不被忽略,还需要考虑其在`.dockerignore`文件中的使用位置 43 | 44 | ``` 45 | *.md 46 | !README.md 47 | ``` 48 | 49 | 除了`README.md`外的所有`.md`文件都被忽略 50 | 51 | ``` 52 | *.md 53 | !README*.md 54 | README-secret.md 55 | ``` 56 | 57 | 此时`README-secret.md`同样会被忽略 58 | 59 | ``` 60 | *.md 61 | README-secret.md 62 | !README*.md 63 | ``` 64 | 65 | 此时`README-secret.md`同样不会被忽略 66 | 67 | ## 示例三 68 | 69 | 可以通过`.dockerignore`文件忽略`Dockerfile`和`.dockerignore`文件。这些文件仍然被发送到守护进程,因为需要它们来完成工作。但是`ADD`和`COPY`指令不会将它们复制到镜像中 70 | 71 | ## 相关阅读 72 | 73 | * [.dockerignore file](https://docs.docker.com/engine/reference/builder/#dockerignore-file) -------------------------------------------------------------------------------- /docs/docker/storage/bind-propagation设置.md: -------------------------------------------------------------------------------- 1 | 2 | # [volume][bind mount]bind propagation设置 3 | 4 | 对于卷和绑定挂载而言,绑定传播(`bind propagation`)默认设置为`rprivate`。仅有`Linux`主机上的绑定挂载才能配置绑定传播 5 | 6 | ## 什么是绑定挂载 7 | 8 | 绑定传播是指在给定绑定挂载或命名卷中创建的挂载是否可以传播到该挂载的副本。考虑一个挂载点`/mnt`,同时挂载在`/tmp`上。绑定设置控制`/tmp/a`上的挂载是否也可以在`/mnt/a`上使用 9 | 10 | 每次传播设置都有一个递归对位(`recursive counterpoint`)。在递归的情况下,考虑`/tmp/a`也被挂载为`/foo`。传播设置控制是否存在`/mnt/a`和(或者)`/tmp/a` 11 | 12 | ## 选项 13 | 14 | ![](./imgs/propagation-options.png) 15 | 16 | * `shared`:原始挂载的子挂载点能够传播到副本挂载,反之即可 17 | * `slave`:类似于`share`,仅作用于一个方向。如果原始挂载新建了一个子文件,那么副本挂载可以查看,反之不行 18 | * `private`:挂载是私有的。原始挂载的子挂载无法传播给副本挂载,反之也不可行 19 | * `rshared`:作用和`shared`一样。传播功能扩展到任何嵌套的文件 20 | * `rslave`:作用和`slave`一样。传播功能扩展到任何嵌套的文件 21 | * `rprivate`:默认设置。作用和`private`一样。意味着没有挂载点可以在任一方向传播 22 | 23 | ## 示例 24 | 25 | 挂载主机的`target/`目录到容器的`/app`和`/app2`,设置第二个挂载点只读,同时设置绑定挂载设置为`rslave` 26 | 27 | 实现如下: 28 | 29 | ``` 30 | # 使用-v选项 31 | $ docker run -d \ 32 | -it \ 33 | --name devtest \ 34 | -v "$(pwd)"/target:/app \ 35 | -v "$(pwd)"/target:/app2:ro,rslave \ 36 | nginx:latest 37 | 38 | # 使用--mount选项 39 | $ docker run -d \ 40 | -it \ 41 | --name devtest \ 42 | --mount type=bind,source="$(pwd)"/target,target=/app \ 43 | --mount type=bind,source="$(pwd)"/target,target=/app2,readonly,bind-propagation=rslave \ 44 | nginx:latest 45 | ``` 46 | 47 | 当在`/app`中创建文件夹`foo`时,能够在`/app2`中出现 48 | 49 | ## 相关阅读 50 | 51 | * [Use bind mounts](https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation) -------------------------------------------------------------------------------- /docs/network/basic/路由器-交换机-集线器-中继器.md: -------------------------------------------------------------------------------- 1 | 2 | # 路由器、交换机、集线器、中继器 3 | 4 | 网络和主机之间的传输依赖于硬件支持,常用的信号传输设备有集线器、中继器、路由器和交换机 5 | 6 | ![](./imgs/device-structure.PNG) 7 | 8 | ## 路由器 9 | 10 | [路由器(Router)](https://baike.baidu.com/item/%E8%B7%AF%E7%94%B1%E5%99%A8)又称为网关设备(`Gateway`),用于连接多个逻辑上分开的网络,是连接互联网中各局域网和广域网的设备 11 | 12 | 路由操作在网络层进行,路由器属于网络层的互联设备 13 | 14 | ## 交换机 15 | 16 | [交换机(Switch)](https://baike.baidu.com/item/%E4%BA%A4%E6%8D%A2%E6%9C%BA)作用于数据链路层,通过`MAC`地址为接入交换机的任意两个节点提供独享的电信号通路,通常分为广域网交换机和局域网交换机 17 | 18 | ## 集线器 19 | 20 | [集线器(Hub)](https://baike.baidu.com/item/%E9%9B%86%E7%BA%BF%E5%99%A8)主要功能是对接收到的信号进行再生放大,以扩大网络传输距离。集线器工作在局域网环境,属于物理层的互联设备 21 | 22 | ## 中继器 23 | 24 | [中继器(RP repeater)](https://baike.baidu.com/item/%E4%B8%AD%E7%BB%A7%E5%99%A8)作用于物理层,其作用于两个同类网络的互联,主要功能是通过对数据信号的放大和转发,来扩大网络传输的距离 25 | 26 | ## FAQ 27 | 28 | **1. 路由器和交换机的区别?** 29 | 30 | 交换机根据`MAC`地址进行数据的传输和转发;而路由器根据`IP`地址进行数据的传输和转发 31 | 32 | 它们作用在网络体系结构中的不同层,交换机作用于数据链路层,路由器作用于网络层 33 | 34 | **2. 交换机和集线器的区别?** 35 | 36 | 集线器仅对物理电信号进行放大,发送数据没有目标,对所有节点进行广播 37 | 38 | 交换机根据数据头的`MAC`地址进行转发,不会影响其他节点 39 | 40 | 集线器作用于物理层,交换机作用于数据链路层 41 | 42 | **3. 集线器和中继器的区别?** 43 | 44 | 中继器仅有两个端口,仅起到连接作用 45 | 46 | 集线器有多个端口,除了再生放大信号其扩大网络距离外,还同时把所有节点集中在以它为中心的节点上,所有端口处于同一个冲突域,这样单条网络线路的故障不影响其他线路 47 | 48 | ## 相关阅读 49 | 50 | * [中继器](https://www.zhihu.com/topic/20138474/intro) 51 | * [如何跟小白解释路由器和交换机的区别?并且家用路由器充当了猫和路由器和交换机的功能吗?](https://www.zhihu.com/question/22007235/answer/402261894) 52 | * [集线器和交换机的区别?](https://www.zhihu.com/question/21782368/answer/31826769) 53 | -------------------------------------------------------------------------------- /flaskapps/fileserver/app.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | """ 4 | @date: 2024/11/9 下午9:25 5 | @file: app.py 6 | @author: zj 7 | @description: 8 | """ 9 | 10 | from flask import Flask, request, send_from_directory 11 | import os 12 | import argparse 13 | 14 | app = Flask(__name__) 15 | UPLOAD_FOLDER = 'uploads/' 16 | app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER 17 | 18 | if not os.path.exists(UPLOAD_FOLDER): 19 | os.makedirs(UPLOAD_FOLDER) 20 | 21 | 22 | @app.route('/upload', methods=['POST']) 23 | def upload_file(): 24 | if 'file' not in request.files: 25 | return 'No file part' 26 | file = request.files['file'] 27 | if file.filename == '': 28 | return 'No selected file' 29 | if file: 30 | filename = file.filename 31 | file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) 32 | return f"File {filename} has been uploaded." 