├── fedroa ├── README.md ├── google_signing_key.pub └── first_do.sh ├── python ├── README.md └── tab.py ├── redis ├── README.md ├── redis └── redis.conf ├── init ├── README.md └── init.sh ├── mha ├── mha.png ├── MHA-components.png ├── MHA-architecture.png ├── mha4mysql-node-0.56.tar.gz ├── mha4mysql-manager-0.56.tar.gz ├── mha4mysql-node-0.56-0.el5.noarch.rpm ├── mha4mysql-node-0.56-0.el6.noarch.rpm ├── mha4mysql-manager-0.56-0.el5.noarch.rpm ├── mha4mysql-manager-0.56-0.el6.noarch.rpm └── README.md ├── AAAA ├── 2014052615432386.jpg └── README.md ├── haproxy ├── haproxy-pmode.png ├── haproxy.cfg └── README.md ├── mysql ├── mysql-replication.jpg ├── cmake_mariadb.sh └── README.md ├── README.md ├── zsh ├── README.md └── person ├── php └── README.md ├── docker ├── openldap │ └── docker-compose.yml └── README.md ├── capistrano └── README.md ├── keepalived ├── keepalived.conf └── README.md ├── git ├── gogs.md ├── install.sh └── README.md ├── rundeck └── README.md ├── fileSystem └── nfs.md ├── cobbler └── README.md ├── vagrant └── Vagrantfile ├── ubuntu ├── config ├── get-fonts.sh ├── README.md └── dircolors ├── jenkins └── jenkins-integration-openldap.md ├── nginx ├── install.tengine ├── nginx.conf └── README.md ├── varnish ├── README.md └── default.vcl ├── kvm └── README.md └── mystar └── README.md /fedroa/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /python/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /redis/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /init/README.md: -------------------------------------------------------------------------------- 1 | init.sh 2 | ======= 3 | 加固系统,提高安全性 4 | -------------------------------------------------------------------------------- /mha/mha.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha.png -------------------------------------------------------------------------------- /mha/MHA-components.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/MHA-components.png -------------------------------------------------------------------------------- /mha/MHA-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/MHA-architecture.png -------------------------------------------------------------------------------- /AAAA/2014052615432386.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/AAAA/2014052615432386.jpg -------------------------------------------------------------------------------- /haproxy/haproxy-pmode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/haproxy/haproxy-pmode.png -------------------------------------------------------------------------------- /mysql/mysql-replication.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mysql/mysql-replication.jpg -------------------------------------------------------------------------------- /mha/mha4mysql-node-0.56.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha4mysql-node-0.56.tar.gz -------------------------------------------------------------------------------- /mha/mha4mysql-manager-0.56.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha4mysql-manager-0.56.tar.gz -------------------------------------------------------------------------------- /mha/mha4mysql-node-0.56-0.el5.noarch.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha4mysql-node-0.56-0.el5.noarch.rpm -------------------------------------------------------------------------------- /mha/mha4mysql-node-0.56-0.el6.noarch.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha4mysql-node-0.56-0.el6.noarch.rpm -------------------------------------------------------------------------------- /mha/mha4mysql-manager-0.56-0.el5.noarch.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha4mysql-manager-0.56-0.el5.noarch.rpm -------------------------------------------------------------------------------- /mha/mha4mysql-manager-0.56-0.el6.noarch.rpm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yotoobo/linux/HEAD/mha/mha4mysql-manager-0.56-0.el6.noarch.rpm -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | config 2 | ====== 3 | 4 | 这里存档着我在使用linux中所用到的东西,希望对大家有所帮助! 5 | 这些文档有我自己写的,更多的却是网络上大家所分享出来的,望linux的自由与分享精神长存! 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /python/tab.py: -------------------------------------------------------------------------------- 1 | #encoding:utf-8 2 | #python tab 补齐 3 | import sys 4 | import readline 5 | import rlcompleter 6 | import atexit 7 | import os 8 | 9 | readline.parse_and_bind('tab: complete') 10 | histfile = os.path.join(os.environ['HOME'], '.pythonhistory') 11 | -------------------------------------------------------------------------------- /zsh/README.md: -------------------------------------------------------------------------------- 1 | ## easy use 2 | ``` 3 | sudo apt-get install git zsh 4 | sudo chsh -s /bin/zsh 5 | git clone git://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh 6 | cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc 7 | ``` 8 | 9 | # use autojump 10 | ``` 11 | sudo apt-get install autojump 12 | git clone https://github.com/joelthelion/autojump.git 13 | python autojump/install.py 14 | 根据提示完成安装 15 | ``` 16 | -------------------------------------------------------------------------------- /AAAA/README.md: -------------------------------------------------------------------------------- 1 | ## 运维跳板机 2 | * AAAA认证即: 3 | 统一用户账号(Account) 4 | 统一认证(Authentication) 5 | 统一授权(Authorization) 6 | 统一安全审计(Audit) 7 | 8 | * 使用开源软件实现AAAA认证系统 9 | openldap(管理用户信息,实现资源访问控制)+Kerberos(网络鉴权)+google authenticator(二次认证)+bash(修改源码,实现远程用户的操作日志记录) 10 | Kerberos 11 | google-authentication 12 | 13 | * 工作图 14 | ![work](https://github.com/yotoobo/linux/blob/master/%E8%BF%90%E7%BB%B4%E8%B7%B3%E6%9D%BF%E6%9C%BA/2014052615432386.jpg) 15 | 16 | 17 | -------------------------------------------------------------------------------- /php/README.md: -------------------------------------------------------------------------------- 1 | ## 更合理的运用PHP 2 | _安装_ 3 | * 源码编译,最小化安装! 4 | 5 | _修改php.ini_ 6 | * disable_functions 7 | * memory_limit 8 | * register_globals = Off 9 | * upload_max_filesize 10 | * max_execution_time 11 | * error_log 12 | 13 | _修改php-fpm_ 14 | * 使用多个进程池 15 | * 采用socket连接 16 | * pm = static 17 | 18 | ## 参考 19 | * [优化杂谈](http://huoding.com/2014/12/25/398) 20 | * [PHP – Best Practises](http://thisinterestsme.com/php-best-practises/) 21 | -------------------------------------------------------------------------------- /zsh/person: -------------------------------------------------------------------------------- 1 | # the terminator config 2 | if [ -f `which terminator` ];then 3 | if [ -x /usr/bin/dircolors ]; then 4 | test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" 5 | fi 6 | fi 7 | 8 | # jdk 9 | if [ -d '/usr/java/jdk' ];then 10 | JAVA_HOME=/usr/java/jdk 11 | export JAVA_HOME 12 | export CLASSPATH=.:JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar 13 | PATH=$PATH:$HOME/bin:$JAVA_HOME/bin 14 | fi 15 | 16 | 17 | # alias 18 | alias vi=vim 19 | alias cl=clear 20 | alias gs='git status' 21 | -------------------------------------------------------------------------------- /docker/openldap/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.2' 2 | 3 | services: 4 | openldap: 5 | image: osixia/openldap:1.3.0 6 | ports: 7 | - "389:389" 8 | - "636:636" 9 | environment: 10 | - LDAP_TLS=false 11 | container_name: "openldap" 12 | restart: always 13 | 14 | phpldap: 15 | image: osixia/phpldapadmin:0.9.0 16 | ports: 17 | - "10080:80" 18 | environment: 19 | - PHPLDAPADMIN_LDAP_HOSTS=openldap 20 | - PHPLDAPADMIN_HTTPS=false 21 | container_name: "phpldap" 22 | restart: always 23 | -------------------------------------------------------------------------------- /capistrano/README.md: -------------------------------------------------------------------------------- 1 | * Capistrano 2 | [rubygems](https://rubygems.org/gems/capistrano/versions/2.15.5) 3 | [github](https://github.com/capistrano/capistrano) 4 | 5 | * Install Capistrano 6 | 依赖环境 7 | ```yum install git svn mercurial``` 8 | [构建ruby环境](https://ruby-china.org/wiki/install_ruby_guide) 9 | 安装Capistrano 10 | ```gem install capistrano -v 2.15.5``` 11 | 12 | * capfile 13 | [示例](https://ruby-china.org/wiki/capistrano-2_x-getting-started) 14 | 15 | * 文档 16 | [capistrano info](http://www.rubydoc.info/gems/capistrano/2.15.5) 17 | -------------------------------------------------------------------------------- /keepalived/keepalived.conf: -------------------------------------------------------------------------------- 1 | ! Configuration File for keepalived 2 | 3 | global_defs { 4 | notification_email { 5 | } 6 | } 7 | 8 | vrrp_script chk_Haproxy { 9 | script "/path/to/sh" 10 | interval 1 11 | weight -2 12 | } 13 | 14 | 15 | vrrp_instance Haproxy { 16 | state MASTER 17 | interface eth0 18 | virtual_router_id 51 19 | priority 100 20 | advert_int 1 21 | authentication { 22 | auth_type PASS 23 | auth_pass 1111 24 | } 25 | 26 | virtual_ipaddress { 27 | vip 28 | } 29 | 30 | track_script { 31 | chk_Haproxy 32 | } 33 | } 34 | 35 | -------------------------------------------------------------------------------- /git/gogs.md: -------------------------------------------------------------------------------- 1 | ### Gogs 2 | 3 | 一款极易搭建的自助 Git 服务 : 4 | 5 | - 易安装 6 | - 开源 7 | - 轻量级 8 | 9 | ### 部署 10 | 11 | 在虚拟机(IP:192.168.148.132)中使用 docker 命令安装 : 12 | 13 | `docker run -d --name gogs -p 10022:22 -p 10081:3000 -v $PWD/gogs:/data gogs/gogs` 14 | 15 | 打开浏览器,访问 **http://182.168.148.132:10081** . 16 | 17 | 1. 为了简单,这里使用 SQLite3 数据库: 18 | 19 | ![](https:/img.pycoder.org/blog/20200202193557.png) 20 | 21 | 2. 修改域名及应用 URL: 22 | 23 | ![](https:/img.pycoder.org/blog/20200202193949.png) 24 | 25 | 3. 添加管理员账号: 26 | 27 | ![](https:/img.pycoder.org/blog/20200202194058.png) 28 | 29 | 其他配置直接默认即可,点击立即安装。 30 | -------------------------------------------------------------------------------- /keepalived/README.md: -------------------------------------------------------------------------------- 1 | ## What's Keepalived 2 | **Keepalived** 是一款路由软件。它的主要目标就是解决单点故障,确保服务高可用。而且它还可以做服务器群的健康监测,自动 3 | 剔除群中的故障机器,待其服务可用时,在添加到群中。 4 | 5 | ## 文档 6 | * [官方文档](http://www.keepalived.org/documentation.html) 7 | * [VRRP协议](http://bbs.nanjimao.com/thread-790-1-1.html) 8 | * [Keepalived原理与实战精讲](http://bbs.nanjimao.com/thread-845-1-1.html) 9 | * [keepalived工作原理和配置说明](http://outofmemory.cn/wiki/keepalived-configuration) 10 | 11 | ## 应用场景 12 | * LVS+Keepalived 13 | * Nginx+Keepalived 14 | * HAProxy+Keepalived 15 | 16 | ## 故障排查 17 | 1. 关闭防火墙 18 | 2. 查看message 19 | 3. 配置文件是否正确?因为那怕文件错了,keepalived也可以正常启动。 20 | 21 | -------------------------------------------------------------------------------- /rundeck/README.md: -------------------------------------------------------------------------------- 1 | ### rundeck 2 | 3 | * 测试环境 4 | centos 6.5 x86_64 5 | jre 1.7 6 | rundeck-version 2.5.1 7 | 8 | * install rundeck 9 | Installing with yum 10 | ``` 11 | rpm -Uvh http://repo.rundeck.org/latest.rpm 12 | yum install rundeck 13 | service rundeckd start 14 | ``` 15 | Installing with Launcher 16 | ``` 17 | #download launcher jar file to $RDECK_BASE 18 | export RDECK_BASE="path/to/rundeck" 19 | mkdir $RDECK_BASE 20 | cd $RDECK_BASE 21 | java -XX:MaxPermSize=256m -Xmx1024m -jar rundeck-launcher-2.5.1.jar 22 | ``` 23 | 24 | * 账户 25 | 添加新用户 26 | ``` 27 | cd $RDECK_BASE 28 | java -cp server/lib/jetty-all-7.6.0.v20120127.jar org.eclipse.jetty.util.security.Password user passwd 29 | #此时会输出原密码和加密后的密码,此处采用的是md5加密 30 | echo "user:MD5:xxxxxx,admin" >> server/config/realm.properties 31 | ``` 32 | -------------------------------------------------------------------------------- /mysql/cmake_mariadb.sh: -------------------------------------------------------------------------------- 1 | # 2 | yum -y install ncurses-devel cmake 3 | 4 | #install jemalloc 5 | wget http://www.canonware.com/download/jemalloc/jemalloc-3.6.0.tar.bz2 6 | tar jxf jemalloc-3.6.0.tar.bz2 7 | cd jemalloc-3.6.0 8 | ./configure 9 | make 10 | make install 11 | echo '/usr/local/lib' > /etc/ld.so.conf.d/local.conf 12 | ldconfig 13 | 14 | #install mariadb for source 15 | wget http://mirrors.neusoft.edu.cn/mariadb/mariadb-5.5.40/source/mariadb-5.5.40.tar.gz 16 | tar zxf mariadb-5.5.40.tar.gz 17 | cd mariadb-5.5.40 18 | cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mariadb55 -DMYSQL_DATADIR=/home/data/mysql \ 19 | -DWITH_READLINE=on -DCMAKE_EXE_LINKER_FLAGS="-ljemalloc" -DWITH_SAFEMALLOC=OFF \ 20 | -DWITH_XTRADB_STORAGE_ENGINE=1 \ 21 | -DWITH_INNOBASE_STORAGE_ENGINE=1 \ 22 | -DWITH_PARTITION_STORAGE_ENGINE=1 \ 23 | -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ 24 | -DWITH_MYISAM_STORAGE_ENGINE=1 \ 25 | -DWITH_XTRADB_STORAGE_ENGINE=1 \ 26 | -DWITH_SPHINX_STORAGE_ENGINE=1 \ 27 | -DWITH_ZLIB=bundled \ 28 | -DWITH_SSL=bundled \ 29 | -DENABLED_LOCAL_INFILE=1 \ 30 | -DWITH_EXTRA_CHARSETS=all \ 31 | -DDEFAULT_CHARSET=utf8 \ 32 | -DDEFAULT_COLLATION=utf8_general_ci \ 33 | -DWITH_DEBUG=0 34 | make 35 | make install 36 | cd support-files/ 37 | cp mysql.server /etc/init.d/mysql 38 | chmod u+x /etc/init.d/mysql 39 | cp my-innodb-heavy-4G.cnf /etc/my.cnf 40 | -------------------------------------------------------------------------------- /fileSystem/nfs.md: -------------------------------------------------------------------------------- 1 | # 网络文件系统 2 | 3 | 网络文件系统(NFS) 是一个简单易用的集中存储,它允许远程主机挂载指定分区。 4 | 5 | ## 安装 NFS 6 | 7 | - 系统: Centos7 以上 8 | 9 | - 安装软件包 10 | 11 | ```shell 12 | sudo yum install -y nfs-utils rpcbind 13 | sudo systemctl enable nfs 14 | sudo systemctl enable rpcbind 15 | sudo systemctl start nfs 16 | sudo systemctl start rpcbind 17 | ``` 18 | 19 | - NFS 结构 20 | 主要配置文件:/etc/exports 21 |  配置挂载属主:/etc/idmapd.conf 22 | 维护指令:/usr/sbin/exportfs 23 | 维护指令:/usr/sbin/showmount 24 | 25 | ## 配置 NFS 共享目录 26 | 27 | 共享目录都要通过修改文件 **/etc/exports** 。 28 | 29 | 例如: 30 | 31 | ```txt 32 | directory1 machine1(option11,option12) 33 | machine2(option13,option14) 34 | directory2 machine1(option21,option22) 35 | ``` 36 | 37 | 其中,常用的 **optionXX** 有: 38 | 39 | - ro:只读 40 | - rw:可读写 41 | - no_root_squash 42 | - no_subtree_check 43 | - sync 44 | - async 45 | 46 | 例如允许 /tmp 目录开放给所有远程主机,并且可读写: 47 | 48 | ```txt 49 | /tmp *(rw) 50 | ``` 51 | 52 | ## Firewalld 53 | 54 | 如果网络确保安全,可以直接关闭,不然还是配置防火墙规则: 55 | 56 | ```shell 57 | firewall-cmd --permanent --add-service=nfs 58 | firewall-cmd --permanent --add-service=mountd 59 | firewall-cmd --permanent --add-service=rpc-bind 60 | firewall-cmd --reload 61 | ``` 62 | 63 | ## 挂载 64 | 65 | 使用 **mount** 指令进行挂载: 66 | 67 | ```shell 68 | mkdir /path/to/dir 69 | mount -t nfs :/directory1 /path/to/dir 70 | ``` 71 | 72 | > Note 73 | > 在配置挂载属主时,要保证用户的UID,GID一致。 