lyx/obsidian-yanxin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
786121bcd4d61f2bf031cdba5f14a8c320a9f197
obsidian-yanxin/notes/vps设置.md
Yanxin Lu 786121bcd4 vault backup: 2024-07-27 17:54:37
2024-07-27 17:54:37 -07:00

222 lines
5.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
## TODO
- 之后用caddy不要用nginx了
## swap file
```
cd /var
touch swap.img
chmod 600 swap.img
dd if=/dev/zero of=/var/swap.img count=2048 bs=1M
mkswap swap.img
swapon swap.img
```
## Nginx conf
```
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
server_tokens off;
charset utf-8;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm;
server_name luyanxin.com www.luyanxin.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /sync/gonggong/books {
# use this one if we access files from nginx
autoindex on;
#
# for using droppy
# rewrite log on;
# rewrite ^/sync$ /sync/ redirect;
# rewrite /sync(.*) $1 break;
# proxy_pass http://localhost:8989;
# proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $remote_addr;
}
location /syncthing {
# syncthing settings
rewrite log on;
rewrite ^/syncthing$ /syncthing/ redirect;
rewrite /syncthing(.*) $1 break;
proxy_pass http://127.0.0.1:8384;
# proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $remote_addr;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/luyanxin.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/luyanxin.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
if ($host = www.luyanxin.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = luyanxin.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name luyanxin.com www.luyanxin.com;
return 404; # managed by Certbot
```
## 基本命令
```shell
# bring docker container up
docker-compose up
# Stop services only
docker-compose stop
# Stop and remove containers, networks..
docker-compose down
# Down and remove volumes
docker-compose down --volumes
# Down and remove images
docker-compose down --rmi <all|local>
# check docker resources usage
docker stats
```
## 开机后要运行的程序
```shell
# monitoring
# https://glances.readthedocs.io/en/latest/index.html
docker run \
--restart="always" \
-p 61208-61209:61208-61209 \
-e GLANCES_OPT="-w" \
-v /etc/os-release:/etc/os-release:ro \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
-v /run/user/1000/podman/podman.sock:/run/user/1000/podman/podman.sock:ro \
--pid host \
docker.io/nicolargo/glances
# https://github.com/pldubouilh/gossa
cd ~/softwares/gossa
docker-compose up
# https://docs.syncthing.net/intro/getting-started.html
cd ~/softwares/syncthing
docker-compose up
# https://miniflux.app/index.html
cd ~/softwares/miniflux
docker compose up
# https://docs.gitea.com/installation/install-with-docker-rootless
cd ~/softwares/gitea
docker-compose up
# https://shaarli.readthedocs.io/en/master/Docker.html
cd ~/softwares/shaarli
sh docker-up.sh
# https://github.com/redlib-org/redlib/blob/main/compose.yaml
cd ~/softwares/redlib
touch .env
docker compose up
```
Reference in New Issue View Git Blame Copy Permalink