33 | 34 | 35 | @app.route('/download/', methods=['GET']) 36 | def download_file(filename): 37 | return send_from_directory(app.config['UPLOAD_FOLDER'], filename, as_attachment=True) 38 | 39 | 40 | if __name__ == '__main__': 41 | parser = argparse.ArgumentParser(description="Run the Flask file server.") 42 | parser.add_argument('--port', type=int, default=5000, help="Port to run the server on (default: 5000)") 43 | parser.add_argument('--debug', action='store_true', help="Run the server in debug mode") 44 | args = parser.parse_args() 45 | 46 | app.run(port=args.port, debug=args.debug) 47 | -------------------------------------------------------------------------------- /docs/compose/compose安装.md: -------------------------------------------------------------------------------- 1 | 2 | # Compose安装 3 | 4 | ## 必要条件 5 | 6 | 需要先安装`Docker`,参考[Docker安装](../docker/basic/docker安装.md) 7 | 8 | ## 安装 9 | 10 | 下载`Compose`二进制文件到`/usr/local/bin` 11 | 12 | ``` 13 | $ sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose 14 | ``` 15 | 16 | **从官网上找到上面这一步,获取最新的版本** 17 | 18 | 授予可执行权限 19 | 20 | ``` 21 | $ sudo chmod +x /usr/local/bin/docker-compose 22 | ``` 23 | 24 | 测试是否安装成功 25 | 26 | ``` 27 | $ docker-compose version 28 | docker-compose version 1.24.1, build 4667896b 29 | docker-py version: 3.7.3 30 | CPython version: 3.6.8 31 | OpenSSL version: OpenSSL 1.1.0j 20 Nov 2018 32 | ``` 33 | 34 | ## 升级 35 | 36 | 如果正在从`Compose 1.2`或更早升级,删除或迁移升级后的现有容器。这是因为,在第`1.3`版中,`Compose`使用`Docker`标签来跟踪容器,并且需要重新创建容器来添加标签 37 | 38 | 如果`Compose`检测到没有标签创建的容器会拒绝运行。如果想继续使用现有的容器(例如,因为它们拥有要保存的数据卷),可以使用`Compose 1.5.x`以以下命令迁移它们: 39 | 40 | ``` 41 | docker-compose migrate-to-labels 42 | ``` 43 | 44 | 或者,如果你不担心保存它们,你可以移除它们。`Compose`只是创造新的 45 | 46 | ``` 47 | docker container rm -f -v myapp_web_1 myapp_db_1 ... 48 | ``` 49 | 50 | ## 卸载 51 | 52 | 如果使用`curl`安装,卸载方式如下: 53 | 54 | ``` 55 | sudo rm /usr/local/bin/docker-compose 56 | ``` 57 | 58 | 如果使用`pip`安装,卸载方式如下: 59 | 60 | ``` 61 | pip uninstall docker-compose 62 | ``` 63 | 64 | ### Got a “Permission denied” error? 65 | 66 | 如果使用上述任一方法时出现`Permission denied`错误,则可能没有删除`docker-compose`的适当权限。若要强制删除,将`sudo`置于上述任一命令的前面,然后再次运行 67 | 68 | ## 相关阅读 69 | 70 | * [Install Docker Compose](https://docs.docker.com/compose/install/) -------------------------------------------------------------------------------- /docs/docker/basic/可选设置.md: -------------------------------------------------------------------------------- 1 | 2 | # 可选设置 3 | 4 | 安装后可以配置以下步骤以进一步简化`docker`使用 5 | 6 | ## 以非root用户身份管理Docker 7 | 8 | `Docker`守护进程绑定到`Unix`套接字而不是`TCP`端口。