74 | -------------------------------------------------------------------------------- /cobbler/README.md: -------------------------------------------------------------------------------- 1 | * 安装cobbler 2 | on centos6/rhel6, 3 | ``` 4 | rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 5 | yum -y install cobbler fence-agents pykickstart dnsmasq 6 | chkconfig cobblerd on 7 | chkconfig httpd on 8 | chkconfig dnsmasq on 9 | service cobblerd start 10 | service httpd start 11 | ``` 12 | 其中配置文件在/etc/cobbler/,其余文件在/var/{lib|www}/cobbler 13 | 14 | * 修改配置文件 15 | ``` 16 | vi /etc/cobbler/setting 17 | 修改内容如下 18 | manage_dhcp:1 19 | manage_dns:1 20 | manage_tftpd:1 21 | restart_dhcp:1 22 | restart_dns:1 23 | pxe_just_once:1 24 | next_server:<服务器的 IP 地址> 25 | server:<服务器的 IP 地址 26 | default_password_crypted: "use openssl passwd -1" 27 | ``` 28 | 29 | * 采用dnsmasq提供dns和dhcp服务 30 | ``` 31 | vi /etc/cobbler/modules.conf 32 | 修改内容如下 33 | [dns] 34 | module = manage_dnsmasq 35 | [dhcp] 36 | module = manage_dnsmasq 37 | [tftpd] 38 | module = manage_in_tftpd 39 | 40 | vi /etc/cobbler/dnsmasq.template 41 | 修改内容如下 42 | dhcp-range=起始IP,终止IP 43 | ``` 44 | 45 | * 更新cobbler 46 | ``` 47 | service cobblerd restart 48 | cobbler check 49 | cobbler sync 50 | ``` 51 | 52 | * 安装Centos6.5 53 | 导入安装文件 54 | ``` 55 | mount -t iso9660 -o loop,ro ~/CentOS-6.5-x86_64-bin-DVD1.iso /mnt/ 56 | cobbler import --name=centos6.5 --arch=x86_64 --path=/mnt/ 57 | cobbler distro report 58 | cobbler profile report 59 | ``` 60 | 61 | * 创建配置文件 62 | -------------------------------------------------------------------------------- /vagrant/Vagrantfile: -------------------------------------------------------------------------------- 1 | # The base box is on centos6 X86_64 2 | 3 | Vagrant.configure(2) do |config| 4 | 5 | config.vm.box = "base" 6 | 7 | config.vm.provider "virtualbox" do |v| 8 | v.memory = "380" 9 | v.cpus = "2" 10 | end 11 | 12 | config.vm.define :ansible do |a1| 13 | a1.vm.hostname = "ansible" 14 | a1.vm.network :private_network, ip: "10.10.1.254" 15 | # config.vm.network "forwarded_port", guest: 80, host: 8080 16 | a1.vm.provision "shell", inline: <<-SHELL 17 | sudo yum install ansible -y 18 | SHELL 19 | end 20 | 21 | config.vm.define :w1 do |w1| 22 | w1.vm.hostname = "www-1" 23 | w1.vm.network :private_network, ip: "10.10.1.2" 24 | # config.vm.network "forwarded_port", guest: 80, host: 8080 25 | end 26 | config.vm.define :w2 do |w2| 27 | w2.vm.hostname = "www-2" 28 | w2.vm.network :private_network, ip: "10.10.1.3" 29 | # config.vm.network "forwarded_port", guest: 80, host: 8080 30 | end 31 | 32 | # Enable provisioning with a shell script. Additional provisioners such as 33 | # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the 34 | # documentation for more information about their specific syntax and use. 35 | config.vm.provision "shell", inline: <<-SHELL 36 | cat /vagrant/id_rsa.pub >> /home/vagrant/.ssh/authorized_keys 37 | sudo rm /etc/localtime 38 | sudo ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 39 | SHELL 40 | end 41 | -------------------------------------------------------------------------------- /init/init.sh: -------------------------------------------------------------------------------- 1 | #/bin/bash 2 | 3 | ################ 4 | # # 5 | # name:zhiliang ########## 6 | # email:yotoobo@gmail.com # 7 | # # 8 | ########################### 9 | 10 | #It's test OK for Centos6.4 11 | #check user 12 | if [ `id -u` -ne 0 ];then 13 | echo "Sorry,please use root to do it" 14 | exit 15 | fi 16 | 17 | #variables 18 | read -p "Please input some other name for you,because root will be control ..." NAME 19 | 20 | echo "Creating /root/passwd.txt ...... " 21 | cat /dev/urandom |strings -n 12|head -12 > /root/passwd.txt 22 | sed -i "s/ //g" /root/passwd.txt 23 | echo "It's Ok, please be careful" 24 | 25 | read -p "Input a port number that for ssh,the range is 1024 < number < 65535" PORT 26 | 27 | #read -p "" 28 | 29 | #disable selinux 30 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config 31 | 32 | #services 33 | function SERVICE () { 34 | sed -i "s/#Port 22/Port $PORT" /etc/sshd/sshd_config 35 | sed -i "s/#PermitRootLogin yes/PermitRootLogin no/" /etc/sshd/sshd_config 36 | cat "AllowUsers $NAME" >> /etc/sshd/sshd_config 37 | } 38 | 39 | #iptables 40 | function IPTABLES (){ 41 | iptables -F 42 | iptables -X 43 | 44 | iptables -A INPUT -p tcp --dport $PORT -j ACCEPT 45 | 46 | iptables -P INPUT DROP 47 | iptables -P FORWARD DROP 48 | iptables -P OUTPUT ACCEPT 49 | 50 | iptables -A INPUT -i lo -j ACCEPT 51 | 52 | service iptables save 53 | 54 | } 55 | 56 | # 57 | function USER { 58 | 59 | } 60 | 61 | -------------------------------------------------------------------------------- /ubuntu/config: -------------------------------------------------------------------------------- 1 | [global_config] 2 | title_transmit_bg_color = "#d30102" 3 | focus = system 4 | suppress_multiple_term_dialog = True 5 | [keybindings] 6 | [profiles] 7 | [[default]] 8 | palette = "#073642:#dc322f:#859900:#b58900:#268bd2:#d33682:#2aa198:#eee8d5:#002b36:#cb4b16:#586e75:#657b83:#839496:#6c71c4:#93a1a1:#fdf6e3" 9 | copy_on_selection = True 10 | background_image = None 11 | background_darkness = 0.95 12 | background_type = transparent 13 | use_system_font = False 14 | cursor_color = "#eee8d5" 15 | foreground_color = "#839496" 16 | show_titlebar = False 17 | font = Monospace 11 18 | background_color = "#002b36" 19 | [[solarized-dark]] 20 | palette = "#073642:#dc322f:#859900:#b58900:#268bd2:#d33682:#2aa198:#eee8d5:#002b36:#cb4b16:#586e75:#657b83:#839496:#6c71c4:#93a1a1:#fdf6e3" 21 | background_color = "#002b36" 22 | background_image = None 23 | cursor_color = "#eee8d5" 24 | foreground_color = "#839496" 25 | [[solarized-light]] 26 | palette = "#073642:#dc322f:#859900:#b58900:#268bd2:#d33682:#2aa198:#eee8d5:#002b36:#cb4b16:#586e75:#657b83:#839496:#6c71c4:#93a1a1:#fdf6e3" 27 | background_color = "#fdf6e3" 28 | background_image = None 29 | cursor_color = "#002b36" 30 | foreground_color = "#657b83" 31 | [layouts] 32 | [[default]] 33 | [[[child1]]] 34 | type = Terminal 35 | parent = window0 36 | profile = default 37 | [[[window0]]] 38 | type = Window 39 | parent = "" 40 | [plugins] 41 | -------------------------------------------------------------------------------- /haproxy/haproxy.cfg: -------------------------------------------------------------------------------- 1 | # this config needs haproxy-1.1.28 or haproxy-1.2.1 2 | 3 | global 4 | log 127.0.0.1 local0 5 | log 127.0.0.1 local1 notice 6 | #log 127.0.0.1 local1 notice 7 | #log loghost local0 info 8 | 9 | maxconn 10240 10 | chroot /usr/share/haproxy 11 | uid 99 12 | gid 99 13 | daemon 14 | nbproc 1 15 | #debug 16 | #quiet 17 | 18 | defaults 19 | log global 20 | mode http 21 | option httplog 22 | option dontlognull 23 | log 127.0.0.1 local3 24 | retries 3 25 | option redispatch 26 | maxconn 10240 27 | 28 | timeout check 1s 29 | timeout http-request 10s 30 | timeout queue 1m 31 | timeout connect 10s 32 | timeout client 1m 33 | timeout server 1m 34 | timeout http-keep-alive 30s 35 | 36 | listen stats 37 | mode http 38 | #bind 0.0.0.0:8090 39 | stats enable 40 | stats refresh 30s 41 | stats uri /stats 42 | stats realm baison-test-Haproxy 43 | stats auth admin:admin 44 | stats admin if TRUE 45 | stats hide-version 46 | 47 | frontend allen 48 | bind *:80 49 | mode http 50 | option httpclose 51 | option forwardfor 52 | 53 | acl url_static path_end -i .html .jpg .gif .png 54 | acl url_dynamic path_end -i .php 55 | acl url_thinkphp hdr_beg(host) -i localhost 56 | 57 | default_backend webservers 58 | use_backend dynamic if url_dynamic 59 | use_backend weba if url_thinkphp 60 | 61 | backend webservers 62 | balance roundrobin 63 | server web1 IP:80 check rise 2 fall 1 weight 2 64 | server web2 IP:80 check rise 2 fall 1 weight 2 65 | 66 | backend dynamic 67 | balance source 68 | server lamp IP:80 check rise 2 fall 1 69 | 70 | backend weba 71 | balance roundrobin 72 | server web1 IP:80 check rise 2 fall 1 weight 2 73 | 74 | 75 | -------------------------------------------------------------------------------- /git/install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | function end() { 4 | if [ $? -eq 1 ];then 5 | exit 0 6 | fi 7 | } 8 | 9 | function first() { 10 | if [ -f `which yum` ];then 11 | yum -y install curl-devel expat-devel gettext-devel openssl-devel zlib-devel wget unzip 12 | elif [ -f `which apt-get` ];then 13 | apt-get install libcurl4-gnutls-dev libexpat1-dev gettext libz-dev libssl-dev wget unzip 14 | else 15 | echo "Sorry,this script only working on Ubuntu or Centos ..." 16 | fi 17 | 18 | } 19 | 20 | function install() { 21 | first 22 | cd ~/ 23 | wget https://github.com/git/git/archive/master.zip 24 | if [ $? -eq 0 ];then 25 | unzip -q master.zip 26 | cd git-master 27 | make prefix=/usr/local all 28 | make prefix=/usr/local install 29 | 30 | cd contrib/completion/ 31 | MYSHELL=`echo $SHELL |awk -F/ '{print $NF}'` 32 | cp git-completion.$MYSHELL ~/.git-completion.$MYSHELL 33 | echo "Please enter your real username and password for github to ~/.netrc " 34 | echo "machine github.com login your-username password your-passwork" >> ~/.netrc 35 | 36 | cd ~/ 37 | rm -fr git-master 38 | else 39 | echo "Sorry,the file is not download OK !" 40 | exit 0 41 | fi 42 | 43 | } 44 | 45 | function update() { 46 | [ -d ~/git ] || git clone https://github.com/git/git ~/git 47 | cd ~/git 48 | git pull 49 | make prefix=/usr/local all 50 | make prefix=/usr/local install 51 | make clean 52 | } 53 | 54 | echo "Please enter the num. 55 | 1.Install git 2.Update git ..." 56 | read NUM 57 | 58 | if [ $NUM -eq 1 ];then 59 | install 60 | fi 61 | if [ $NUM -eq 2 ];then 62 | update 63 | fi 64 | 65 | #use git 66 | echo "show the git version" 67 | git --version 68 | 69 | 70 | -------------------------------------------------------------------------------- /fedroa/google_signing_key.pub: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1.4.2.2 (GNU/Linux) 3 | 4 | mQGiBEXwb0YRBADQva2NLpYXxgjNkbuP0LnPoEXruGmvi3XMIxjEUFuGNCP4Rj/a 5 | kv2E5VixBP1vcQFDRJ+p1puh8NU0XERlhpyZrVMzzS/RdWdyXf7E5S8oqNXsoD1z 6 | fvmI+i9b2EhHAA19Kgw7ifV8vMa4tkwslEmcTiwiw8lyUl28Wh4Et8SxzwCggDcA 7 | feGqtn3PP5YAdD0km4S4XeMEAJjlrqPoPv2Gf//tfznY2UyS9PUqFCPLHgFLe80u 8 | QhI2U5jt6jUKN4fHauvR6z3seSAsh1YyzyZCKxJFEKXCCqnrFSoh4WSJsbFNc4PN 9 | b0V0SqiTCkWADZyLT5wll8sWuQ5ylTf3z1ENoHf+G3um3/wk/+xmEHvj9HCTBEXP 10 | 78X0A/0Tqlhc2RBnEf+AqxWvM8sk8LzJI/XGjwBvKfXe+l3rnSR2kEAvGzj5Sg0X 11 | 4XmfTg4Jl8BNjWyvm2Wmjfet41LPmYJKsux3g0b8yzQxeOA4pQKKAU3Z4+rgzGmf 12 | HdwCG5MNT2A5XxD/eDd+L4fRx0HbFkIQoAi1J3YWQSiTk15fw7RMR29vZ2xlLCBJ 13 | bmMuIExpbnV4IFBhY2thZ2UgU2lnbmluZyBLZXkgPGxpbnV4LXBhY2thZ2VzLWtl 14 | eW1hc3RlckBnb29nbGUuY29tPohjBBMRAgAjAhsDBgsJCAcDAgQVAggDBBYCAwEC 15 | HgECF4AFAkYVdn8CGQEACgkQoECDD3+sWZHKSgCfdq3HtNYJLv+XZleb6HN4zOcF 16 | AJEAniSFbuv8V5FSHxeRimHx25671az+uQINBEXwb0sQCACuA8HT2nr+FM5y/kzI 17 | A51ZcC46KFtIDgjQJ31Q3OrkYP8LbxOpKMRIzvOZrsjOlFmDVqitiVc7qj3lYp6U 18 | rgNVaFv6Qu4bo2/ctjNHDDBdv6nufmusJUWq/9TwieepM/cwnXd+HMxu1XBKRVk9 19 | XyAZ9SvfcW4EtxVgysI+XlptKFa5JCqFM3qJllVohMmr7lMwO8+sxTWTXqxsptJo 20 | pZeKz+UBEEqPyw7CUIVYGC9ENEtIMFvAvPqnhj1GS96REMpry+5s9WKuLEaclWpd 21 | K3krttbDlY1NaeQUCRvBYZ8iAG9YSLHUHMTuI2oea07Rh4dtIAqPwAX8xn36JAYG 22 | 2vgLAAMFB/wKqaycjWAZwIe98Yt0qHsdkpmIbarD9fGiA6kfkK/UxjL/k7tmS4Vm 23 | CljrrDZkPSQ/19mpdRcGXtb0NI9+nyM5trweTvtPw+HPkDiJlTaiCcx+izg79Fj9 24 | KcofuNb3lPdXZb9tzf5oDnmm/B+4vkeTuEZJ//IFty8cmvCpzvY+DAz1Vo9rA+Zn 25 | cpWY1n6z6oSS9AsyT/IFlWWBZZ17SpMHu+h4Bxy62+AbPHKGSujEGQhWq8ZRoJAT 26 | G0KSObnmZ7FwFWu1e9XFoUCt0bSjiJWTIyaObMrWu/LvJ3e9I87HseSJStfw6fki 27 | 5og9qFEkMrIrBCp3QGuQWBq/rTdMuwNFiEkEGBECAAkFAkXwb0sCGwwACgkQoECD 28 | D3+sWZF/WACfeNAu1/1hwZtUo1bR+MWiCjpvHtwAnA1R3IHqFLQ2X3xJ40XPuAyY 29 | /FJG 30 | =Quqp 31 | -----END PGP PUBLIC KEY BLOCK----- 32 | -------------------------------------------------------------------------------- /jenkins/jenkins-integration-openldap.md: -------------------------------------------------------------------------------- 1 | # jenkins 集成 openldap 2 | 3 | ## openldap 4 | 5 | 先通过 `docker-compose up -d` 启动 openldap 服务, 其中 phpldapadmin 是一个 web 管理界面. 6 | 7 | ```yaml 8 | version: '3.2' 9 | 10 | services: 11 | openldap: 12 | image: osixia/openldap:1.3.0 13 | ports: 14 | - "389:389" 15 | - "636:636" 16 | environment: 17 | - LDAP_TLS=false 18 | - LDAP_ORGANISATION=My Inc 19 | - LDAP_DOMAIN=my-domain.com 20 | volumes: 21 | - "./config:/etc/ldap/slapd.d" 22 | - "./data:/var/lib/ldap" 23 | container_name: "openldap" 24 | restart: always 25 | 26 | phpldap: 27 | image: osixia/phpldapadmin:0.9.0 28 | ports: 29 | - "10080:80" 30 | environment: 31 | - PHPLDAPADMIN_LDAP_HOSTS=openldap 32 | - PHPLDAPADMIN_HTTPS=false 33 | container_name: "phpldap" 34 | restart: always 35 | ``` 36 | 37 | ### OpenLDAP 新增 ou 和 cn 38 | 39 | 1. 新增 ou 40 | ![](https://img.pycoder.org/blog/20200229233616.png) 41 | ![](https://img.pycoder.org/blog/20200229233726.png) 42 | ![](https://img.pycoder.org/blog/20200229233756.png) 43 | 2. 新增 cn 44 | ![](https://img.pycoder.org/blog/20200229234039.png) 45 | ![](https://img.pycoder.org/blog/20200229234105.png) 46 | ![](https://img.pycoder.org/blog/20200229234214.png) 47 | ![](https://img.pycoder.org/blog/20200229234254.png) 48 | 49 | ### Jenkins 安装 LDAP 插件 50 | 51 | 进入系统管理->插件管理->搜索 LDAP 进行安装. 52 | 53 | ### Jenkins 配置 LDAP 插件 54 | 55 | 进入系统管理->全局安全配置. 56 | 57 | ![](https://img.pycoder.org/blog/20200229234727.png) 58 | 59 | 60 | ### 配置用户权限和项目权限 61 | 62 | 首先, 安装一下插件: Role-based Authorization Strategy 63 | 64 | 进入系统管理->全局安全配置, 启用授权策略. 65 | 66 | ![](https://img.pycoder.org/blog/20200229235313.png) 67 | 68 | 然后返回系统管理->Manage and Assign Roles. 69 | 70 | ![](https://img.pycoder.org/blog/20200301000113.png) 71 | 72 | 在"管理角色"中有三种角色, 一种是和用户相关, 一种是和 Job 相关, 还有一个和节点相关. 73 | 74 | 根据实际情况, 可以定义不同的用户角色, 比如要执行 Job 权限的, 要管理 Job 权限的. 当然默认已经有一个 admin 的权限,它可以做任何事. 75 | 76 | ![](https://img.pycoder.org/blog/20200301000625.png) -------------------------------------------------------------------------------- /haproxy/README.md: -------------------------------------------------------------------------------- 1 | ## HAProxy 是什么? 2 | **HAProxy** 是一款自由,快速,可靠的解决方案。它用以提供高可用性、负载均衡和基于tcp和http应用的代理。 3 | 4 | ## HAProxy 有什么特点? 5 | * 支持虚拟主机,工作在4,7层 6 | * 支持url检测后端服务器 7 | * 更强大的session保持,cookie的引导 8 | * 支持多的负载均衡算法 9 | 10 | ## 应用示例 11 | ![示例](https://github.com/yotoobo/config/blob/master/haproxy/haproxy-pmode.png) 12 | 13 | ## [官方文档](http://cbonte.github.io/haproxy-dconv/configuration-1.5.html) 14 | 15 | ## 安装 16 | ``` 17 | wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.14.tar.gz 18 | tar zxf haproxy-1.5.14.tar.gz 19 | cd haproxy-1.5.14 20 | make TARGET=linux26 CPU=native USE_PCRE=1 USE_LIBCRYPT=1 USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1 21 | make install 22 | ``` 23 | 24 | ## haproxy.cfg 示例 25 | ``` 26 | global 27 | log 127.0.0.1 local0 日志记录到本地 28 | log 127.0.0.1 local1 notice 29 | #log 127.0.0.1 local1 notice 30 | #log loghost local0 info 31 | 32 | maxconn 10240 #最大连接数 33 | chroot /usr/share/haproxy 34 | uid 99 35 | gid 99 36 | daemon #后台运行 37 | nbproc 1 #启动进程 38 | #debug 39 | #quiet 40 | 41 | defaults 42 | log global 43 | mode http 44 | option httplog 45 | option dontlognull 46 | log 127.0.0.1 local3 47 | retries 3 #健康检查的重试次数 48 | option redispatch #当服务器组中出现机器不可用,自动将请求重定向到存活机器 49 | 50 | timeout check 1s 51 | timeout http-request 10s #请求超时 52 | timeout queue 1m #请求在队列中的超时 53 | timeout connect 10s #连接超时 54 | timeout client 1m #客户端超时 55 | timeout server 1m #服务端超时 56 | timeout http-keep-alive 30s 57 | 58 | listen stats 59 | mode http 60 | bind 0.0.0.0:8090 61 | stats enable 62 | stats refresh 30s 63 | stats uri /stats 64 | stats realm baison-test-Haproxy 65 | stats auth admin:admin 66 | stats admin if TRUE 67 | stats hide-version 68 | 69 | frontend allen 70 | bind *:80 71 | mode http 72 | option httpclose 73 | option forwardfor 74 | 75 | acl url_static path_end -i .html .jpg .gif .png 76 | acl url_dynamic path_end -i .php .jsp 77 | 78 | default_backend webDynamic 79 | use_backend webStatic if url_static 80 | use_backend webDynamic if url_dynamic 81 | 82 | backend webDynamic 83 | balance roundrobin 84 | server web1 10.0.0.1:80 check rise 2 fall 1 weight 2 85 | server web2 10.0.0.2:80 check rise 2 fall 1 weight 2 86 | 87 | backend webStatic 88 | balance source 89 | server lamp 10.0.0.3:80 check rise 2 fall 1 90 | ``` 91 | -------------------------------------------------------------------------------- /redis/redis: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # redis - this script starts and stops the redis-server daemon 4 | # 5 | # chkconfig: - 85 15 6 | # description: Redis is a persistent key-value database 7 | # processname: redis-server 8 | # config: /etc/redis/redis.conf 9 | # config: /etc/sysconfig/redis 10 | # pidfile: /var/run/redis.pid 11 | 12 | # Source function library. 