默认情况下`Unix`套接字归`root`所有,其他用户只能使用`sudo`访问它。`Docker`守护进程始终作为根用户运行 9 | 10 | 可以创建一个`unix`组,名为`docker`,然后添加`home`用户到里面。当`docker`守护进程启动后会创建`Unix socket`访问`docker`组的成员 11 | 12 | 1. 创建`docker`组 13 | 14 | ``` 15 | $ sudo groupadd docker 16 | ``` 17 | 18 | 2. 添加用户到`docker`组 19 | 20 | ``` 21 | $ sudo usermod -aG docker $USER 22 | ``` 23 | 24 | 3. 注销并重新登录,以便重新评估组成员资格 25 | * 如果在虚拟机上测试,则需要重启虚拟机 26 | * 在桌面`Linux`环境(如`X Windows`)中,完全注销会话,然后重新登录 27 | * 在`Linux`上,还可以运行以下命令来激活对组的更改: 28 | 29 | $ newgrp docker 30 | 31 | 4. 使用`docker`命令验证: 32 | 33 | # 此命令下载测试镜像并在容器中运行它。当容器运行时,它会打印一条消息并退出 34 | $ docker run hello-world 35 | 36 | 如果在将用户添加到`Docker`组之前,最初使用`sudo`运行`Docker cli`命令可能会看到以下错误,这表明由于`sudo`命令的原因,`~/.docker/`目录是用不正确的权限创建的 37 | 38 | ``` 39 | WARNING: Error loading config file: /home/user/.docker/config.json - stat /home/user/.docker/config.json: permission denied 40 | ``` 41 | 42 | 要解决此问题,请删除`~/.docker/`目录(该目录将自动重新创建,但任何自定义设置都将丢失),或者使用以下命令更改其所有权和权限: 43 | 44 | ``` 45 | $ sudo chown "$USER":"$USER" /home/"$USER"/.docker -R 46 | $ sudo chmod g+rwx "$HOME/.docker" -R 47 | ``` 48 | 49 | ## 开机自启动 50 | 51 | 使用`systemctl`命令实现`docker`守护进程开机自启动 52 | 53 | ``` 54 | # 允许开机自启动 55 | $ sudo systemctl enable docker 56 | # 停止开机自启动 57 | $ sudo systemctl disable docker 58 | ``` 59 | 60 | ## 相关阅读 61 | 62 | * [Post-installation steps for Linux](https://docs.docker.com/install/linux/linux-postinstall/) -------------------------------------------------------------------------------- /docs/penetration/ngrok/ubuntu-service.md: -------------------------------------------------------------------------------- 1 | 2 | # Ubuntu Service实现 3 | 4 | 分别在服务器和客户端配置`ngrok service`服务 5 | 6 | ## 服务端 7 | 8 | 在`/opt/ngrok`目录内存放应用`ngrokd`及配置文件 9 | 10 | ``` 11 | ├── a.key 12 | ├── a.pem 13 | ├── ngrokd 14 | └── ngrokd.sh 15 | ``` 16 | 17 | 其中`ngrokd.sh`是脚本内容,用于启动`ngrokd` 18 | 19 | ``` 20 | #!/bin/bash 21 | 22 | cd /opt/ngrokd 23 | ./ngrokd -tlsKey=a.key -tlsCrt=a.pem -domain="xxx.xxx.xxx" -httpAddr=":xxxx" -httpsAddr=":xxxx" -tunnelAddr=":xxxx" 24 | ``` 25 | 26 | 在`/etc/systemd/system/`目录内编写`ngrokd.service`文件 27 | 28 | ``` 29 | [Unit] 30 | Description= Ngrok 31 | Documentation=https://github.com/inconshreveable/ngrok 32 | 33 | [Service] 34 | ExecStart=/bin/bash /opt/ngrokd/ngrokd.sh 35 | Type=simple 36 | KillMode=process 37 | Restart=no 38 | RestartSec=42s 39 | 40 | [Install] 41 | WantedBy=multi-user.target 42 | ``` 43 | 44 | ## 客户端 45 | 46 | 在`/opt/ngrok`目录内存放应用`ngrok`及配置文件 47 | 48 | ``` 49 | ├── ngrok 50 | ├── ngrok.cfg 51 | └── ngrok.sh 52 | ``` 53 | 54 | 其中`ngrok.sh`是脚本内容,用于启动`ngrok` 55 | 56 | ``` 57 | #!