13 | . /etc/rc.d/init.d/functions 14 | 15 | # Source networking configuration. 16 | . /etc/sysconfig/network 17 | 18 | # Check that networking is up. 19 | [ "$NETWORKING" = "no" ] && exit 0 20 | 21 | redis="/usr/local/sbin/redis-server" 22 | prog=$(basename $redis) 23 | 24 | REDIS_CONF_FILE="/etc/redis/redis.conf" 25 | 26 | [ -f /etc/sysconfig/redis ] && . /etc/sysconfig/redis 27 | 28 | lockfile=/var/lock/subsys/redis 29 | 30 | start() { 31 | [ -x $redis ] || exit 5 32 | [ -f $REDIS_CONF_FILE ] || exit 6 33 | echo -n $"Starting $prog: " 34 | daemon $redis $REDIS_CONF_FILE 35 | retval=$? 36 | echo 37 | [ $retval -eq 0 ] && touch $lockfile 38 | return $retval 39 | } 40 | 41 | stop() { 42 | echo -n $"Stopping $prog: " 43 | killproc $prog -QUIT 44 | retval=$? 45 | echo 46 | [ $retval -eq 0 ] && rm -f $lockfile 47 | return $retval 48 | } 49 | 50 | restart() { 51 | stop 52 | start 53 | } 54 | 55 | reload() { 56 | echo -n $"Reloading $prog: " 57 | killproc $redis -HUP 58 | RETVAL=$? 59 | echo 60 | } 61 | 62 | force_reload() { 63 | restart 64 | } 65 | 66 | rh_status() { 67 | status $prog 68 | } 69 | 70 | rh_status_q() { 71 | rh_status >/dev/null 2>&1 72 | } 73 | 74 | case "$1" in 75 | start) 76 | rh_status_q && exit 0 77 | $1 78 | ;; 79 | stop) 80 | rh_status_q || exit 0 81 | $1 82 | ;; 83 | restart|configtest) 84 | $1 85 | ;; 86 | reload) 87 | rh_status_q || exit 7 88 | $1 89 | ;; 90 | force-reload) 91 | force_reload 92 | ;; 93 | status) 94 | rh_status 95 | ;; 96 | condrestart|try-restart) 97 | rh_status_q || exit 0 98 | ;; 99 | *) 100 | echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" 101 | exit 2 102 | esac 103 | -------------------------------------------------------------------------------- /mysql/README.md: -------------------------------------------------------------------------------- 1 | ### 主从复制 2 | 3 | * 概述 4 | mysql的复制是指一台服务器与多台服务器的数据保持同步,即一主多从.它是Mysql水平扩容的最易实现,最成熟的方案(个人这么认为哈!)! 5 | 6 | * 它能解决什么问题? 7 | 1. 数据分布(鸡蛋不要放在一个篮子里) 8 | 2. 负载均衡(将读操作分布到多个从库上,优化读密集型的应用) 9 | 3. 高可用性和故障切换 10 | 11 | * 复制如何工作 12 | ![复制如何工作](https://github.com/yotoobo/config/blob/master/mysql/mysql-replication.jpg) 13 | * 配置复制 14 | 1. 在每台机器上创建复制账号 15 | 2. 配置主库和备库 16 | 3. 通知备库连接到主库并开始复制数据 17 | 18 | _示例代码_ 19 | ``` 20 | 21 | 1.创建复制账号 22 | mysql> grant replication slave,replication client on *.* to repUser@'192.168.1.%' identified by 'password'; 23 | mysql> flush privileges; 24 | 25 | 2.主库 my.cnf 26 | log-bin = mysql-bin 27 | binlog_format = row 28 | server-id = 1 #唯一值 29 | #innodb_flush_log_at_trx_commit=1 30 | #sync_binlog=1 31 | 32 | 3.从库 my.cnf 33 | log-bin = mysql-bin 34 | binlog_format = row 35 | server-id = 2 #唯一值 36 | relay-log = mysql-relay-bin 37 | log-slave-updates = 1 38 | 39 | 40 | 启动复制 41 | mysql> change master to master_host='192.168.1.121', 42 | > master_user='repUser', 43 | > master_password='password', 44 | > master_log_file='mysql-bin.000001', 45 | > master_log_pos=245; 46 | mysql> start slave; 47 | ``` 48 | 49 | ### 半同步复制 50 | mysql5.5之前的复制是异步复制,主库在执行完一些事务后,是不会管备库的进度的。如果备库不幸落后,而更不幸的是主库此时又出现Crash(例如宕机),这时备库中的数据就是不完整的。简而言之,在主库发生故障的时候,我们无法使用备库来继续提供数据一致的服务了. 51 | 而开启[半同步复制](http://dev.mysql.com/doc/refman/5.5/en/replication-semisync.html)后,MySQL每一个事务需等待备库接收日志后才返回给客户端。如果做的是小事务,两台主机的延迟又较小,则Semi-sync可以实现在性能很小损失的情况下的零数据丢失。 52 | 1. 搭建主从环境 53 | 2. 开启semi-sync插件 54 | 55 | 56 | ``` 57 | on the Master 58 | mysql> INSTALL PLUGIN rpl_semi_sync_master SONAME 'semisync_master.so'; 59 | mysql> SET GLOBAL rpl_semi_sync_master_enabled = 1; 60 | mysql> SET GLOBAL rpl_semi_sync_master_timeout = 1000; # 1 second 61 | on the Slave 62 | mysql> INSTALL PLUGIN rpl_semi_sync_slave SONAME 'semisync_slave.so'; 63 | mysql> SET GLOBAL rpl_semi_sync_slave_enabled = 1; 64 | mysql> START SLAVE; 65 | ``` 66 | 67 | 68 | _NOTE: SLAVE端需要先开启半同步参数,然后启动从库复制,否则,Rpl_semi_sync_slave_status的状态始终为:OFF。另外把半同步参数写入my.cnf中,避免mysql重启后恢复OFF_ 69 | 70 | 71 | * 参考文档 72 | 1. [半同步原理介绍](http://www.orczhou.com/index.php/2011/07/why-and-how-mysql-5-5-semi-sync-replication/) 73 | 2. [半同步复制介绍](http://www.mysqlsystems.com/2012/08/understand-mysql-semi-sync-replication.html) 74 | 75 | ### Mysql高可用 76 | * MMM 77 | * MHA 78 | 79 | 80 | 81 | 82 | 83 | -------------------------------------------------------------------------------- /nginx/install.tengine: -------------------------------------------------------------------------------- 1 | cd ~ 2 | yum -y install openssl pcre-devel 3 | [ -f jemalloc-3.6.0.tar.bz2 ] || wget http://www.canonware.com/download/jemalloc/jemalloc-3.6.0.tar.bz2 4 | [ -f tengine-2.0.3.tar.gz ] || wget http://tengine.taobao.org/download/tengine-2.0.3.tar.gz 5 | tar zxf tengine-2.0.3.tar.gz 6 | tar jxf jemalloc-3.6.0.tar.bz2 7 | cd tengine-2.0.3 8 | ./configure --prefix=/usr/local/tengine --with-jemalloc=../jemalloc-3.6.0 --with-http_concat_module 9 | make && make install 10 | cat >> /etc/init.d/tengine << EOF 11 | #!/bin/bash 12 | # nginx Startup script for the Nginx HTTP Server 13 | # it is v.0.0.2 version. 14 | # chkconfig: - 85 15 15 | # description: Nginx is a high-performance web and proxy server. 16 | # It has a lot of features, but it's not for everyone. 17 | # processname: nginx 18 | # pidfile: /var/run/nginx.pid 19 | # config: /usr/local/nginx/conf/nginx.conf 20 | nginxd=/usr/local/tengine/sbin/nginx 21 | nginx_config=/usr/local/tengine/conf/nginx.conf 22 | nginx_pid=/usr/local/tengine/logs/nginx.pid 23 | RETVAL=0 24 | prog="nginx" 25 | # Source function library. 26 | . /etc/rc.d/init.d/functions 27 | # Source networking configuration. 28 | . /etc/sysconfig/network 29 | # Check that networking is up. 30 | [ ${NETWORKING} = "no" ] && exit 0 31 | [ -x $nginxd ] || exit 0 32 | # Start nginx daemons functions. 33 | start() { 34 | if [ -e $nginx_pid ];then 35 | echo "nginx already running...." 36 | exit 1 37 | fi 38 | echo -n $"Starting $prog: " 39 | daemon $nginxd -c ${nginx_config} 40 | RETVAL=$? 41 | echo 42 | [ $RETVAL = 0 ] && touch /var/lock/subsys/nginx 43 | return $RETVAL 44 | } 45 | # Stop nginx daemons functions. 46 | stop() { 47 | echo -n $"Stopping $prog: " 48 | killproc $nginxd 49 | RETVAL=$? 50 | echo 51 | [ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid 52 | } 53 | reload() { 54 | echo -n $"Reloading $prog: " 55 | #kill -HUP `cat ${nginx_pid}` 56 | killproc $nginxd -HUP 57 | RETVAL=$? 58 | echo 59 | } 60 | # See how we were called. 61 | case "$1" in 62 | start) 63 | start 64 | ;; 65 | stop) 66 | stop 67 | ;; 68 | reload) 69 | reload 70 | ;; 71 | restart) 72 | stop 73 | start 74 | ;; 75 | 76 | status) 77 | status $prog 78 | RETVAL=$? 79 | ;; 80 | *) 81 | echo $"Usage: $prog {start|stop|restart|reload|status|help}" 82 | exit 1 83 | esac 84 | exit $RETVAL 85 | EOF 86 | -------------------------------------------------------------------------------- /ubuntu/get-fonts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #dir define 4 | myfonts_dir=/usr/share/fonts/truetype/myfonts 5 | remote_dir=http://files.cnblogs.com/DengYangjun 6 | 7 | #fonts define 8 | monaco=monaco-linux.ttf 9 | lucida=lucida-console.ttf 10 | msyh=msyh.ttf 11 | msyhbd=msyhbd.ttf 12 | agencyr=agencyr.ttf 13 | agencyrb=agencyrb.ttf 14 | 15 | screen=0 16 | 17 | sudo mkdir $myfonts_dir 2>/dev/null 18 | 19 | echo "Ubuntu字体自动安装工具" 20 | echo "(C)2008-2009 Deng.Yangjun@Gmail.com" 21 | 22 | echo "安装等宽英文台字体:Monaco" 23 | wget -O $monaco.zip $remote_dir/$monaco.zip 24 | unzip -o $monaco.zip 1>/dev/null 25 | sudo mv $monaco $myfonts_dir 26 | rm $monaco.zip 27 | 28 | echo "安装等宽英文字体:Lucida Console" 29 | wget -O $lucida.zip $remote_dir/$lucida.zip 30 | unzip -o $lucida.zip 1>/dev/null 31 | sudo mv $lucida $myfonts_dir 32 | rm $lucida.zip 33 | 34 | echo "安装英文字体:Agency FB" 35 | wget -O $agencyr.zip $remote_dir/$agencyr.zip 36 | unzip -o $agencyr.zip 1>/dev/null 37 | sudo mv $agencyr $myfonts_dir 38 | rm $agencyr.zip 39 | 40 | wget -O $agencyrb.zip $remote_dir/$agencyrb.zip 41 | unzip -o $agencyrb.zip 1>/dev/null 42 | sudo mv $agencyrb $myfonts_dir 43 | rm $agencyrb.zip 44 | 45 | echo "安装字体:微软雅黑" 46 | wget -O $msyh.zip $remote_dir/$msyh.zip 47 | unzip -o $msyh.zip 1>/dev/null 48 | sudo mv $msyh $myfonts_dir 49 | rm $msyh.zip 50 | 51 | wget -O $msyhbd.zip $remote_dir/$msyhbd.zip 52 | unzip -o $msyhbd.zip 1>/dev/null 53 | sudo mv $msyhbd $myfonts_dir 54 | rm $msyhbd.zip 55 | 56 | #Ubuntu 7.10 57 | #wget http://www.cnblogs.com/Files/DengYangjun/language-selector.conf.zip 58 | #unzip -o language-selector.conf.zip 59 | #sudo mv language-selector.conf /etc/fonts 60 | #rm language-selector.conf.zip 61 | 62 | #Ubuntu 8.04 63 | echo "请选择显示器类型(1-2):1-LED 2-CRT" 64 | read screen 65 | case $screen in 66 | 1) 67 | wget -O local.conf.zip $remote_dir/local.conf.led.zip 68 | ;; 69 | 2) 70 | wget -O local.conf.zip $remote_dir/local.conf.crt.zip 71 | ;; 72 | ?) 73 | echo "无效选择,退出安装,安装未完成。" 74 | exit 1; 75 | esac 76 | 77 | unzip -o local.conf.zip 1>/dev/null 78 | sudo mv /etc/fonts/conf.avail/51-local.conf /etc/fonts/conf.avail/51-local.conf.old 79 | sudo mv local.conf /etc/fonts/conf.avail/51-local.conf 80 | rm local.conf.zip 81 | 82 | cd /etc/fonts/conf.avail 83 | sudo mv 69-language-selector-zh-cn.conf 69-language-selector-zh-cn.conf.old 2>/dev/null 84 | 85 | echo "请稍等,正在刷新系统字体..." 86 | cd $myfonts_dir 87 | sudo chmod 555 * 88 | sudo mkfontscale 1>/dev/null 89 | sudo mkfontdir 1>/dev/null 90 | sudo fc-cache -v 1>/dev/null 91 | 92 | echo "安装字体结束,谢谢使用。请退出X-Server,重新登录,查看字体效果。" 93 | 94 | -------------------------------------------------------------------------------- /varnish/README.md: -------------------------------------------------------------------------------- 1 | * 本文使用的版本为3.0.6 2 | * [官方文档](https://www.varnish-software.com/static/book/index.html) 3 | * VCL流程 4 | ![VCL流程](https://www.varnish-software.com/static/book/_images/vcl.png) 5 | * 安装 6 | ``` 7 | Varnish 4.0: 8 | rpm --nosignature -i https://repo.varnish-cache.org/redhat/varnish-4.0.el6.rpm 9 | yum install varnish 10 | Varnish 3.0: 11 | If you are on RHEL 5 or a compatible distribution, use: 12 | rpm --nosignature -i https://repo.varnish-cache.org/redhat/varnish-3.0.el5.rpm 13 | yum install varnish 14 | 15 | For RHEL 6 and compatible distributions, use: 16 | rpm --nosignature -i https://repo.varnish-cache.org/redhat/varnish-3.0.el6.rpm 17 | yum install varnish 18 | ``` 19 | 20 | * /etc/sysconfig/varnish 21 | ``` 22 | NFILES=131072 #最大文件数 23 | MEMLOCK=82000 #允许多大共享内存保存日志 24 | NPROCS="unlimited" #打开的最大线程数,不限制 25 | RELOAD_VCL=1 #设为1,reload配置文件时不需要restart 26 | VARNISH_VCL_CONF=/etc/varnish/default.vcl #指定VCL文件 27 | VARNISH_LISTEN_PORT=80 #侦听端口 28 | VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 #管理接口的侦听地址 29 | VARNISH_ADMIN_LISTEN_PORT=6082 #管理接口的侦听端口 30 | VARNISH_SECRET_FILE=/etc/varnish/secret #密钥文件 31 | VARNISH_MIN_THREADS=50 #最小工作线程数 32 | VARNISH_MAX_THREADS=1000 #最大工作线程数 33 | VARNISH_THREAD_TIMEOUT=120 #工作线程的超时时间 34 | VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin #指定缓存文件 35 | VARNISH_STORAGE_SIZE=1G #设置缓存大小,单位有k / M / G / T suffix 36 | VARNISH_STORAGE="malloc,16M" #使用malloc,即内存缓存,大小16M 37 | VARNISH_TTL=120 #联系后端的超时时间 38 | ``` 39 | 40 | * VCL 41 | 设置允许清理缓存的主机或网段 42 | ``` 43 | acl purgers { 44 | "127.0.0.1"; 45 | "192.168.0.0"/24; 46 | } 47 | ``` 48 | 设置后端主机 49 | ``` 50 | backend default { 51 | .host = "192.168.1.1"; 52 | .port = "80"; 53 | .probe = { #健康监测 54 | .url = "/"; #请求的url 55 | .expected_response = 200; #期望后端主机响应的状态码,默认为200; 56 | .interval = 3s; #请求的间隔时间 57 | .window = 3; #设定在判定后端主机健康状态时基于最近多少次的探测进行 58 | .threshold = 2; #在.window中指定的次数中,至少有多少次是成功的才判定后端主机正健康运行 59 | } 60 | } 61 | 62 | backend backup { 63 | .host = "192.168.1.2"; 64 | .port = "80"; 65 | .probe = { 66 | .url = "/"; 67 | .expected_response = 200; 68 | .interval = 3s; 69 | .window = 3; 70 | .threshold = 2; 71 | } 72 | } 73 | 74 | director server client { #定义主机池 75 | { 76 | .backend = default; 77 | .weight = 5; #权重越高,分配的请求越多 78 | } 79 | { 80 | .backend = backup; 81 | .weight = 5; 82 | } 83 | } 84 | ``` 85 | 定义vcl_recv模块(接受和处理请求) 86 | ``` 87 | sub vcl_recv { 88 | set req.backend = server; 89 | } 90 | ``` 91 | 92 | 93 | 94 | 95 | -------------------------------------------------------------------------------- /fedroa/first_do.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # When you installed Fedora,then you first do it 4 | # It's test on Fedora 22+ 5 | # 8/22/2015 6 | 7 | echo "请稍等,脚本正在运行 ... " 8 | sleep 2 9 | sudo dnf -y -q update 10 | 11 | clear 12 | 13 | echo "Install softwares: 14 | 1. gnome-tweak-tool 15 | 2. cairo-dock 16 | 3. VLC 17 | 4. Adobe Flash 18 | 5. google-chrome 19 | " 20 | 21 | # add repo 22 | su -c 'dnf -y -q install --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm' 23 | 24 | ## Adobe Repository 64-bit x86_64 ## 25 | sudo rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-x86_64-1.0-1.noarch.rpm 26 | sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux 27 | 28 | # chrome 29 | sudo cat > /etc/yum.repo.d/google-chrome.repo << EOF 30 | [google-chrome] 31 | name=google-chrome 32 | baseurl=http://dl.google.com/linux/chrome/rpm/stable/$basearch 33 | enabled=1 34 | gpgcheck=1 35 | gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub 36 | EOF 37 | # Add google public key 38 | if [ -f './google_signing_key.pub' ];then 39 | sudo rpm --import ./google_signing_key.pub 40 | else 41 | sudo sed -i 's/gpgcheck=1/gpgcheck=0/' /etc/yum.repo.d/google-chrome.repo 42 | fi 43 | 44 | sudo dnf -y -q install cairo-dock gnome-tweak-tool vlc flash-plugin google-chrome-stable 45 | 46 | 47 | echo 'Install zsh + oh-my-zsh + autojump ' 48 | cd ~/ 49 | sudo dnf -y -q install zsh wget 50 | sudo sh -c "$(wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)" 51 | 52 | 53 | echo 'Install pyenv ' 54 | git clone https://github.com/yyuu/pyenv.git ~/.pyenv 55 | echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.zshrc 56 | echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.zshrc 57 | echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.zshrc 58 | echo 'eval "$(pyenv init -)"' >> ~/.zshrc 59 | exec $SHELL 60 | 61 | 62 | 63 | exit 0 64 | 65 | # config terminator 66 | cd ~/config/ 67 | [ !