/bin/bash 58 | 59 | cd /opt/ngrok 60 | ./ngrok -config ngrok.cfg start-all 61 | ``` 62 | 63 | 在`/etc/systemd/system/`目录内编写`ngrok.service`文件 64 | 65 | ``` 66 | [Unit] 67 | Description= Ngrok 68 | Documentation=https://github.com/inconshreveable/ngrok 69 | 70 | [Service] 71 | ExecStart=/bin/bash /opt/ngrokd/ngrok.sh 72 | Type=simple 73 | KillMode=process 74 | Restart=no 75 | RestartSec=42s 76 | 77 | [Install] 78 | WantedBy=multi-user.target 79 | ``` 80 | 81 | ## 使用 82 | 83 | ``` 84 | # 重载service配置 85 | $ sudo systemctl daemon-reload 86 | # 启动 87 | $ sudo systemctl start ngrokd.service 88 | # 开机子启动 89 | $ sudo systemctl enable ngrokd.service 90 | ``` -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |
2 | 语言: 3 | 🇨🇳 4 | 5 | 6 |
7 | 8 |
9 | 10 |

11 | «Deploy»记录了远程连接/内网穿透/Web服务器/持续集成/容器/编排工具/编译工具的部署和使用 12 |
13 |
14 | 15 | 16 | 17 | 18 | Documentation Status 19 | 20 |

21 | 22 | ## 内容列表 23 | 24 | - [内容列表](#内容列表) 25 | - [主要维护人员](#主要维护人员) 26 | - [参与贡献方式](#参与贡献方式) 27 | - [许可证](#许可证) 28 | 29 | ## 主要维护人员 30 | 31 | * zhujian - *Initial work* - [zjykzj](https://github.com/zjykzj) 32 | 33 | ## 参与贡献方式 34 | 35 | 欢迎任何人的参与!打开[issue](https://github.com/ZJDoc/Deploy/issues)或提交合并请求。 36 | 37 | 注意: 38 | 39 | * `GIT`提交,请遵守[Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0-beta.4/)规范 40 | * 语义版本化,请遵守[Semantic Versioning 2.0.0](https://semver.org)规范 41 | * `README`编写,请遵守[standard-readme](https://github.com/RichardLitt/standard-readme)规范 42 | 43 | ## 许可证 44 | 45 | [Apache License 2.0](LICENSE) © 2021 zjykzj -------------------------------------------------------------------------------- /docs/docker/basic/docker定位.md: -------------------------------------------------------------------------------- 1 | 2 | # Docker定位 3 | 4 | 理解`Docker`工具以及容器、镜像等重要组成的概念 5 | 6 | ## Docker概念 7 | 8 | `Docker`是开发人员和系统管理员使用容器开发、部署和运行应用程序的平台。使用`Linux`容器部署应用程序称为容器化(`containerization`) 9 | 10 | 容器化有以下优点: 11 | 12 | 1. 灵活性(`flexible`):即使最复杂的应用也可以被容器化 13 | 2. 轻量级(`lightweight`):容器之间相互作用并共享主机内核 14 | 3. 可互换性(`interchangeable`):您可以动态部署更新和升级 15 | 4. 可移植性(`portable`):本地构建,云端部署,任意运行 16 | 5. 可伸缩性(`scalable`):可以增加并自动分发容器副本 17 | 6. 可堆叠(`stackable`):可以垂直和动态堆叠服务 18 | 19 | ![](./imgs/laurel-docker-containers.png) 20 | 21 | ## 镜像和容器 22 | 23 | 容器(`container`)通过运行镜像(`image`)来启动: 24 | 25 | * 镜像是一个可执行包,包含运行应用程序所需的所有内容 - 代码、运行时、库、环境变量和配置文件 26 | * 容器是一个镜像的运行时实例 - 映像在执行时在内存中的内容(即,具有状态的映像或用户进程)。