-d ~/.config/terminator ] && mkdir ~/.config/terminator 68 | mv config ~/.config/terminator/ 69 | mv dircolors ~/.dircolors 70 | 71 | #中文字体发虚 72 | #sudo rpm -Uvh http://www.infinality.net/fedora/linux/infinality-repo-1.0-1.noarch.rpm 73 | #sudo yum -y install freetype-infinality infinality-settings 74 | #sudo mkfontdir 75 | #sudo mkfontscale 76 | #fc-cache -fv 77 | 78 | #install orchis-gtk-theme 79 | #sudo wget http://download.opensuse.org/repositories/home:/snwh:/orchis-gtk-theme/Fedora_20/home:snwh:orchis-gtk-theme.repo -O /etc/yum.repos.d/orchis-gtk-theme.repo 80 | #sudo yum update 81 | #sudo yum install orchis-gtk-theme 82 | 83 | #vim 84 | #./configure --prefix=/usr/local/ --with-features=huge --enable-multibyte --enable-cscope --enable-sniff --enable-pythoninterp --with-python-config-dir=/usr/lib/python2.7/config --enable-python3interp --with-python3-config-dir=/usr/lib/python3.3/config --enable-rubyinterp --enable-perlinterp --enable-luainterp 85 | #make VIMRUNTIMEDIR=/usr/local/share/vim/vim74 86 | #sudo make install 87 | -------------------------------------------------------------------------------- /ubuntu/README.md: -------------------------------------------------------------------------------- 1 | #### 常见问题 2 | * shutter 不能编辑图片 3 | ```sudo apt-get install libgoo-canvas-perl``` 4 | 5 | #### 安装字体 6 | ``` $ sudo sh get-fonts.sh ``` 7 | 8 | #### 安装flash 9 | ``` 10 | $ sudo apt-get install flashplugin-installer 11 | ``` 12 | 13 | #### 管理服务 14 | ``` $ sudo apt-get install sysv-rc-conf ``` 15 | 16 | #### 自定义默认软件 17 | ``` 18 | $ sudo update-alternatives --install /usr/bin/java java /usr/java/jdk/bin/java 300 19 | $ sudo update-alternatives --install /usr/bin/javac javac /usr/java/jdk/bin/javac 300 20 | 更多用法请参考help 21 | ``` 22 | 23 | #### 使用Terminator作为默认终端 24 | 安装 25 | ``` 26 | $ sudo add-apt-repository ppa:gnome-terminator 27 | $ sudo apt-get update 28 | $ sudo apt-get install terminator 29 | ``` 30 | 自定义terminator 31 | ``` 32 | $ [ -d ~/.config/terminator ] || mkdir ~/.config/terminator 33 | $ mv config ~/.config/terminator/ 34 | $ mv dircolors ~/.dircolors 35 | $ cat >> ~/.zshrc << EOF 36 | if [ -f `which terminator` ];then 37 | if [ -x /usr/bin/dircolors ]; then 38 | test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" 39 | fi 40 | fi 41 | EOF 42 | 43 | ``` 44 | 使用 45 | ``` 46 | $ terminator 47 | Ctrl+Shift+E 垂直分割窗口 48 | Ctrl+Shift+O 水平分割窗口 49 | F11 全屏 50 | Ctrl+Shift+C 复制 51 | Ctrl+Shift+V 粘贴 52 | Ctrl+Shift+N 或者 Ctrl+Tab 在分割的各窗口之间切换 53 | Ctrl+Shift+X 将分割的某一个窗口放大至全屏使用 54 | Ctrl+Shift+Z 从放大至全屏的某一窗口回到多窗格界面 55 | ``` 56 | 57 | #### ubuntu-make 58 | ``` 59 | Installing Ubuntu Make 60 | 61 | If you are on Ubuntu 14.04 LTS, first, add the Ubuntu Make ppa: 62 | 63 | $ sudo add-apt-repository ppa:ubuntu-desktop/ubuntu-make 64 | $ sudo apt-get update 65 | 66 | Then, installing Ubuntu Make: 67 | 68 | $ sudo apt-get install ubuntu-make 69 | 70 | How to install android-studio 71 | 72 | $ umake android 73 | ``` 74 | 75 | #### 常用软件 76 | 软件包管理:新立得软件包管理器 77 | ```sudo apt-get install synaptic``` 78 | docky:类似苹果的任务栏 79 | ```sudo apt-get install docky``` 80 | 系统管理:ubuntu tweak 81 | vpn插件:network-manager-vpnc 82 | 虚拟化:virtualbox 83 | ftp:Filezilla 84 | 邮件:thunderbird 85 | 截图:shutter 86 | 词典:星际译王 87 | 影视:VLC,smplayer 88 | IDE:Eclipse 89 | 制图:yEd 90 | 91 | 92 | #### linuxmint 17 xfce 93 | * fcitx 94 | ```sudo apt-get install fcitx fcitx-config-common fcitx-config-gtk fcitx-config-gtk2 fcitx-ui-classic fcitx-table fcitx-frontend-all fcitx-googlepinyin ``` 95 | 96 | * google-chrome 97 | ```wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb``` 98 | 99 | * 安装常用软件 100 | ``` 101 | sudo add-apt-repository ppa:no1wantdthisname/ppa 102 | sudo add-apt-repository ppa:no1wantdthisname/openjdk-fontfix 103 | sudo apt-get update 104 | sudo apt-get upgrade 105 | sudo apt-get install fontconfig-infinality 106 | 107 | sudo apt-get install chromium-browser pepperflashplugin-nonfree preload vim git compizconfig-settings-manager bum dockey conky shutter 108 | ``` 109 | 110 | * set vm.swappiness 111 | ```sudo echo "vm.swappiness=1" >> /etc/sysctl.conf``` 112 | 113 | * set tmpfs 114 | ```sudo echo "tmpfs /tmp tmpfs defaults,noexec,nosuid 0 0" >> /etc/fstab``` 115 | 116 | -------------------------------------------------------------------------------- /git/README.md: -------------------------------------------------------------------------------- 1 | ### 你要知道这些 2 | 3 | - 分布存储系统-通常假设你在一个分布存储系统中工作,那真个存储都在你本地的开发框内。Git就是一种分布版本控制系统。如果你需要从存储中查询数据,你可以拉出数据。如果你需要添加或者检查文本到存储中,你可以推进数据。强烈建议,即使不需要用到SSH去和存储交互如果它在一个远程服务其中。 4 | - 存储-存储是个普遍术语。版本控制系统管理一个存储,在Git中存储实际上就是一个数据库,在那里文本和历史都得到维护和保存。 5 | - 工作集-工作集包括文件和文件夹。通常你会看到一个存储包含多个工作集,这些工作集组织在通常称作项目中。当你编辑一个工作集时,你顺带地就会升级存储。版本控制最重要的事情就是,当你升级你的存储时,你自动地创建了一个源代码支持,不仅是保存。关于工作集有一点需要记住的是,文件包含潜在的变化已不在存储中了。 6 | - 添加和检入-正如你猜测的那样,添加是一个概念,即你添加新的文件或者提交和查找存在的文件。 7 | - 返回/回滚-如果你需要返回到早前的文件版本,你将会返回或者回滚在存储中任何版本的工作集。 8 | - 检出-如果你正在检出存储中的一个文件,通常你会将主干带入你当地的工作集中。在一些案例中,检出一个文件的活动或锁住这个文件,以防其他的开发者使用。 9 | - 标签和标记-此概念用来说明一个具体存储的状态。你或许标签或者标记了一个你的Drupal模块版本,你认为可以稳定发布的。 10 | - 分支和分叉-这是一个常见的概念,即创建一个完整的存储拷贝。通常,你会听到一个沙盒代码的术语,它的意思是一个开发者已经分支或者分叉了一个项目存储。 11 | - 合并-如果你分支或者分叉了一个存储,那么你将不可避免地想要把你的源代码推送到存储的主干或者主要分支中。推送分支或者分叉代码返回主干的过程,就是指调用合并。 12 | 13 | ### 使用 git 14 | 15 | #### 安装 git 16 | 17 | [Install Git](http://git-scm.com/book/en/v2/Getting-Started-Installing-Git) 18 | 19 | #### 初始配置 20 | 21 | 这些是一些全局配置项, 请根据个人情况自行修改. 22 | 23 | ```shell 24 | git config --global user.name "name" 25 | git config --global user.email xxx@email.com 26 | git config --global core.editor vim 27 | git Config --global push.default simple 28 | ``` 29 | 30 | 获取某一命令的帮助信息: 31 | 32 | ```shell 33 | git help 34 | ``` 35 | 36 | #### 仓库 37 | 38 | 创建一个本地空仓库: 39 | 40 | ```shell 41 | cd mygit 42 | git init 43 | ``` 44 | 45 | 克隆一个已存在的仓库, 有多种协议: 46 | 47 | ```shell 48 | cd mygit 49 | git clone ssh://[user@]host.xz[:port]/path/to/repo.git/ 50 | git clone git://host.xz[:port]/path/to/repo.git/ 51 | git clone http[s]://host.xz[:port]/path/to/repo.git/ 52 | git clone -l -s -n ./repo ./repocopy 53 | ``` 54 | 55 | #### git 工作流 56 | 57 | ![git工作流](![](https:/img.pycoder.org/blog/20200202183708.png) 58 | 59 | #### 添加与提交 60 | 61 | ```shell 62 | cd mygit 63 | touch newfile 64 | git add newfile 65 | git commit -m "add newfile" 66 | ``` 67 | 68 | #### 版本回退 69 | 70 | 首先,要获取想要回退的版本的 **Commit**: 71 | 72 | ```shell 73 | git log 74 | commit 3eac1fbbde1af2bd61506d666e071f7824f8d2ec 75 | Author: yotoobo 76 | Date: Mon Jan 12 20:12:46 2015 +0800 77 | 78 | update git/README.md 79 | ``` 80 | 81 | 只要知道了 **commit**, 那么我们就可以用 git 切换到对应版本: 82 | 83 | ```shell 84 | git reset --hard 3eac1fbbde1a 85 | ``` 86 | 87 | 还有一种方式表示版本,如HEAD表示当前版本,HEAD^1表示上一版本,HEAD^100表示上一百个版本: 88 | 89 | ```shell 90 | git reset --hard HEAD^1 91 | ``` 92 | 93 | #### 分支 94 | 95 | 分支是为了将修改记录的整体流程分叉保存。分叉后的分支不受其他分支的影响,所以在同一个数据库里可以同时进行多个修改。 96 | 97 | ![branch](https:/img.pycoder.org/blog/20200202190346.png) 98 | 99 | ```shell 100 | # 创建一个叫 feature_x 的分支并切换到 feature_x 101 | git checkout -b feature_x 102 | # 切换回主分支 103 | git checkout master 104 | # 切换到分支 105 | git checkout feature_x 106 | # 更新分支 107 | git checkout -B feature_x 108 | # 删除分支 109 | git branch -D feature_x 110 | #推送分支到远程仓库 111 | git push origin 112 | ``` 113 | 114 | 如果使用 git clone 克隆,Git 会自动为你将此远程仓库命名为 origin,并下载其中所有的数据,建立一个指向它的 master 分支的指针,在本地命名为 origin/master,但你无法在本地更改其数据。接着,Git 建立一个属于你自己的本地 master 分支,始于 origin 上 master 分支相同的位置,你可以就此开始工作(基于本地 master 分支工作) 115 | 116 | 在分支上做开发后,还需要做合并操作: 117 | 118 | ```shell 119 | # 切换到分支feature_x 120 | git checkout feature_x 121 | # 修改一个文件,add,commit 122 | vim newfile 123 | git add newfile 124 | git commit -m "vim newfile on branch" 125 | # 切换主分支 126 | git checkout master 127 | # 合并分支到当前 128 | git merge feature_x 129 | ``` 130 | -------------------------------------------------------------------------------- /kvm/README.md: -------------------------------------------------------------------------------- 1 | * 准备工作 2 | CPU是否支持虚拟化 3 | ```egrep '(vmx|svm)' --color=always /proc/cpuinfo``` 4 | 关闭selinux 5 | 调整iptables(测试环境可直接关闭) 6 | 7 | * 安装kvm 8 | on centos/rhel 6, 9 | ``` 10 | yum install kvm libvirt python-virtinst qemu-kvm bridge-utils libguestfs-tools virt-top 11 | service libvirtd start 12 | ``` 13 | on ubuntu 14/mint 17, 14 | ```sudo apt-get install kvm qemu virtinst python-libvirt virt-viewer virt-manager``` 15 | 16 | * 配置bridge 17 | on centos/rhel 6, 18 | ``` 19 | #cd /etc/sysconfig/network-scripts/ 20 | #cat ifcfg-br0 21 | DEVICE="br0" 22 | NM_CONTROLLED="yes" 23 | ONBOOT=yes 24 | TYPE=Bridge 25 | BOOTPROTO=none 26 | IPADDR=10.49.1.170 27 | PREFIX=16 28 | GATEWAY=10.49.0.1 29 | DNS1=221.228.255.1 30 | DNS2=114.114.114.114 31 | DEFROUTE=yes 32 | IPV4_FAILURE_FATAL=yes 33 | IPV6INIT=no 34 | NAME="System br0" 35 | 36 | #cat ifcfg-eth0 37 | DEVICE=eth0 38 | HWADDR=B8:2A:72:D4:89:2D 39 | TYPE=Ethernet 40 | UUID=f52780a4-f34c-4301-8aca-f0b31808f222 41 | ONBOOT=yes 42 | NM_CONTROLLED=yes 43 | BOOTPROTO=none 44 | BRIDGE=br0 45 | ``` 46 | on ubuntu 14/mint 17, 47 | ``` 48 | $cat /etc/network/interfaces 49 | auto lo 50 | iface lo inet loopback 51 | auto eth0 52 | iface eth0 inet manual 53 | auto br0 54 | iface br0 inet static 55 | address 10.49.1.171 56 | netmask 255.255.0.0 57 | gateway 10.49.0.1 58 | bridge_ports eth0 59 | 60 | ``` 61 | 62 | * 创建guest 63 | use virt-install, 64 | ``` 65 | virt-install --name=vm1_171 --ram 2048 --vcpus=2 --disk path=/home/kvm/vm1_171.img,format=raw,size=50,bus=virtio --accelerate --cdrom /home/nginx/CentOS-6.5-x86_64-bin-DVD1.iso --hvm --vnc --vncport=5910 --vnclisten=0.0.0.0 --network bridge=br0,model=virtio --noautoconsole 66 | ``` 67 | 相比较raw格式,qcow2格式支持的功能更多, 68 | ``` 69 | qemu-img create -f qcow2 /home/kvm/vm1_171.qcow2 50g 70 | virt-install --name=vm1_171 --ram 2048 --vcpus=2 --disk path=/home/kvm/vm1_171.qcow2,format=qcow2,size=50,bus=virtio --accelerate --cdrom /home/nginx/CentOS-6.5-x86_64-bin-DVD1.iso --hvm --vnc --vncport=5910 --vnclisten=0.0.0.0 --network bridge=br0,model=virtio --noautoconsole 71 | ``` 72 | 73 | * 使用vnc viewer连接guest 74 | windows, 75 | tightvnc viewer 76 | 77 | * guest 基本操作 78 | 查看 79 | ```virsh list --all``` 80 | 启动 81 | ```virsh start vm1_171``` 82 | ```virsh create /etc/libvirt/qemu/vm1_171.xml``` 83 | guest自动启动 84 | ```virsh autostart vm1_171``` 85 | 关机 86 | ```virsh shutdown vm1_171``` 87 | 强制关闭 88 | ```virsh destroy vm1_171``` 89 | 导出guest配置文件 90 | ```virsh dumpxml vm1_171 > /etc/libvirt/qemu/name2.xml ``` 91 | 编辑guest配置文件 92 | ```virsh edit vm1_171``` 93 | 删除 94 | ```virsh undefine vm1_171``` 95 | 96 | * 克隆 97 | ```virt-clone -o vm1_171 -n vm1_172 --file /home/kvm/vm1_172.img``` 98 | 修改vm1_172的网卡配置 99 | ```virt-edit -d vm1_172 /etc/sysconfig/network-scripts/ifcfg-eth0``` 100 | 101 | * 动态添加网卡 102 | ```virsh attach-interface vm1_171 --type bridge --source br1``` 103 | 保存 104 | ```virsh dumpxml vm1_171 > /etc/libvirt/qemu/vm1_171.xml``` 105 | 106 | * 虚拟化管理平台 107 | ConVirt 108 | http://www.convirture.com/wiki/index.php?title=Main_Page 109 | 110 | * 优化 111 | ``` 112 | yum install tuned tuned-admin 113 | service tuned start 114 | /etc/init.d/ktune start 115 | tuned-adm profile [virtual-host|virtual-guest] 116 | ``` 117 | 118 | * 参考 119 | http://www.linux-kvm.org/page/Main_Page 120 | http://koumm.blog.51cto.com/703525/1288795 121 | -------------------------------------------------------------------------------- /mystar/README.md: -------------------------------------------------------------------------------- 1 | # mystars 2 | 3 | * 很棒的整理 4 | * [free-programming-books-zh_CN](https://github.com/justjavac/free-programming-books-zh_CN) 5 | 6 | * 运维相关 7 | * [awesome-sysadmin](https://github.com/kahun/awesome-sysadmin) 8 | * [salt](https://github.com/saltstack/salt) 9 | * [cfengine](https://github.com/cfengine/core) 10 | * [rundeck](https://github.com/rundeck/rundeck) 11 | * [logstash](https://github.com/chenryn/logstash-best-practice-cn) 12 | * [linux command line](https://github.com/billie66/TLCL) 13 | * [puppet](https://github.com/puppetlabs/puppet) 14 | * [goaccess](https://github.com/allinurl/goaccess) 15 | * [oh-my-zsh](https://github.com/robbyrussell/oh-my-zsh) 16 | 17 | * 数据库相关 18 | * [awesome-mysql](https://github.com/shlomi-noach/awesome-mysql) 19 | * [Mycat-doc](https://github.com/MyCATApache/Mycat-doc) 20 | * [Atlas](https://github.com/Qihoo360/Atlas) 21 | * [oneproxy](http://www.onexsoft.com/oneproxy) 22 | * [amobe](http://docs.hexnova.com/amoeba/) 23 | 24 | * 分布式文件系统 25 | * [fastdfs](https://github.com/happyfish100/fastdfs) 26 | * [hadoop-hdfs](http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/HdfsUserGuide.html) 27 | 28 | * 安全 29 | * [lynis](https://github.com/CISOfy/lynis) 30 | * [ModSecurity](https://github.com/SpiderLabs/ModSecurity) 31 | * [naxsi](https://github.com/nbs-system/naxsi) 32 | 33 | * JAVA 34 | * [awesome-java](https://github.com/akullpp/awesome-java) 35 | * [junit](https://github.com/junit-team/junit) 36 | 37 | * Python 38 | * [awesome-python](https://github.com/vinta/awesome-python) 39 | * 工具 40 | * [爬虫](https://github.com/scrapy/scrapy) 41 | * [autopep8](https://github.com/hhatto/autopep8) 42 | * [pycrumbs](https://github.com/kirang89/pycrumbs) 43 | * [sh](https://github.com/amoffat/sh) 44 | * [python-patterns](https://github.com/faif/python-patterns) 45 | * [speedtest-cli](https://github.com/sivel/speedtest-cli) 46 | 47 | * PHP 48 | * [awesome-php](https://github.com/ziadoz/awesome-php) 49 | 50 | * Go 51 | * [awesome-go](https://github.com/avelino/awesome-go) 52 | 53 | * vim 54 | * [Vundle](https://github.com/gmarik/Vundle.vim) 55 | * [tagbar](https://github.com/majutsushi/tagbar) 56 | * [YouCompleteMe](https://github.com/Valloric/YouCompleteMe) 57 | * [use_vim_as_ide](https://github.com/yangyangwithgnu/use_vim_as_ide) 58 | 59 | * Nosql 60 | * [codis]() 61 | * [ssdb](https://github.com/ideawu/ssdb) 62 | 63 | * 虚拟化 64 | * [docker](https://github.com/docker/docker) 65 | * [docker从入门到实践](https://github.com/yeasy/docker_practice) 66 | * [docker笔记](http://blog.opskumu.com/docker.html) 67 | * kvm 68 | 69 | * 前端相关 70 | * [angularjs-cn](https://github.com/peiransun/angularjs-cn) 71 | * [nodejs](https://github.com/youyudehexie/node123) 72 | * [jpeg优化](https://github.com/tjko/jpegoptim) 73 | 74 | * 科学上网 75 | * [openwrt](https://github.com/softwaredownload/openwrt-fanqiang) 76 | * [goagent](https://github.com/goagent/goagent) 77 | * [shadowsocks](https://github.com/shadowsocks/shadowsocks) 78 | 79 | * 其他 80 | * [借助开源项目,学习软件开发](https://github.com/zhuangbiaowei/learn-with-open-source) 81 | * [程序员简历模板](https://github.com/geekcompany/ResumeSample) 82 | * [reepio,j基于浏览器的p2p传输](https://github.com/KodeKraftwerk/reepio) 83 | * [xbmc媒体中心](https://github.com/xbmc/xbmc) 84 | * [乱七八糟的wiki](https://github.com/greatfire/wiki) 85 | * [keepassx,密码存储](https://github.com/keepassx/keepassx) 86 | * [markdown编辑](https://github.com/sofish/pen) 87 | -------------------------------------------------------------------------------- /docker/README.md: -------------------------------------------------------------------------------- 1 | ## Docker 2 | 3 | ### Ubuntu 4 | 5 | 系统要求: 6 | 7 | - Disco 19.04 8 | - Cosmic 18.10 9 | - Bionic 18.04 (LTS) 10 | - Xenial 16.04 (LTS) 11 | 12 | ```shell 13 | sudo apt-get update 14 | sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common 15 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 16 | sudo add-apt-repository \ 17 | "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ 18 | $(lsb_release -cs) \ 19 | stable" 20 | sudo apt-get update 21 | sudo apt-get install docker-ce docker-ce-cli containerd.io 22 | ``` 23 | 24 | 如果系统版本 < 14.04 : 25 | 26 | ```shell 27 | # 首先要更新内核 28 | sudo apt-get update 29 | sudo apt-get install linux-image-generic-lts-raring linux-headers-generic-lts-raring 30 | sudo reboot 31 | sudo apt-get install apt-transport-https 32 | sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 33 | sudo bash -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list" 34 | sudo apt-get update 35 | sudo apt-get install lxc-docker apparmor 36 | ``` 37 | 38 | ### CentOS 39 | 40 | 在 CentOS7 版本中: 41 | 42 | ```shell 43 | sudo yum install -y yum-utils device-mapper-persistent-data lvm2 44 | sudo yum-config-manager \ 45 | --add-repo \ 46 | https://download.docker.com/linux/centos/docker-ce.repo 47 | sudo yum install docker-ce docker-ce-cli containerd.io 48 | sudo systemctl enable docker 49 | sudo systemctl start docker 50 | ``` 51 | 52 | 如果是 CentOS6 : 53 | 54 | ```shell 55 | sudo yum install http://mirrors.yun-idc.com/epel/6/x86_64/epel-release-6-8.noarch.rpm 56 | sudo yum install docker-io 57 | # 添加用户到docker组 58 | sudo gpasswd -a ${USER} docker 59 | # 启动服务 60 | sudo service docker start 61 | ``` 62 | 63 | ### docker 基本使用 64 | 65 | - 镜像加速 66 | 在国内拉取官方镜像,速度简直不堪入目。所以要使用加速器,这里我推荐使用 aliyun 或者 daocloud 加速器,在官网注册账号,然后根据提示操作即可。 67 | 68 | - 搜索并拉取镜像 69 | 70 | ```shell 71 | docker search 72 | docker pull 73 | ``` 74 | 75 | - 查看镜像 76 | 77 | ```$ docker images``` 78 | 79 | - 运行容器 80 | 启动一个新容器 81 | ```$ docker run -t -i ``` 82 | 其中,-t 选项让Docker分配一个伪终端(pseudo-tty)并绑定到容器的标准输入上, -i 则让容器的标准输入保持打开 83 | 启动已终止容器 84 | ```$ docker start ``` 85 | 如果需要容器在后台保持运行,添加参数 -d 86 | 87 | - 查看 all 容器 88 | ```$ docker ps -a``` 89 | 90 | - 终止容器 91 | ```$ docker stop ``` 92 | 93 | - 进入容器 94 | 使用docker attach 95 | 使用nsenter 96 | 97 | - 提交更改 98 | ```$ docker commit -m "说明" -a "维护者信息" 容器ID 目标镜像仓库名:tag``` 99 | 100 | - push镜像 101 | ```$ docker push 目标镜像仓库名:tag``` 102 | 103 | - 移除 104 | 移除镜像 105 | ```docker rmi image-name``` 106 | 移除容器 107 | ```docker rm ID``` 108 | 移除所有容器 109 | ```for i in `docker ps -a|awk '{print $1}'|grep -v CONTAINER`;do docker rm $i;done``` 110 | 111 | - 数据卷 112 | 使用-v 创建数据卷并挂载到容器中 113 | ```docker run -t -i -v /data:/data --name volumes centos /bin/bash``` 114 | 如果需要在多容器共享数据,可以使用数据卷容器: 115 | 116 | ```shell 117 | docker run -v /data:/data --name data centos echo This is DATA VOLUMES 118 | docker run -t -i --volumes-from data centos /bin/bash 119 | ``` 120 | 121 | 数据卷备份: 122 | 123 | ```docker run -v $(PWD):/tmp --volumes-from data centos tar zcf /tmp/data.tgz /data``` 124 | 125 | 数据卷导入: 126 | 127 | ```docker run -v $(PWD):/tmp --volumes-frpm data centos tar zxf /tmp/data.tgz -C /data``` 128 | 129 | ### Docker-compose 130 | 131 | 安装 compose : 132 | 133 | ```shell 134 | sudo curl -L "https://github.com/docker/compose/releases/download/1.25.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose 135 | sudo chmod +x /usr/local/bin/docker-compose 136 | ``` 137 | -------------------------------------------------------------------------------- /varnish/default.vcl: -------------------------------------------------------------------------------- 1 | acl purge { 2 | "localhost"; 3 | "192.168.0.0"/24; 4 | } 5 | 6 | backend w37 { 7 | .host = "192.168.0.37"; 8 | .port = "80"; 9 | .connect_timeout = 2s; 10 | .probe = { 11 | .url = "/"; 12 | .expected_response = 301; 13 | .interval = 5s; 14 | .timeout = 2s; 15 | .window = 5; 16 | .threshold = 3; 17 | } 18 | } 19 | 20 | backend w67 { 21 | .host = "192.168.0.67"; 22 | .port = "80"; 23 | .connect_timeout = 2s; 24 | .probe = { 25 | .url = "/"; 26 | .expected_response = 301; 27 | .interval = 5s; 28 | .timeout = 2s; 29 | .window = 5; 30 | .threshold = 3; 31 | } 32 | } 33 | 34 | director taocz client { 35 | { 36 | .backend = w37; 37 | .weight = 6; 38 | } 39 | { 40 | .backend = w67; 41 | .weight = 6; 42 | } 43 | } 44 | 45 | 46 | sub vcl_recv { 47 | remove req.http.X-Forwarded-For; 48 | remove req.http.X-real-ip; 49 | set req.http.X-real-ip = client.ip; 50 | set req.http.X-Forwarded-For = client.ip; 51 | set req.backend = taocz; 52 | 53 | set client.identity = client.ip; 54 | 55 | if ((req.request == "GET" || req.request == "HEAD") && (req.http.host == "www.taocz.com" || req.http.host == "taocz.com" )) { 56 | if (req.url == "/" || req.url ~ "^/search-" || req.url ~ "^/goods-" || req.url ~ "^/store-" || req.url ~ "^/index\.php\?app=search\.search\&act=ajaxLoad" ) { 57 | if (req.http.Accept-Encoding) { 58 | if (req.http.Accept-Encoding ~ "gzip") { 59 | set req.http.Accept-Encoding = "gzip"; 60 | } elsif (req.http.Accept-Encoding ~ "deflate") { 61 | set req.http.Accept-Encoding = "deflate"; 62 | } else { 63 | remove req.http.Accept-Encoding; 64 | } 65 | } 66 | return (lookup); 67 | } else { 68 | return (pass); 69 | } 70 | } 71 | 72 | if (req.request == "BAN") { 73 | if (!client.ip ~ purge) { 74 | error 405 "Not allowed."; 75 | } 76 | ban("req.url == " + req.url); 77 | error 200 "Baned."; 78 | } 79 | if (req.request == "BANALL") { 80 | if (!client.ip ~ purge) { 81 | error 405 "Not allowed."; 82 | } 83 | ban("req.url ~ . "); 84 | error 200 "All Baned."; 85 | } 86 | return (pass); 87 | } 88 | 89 | sub vcl_hash { 90 | 91 | } 92 | 93 | sub vcl_fetch { 94 | 95 | if ((req.request == "GET" || req.request == "HEAD") && (req.http.host == "www.taocz.com" ||req.http.host == "taocz.com" )) { 96 | 97 | if(req.url == "/" || req.url ~ "^/search-" || req.url ~ "^/goods-" || req.url ~ "^/store-" || req.url ~ "^/index\.php\?app=search\.search\&act=ajaxLoad" ) { 98 | unset beresp.http.Set-Cookie; 99 | unset beresp.http.Pragma; 100 | unset beresp.http.Cache-Control; 101 | unset beresp.http.Expires; 102 | if (beresp.status >= 400) { 103 | set beresp.ttl = 0s; 104 | } else { 105 | if( req.url ~ "^/goods-" ) { 106 | set beresp.ttl = 24h; 107 | } else if( req.url ~ "^/index\.php\?app=search\.search\&act=ajaxLoad") { 108 | set beresp.ttl = 1800s; 109 | } else { 110 | set beresp.ttl = 4h; 111 | } 112 | } 113 | } 114 | 115 | return (deliver); 116 | } 117 | } 118 | 119 | sub vcl_deliver { 120 | if (obj.hits > 0) { 121 | set resp.http.X-Cache = "HIT"; 122 | set resp.http.X-Cache-Hits = obj.hits; 123 | } else { 124 | set resp.http.X-Cache = "MISS"; 125 | } 126 | set resp.http.Via = "taocz"; 127 | unset resp.http.X-Varnish; 128 | } 129 | 130 | sub vcl_error { 131 | set obj.http.Content-Type = "text/html; charset=utf-8"; 132 | synthetic "/* " + obj.status + " " + obj.response + " */" ; 133 | return (deliver); 134 | } 135 | 136 | -------------------------------------------------------------------------------- /nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | ####################################################################### 2 | # 3 | # This is the main Nginx configuration file. 4 | # More information about the configuration options is available on 5 | # * the English wiki - http://wiki.nginx.org/Main 6 | # * the Russian documentation - http://sysoev.ru/nginx/ 7 | # 8 | ####################################################################### 9 | 10 | #---------------------------------------------------------------------- 11 | # Main Module - directives that cover basic functionality 12 | # 13 | # http://wiki.nginx.org/NginxHttpMainModule 14 | # 15 | #---------------------------------------------------------------------- 16 | 17 | user nginx nginx; 18 | worker_processes auto; 19 | worker_cpu_affinity auto; 20 | worker_rlimit_nofile 51200; 21 | 22 | #error_log /home/logs/nginx/error.log crit; 23 | #error_log /var/log/nginx/error.log notice; 24 | error_log /var/log/nginx/error.log; 25 | 26 | pid /var/run/nginx.pid; 27 | 28 | 29 | #---------------------------------------------------------------------- 30 | # Events Module 31 | # 32 | # http://wiki.nginx.org/NginxHttpEventsModule 33 | # 34 | #---------------------------------------------------------------------- 35 | 36 | events { 37 | use epoll; 38 | multi_accept on; 39 | worker_connections 51200; 40 | } 41 | 42 | # Tengine only 43 | # load modules compiled as Dynamic Shared Object (DSO) 44 | # 45 | #dso { 46 | # load ngx_http_fastcgi_module.so; 47 | # load ngx_http_rewrite_module.so; 48 | #} 49 | 50 | #---------------------------------------------------------------------- 51 | # HTTP Core Module 52 | # 53 | # http://wiki.nginx.org/NginxHttpCoreModule 54 | # 55 | #---------------------------------------------------------------------- 56 | 57 | http { 58 | include mime.types; 59 | default_type application/octet-stream; 60 | 61 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 62 | '$status $body_bytes_sent "$http_referer" ' 63 | '"$http_user_agent" "$http_x_forwarded_for"'; 64 | 65 | log_empty_request off; # Tengine only 66 | access_log /var/log/nginx/access.log main buffer=16k; 67 | 68 | 69 | #server_tokens off; # Nginx only 70 | server_tag Taocz; # Tengine only 71 | server_info off; # Tengine only 72 | server_names_hash_bucket_size 128; 73 | large_client_header_buffers 4 4k; 74 | client_header_buffer_size 2k; 75 | client_max_body_size 12m; 76 | 77 | sendfile on; 78 | tcp_nopush on; 79 | tcp_nodelay on; 80 | keepalive_timeout 20; 81 | reset_timedout_connection = 20 82 | client_header_timeout 20; 83 | client_body_timeout 20; 84 | send_timeout 20; 85 | 86 | fastcgi_send_timeout 120s; 87 | fastcgi_read_timeout 120s; 88 | fastcgi_buffer_size 16k; 89 | fastcgi_buffers 32 16k; 90 | fastcgi_busy_buffers_size 16k; 91 | fastcgi_temp_file_write_size 16k; 92 | 93 | open_file_cache max=204800 inactive=20s; 94 | open_file_cache_min_uses 1; 95 | open_file_cache_valid 30s; 96 | #open_file_cache_errors on; 97 | 98 | gzip on; 99 | gzip_disable "msie6"; 100 | gzip_vary on; 101 | gzip_proxied any; 102 | gzip_comp_level 5; 103 | gzip_min_length 1k; 104 | gzip_buffers 16 8k; 105 | gzip_http_version 1.1; 106 | gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; 107 | 108 | error_page 404 /404.htm; 109 | 110 | # fastcgi used by unix socket and not only one pool 111 | upstream phpbackend { 112 | server unix:/dev/shm/php-fpm-www1.sock; 113 | server unix:/dev/shm/php-fpm-www2.sock; 114 | } 115 | 116 | include conf.d/*.conf; 117 | 118 | } 119 | -------------------------------------------------------------------------------- /nginx/README.md: -------------------------------------------------------------------------------- 1 | # 文档 2 | 3 | - [admin-guide](http://nginx.com/resources/admin-guide/) 4 | - [wiki](http://wiki.nginx.org/Main) 5 | - [docs](http://nginx.org/en/docs/) 6 | - [nginx-resources](https://github.com/fcambus/nginx-resources) 7 | 8 | ## 应用 9 | 10 | ### Nginx 正向代理 11 | 12 | ```conf 13 | server{ 14 | resolver 114.114.114.114; 15 | resolver_timeout 30s; 16 | listen 1082; 17 | location / { 18 | proxy_pass http://$http_host$request_uri; 19 | proxy_set_header Host $http_host; 20 | proxy_buffers 256 4k; 21 | proxy_max_temp_file_size 0; 22 | proxy_connect_timeout 30; 23 | proxy_cache_valid 200 302 10m; 24 | proxy_cache_valid 301 1h; 25 | proxy_cache_valid any 1m; 26 | } 27 | } 28 | ``` 29 | 30 | ### Nginx 反向代理 + 负载均衡 31 | 32 | ```conf 33 | upstream test.com_static { 34 | server 10.10.7.106:80; 35 | } 36 | upstream test.com_dynamic { #负载均衡 37 | ip_hash; #负载算法 38 | server 10.10.7.109:80 max_fails=3 fail_timeout=5s; #健康检测 39 | server 10.10.7.110:80; 40 | server 10.10.7.113:80; 41 | } 42 | 43 | server { 44 | listen 80; 45 | server_name *.test.com; 46 | access_log logs/test.com.access.log main buffer=32k flush=10s; 47 | 48 | location ~* \.(jpeg|jpg|png|gif|js|css)$ { #做动静分离 49 | proxy_pass http://test.com_static; 50 | proxy_read_timeout 300; 51 | proxy_buffering off; 52 | proxy_redirect off; 53 | proxy_intercept_errors on; 54 | proxy_http_version 1.1; 55 | proxy_set_header Connection ""; 56 | proxy_set_header Host $host; 57 | proxy_set_header X-Real-IP $remote_addr; 58 | proxy_set_header x-forwarded-for $remote_addr; 59 | client_max_body_size 3072k; 60 | client_body_buffer_size 128k; 61 | } 62 | 63 | location / { 64 | proxy_pass http://test.com_dynamic; 65 | proxy_read_timeout 300; 66 | proxy_buffering off; 67 | proxy_redirect off; 68 | proxy_intercept_errors on; 69 | proxy_http_version 1.1; 70 | proxy_set_header Connection ""; 71 | proxy_set_header Host $host; 72 | proxy_set_header X-Real-IP $remote_addr; 73 | proxy_set_header x-forwarded-for $remote_addr; 74 | client_max_body_size 3072k; 75 | client_body_buffer_size 128k; 76 | } 77 | } 78 | ``` 79 | 80 | ### Nginx 页面缓存 81 | 82 | **Context: http** 中添加配置: 83 | 84 | ```conf 85 | http { 86 | proxy_cache_path /tmp/cache/ levels=1:2 keys_zone=my_cache:16m max_size=128m inactive=30d use_temp_path=off; 87 | } 88 | ``` 89 | 90 | 解释如下: 91 | 92 | - /tmp/cache : 缓存目录,还有一种更高效的是使用tmpfs 93 | - levels=1:2 : 缓存目录的层级,因为单个目录下如果有大量文件,很影响性能,所以设为多级目录 94 | - keys_zone=my_cache:16m : 指定缓存的名称及key(我理解为缓存文件的目录,这样可以加速检索) 95 | - max_size=128m : 指定缓存的最大值 96 | - inactive=30d : 指定失效时间,也就是多久没有被访问,这里设置30d 97 | - use_temp_path=off : 默认在写入缓存文件时,会先写在一个临时区域,设为off后则将临时文件与缓存写入同一路径 98 | 99 | **Context: server** 中添加配置: 100 | 101 | ```conf 102 | server { 103 | proxy_cache my_cache; 104 | proxy_cache_valid 200 30m; 105 | proxy_cache_valid 404 1m; 106 | proxy_ignore_headers X-Accel-Expires Expires Cache-Control; 107 | proxy_ignore_headers Set-Cookie; 108 | proxy_hide_header Set-Cookie; 109 | proxy_hide_header X-powered-by; 110 | } 111 | ``` 112 | 113 | ### Nginx 限流 114 | 115 | #### ngx_http_limit_conn 116 | 117 | 限制单个 IP 连接数. 118 | 119 | ```conf 120 | http { 121 | limit_conn_zone $binary_remote_addr zone=addr:10m; 122 | 123 | ... 124 | 125 | server { 126 | 127 | ... 128 | 129 | location /download/ { 130 | limit_conn addr 1; 131 | } 132 | ``` 133 | 134 | #### ngx_http_limit_req 135 | 136 | 限制单个 IP 请求数速率. 137 | 138 | ```conf 139 | http { 140 | limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; 141 | 142 | ... 143 | 144 | server { 145 | 146 | ... 147 | 148 | location /search/ { 149 | limit_req zone=one burst=5; 150 | limit_req_status 503; 151 | } 152 | ``` 153 | -------------------------------------------------------------------------------- /mha/README.md: -------------------------------------------------------------------------------- 1 | ## Mysql-master-ha 2 | [mha<木弟^子>](https://code.google.com/p/mysql-master-ha/)目前在MySQL高可用方面是一个相对成熟的解决方案,是一套优秀的作为MySQL高可用性环境下故障切换和主从提升的高可用软件。在MySQL故障切换过程中,MHA能做到在0~30秒之内自动完成数据库的故障切换操作,并且在进行故障切换的过程中,MHA能在最大程度上保证数据的一致性,以达到真正意义上的高可用. 3 | 4 | 该软件由两部分组成:MHA Manager(管理节点)和MHA Node(数据节点)。 5 | ![MHA-components](https://github.com/yotoobo/linux/blob/master/mha/MHA-components.png) 6 | MHA Manager可以单独部署在一台独立的机器上管理多个master-slave集群,也可以部署在一台slave节点上。MHA Node运行在每台MySQL服务器上,MHA Manager会定时探测集群中的master节点,当master出现故障时,它可以自动将最新数据的slave提升为新的master,然后将所有其他的slave重新指向新的master。整个故障转移过程对应用程序完全透明。 7 | 8 | 在MHA自动故障切换过程中,MHA试图从宕机的主服务器上保存二进制日志,最大程度的保证数据的不丢失,但这并不总是可行的。例如,如果主服务器硬件故障或无法通过ssh访问,MHA没法保存二进制日志,只进行故障转移而丢失了最新的数据。使用MySQL 5.5的半同步复制,可以大大降低数据丢失的风险。MHA可以与半同步复制结合起来。如果只有一个slave已经收到了最新的二进制日志,MHA可以将最新的二进制日志应用于其他所有的slave服务器上,因此可以保证所有节点的数据一致性。 9 | 10 | 目前MHA主要支持一主多从的架构,要搭建MHA,要求一个复制集群中必须最少有三台数据库服务器,一主二从,即一台充当master,一台充当备用master,另外一台充当从库,因为至少需要三台服务器,出于机器成本的考虑,淘宝也在该基础上进行了改造,目前淘宝TMHA已经支持一主一从. 11 | 12 | ## 工作原理 13 | ![mha管理多组主从](https://github.com/yotoobo/config/blob/master/mha/mha.png) 14 | 15 | ## Getting Started 16 | * replication environments 17 | 初始化[主从环境](https://github.com/yotoobo/config/blob/master/mysql/README.md) 18 | * 拓扑关系 19 | ``` 20 | | Hosts | IP | 角色 | 21 | | ---------- | ------------- | ------------------------------- | 22 | | master | 192.168.1.121 | Master and MHA-Node | 23 | | 192.168.1.120 | VIP | 24 | | slave1 | 192.168.1.122 | Slave and MHA-Node | 25 | | slave2 | 192.168.1.123 | Slave and MHA-Node MHA-Manager | 26 | ``` 27 | 在master上手动执行 28 | ```ifconfig eth1:1 192.168.1.120/24``` 29 | 30 | * Install MHA-Node on all hosts 31 | In Centos or Redhat,do install from package 32 | ``` 33 | # yum install perl-DBD-MySQL 34 | # rpm -ivh mha4mysql-node-X.Y.noarch.rpm 35 | ``` 36 | In Debian or ubuntu,do install from deb 37 | ``` 38 | $ sudo apt-get install libdbd-mysql-perl 39 | $ sudo dpkg -i mha4mysql-node_X.Y_all.deb 40 | ``` 41 | Or install from source 42 | ``` 43 | $ tar zxf mha4mysql-node-X.Y.tar.gz 44 | $ cd mha4mysql-node-X.Y 45 | $ perl Makefile.PL 46 | $ make 47 | $ sudo make install 48 | ``` 49 | _Note:相应软件包已放在当前目录下,可下载使用_ 50 | 51 | * Install MHA-Manager on slave2 52 | In Centos or Redhat,do install from package 53 | 官方源缺失部分软件包,请安装对应的[epel源](http://fedoraproject.org/wiki/EPEL) 54 | ``` 55 | # rpm -ivh http://mirrors.yun-idc.com/epel/6/x86_64/epel-release-6-8.noarch.rpm 56 | # yum install perl-DBD-MySQL perl-Config-Tiny perl-Log-Dispatch perl-Parallel-ForkManager perl-Time-HiRes 57 | # rpm -ivh mha4mysql-manager-X.Y-0.noarch.rpm 58 | ``` 59 | In Debian or ubuntu,do install from deb 60 | ``` 61 | $ sudo apt-get install libdbd-mysql-perl libconfig-tiny-perl liblog-dispatch-perl libparallel-forkmanager-perl 62 | $ dpkg -i mha4mysql-manager_X.Y_all.deb 63 | ``` 64 | Or install from source 65 | ``` 66 | $ tar -zxf mha4mysql-manager-X.Y.tar.gz 67 | $ cd tar -zxf mha4mysql-manager-X.Y 68 | $ perl Makefile.PL 69 | $ make 70 | $ sudo make install 71 | ``` 72 | _Note:相应软件包已放在当前目录下,可下载使用._ 73 | 74 | * SSH 免密码登录 75 | 76 | * MHA Configure 77 | 示例配置文件在源码包内 78 | ``` 79 | cat /etc/mha/app1.conf 80 | [server default] 81 | manager_workdir=/var/log/masterha/app1 82 | manager_log=/var/log/masterha/app1/manager.log 83 | 84 | master_binlog_dir=/home/user/mysql/data 85 | master_ip_failover_script=/usr/local/bin/master_ip_failover 86 | master_ip_online_change_script=/usr/local/bin/master_ip_online_change 87 | user=admin 88 | password=123456 89 | ping_interval=1 90 | remote_workdir=/tmp 91 | repl_password=password 92 | repl_user=repUser 93 | report_script=/usr/local/bin/send_report 94 | secondary_check_script=/usr/bin/masterha_secondary_check -s slave1 -s master --user=root --master_host=master --master_ip=192.168.1.121 --master_port=3306 95 | ssh_user=root 96 | 97 | [server1] 98 | hostname=master 99 | port=3306 100 | 101 | [server2] 102 | hostname=slave1 103 | port=3306 104 | candidate_master=1 105 | 106 | [server3] 107 | hostname=slave2 108 | port=3306 109 | 110 | ``` 111 | 112 | ``` 113 | cat master_ip_failover 114 | #!/usr/bin/env perl 115 | 116 | use strict; 117 | use warnings FATAL => 'all'; 118 | 119 | use Getopt::Long; 120 | 121 | my ( 122 | $command, $ssh_user, $orig_master_host, $orig_master_ip, 123 | $orig_master_port, $new_master_host, $new_master_ip, $new_master_port 124 | ); 125 | 126 | my $vip = '192.168.1.120/24'; 127 | my $key = '1'; 128 | my $ssh_start_vip = "/sbin/ifconfig eth1:$key $vip"; 129 | my $ssh_stop_vip = "/sbin/ifconfig eth1:$key down"; 130 | 131 | GetOptions( 132 | 'command=s' => \$command, 133 | 'ssh_user=s' => \$ssh_user, 134 | 'orig_master_host=s' => \$orig_master_host, 135 | 'orig_master_ip=s' => \$orig_master_ip, 136 | 'orig_master_port=i' => \$orig_master_port, 137 | 'new_master_host=s' => \$new_master_host, 138 | 'new_master_ip=s' => \$new_master_ip, 139 | 'new_master_port=i' => \$new_master_port, 140 | ); 141 | 142 | exit &main(); 143 | 144 | sub main { 145 | 146 | print "\n\nIN SCRIPT TEST====$ssh_stop_vip==$ssh_start_vip===\n\n"; 147 | 148 | if ( $command eq "stop" || $command eq "stopssh" ) { 149 | 150 | my $exit_code = 1; 151 | eval { 152 | print "Disabling the VIP on old master: $orig_master_host \n"; 153 | &stop_vip(); 154 | $exit_code = 0; 155 | }; 156 | if ($@) { 157 | warn "Got Error: $@\n"; 158 | exit $exit_code; 159 | } 160 | exit $exit_code; 161 | } 162 | elsif ( $command eq "start" ) { 163 | 164 | my $exit_code = 10; 165 | eval { 166 | print "Enabling the VIP - $vip on the new master - $new_master_host \n"; 167 | &start_vip(); 168 | $exit_code = 0; 169 | }; 170 | if ($@) { 171 | warn $@; 172 | exit $exit_code; 173 | } 174 | exit $exit_code; 175 | } 176 | elsif ( $command eq "status" ) { 177 | print "Checking the Status of the script.. OK \n"; 178 | exit 0; 179 | } 180 | else { 181 | &usage(); 182 | exit 1; 183 | } 184 | } 185 | 186 | sub start_vip() { 187 | `ssh $ssh_user\@$new_master_host \" $ssh_start_vip \"`; 188 | } 189 | sub stop_vip() { 190 | return 0 unless ($ssh_user); 191 | `ssh $ssh_user\@$orig_master_host \" $ssh_stop_vip \"`; 192 | } 193 | 194 | sub usage { 195 | print 196 | "Usage: master_ip_failover --command=start|stop|stopssh|status --orig_master_host=host --orig_master_ip=ip --orig_master_port=port --new_master_host=host --new_master_ip=ip --new_master_port=port\n"; 197 | } 198 | 199 | ``` 200 | 201 | * MHA的启动与关闭 202 | start 203 | ``` 204 | nohup masterha_manager --conf=/etc/mha/app1.cnf < /dev/null > /var/log/masterha/app1/manager.log 2>&1 & 205 | 可选参数 206 | --remove_dead_master_conf 207 | --ignore_last_failover 208 | ``` 209 | stop 210 | ```masterha_stop --conf=/etc/mha/app1.cnf``` 211 | 212 | * 检测 213 | 在manager上 214 | 1. masterha_check_ssh --conf=/etc/mha/app1.cnf 215 | 2. masterha_check_repl --conf=/etc/mha/app1.cnf 216 | 3. masterha_check_status --conf=/etc/mha/app1.cnf 217 | 218 | * 测试 219 | 220 | 221 | * 参考文档 222 | 1. [MHA](https://code.google.com/p/mysql-master-ha/) 223 | 2. [Mysql高可用之MHA](http://www.cnblogs.com/gomysql/p/3675429.html) 224 | 3. [Mysql大杀器之MHA](http://huoding.com/2011/12/18/139) 225 | 226 | 227 | -------------------------------------------------------------------------------- /ubuntu/dircolors: -------------------------------------------------------------------------------- 1 | # Exact Solarized Dark color theme for the color GNU ls utility. 2 | # Designed for dircolors (GNU coreutils) 5.97 3 | # 4 | # This simple theme was simultaneously designed for these terminal color schemes: 5 | # - Solarized dark (best) 6 | # - Solarized light 7 | # - default dark 8 | # - default light 9 | # with a slight optimization for Solarized Dark. 10 | # 11 | # How the colors were selected: 12 | # - Terminal emulators often have an option typically enabled by default that makes 13 | # bold a different color. It is important to leave this option enabled so that 14 | # you can access the entire 16-color Solarized palette, and not just 8 colors. 15 | # - We favor universality over a greater number of colors. So we limit the number 16 | # of colors so that this theme will work out of the box in all terminals, 17 | # Solarized or not, dark or light. 18 | # - We choose to have the following category of files: 19 | # NORMAL & FILE, DIR, LINK, EXEC and 20 | # editable text including source, unimportant text, binary docs & multimedia source 21 | # files, viewable multimedia, archived/compressed, and unimportant non-text 22 | # - For uniqueness, we stay away from the Solarized foreground colors are -- either 23 | # base00 (brightyellow) or base0 (brighblue). However, they can be used if 24 | # you know what the bg/fg colors of your terminal are, in order to optimize the display. 25 | # - 3 different options are provided: universal, solarized dark, and solarized light. 26 | # The only difference between the universal scheme and one that's optimized for 27 | # dark/light is the color of "unimportant" files, which should blend more with the 28 | # background 29 | # - We note that blue is the hardest color to see on dark bg and yellow is the hardest 30 | # color to see on light bg (with blue being particularly bad). So we choose yellow 31 | # for multimedia files which are usually accessed in a GUI folder browser anyway. 32 | # And blue is kept for custom use of this scheme's user. 33 | # - See table below to see the assignments. 34 | 35 | 36 | # Installation instructions: 37 | # This file goes in the /etc directory, and must be world readable. 38 | # You can copy this file to .dir_colors in your $HOME directory to override 39 | # the system defaults. 40 | 41 | # COLOR needs one of these arguments: 'tty' colorizes output to ttys, but not 42 | # pipes. 'all' adds color characters to all output. 'none' shuts colorization 43 | # off. 44 | COLOR tty 45 | 46 | # Below, there should be one TERM entry for each termtype that is colorizable 47 | TERM ansi 48 | TERM color_xterm 49 | TERM color-xterm 50 | TERM con132x25 51 | TERM con132x30 52 | TERM con132x43 53 | TERM con132x60 54 | TERM con80x25 55 | TERM con80x28 56 | TERM con80x30 57 | TERM con80x43 58 | TERM con80x50 59 | TERM con80x60 60 | TERM cons25 61 | TERM console 62 | TERM cygwin 63 | TERM dtterm 64 | TERM dvtm 65 | TERM dvtm-256color 66 | TERM Eterm 67 | TERM eterm-color 68 | TERM fbterm 69 | TERM gnome 70 | TERM gnome-256color 71 | TERM jfbterm 72 | TERM konsole 73 | TERM konsole-256color 74 | TERM kterm 75 | TERM linux 76 | TERM linux-c 77 | TERM mach-color 78 | TERM mlterm 79 | TERM nxterm 80 | TERM putty 81 | TERM putty-256color 82 | TERM rxvt 83 | TERM rxvt-256color 84 | TERM rxvt-cygwin 85 | TERM rxvt-cygwin-native 86 | TERM rxvt-unicode 87 | TERM rxvt-unicode256 88 | TERM rxvt-unicode-256color 89 | TERM screen 90 | TERM screen-16color 91 | TERM screen-16color-bce 92 | TERM screen-16color-s 93 | TERM screen-16color-bce-s 94 | TERM screen-256color 95 | TERM screen-256color-bce 96 | TERM screen-256color-s 97 | TERM screen-256color-bce-s 98 | TERM screen-bce 99 | TERM screen-w 100 | TERM screen.linux 101 | TERM screen.xterm-new 102 | TERM st 103 | TERM st-meta 104 | TERM st-256color 105 | TERM st-meta-256color 106 | TERM vt100 107 | TERM xterm 108 | TERM xterm-new 109 | TERM xterm-16color 110 | TERM xterm-256color 111 | TERM xterm-88color 112 | TERM xterm-color 113 | TERM xterm-debian 114 | TERM xterm-termite 115 | 116 | # EIGHTBIT, followed by '1' for on, '0' for off. (8-bit output) 117 | EIGHTBIT 1 118 | 119 | ############################################################################# 120 | # Below are the color init strings for the basic file types. A color init 121 | # string consists of one or more of the following numeric codes: 122 | # 123 | # Attribute codes: 124 | # 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed 125 | # Text color codes: 126 | # 30=black 31=red 32=green 33=yellow 34=blue 35=magenta 36=cyan 37=white 127 | # Background color codes: 128 | # 40=black 41=red 42=green 43=yellow 44=blue 45=magenta 46=cyan 47=white 129 | # 130 | # NOTES: 131 | # - See http://www.oreilly.com/catalog/wdnut/excerpt/color_names.html 132 | # - Color combinations 133 | # ANSI Color code Solarized Notes Universal SolDark SolLight 134 | # ~~~~~~~~~~~~~~~ ~~~~~~~~~ ~~~~~ ~~~~~~~~~ ~~~~~~~ ~~~~~~~~ 135 | # 00 none NORMAL, FILE 136 | # 30 black base02 137 | # 01;30 bright black base03 bg of SolDark 138 | # 31 red red docs & mm src 139 | # 01;31 bright red orange EXEC 140 | # 32 green green editable text 141 | # 01;32 bright green base01 unimportant text 142 | # 33 yellow yellow unclear in light bg multimedia 143 | # 01;33 bright yellow base00 fg of SolLight unimportant non-text 144 | # 34 blue blue unclear in dark bg user customized 145 | # 01;34 bright blue base0 fg in SolDark unimportant text 146 | # 35 magenta magenta LINK 147 | # 01;35 bright magenta violet archive/compressed 148 | # 36 cyan cyan DIR 149 | # 01;36 bright cyan base1 unimportant non-text 150 | # 37 white base2 151 | # 01;37 bright white base3 bg in SolLight 152 | # 05;37;41 unclear in Putty dark 153 | 154 | 155 | ### By file type 156 | 157 | # global default 158 | NORMAL 00 159 | # normal file 160 | FILE 00 161 | # directory 162 | DIR 34 163 | # 777 directory 164 | OTHER_WRITABLE 34;40 165 | # symbolic link 166 | LINK 35 167 | 168 | # pipe, socket, block device, character device (blue bg) 169 | FIFO 30;44 170 | SOCK 35;44 171 | DOOR 35;44 # Solaris 2.5 and later 172 | BLK 33;44 173 | CHR 37;44 174 | 175 | 176 | ############################################################################# 177 | ### By file attributes 178 | 179 | # Orphaned symlinks (blinking white on red) 180 | # Blink may or may not work (works on iTerm dark or light, and Putty dark) 181 | ORPHAN 05;37;41 182 | # ... and the files that orphaned symlinks point to (blinking white on red) 183 | MISSING 05;37;41 184 | 185 | # files with execute permission 186 | EXEC 01;31 # Unix 187 | .cmd 01;31 # Win 188 | .exe 01;31 # Win 189 | .com 01;31 # Win 190 | .bat 01;31 # Win 191 | .reg 01;31 # Win 192 | .app 01;31 # OSX 193 | 194 | ############################################################################# 195 | ### By extension 196 | 197 | # List any file extensions like '.gz' or '.tar' that you would like ls 198 | # to colorize below. Put the extension, a space, and the color init string. 199 | # (and any comments you want to add after a '#') 200 | 201 | ### Text formats 202 | 203 | # Text that we can edit with a regular editor 204 | .txt 32 205 | .org 32 206 | .md 32 207 | .mkd 32 208 | 209 | # Source text 210 | .h 32 211 | .c 32 212 | .C 32 213 | .cc 32 214 | .cpp 32 215 | .cxx 32 216 | .objc 32 217 | .sh 32 218 | .csh 32 219 | .zsh 32 220 | .el 32 221 | .vim 32 222 | .java 32 223 | .pl 32 224 | .pm 32 225 | .py 32 226 | .rb 32 227 | .hs 32 228 | .php 32 229 | .htm 32 230 | .html 32 231 | .shtml 32 232 | .erb 32 233 | .haml 32 234 | .xml 32 235 | .rdf 32 236 | .css 32 237 | .sass 32 238 | .scss 32 239 | .less 32 240 | .js 32 241 | .coffee 32 242 | .man 32 243 | .0 32 244 | .1 32 245 | .2 32 246 | .3 32 247 | .4 32 248 | .5 32 249 | .6 32 250 | .7 32 251 | .8 32 252 | .9 32 253 | .l 32 254 | .n 32 255 | .p 32 256 | .pod 32 257 | .tex 32 258 | 259 | ### Multimedia formats 260 | 261 | # Image 262 | .bmp 33 263 | .cgm 33 264 | .dl 33 265 | .dvi 33 266 | .emf 33 267 | .eps 33 268 | .gif 33 269 | .jpeg 33 270 | .jpg 33 271 | .JPG 33 272 | .mng 33 273 | .pbm 33 274 | .pcx 33 275 | .pdf 33 276 | .pgm 33 277 | .png 33 278 | .PNG 33 279 | .ppm 33 280 | .pps 33 281 | .ppsx 33 282 | .ps 33 283 | .svg 33 284 | .svgz 33 285 | .tga 33 286 | .tif 33 287 | .tiff 33 288 | .xbm 33 289 | .xcf 33 290 | .xpm 33 291 | .xwd 33 292 | .xwd 33 293 | .yuv 33 294 | 295 | # Audio 296 | .aac 33 297 | .au 33 298 | .flac 33 299 | .mid 33 300 | .midi 33 301 | .mka 33 302 | .mp3 33 303 | .mpa 33 304 | .mpeg 33 305 | .mpg 33 306 | .ogg 33 307 | .ra 33 308 | .wav 33 309 | 310 | # Video 311 | .anx 33 312 | .asf 33 313 | .avi 33 314 | .axv 33 315 | .flc 33 316 | .fli 33 317 | .flv 33 318 | .gl 33 319 | .m2v 33 320 | .m4v 33 321 | .mkv 33 322 | .mov 33 323 | .mp4 33 324 | .mp4v 33 325 | .mpeg 33 326 | .mpg 33 327 | .nuv 33 328 | .ogm 33 329 | .ogv 33 330 | .ogx 33 331 | .qt 33 332 | .rm 33 333 | .rmvb 33 334 | .swf 33 335 | .vob 33 336 | .webm 33 337 | .wmv 33 338 | 339 | ### Misc 340 | 341 | # Binary document formats and multimedia source 342 | .doc 31 343 | .docx 31 344 | .rtf 31 345 | .dot 31 346 | .dotx 31 347 | .xls 31 348 | .xlsx 31 349 | .ppt 31 350 | .pptx 31 351 | .fla 31 352 | .psd 31 353 | 354 | # Archives, compressed 355 | .7z 1;35 356 | .apk 1;35 357 | .arj 1;35 358 | .bin 1;35 359 | .bz 1;35 360 | .bz2 1;35 361 | .cab 1;35 # Win 362 | .deb 1;35 363 | .dmg 1;35 # OSX 364 | .gem 1;35 365 | .gz 1;35 366 | .iso 1;35 367 | .jar 1;35 368 | .msi 1;35 # Win 369 | .rar 1;35 370 | .rpm 1;35 371 | .tar 1;35 372 | .tbz 1;35 373 | .tbz2 1;35 374 | .tgz 1;35 375 | .tx 1;35 376 | .war 1;35 377 | .xpi 1;35 378 | .xz 1;35 379 | .z 1;35 380 | .Z 1;35 381 | .zip 1;35 382 | 383 | # For testing 384 | .ANSI-30-black 30 385 | .ANSI-01;30-brblack 01;30 386 | .ANSI-31-red 31 387 | .ANSI-01;31-brred 01;31 388 | .ANSI-32-green 32 389 | .ANSI-01;32-brgreen 01;32 390 | .ANSI-33-yellow 33 391 | .ANSI-01;33-bryellow 01;33 392 | .ANSI-34-blue 34 393 | .ANSI-01;34-brblue 01;34 394 | .ANSI-35-magenta 35 395 | .ANSI-01;35-brmagenta 01;35 396 | .ANSI-36-cyan 36 397 | .ANSI-01;36-brcyan 01;36 398 | .ANSI-37-white 37 399 | .ANSI-01;37-brwhite 01;37 400 | 401 | ############################################################################# 402 | # Your customizations 403 | 404 | # Unimportant text files 405 | # For universal scheme, use brightgreen 01;32 406 | # For optimal on light bg (but too prominent on dark bg), use white 01;34 407 | .log 01;32 408 | *~ 01;32 409 | *# 01;32 410 | #.log 01;34 411 | #*~ 01;34 412 | #*# 01;34 413 | 414 | # Unimportant non-text files 415 | # For universal scheme, use brightcyan 01;36 416 | # For optimal on dark bg (but too prominent on light bg), change to 01;33 417 | #.bak 01;36 418 | #.BAK 01;36 419 | #.old 01;36 420 | #.OLD 01;36 421 | #.org_archive 01;36 422 | #.off 01;36 423 | #.OFF 01;36 424 | #.dist 01;36 425 | #.DIST 01;36 426 | #.orig 01;36 427 | #.ORIG 01;36 428 | #.swp 01;36 429 | #.swo 01;36 430 | #*,v 01;36 431 | .bak 01;33 432 | .BAK 01;33 433 | .old 01;33 434 | .OLD 01;33 435 | .org_archive 01;33 436 | .off 01;33 437 | .OFF 01;33 438 | .dist 01;33 439 | .DIST 01;33 440 | .orig 01;33 441 | .ORIG 01;33 442 | .swp 01;33 443 | .swo 01;33 444 | *,v 01;33 445 | 446 | # The brightmagenta (Solarized: purple) color is free for you to use for your 447 | # custom file type 448 | .gpg 34 449 | .gpg 34 450 | .pgp 34 451 | .asc 34 452 | .3des 34 453 | .aes 34 454 | .enc 34 455 | .sqlite 34 456 | -------------------------------------------------------------------------------- /redis/redis.conf: -------------------------------------------------------------------------------- 1 | # Redis configuration file example 2 | 3 | # Note on units: when memory size is needed, it is possible to specify 4 | # it in the usual form of 1k 5GB 4M and so forth: 5 | # 6 | # 1k => 1000 bytes 7 | # 1kb => 1024 bytes 8 | # 1m => 1000000 bytes 9 | # 1mb => 1024*1024 bytes 10 | # 1g => 1000000000 bytes 11 | # 1gb => 1024*1024*1024 bytes 12 | # 13 | # units are case insensitive so 1GB 1Gb 1gB are all the same. 14 | 15 | # By default Redis does not run as a daemon. Use 'yes' if you need it. 16 | # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. 17 | daemonize yes 18 | 19 | # When running daemonized, Redis writes a pid file in /var/run/redis.pid by 20 | # default. You can specify a custom pid file location here. 21 | pidfile /var/run/redis.pid 22 | 23 | # Accept connections on the specified port, default is 6379. 24 | # If port 0 is specified Redis will not listen on a TCP socket. 25 | port 6379 26 | 27 | # If you want you can bind a single interface, if the bind option is not 28 | # specified all the interfaces will listen for incoming connections. 29 | # 30 | #bind 192.168.0.153 31 | 32 | # Specify the path for the unix socket that will be used to listen for 33 | # incoming connections. There is no default, so Redis will not listen 34 | # on a unix socket when not specified. 35 | # 36 | unixsocket /tmp/redis.sock 37 | unixsocketperm 755 38 | 39 | # Close the connection after a client is idle for N seconds (0 to disable) 40 | timeout 120 41 | 42 | # TCP keepalive. 43 | # 44 | # If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence 45 | # of communication. This is useful for two reasons: 46 | # 47 | # 1) Detect dead peers. 48 | # 2) Take the connection alive from the point of view of network 49 | # equipment in the middle. 50 | # 51 | # On Linux, the specified value (in seconds) is the period used to send ACKs. 52 | # Note that to close the connection the double of the time is needed. 53 | # On other kernels the period depends on the kernel configuration. 54 | # 55 | # A reasonable value for this option is 60 seconds. 56 | tcp-keepalive 60 57 | 58 | # Specify the server verbosity level. 59 | # This can be one of: 60 | # debug (a lot of information, useful for development/testing) 61 | # verbose (many rarely useful info, but not a mess like the debug level) 62 | # notice (moderately verbose, what you want in production probably) 63 | # warning (only very important / critical messages are logged) 64 | loglevel notice 65 | 66 | # Specify the log file name. Also 'stdout' can be used to force 67 | # Redis to log on the standard output. Note that if you use standard 68 | # output for logging but daemonize, logs will be sent to /dev/null 69 | logfile stdout 70 | 71 | # To enable logging to the system logger, just set 'syslog-enabled' to yes, 72 | # and optionally update the other syslog parameters to suit your needs. 73 | # syslog-enabled no 74 | 75 | # Specify the syslog identity. 76 | # syslog-ident redis 77 | 78 | # Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. 79 | # syslog-facility local0 80 | 81 | # Set the number of databases. The default database is DB 0, you can select 82 | # a different one on a per-connection basis using SELECT where 83 | # dbid is a number between 0 and 'databases'-1 84 | databases 16 85 | 86 | ################################ SNAPSHOTTING ################################# 87 | # 88 | # Save the DB on disk: 89 | # 90 | # save 91 | # 92 | # Will save the DB if both the given number of seconds and the given 93 | # number of write operations against the DB occurred. 94 | # 95 | # In the example below the behaviour will be to save: 96 | # after 900 sec (15 min) if at least 1 key changed 97 | # after 300 sec (5 min) if at least 10 keys changed 98 | # after 60 sec if at least 10000 keys changed 99 | # 100 | # Note: you can disable saving at all commenting all the "save" lines. 101 | # 102 | # It is also possible to remove all the previously configured save 103 | # points by adding a save directive with a single empty string argument 104 | # like in the following example: 105 | # 106 | # save "" 107 | 108 | #save 900 1 109 | #save 300 10 110 | #save 60 30 111 | 112 | # By default Redis will stop accepting writes if RDB snapshots are enabled 113 | # (at least one save point) and the latest background save failed. 114 | # This will make the user aware (in an hard way) that data is not persisting 115 | # on disk properly, otherwise chances are that no one will notice and some 116 | # distater will happen. 117 | # 118 | # If the background saving process will start working again Redis will 119 | # automatically allow writes again. 120 | # 121 | # However if you have setup your proper monitoring of the Redis server 122 | # and persistence, you may want to disable this feature so that Redis will 123 | # continue to work as usually even if there are problems with disk, 124 | # permissions, and so forth. 125 | stop-writes-on-bgsave-error yes 126 | 127 | # Compress string objects using LZF when dump .rdb databases? 128 | # For default that's set to 'yes' as it's almost always a win. 129 | # If you want to save some CPU in the saving child set it to 'no' but 130 | # the dataset will likely be bigger if you have compressible values or keys. 131 | rdbcompression yes 132 | 133 | # Since version 5 of RDB a CRC64 checksum is placed at the end of the file. 134 | # This makes the format more resistant to corruption but there is a performance 135 | # hit to pay (around 10%) when saving and loading RDB files, so you can disable it 136 | # for maximum performances. 137 | # 138 | # RDB files created with checksum disabled have a checksum of zero that will 139 | # tell the loading code to skip the check. 140 | rdbchecksum yes 141 | 142 | # The filename where to dump the DB 143 | dbfilename dump.rdb 144 | 145 | # The working directory. 146 | # 147 | # The DB will be written inside this directory, with the filename specified 148 | # above using the 'dbfilename' configuration directive. 149 | # 150 | # The Append Only File will also be created inside this directory. 151 | # 152 | # Note that you must specify a directory here, not a file name. 153 | dir /home/redis/ 154 | 155 | ################################# REPLICATION ################################# 156 | 157 | # Master-Slave replication. Use slaveof to make a Redis instance a copy of 158 | # another Redis server. Note that the configuration is local to the slave 159 | # so for example it is possible to configure the slave to save the DB with a 160 | # different interval, or to listen to another port, and so on. 161 | # 162 | # slaveof 163 | 164 | # If the master is password protected (using the "requirepass" configuration 165 | # directive below) it is possible to tell the slave to authenticate before 166 | # starting the replication synchronization process, otherwise the master will 167 | # refuse the slave request. 168 | # 169 | # masterauth 170 | 171 | # When a slave loses its connection with the master, or when the replication 172 | # is still in progress, the slave can act in two different ways: 173 | # 174 | # 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will 175 | # still reply to client requests, possibly with out of date data, or the 176 | # data set may just be empty if this is the first synchronization. 177 | # 178 | # 2) if slave-serve-stale-data is set to 'no' the slave will reply with 179 | # an error "SYNC with master in progress" to all the kind of commands 180 | # but to INFO and SLAVEOF. 181 | # 182 | slave-serve-stale-data yes 183 | 184 | # You can configure a slave instance to accept writes or not. Writing against 185 | # a slave instance may be useful to store some ephemeral data (because data 186 | # written on a slave will be easily deleted after resync with the master) but 187 | # may also cause problems if clients are writing to it because of a 188 | # misconfiguration. 189 | # 190 | # Since Redis 2.6 by default slaves are read-only. 191 | # 192 | # Note: read only slaves are not designed to be exposed to untrusted clients 193 | # on the internet. It's just a protection layer against misuse of the instance. 194 | # Still a read only slave exports by default all the administrative commands 195 | # such as CONFIG, DEBUG, and so forth. To a limited extend you can improve 196 | # security of read only slaves using 'rename-command' to shadow all the 197 | # administrative / dangerous commands. 198 | slave-read-only yes 199 | 200 | # Slaves send PINGs to server in a predefined interval. It's possible to change 201 | # this interval with the repl_ping_slave_period option. The default value is 10 202 | # seconds. 203 | # 204 | # repl-ping-slave-period 10 205 | 206 | # The following option sets a timeout for both Bulk transfer I/O timeout and 207 | # master data or ping response timeout. The default value is 60 seconds. 208 | # 209 | # It is important to make sure that this value is greater than the value 210 | # specified for repl-ping-slave-period otherwise a timeout will be detected 211 | # every time there is low traffic between the master and the slave. 212 | # 213 | # repl-timeout 60 214 | 215 | # Disable TCP_NODELAY on the slave socket after SYNC? 216 | # 217 | # If you select "yes" Redis will use a smaller number of TCP packets and 218 | # less bandwidth to send data to slaves. But this can add a delay for 219 | # the data to appear on the slave side, up to 40 milliseconds with 220 | # Linux kernels using a default configuration. 221 | # 222 | # If you select "no" the delay for data to appear on the slave side will 223 | # be reduced but more bandwidth will be used for replication. 224 | # 225 | # By default we optimize for low latency, but in very high traffic conditions 226 | # or when the master and slaves are many hops away, turning this to "yes" may 227 | # be a good idea. 228 | repl-disable-tcp-nodelay no 229 | 230 | # The slave priority is an integer number published by Redis in the INFO output. 231 | # It is used by Redis Sentinel in order to select a slave to promote into a 232 | # master if the master is no longer working correctly. 233 | # 234 | # A slave with a low priority number is considered better for promotion, so 235 | # for instance if there are three slaves with priority 10, 100, 25 Sentinel will 236 | # pick the one wtih priority 10, that is the lowest. 237 | # 238 | # However a special priority of 0 marks the slave as not able to perform the 239 | # role of master, so a slave with priority of 0 will never be selected by 240 | # Redis Sentinel for promotion. 241 | # 242 | # By default the priority is 100. 243 | slave-priority 100 244 | 245 | ################################## SECURITY ################################### 246 | 247 | # Require clients to issue AUTH before processing any other 248 | # commands. This might be useful in environments in which you do not trust 249 | # others with access to the host running redis-server. 250 | # 251 | # This should stay commented out for backward compatibility and because most 252 | # people do not need auth (e.g. they run their own servers). 253 | # 254 | # Warning: since Redis is pretty fast an outside user can try up to 255 | # 150k passwords per second against a good box. This means that you should 256 | # use a very strong password otherwise it will be very easy to break. 257 | # 258 | # requirepass foobared 259 | 260 | # Command renaming. 261 | # 262 | # It is possible to change the name of dangerous commands in a shared 263 | # environment. For instance the CONFIG command may be renamed into something 264 | # hard to guess so that it will still be available for internal-use tools 265 | # but not available for general clients. 266 | # 267 | # Example: 268 | # 269 | # rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 270 | # 271 | # It is also possible to completely kill a command by renaming it into 272 | # an empty string: 273 | # 274 | # rename-command CONFIG "" 275 | # 276 | # Please note that changing the name of commands that are logged into the 277 | # AOF file or transmitted to slaves may cause problems. 278 | 279 | ################################### LIMITS #################################### 280 | 281 | # Set the max number of connected clients at the same time. By default 282 | # this limit is set to 10000 clients, however if the Redis server is not 283 | # able to configure the process file limit to allow for the specified limit 284 | # the max number of allowed clients is set to the current file limit 285 | # minus 32 (as Redis reserves a few file descriptors for internal uses). 286 | # 287 | # Once the limit is reached Redis will close all the new connections sending 288 | # an error 'max number of clients reached'. 289 | # 290 | maxclients 10000 291 | 292 | # Don't use more memory than the specified amount of bytes. 293 | # When the memory limit is reached Redis will try to remove keys 294 | # accordingly to the eviction policy selected (see maxmemmory-policy). 295 | # 296 | # If Redis can't remove keys according to the policy, or if the policy is 297 | # set to 'noeviction', Redis will start to reply with errors to commands 298 | # that would use more memory, like SET, LPUSH, and so on, and will continue 299 | # to reply to read-only commands like GET. 300 | # 301 | # This option is usually useful when using Redis as an LRU cache, or to set 302 | # an hard memory limit for an instance (using the 'noeviction' policy). 303 | # 304 | # WARNING: If you have slaves attached to an instance with maxmemory on, 305 | # the size of the output buffers needed to feed the slaves are subtracted 306 | # from the used memory count, so that network problems / resyncs will 307 | # not trigger a loop where keys are evicted, and in turn the output 308 | # buffer of slaves is full with DELs of keys evicted triggering the deletion 309 | # of more keys, and so forth until the database is completely emptied. 310 | # 311 | # In short... if you have slaves attached it is suggested that you set a lower 312 | # limit for maxmemory so that there is some free RAM on the system for slave 313 | # output buffers (but this is not needed if the policy is 'noeviction'). 314 | # 315 | # maxmemory 316 | maxmemory 2500000000 317 | 318 | # MAXMEMORY POLICY: how Redis will select what to remove when maxmemory 319 | # is reached. You can select among five behaviors: 320 | # 321 | # volatile-lru -> remove the key with an expire set using an LRU algorithm 322 | # allkeys-lru -> remove any key accordingly to the LRU algorithm 323 | # volatile-random -> remove a random key with an expire set 324 | # allkeys-random -> remove a random key, any key 325 | # volatile-ttl -> remove the key with the nearest expire time (minor TTL) 326 | # noeviction -> don't expire at all, just return an error on write operations 327 | # 328 | # Note: with any of the above policies, Redis will return an error on write 329 | # operations, when there are not suitable keys for eviction. 330 | # 331 | # At the date of writing this commands are: set setnx setex append 332 | # incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd 333 | # sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby 334 | # zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby 335 | # getset mset msetnx exec sort 336 | # 337 | # The default is: 338 | # 339 | # maxmemory-policy volatile-lru 340 | 341 | # LRU and minimal TTL algorithms are not precise algorithms but approximated 342 | # algorithms (in order to save memory), so you can select as well the sample 343 | # size to check. For instance for default Redis will check three keys and 344 | # pick the one that was used less recently, you can change the sample size 345 | # using the following configuration directive. 346 | # 347 | # maxmemory-samples 3 348 | 349 | ############################## APPEND ONLY MODE ############################### 350 | 351 | # By default Redis asynchronously dumps the dataset on disk. This mode is 352 | # good enough in many applications, but an issue with the Redis process or 353 | # a power outage may result into a few minutes of writes lost (depending on 354 | # the configured save points). 355 | # 356 | # The Append Only File is an alternative persistence mode that provides 357 | # much better durability. For instance using the default data fsync policy 358 | # (see later in the config file) Redis can lose just one second of writes in a 359 | # dramatic event like a server power outage, or a single write if something 360 | # wrong with the Redis process itself happens, but the operating system is 361 | # still running correctly. 362 | # 363 | # AOF and RDB persistence can be enabled at the same time without problems. 364 | # If the AOF is enabled on startup Redis will load the AOF, that is the file 365 | # with the better durability guarantees. 366 | # 367 | # Please check http://redis.io/topics/persistence for more information. 368 | 369 | appendonly yes 370 | 371 | # The name of the append only file (default: "appendonly.aof") 372 | # appendfilename appendonly.aof 373 | 374 | # The fsync() call tells the Operating System to actually write data on disk 375 | # instead to wait for more data in the output buffer. Some OS will really flush 376 | # data on disk, some other OS will just try to do it ASAP. 377 | # 378 | # Redis supports three different modes: 379 | # 380 | # no: don't fsync, just let the OS flush the data when it wants. Faster. 381 | # always: fsync after every write to the append only log . Slow, Safest. 382 | # everysec: fsync only one time every second. Compromise. 383 | # 384 | # The default is "everysec", as that's usually the right compromise between 385 | # speed and data safety. It's up to you to understand if you can relax this to 386 | # "no" that will let the operating system flush the output buffer when 387 | # it wants, for better performances (but if you can live with the idea of 388 | # some data loss consider the default persistence mode that's snapshotting), 389 | # or on the contrary, use "always" that's very slow but a bit safer than 390 | # everysec. 391 | # 392 | # More details please check the following article: 393 | # http://antirez.com/post/redis-persistence-demystified.html 394 | # 395 | # If unsure, use "everysec". 396 | 397 | # appendfsync always 398 | appendfsync everysec 399 | # appendfsync no 400 | 401 | # When the AOF fsync policy is set to always or everysec, and a background 402 | # saving process (a background save or AOF log background rewriting) is 403 | # performing a lot of I/O against the disk, in some Linux configurations 404 | # Redis may block too long on the fsync() call. Note that there is no fix for 405 | # this currently, as even performing fsync in a different thread will block 406 | # our synchronous write(2) call. 407 | # 408 | # In order to mitigate this problem it's possible to use the following option 409 | # that will prevent fsync() from being called in the main process while a 410 | # BGSAVE or BGREWRITEAOF is in progress. 411 | # 412 | # This means that while another child is saving, the durability of Redis is 413 | # the same as "appendfsync none". In practical terms, this means that it is 414 | # possible to lose up to 30 seconds of log in the worst scenario (with the 415 | # default Linux settings). 416 | # 417 | # If you have latency problems turn this to "yes". Otherwise leave it as 418 | # "no" that is the safest pick from the point of view of durability. 419 | no-appendfsync-on-rewrite yes 420 | 421 | # Automatic rewrite of the append only file. 422 | # Redis is able to automatically rewrite the log file implicitly calling 423 | # BGREWRITEAOF when the AOF log size grows by the specified percentage. 424 | # 425 | # This is how it works: Redis remembers the size of the AOF file after the 426 | # latest rewrite (if no rewrite has happened since the restart, the size of 427 | # the AOF at startup is used). 428 | # 429 | # This base size is compared to the current size. If the current size is 430 | # bigger than the specified percentage, the rewrite is triggered. Also 431 | # you need to specify a minimal size for the AOF file to be rewritten, this 432 | # is useful to avoid rewriting the AOF file even if the percentage increase 433 | # is reached but it is still pretty small. 434 | # 435 | # Specify a percentage of zero in order to disable the automatic AOF 436 | # rewrite feature. 437 | 438 | auto-aof-rewrite-percentage 50 439 | auto-aof-rewrite-min-size 1024mb 440 | 441 | ################################ LUA SCRIPTING ############################### 442 | 443 | # Max execution time of a Lua script in milliseconds. 444 | # 445 | # If the maximum execution time is reached Redis will log that a script is 446 | # still in execution after the maximum allowed time and will start to 447 | # reply to queries with an error. 448 | # 449 | # When a long running script exceed the maximum execution time only the 450 | # SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be 451 | # used to stop a script that did not yet called write commands. The second 452 | # is the only way to shut down the server in the case a write commands was 453 | # already issue by the script but the user don't want to wait for the natural 454 | # termination of the script. 455 | # 456 | # Set it to 0 or a negative value for unlimited execution without warnings. 457 | lua-time-limit 5000 458 | 459 | ################################## SLOW LOG ################################### 460 | 461 | # The Redis Slow Log is a system to log queries that exceeded a specified 462 | # execution time. The execution time does not include the I/O operations 463 | # like talking with the client, sending the reply and so forth, 464 | # but just the time needed to actually execute the command (this is the only 465 | # stage of command execution where the thread is blocked and can not serve 466 | # other requests in the meantime). 467 | # 468 | # You can configure the slow log with two parameters: one tells Redis 469 | # what is the execution time, in microseconds, to exceed in order for the 470 | # command to get logged, and the other parameter is the length of the 471 | # slow log. When a new command is logged the oldest one is removed from the 472 | # queue of logged commands. 473 | 474 | # The following time is expressed in microseconds, so 1000000 is equivalent 475 | # to one second. Note that a negative number disables the slow log, while 476 | # a value of zero forces the logging of every command. 477 | slowlog-log-slower-than 10000 478 | 479 | # There is no limit to this length. Just be aware that it will consume memory. 480 | # You can reclaim memory used by the slow log with SLOWLOG RESET. 481 | slowlog-max-len 128 482 | 483 | ############################### ADVANCED CONFIG ############################### 484 | 485 | # Hashes are encoded using a memory efficient data structure when they have a 486 | # small number of entries, and the biggest entry does not exceed a given 487 | # threshold. These thresholds can be configured using the following directives. 488 | hash-max-ziplist-entries 512 489 | hash-max-ziplist-value 64 490 | 491 | # Similarly to hashes, small lists are also encoded in a special way in order 492 | # to save a lot of space. The special representation is only used when 493 | # you are under the following limits: 494 | list-max-ziplist-entries 512 495 | list-max-ziplist-value 64 496 | 497 | # Sets have a special encoding in just one case: when a set is composed 498 | # of just strings that happens to be integers in radix 10 in the range 499 | # of 64 bit signed integers. 500 | # The following configuration setting sets the limit in the size of the 501 | # set in order to use this special memory saving encoding. 502 | set-max-intset-entries 512 503 | 504 | # Similarly to hashes and lists, sorted sets are also specially encoded in 505 | # order to save a lot of space. This encoding is only used when the length and 506 | # elements of a sorted set are below the following limits: 507 | zset-max-ziplist-entries 128 508 | zset-max-ziplist-value 64 509 | 510 | # Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in 511 | # order to help rehashing the main Redis hash table (the one mapping top-level 512 | # keys to values). The hash table implementation Redis uses (see dict.c) 513 | # performs a lazy rehashing: the more operation you run into an hash table 514 | # that is rehashing, the more rehashing "steps" are performed, so if the 515 | # server is idle the rehashing is never complete and some more memory is used 516 | # by the hash table. 517 | # 518 | # The default is to use this millisecond 10 times every second in order to 519 | # active rehashing the main dictionaries, freeing memory when possible. 520 | # 521 | # If unsure: 522 | # use "activerehashing no" if you have hard latency requirements and it is 523 | # not a good thing in your environment that Redis can reply form time to time 524 | # to queries with 2 milliseconds delay. 525 | # 526 | # use "activerehashing yes" if you don't have such hard requirements but 527 | # want to free memory asap when possible. 528 | activerehashing yes 529 | 530 | # The client output buffer limits can be used to force disconnection of clients 531 | # that are not reading data from the server fast enough for some reason (a 532 | # common reason is that a Pub/Sub client can't consume messages as fast as the 533 | # publisher can produce them). 534 | # 535 | # The limit can be set differently for the three different classes of clients: 536 | # 537 | # normal -> normal clients 538 | # slave -> slave clients and MONITOR clients 539 | # pubsub -> clients subcribed to at least one pubsub channel or pattern 540 | # 541 | # The syntax of every client-output-buffer-limit directive is the following: 542 | # 543 | # client-output-buffer-limit 544 | # 545 | # A client is immediately disconnected once the hard limit is reached, or if 546 | # the soft limit is reached and remains reached for the specified number of 547 | # seconds (continuously). 548 | # So for instance if the hard limit is 32 megabytes and the soft limit is 549 | # 16 megabytes / 10 seconds, the client will get disconnected immediately 550 | # if the size of the output buffers reach 32 megabytes, but will also get 551 | # disconnected if the client reaches 16 megabytes and continuously overcomes 552 | # the limit for 10 seconds. 553 | # 554 | # By default normal clients are not limited because they don't receive data 555 | # without asking (in a push way), but just after a request, so only 556 | # asynchronous clients may create a scenario where data is requested faster 557 | # than it can read. 558 | # 559 | # Instead there is a default limit for pubsub and slave clients, since 560 | # subscribers and slaves receive data in a push fashion. 561 | # 562 | # Both the hard or the soft limit can be disabled by setting them to zero. 563 | client-output-buffer-limit normal 0 0 0 564 | client-output-buffer-limit slave 256mb 64mb 60 565 | client-output-buffer-limit pubsub 32mb 8mb 60 566 | 567 | # Redis calls an internal function to perform many background tasks, like 568 | # closing connections of clients in timeot, purging expired keys that are 569 | # never requested, and so forth. 570 | # 571 | # Not all tasks are perforemd with the same frequency, but Redis checks for 572 | # tasks to perform accordingly to the specified "hz" value. 573 | # 574 | # By default "hz" is set to 10. Raising the value will use more CPU when 575 | # Redis is idle, but at the same time will make Redis more responsive when 576 | # there are many keys expiring at the same time, and timeouts may be 577 | # handled with more precision. 578 | # 579 | # The range is between 1 and 500, however a value over 100 is usually not 580 | # a good idea. Most users should use the default of 10 and raise this up to 581 | # 100 only in environments where very low latency is required. 582 | hz 10 583 | 584 | # When a child rewrites the AOF file, if the following option is enabled 585 | # the file will be fsync-ed every 32 MB of data generated. This is useful 586 | # in order to commit the file to the disk more incrementally and avoid 587 | # big latency spikes. 588 | aof-rewrite-incremental-fsync yes 589 | 590 | ################################## INCLUDES ################################### 591 | 592 | # Include one or more other config files here. This is useful if you 593 | # have a standard template that goes to all Redis server but also need 594 | # to customize a few per-server settings. Include files can include 595 | # other files, so use this wisely. 596 | # 597 | # include /path/to/local.conf 598 | # include /path/to/other.conf 599 | --------------------------------------------------------------------------------