可以使用命令`docker ps`查看正在运行的容器列表 27 | 28 | ## 容器和虚拟机 29 | 30 | * 容器在`Linux`上本地运行,与其他容器共享主机内核。它运行一个离散进程,占用的内存不比任何其他可执行文件多,因此它是轻量级 31 | * 虚拟机(`virtual machine, VM`)运行一个完整的`客户端`操作系统,通过虚拟机监控程序对主机资源进行虚拟访问。一般来说,`VM`资源比大多数应用程序需要的资源多 32 | 33 | ![](./imgs/Container@2x.png) 34 | 35 | ![](./imgs/VM@2x.png) 36 | 37 | ## 容器和CI/CD 38 | 39 | `docker`容器化的实现使得`CI/CD`可以无缝接轨: 40 | 41 | * 应用程序没有系统依赖 42 | * 可以将更新推送到分布式应用程序的任何部分 43 | * 可以优化资源密度 44 | 45 | ## 常用命令 46 | 47 | ``` 48 | ## List Docker CLI commands 49 | docker 50 | docker container --help 51 | 52 | ## Display Docker version and info 53 | docker --version 54 | docker version 55 | docker info 56 | 57 | ## Execute Docker image 58 | docker run hello-world 59 | 60 | ## List Docker images 61 | docker image ls 62 | 63 | ## List Docker containers (running, all, all in quiet mode) 64 | docker container ls 65 | docker container ls --all 66 | docker container ls -aq 67 | ``` 68 | 69 | ## 相关阅读 70 | 71 | * [Get Started, Part 1: Orientation and setup](https://docs.docker.com/get-started/) -------------------------------------------------------------------------------- /docs/compose/文件格式概述.md: -------------------------------------------------------------------------------- 1 | 2 | # 文件格式概述 3 | 4 | 之前配置完`Dockerfile`文件后,通过命令进行构建(`build`)和运行(`run`)。除此之外,`docker`提供了工具`docker-compose`来辅助容器编排,通过`docker-compose.yml`文件进行配置 5 | 6 | *`docker-compose`文件格式涉及诸多参数和设置,当前仅学习使用到的功能,之后再逐步更新* 7 | 8 | ## 文件概述 9 | 10 | 示例`docker-compose.yml`文件如下: 11 | 12 | ``` 13 | version: "3.7" 14 | services: 15 | 16 | redis: 17 | image: redis:alpine 18 | ports: 19 | - "6379" 20 | networks: 21 | - frontend 22 | deploy: 23 | replicas: 2 24 | update_config: 25 | parallelism: 2 26 | delay: 10s 27 | restart_policy: 28 | condition: on-failure 29 | 30 | db: 31 | image: postgres:9.4 32 | volumes: 33 | - db-data:/var/lib/postgresql/data 34 | networks: 35 | - backend 36 | deploy: 37 | placement: 38 | constraints: [node.role == manager] 39 | 40 | networks: 41 | frontend: 42 | backend: 43 | 44 | volumes: 45 | db-data: 46 | ``` 47 | 48 | `compose`文件包含了`4`个顶级键: 49 | 50 | 1. `version`:指定文件规范版本 51 | 2. [services](https://docs.docker.com/compose/compose-file/#service-configuration-reference):指定要操作的容器 52 | 3. [networks](https://docs.docker.com/compose/compose-file/#network-configuration-reference):指定共用的网络配置 53 | 4. [volumes](https://docs.docker.com/compose/compose-file/#volume-configuration-reference):指定共用的存储配置 54 | 55 | 在顶级键下面指定了要配置的章节,在章节下面按`: