From 2f312a45757204e2f63f2260a5934c44a2a73409 Mon Sep 17 00:00:00 2001 From: Awin Huang Date: Mon, 26 Sep 2022 18:39:43 +0800 Subject: [PATCH] vault backup: 2022-09-26 18:39:43 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Affected files: .obsidian/workspace 03. 資料收集/HTTP Server/Nginx.md 03. 資料收集/Hobby/RC.md 03. 資料收集/Hobby/模型/Traxxas Sledge.md 03. 資料收集/Hobby/模型/舊化作例.md 03. 資料收集/Hobby/軍武/虎式.md 03. 資料收集/Programming/COM/20210726 - COM Interface.md 03. 資料收集/Programming/DB/MySQL.md 03. 資料收集/Programming/DB/sqlite.md 03. 資料收集/Programming/Design Pattern.md 03. 資料收集/Programming/FFMPEG/00. Introduction.md 03. 資料收集/Programming/FFMPEG/01. Setup.md 03. 資料收集/Programming/FFMpeg.md 03. 資料收集/Programming/Flask.md 03. 資料收集/Programming/Media Foundation/20210604 - Windows media foundation.md 03. 資料收集/Programming/OpenCV.md 03. 資料收集/Programming/OpenGL.md 03. 資料收集/Programming/Python/argparse.ArgumentParser.md 03. 資料收集/Programming/Python/decorator.md 03. 資料收集/Programming/Python/logging.md 03. 資料收集/Programming/Python/opencv.md 03. 資料收集/Programming/Python/subprocess.md 03. 資料收集/Programming/Python/threading.md 03. 資料收集/Programming/Python/tkinter.md 03. 資料收集/Programming/Python/檢測工具.md 03. 資料收集/Programming/QT/Dropdown button.md 03. 資料收集/Programming/QT/QVariant.md 03. 資料收集/Programming/QT/Qt.md 03. 資料收集/Programming/Qt.md 03. 資料收集/Programming/UML.md 03. 資料收集/Programming/演算法.md 03. 資料收集/架站/03. Trojan.md 03. 資料收集/架站/Gitea.md 03. 資料收集/架站/HTTP Server/Apache.md 03. 資料收集/架站/HTTP Server/Nginx/Reverse Proxy(Layer4).md 03. 資料收集/架站/Pelican blog.md 03. 資料收集/架站/Proxmox VE.md 03. 資料收集/架站/SWAG Reverse proxy.md 03. 資料收集/架站/Storj.md 03. 資料收集/架站/Trojan.md 03. 資料收集/科技/802.11.md 03. 資料收集/科技/HDR Sensor.md 03. 資料收集/科技/量子電腦.md 03. 資料收集/科技/鋰電池.md 03. 資料收集/軟體工具/IPFS.md 03. 資料收集/軟體工具/MkDocs.md 03. 資料收集/軟體工具/Obsidian.md 03. 資料收集/軟體工具/docker.md 03. 資料收集/軟體工具/git/apply.md 03. 資料收集/軟體工具/git/submodule.md --- .obsidian/workspace | 28 +- 03. 資料收集/HTTP Server/Nginx.md | 411 ------------------ 03. 資料收集/{ => Hobby}/RC.md | 0 .../{ => Hobby}/模型/Traxxas Sledge.md | 0 03. 資料收集/{ => Hobby}/模型/舊化作例.md | 0 03. 資料收集/{ => Hobby}/軍武/虎式.md | 0 .../COM/20210726 - COM Interface.md | 0 03. 資料收集/{ => Programming}/DB/MySQL.md | 0 03. 資料收集/{ => Programming}/DB/sqlite.md | 0 .../{ => Programming}/Design Pattern.md | 0 .../{ => Programming}/FFMPEG/00. Introduction.md | 0 .../{ => Programming}/FFMPEG/01. Setup.md | 0 03. 資料收集/{ => Programming}/FFMpeg.md | 0 03. 資料收集/{ => Programming}/Flask.md | 0 .../20210604 - Windows media foundation.md | 0 03. 資料收集/{ => Programming}/OpenCV.md | 0 03. 資料收集/{ => Programming}/OpenGL.md | 0 .../Python/argparse.ArgumentParser.md | 0 .../{ => Programming}/Python/decorator.md | 0 .../{ => Programming}/Python/logging.md | 0 .../{ => Programming}/Python/opencv.md | 0 .../{ => Programming}/Python/subprocess.md | 0 .../{ => Programming}/Python/threading.md | 0 .../{ => Programming}/Python/tkinter.md | 0 .../{ => Programming}/Python/檢測工具.md | 0 .../{ => Programming}/QT/Dropdown button.md | 0 03. 資料收集/{ => Programming}/QT/QVariant.md | 0 03. 資料收集/{ => Programming}/QT/Qt.md | 0 03. 資料收集/{ => Programming}/Qt.md | 0 03. 資料收集/{ => Programming}/UML.md | 0 03. 資料收集/{ => Programming}/演算法.md | 0 03. 資料收集/架站/03. Trojan.md | 14 - 03. 資料收集/架站/{04. Gitea.md => Gitea.md} | 0 03. 資料收集/{ => 架站}/HTTP Server/Apache.md | 0 .../Nginx/Reverse Proxy(Layer4).md | 2 +- 03. 資料收集/{ => 架站}/Pelican blog.md | 0 03. 資料收集/{ => 架站}/Proxmox VE.md | 0 ... SWAG Reverse proxy.md => SWAG Reverse proxy.md} | 0 03. 資料收集/{ => 架站}/Storj.md | 0 03. 資料收集/{ => 架站}/Trojan.md | 0 03. 資料收集/{ => 科技}/802.11.md | 0 03. 資料收集/{ => 科技}/HDR Sensor.md | 0 03. 資料收集/{ => 科技}/量子電腦.md | 0 03. 資料收集/{ => 科技}/鋰電池.md | 0 03. 資料收集/{ => 軟體工具}/IPFS.md | 0 03. 資料收集/{ => 軟體工具}/MkDocs.md | 0 03. 資料收集/{ => 軟體工具}/Obsidian.md | 0 03. 資料收集/{ => 軟體工具}/docker.md | 0 03. 資料收集/{ => 軟體工具}/git/apply.md | 0 03. 資料收集/{ => 軟體工具}/git/submodule.md | 0 50 files changed, 15 insertions(+), 440 deletions(-) delete mode 100644 03. 資料收集/HTTP Server/Nginx.md rename 03. 資料收集/{ => Hobby}/RC.md (100%) rename 03. 資料收集/{ => Hobby}/模型/Traxxas Sledge.md (100%) rename 03. 資料收集/{ => Hobby}/模型/舊化作例.md (100%) rename 03. 資料收集/{ => Hobby}/軍武/虎式.md (100%) rename 03. 資料收集/{ => Programming}/COM/20210726 - COM Interface.md (100%) rename 03. 資料收集/{ => Programming}/DB/MySQL.md (100%) rename 03. 資料收集/{ => Programming}/DB/sqlite.md (100%) rename 03. 資料收集/{ => Programming}/Design Pattern.md (100%) rename 03. 資料收集/{ => Programming}/FFMPEG/00. Introduction.md (100%) rename 03. 資料收集/{ => Programming}/FFMPEG/01. Setup.md (100%) rename 03. 資料收集/{ => Programming}/FFMpeg.md (100%) rename 03. 資料收集/{ => Programming}/Flask.md (100%) rename 03. 資料收集/{ => Programming}/Media Foundation/20210604 - Windows media foundation.md (100%) rename 03. 資料收集/{ => Programming}/OpenCV.md (100%) rename 03. 資料收集/{ => Programming}/OpenGL.md (100%) rename 03. 資料收集/{ => Programming}/Python/argparse.ArgumentParser.md (100%) rename 03. 資料收集/{ => Programming}/Python/decorator.md (100%) rename 03. 資料收集/{ => Programming}/Python/logging.md (100%) rename 03. 資料收集/{ => Programming}/Python/opencv.md (100%) rename 03. 資料收集/{ => Programming}/Python/subprocess.md (100%) rename 03. 資料收集/{ => Programming}/Python/threading.md (100%) rename 03. 資料收集/{ => Programming}/Python/tkinter.md (100%) rename 03. 資料收集/{ => Programming}/Python/檢測工具.md (100%) rename 03. 資料收集/{ => Programming}/QT/Dropdown button.md (100%) rename 03. 資料收集/{ => Programming}/QT/QVariant.md (100%) rename 03. 資料收集/{ => Programming}/QT/Qt.md (100%) rename 03. 資料收集/{ => Programming}/Qt.md (100%) rename 03. 資料收集/{ => Programming}/UML.md (100%) rename 03. 資料收集/{ => Programming}/演算法.md (100%) delete mode 100644 03. 資料收集/架站/03. Trojan.md rename 03. 資料收集/架站/{04. Gitea.md => Gitea.md} (100%) rename 03. 資料收集/{ => 架站}/HTTP Server/Apache.md (100%) rename 03. 資料收集/架站/{ => HTTP Server}/Nginx/Reverse Proxy(Layer4).md (97%) rename 03. 資料收集/{ => 架站}/Pelican blog.md (100%) rename 03. 資料收集/{ => 架站}/Proxmox VE.md (100%) rename 03. 資料收集/架站/{02. SWAG Reverse proxy.md => SWAG Reverse proxy.md} (100%) rename 03. 資料收集/{ => 架站}/Storj.md (100%) rename 03. 資料收集/{ => 架站}/Trojan.md (100%) rename 03. 資料收集/{ => 科技}/802.11.md (100%) rename 03. 資料收集/{ => 科技}/HDR Sensor.md (100%) rename 03. 資料收集/{ => 科技}/量子電腦.md (100%) rename 03. 資料收集/{ => 科技}/鋰電池.md (100%) rename 03. 資料收集/{ => 軟體工具}/IPFS.md (100%) rename 03. 資料收集/{ => 軟體工具}/MkDocs.md (100%) rename 03. 資料收集/{ => 軟體工具}/Obsidian.md (100%) rename 03. 資料收集/{ => 軟體工具}/docker.md (100%) rename 03. 資料收集/{ => 軟體工具}/git/apply.md (100%) rename 03. 資料收集/{ => 軟體工具}/git/submodule.md (100%) diff --git a/.obsidian/workspace b/.obsidian/workspace index 8eb39b1..80fd333 100644 --- a/.obsidian/workspace +++ b/.obsidian/workspace @@ -4,12 +4,12 @@ "type": "split", "children": [ { - "id": "d1de3e27789cf166", + "id": "828beb43bb437dd1", "type": "leaf", "state": { "type": "markdown", "state": { - "file": "03. 資料收集/面試準備/技术面试最后反问面试官的话.md", + "file": "03. 資料收集/RaspberryPi.md", "mode": "source", "source": true } @@ -69,7 +69,7 @@ "state": { "type": "backlink", "state": { - "file": "03. 資料收集/面試準備/技术面试最后反问面试官的话.md", + "file": "03. 資料收集/RaspberryPi.md", "collapseAll": false, "extraContext": false, "sortOrder": "alphabetical", @@ -86,7 +86,7 @@ "state": { "type": "outline", "state": { - "file": "03. 資料收集/面試準備/技术面试最后反问面试官的话.md" + "file": "03. 資料收集/RaspberryPi.md" } } } @@ -116,15 +116,15 @@ }, "active": "f69acad103e7f817", "lastOpenFiles": [ - "03. 資料收集/軍武/虎式.md", - "03. 資料收集/架站/02. SWAG Reverse proxy.md", - "03. 資料收集/01. 架站/Nginx/Layer4 Reverse Proxy.md", - "03. 資料收集/架站/Nginx/Reverse Proxy(Layer4).md", - "03. 資料收集/架站/04. Gitea.md", - "03. 資料收集/Qt.md", - "03. 資料收集/SLAM.md", - "03. 資料收集/DB/sqlite.md", - "03. 資料收集/Storj.md", - "03. 資料收集/Trojan.md" + "03. 資料收集/科技/HDR Sensor.md", + "03. 資料收集/軟體工具/IPFS.md", + "03. 資料收集/軟體工具/docker.md", + "03. 資料收集/架站/HTTP Server/Nginx/Reverse Proxy(Layer4).md", + "03. 資料收集/架站/HTTP Server/Nginx.md", + "03. 資料收集/架站/SWAG Reverse proxy.md", + "03. 資料收集/架站/Gitea.md", + "03. 資料收集/架站/Trojan.md", + "03. 資料收集/架站/Storj.md", + "03. 資料收集/架站/03. Trojan.md" ] } \ No newline at end of file diff --git a/03. 資料收集/HTTP Server/Nginx.md b/03. 資料收集/HTTP Server/Nginx.md deleted file mode 100644 index fb0bb1d..0000000 --- a/03. 資料收集/HTTP Server/Nginx.md +++ /dev/null @@ -1,411 +0,0 @@ -## Reverse Proxy(Layer4) -[[03. 資料收集/HTTP Server/Nginx#Reverse Proxy]]所用的方法雖然可以反向代理多個網站,但是對於像是Trojan這種TLS不行被中斷的服務來說,會導致handshake失敗,所以需要用Nginx的stream來做Layer 4的轉發。 - -### docker-compose.yaml -需要先把`nginx.conf`與`mime.types`給copy到data目錄下。 -依序執行下面2個命令: -```shell -sudo docker run --rm -it nginx cat /etc/nginx/nginx.conf > nginx.conf -sudo docker run --rm -it nginx cat /etc/nginx/mime.types > mime.types -``` -然後: -```shell -mkdir data ;\ -mv nginx.conf mime.types data -``` - -建立`docker-compose.yaml` -```yaml -version: '3' -services: - nginx_reverseproxy_l4: - container_name: nginx - restart: always - image: nginx - ports: - - "80:80" - - "443:443" - volumes: - - ./data:/etc/nginx -``` - -修改`data/nginx.conf`: -```nginx -events { - worker_connections 1024; <-- event 不用動 -} - -stream { - map $ssl_preread_server_name $backend_name { - tjn.awin.one trojan; - storj.awin.one swag; - } - - # trojan - upstream trojan { - server 192.168.1.31:443; - } - - # swag - upstream swag { - server 192.168.1.20:44320; - } - - # 监听 443 并开启 ssl_preread - server { - listen 80 reuseport; - listen 443 reuseport; - listen [::]:443 reuseport; - proxy_pass $backend_name; - ssl_preread on; - } -} - -http { - ... <-- http 不用動 -} -``` - -2022/05/17更新: -```nginx -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - -stream { - map $ssl_preread_server_name $backend_name { - tjn.awin.one trojan; - storj.awin.one swag; - blog.awin.one swag; - gitea.awin.one swag; - } - - # trojan - upstream trojan { - server 192.168.1.31:443; - } - - # swag - upstream swag { - server 192.168.1.20:44320; - } - - # 监听 443 并开启 ssl_preread - server { - listen 443 reuseport; - listen [::]:443 reuseport; - proxy_pass $backend_name; - ssl_preread on; - } -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - include /etc/nginx/conf.d/*.conf; - - ## 新增這一段,沒有這一段會造成http無法連線,所以拿憑證會失敗 - server { - listen 80; - server_name tjn.awin.one; - - location / { - proxy_pass http://192.168.1.31:80; - - # 把 IP、Protocol 等 header 都一起送給反向代理的 server - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; - } - } -} -``` - -重點來源: -1. [Trojan 共用 443 端口方案 - 程小白](https://www.chengxiaobai.cn/record/trojan-shared-443-port-scheme.html) -2. [NaiveProxy + Trojan + 多HTTPS站点共存,复用443端口 | 心底的河流](https://lhy.life/20200815-naiveproxy+trojan/) -3. `$ssl_preread_server_name`的官方說明:[Module ngx_stream_ssl_preread_module](http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html) - -## Reverse Proxy - -> **重要**:確定docker與docker-compose已經安裝好。 -> 參考[[RaspberryPi#Docker]]與[[RaspberryPi#docker-compose]] - -### Use SWAG docker -[swag](https://github.com/linuxserver/docker-swag)(之前叫做letsencrypt)是linuxserver.io包裝的Nginx webserver和reverse proxy的container。 - -#### Setup HTTPS -1. 建立folder - ```bash - mkdir -p ~/dockers/linuxserverswag ; cd ~/dockers/linuxserverswag - ``` - -2. 建立`docker-compose.yaml`: - ``` - vim docker-compose.yaml - ``` - - 填入內容如下: - ```yaml - version: "2.1" - services: - swag: - image: ghcr.io/linuxserver/swag - container_name: swag - cap_add: - - NET_ADMIN - environment: - - PUID=1000 - - PGID=1000 - - TZ=Asia/Taipei - - URL=awin.one - - SUBDOMAINS=wildcard - - VALIDATION=dns - - CERTPROVIDER= #optional - - DNSPLUGIN=cloudflare #optional - - PROPAGATION= #optional - - DUCKDNSTOKEN= #optional - - EMAIL=awinhuang@gmail.com - - ONLY_SUBDOMAINS=false #optional - - EXTRA_DOMAINS= #optional - - STAGING=false #optional - - MAXMINDDB_LICENSE_KEY= #optional - volumes: - - ./config:/config - ports: - - 44320:443 - - 8020:80 #optional - restart: unless-stopped - - ``` - -3. 先跑一次: - ```bash - sudo docker-compose up - ``` - 會發現有錯誤,這是正常的,錯誤訊息像這樣: - ``` - swag | Unsafe permissions on credentials configuration file: /config/dns-conf/cloudflare.ini - swag | Cleaning up challenges - swag | Error determining zone_id: 9103 Unknown X-Auth-Key or X-Auth-Email. Please confirm that you have supplied valid Cloudflare API credentials. (Did you enter the correct email address and Global key?) - swag | ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/cloudflare.ini file. - ``` - 按`ctrl + c`退出。這時候`config`目錄也會有swag所mapping出來的相關檔案。修改`config/dns-conf/cloudflare.ini`: - ```bash - vim config/dns-conf/cloudflare.ini - ``` - 把`config/dns-conf/cloudflare.ini`改為: - ``` - # Instructions: https://github.com/certbot/certbot/blob/master/certbot-dns-cloudflare/certbot_dns_cloudflare/__init__.py#L20 - # Replace with your values - - With global api key: - dns_cloudflare_email = awinhuang@gmail.com - dns_cloudflare_api_key = - - # With token (comment out both lines above and uncomment below): - #dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567 - ``` - -4. 再跑一次: - ```bash - sudo docker-compose up - ``` - 這一次就可以順利取得認證了,訊息像這樣: - ``` - swag | IMPORTANT NOTES: - swag | - Congratulations! Your certificate and chain have been saved at: - swag | /etc/letsencrypt/live/awin.one/fullchain.pem - swag | Your key file has been saved at: - swag | /etc/letsencrypt/live/awin.one/privkey.pem - swag | Your certificate will expire on 2021-04-26. To obtain a new or - swag | tweaked version of this certificate in the future, simply run - swag | certbot again. To non-interactively renew *all* of your - swag | certificates, run "certbot renew" - swag | - If you like Certbot, please consider supporting our work by: - swag | - swag | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate - swag | Donating to EFF: https://eff.org/donate-le - swag | - swag | New certificate generated; starting nginx - swag | Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind, - swag | and add a new env variable "MAXMINDDB_LICENSE_KEY", set to your license key. - swag | [cont-init.d] 50-config: exited 0. - swag | [cont-init.d] 60-renew: executing... - swag | The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am). - swag | [cont-init.d] 60-renew: exited 0. - swag | [cont-init.d] 70-templates: executing... - swag | [cont-init.d] 70-templates: exited 0. - swag | [cont-init.d] 99-custom-files: executing... - swag | [custom-init] no custom files found exiting... - swag | [cont-init.d] 99-custom-files: exited 0. - swag | [cont-init.d] done. - swag | [services.d] starting services - swag | [services.d] done. - swag | nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) - swag | Server ready - ``` - 最後一行的`swag | Server ready`表示server已經跑起來了。先按下`ctrl + c`退出,再來設定reverse proxy。 - -5. 修正`config/dns-conf/cloudflare.ini`的安全性問題 - ``` - cd ~/dockers/linuxserverswag ; chmod 600 config/dns-conf/cloudflare.ini - ``` - -#### Setup reverse proxy -1. 建立folder: - ``` - cd ~/dockers/linuxserverswag ; mkdir -p config/nginx/sites-available config/nginx/sites-enabled - ``` - -2. 建立以下檔案: - - `config/nginx/sites-available/common.conf`,內容: - ``` - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - add_header X-Frame-Options SAMEORIGIN; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - ``` - - `config/nginx/sites-available/common_location.conf`,內容: - ``` - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Port $server_port; - ``` - - `config/nginx/sites-available/storj.conf`,內容: - ``` - upstream storj { - server 192.168.1.11:14002; - } - - server { - listen 443 ssl; - server_name storj.awin.one; - - include /config/nginx/sites-available/common.conf; - include /config/nginx/ssl.conf; - - location / { - proxy_pass http://192.168.1.11:14002/; - include /config/nginx/sites-available/common_location.conf; - } - } - - ``` - -3. 在`config/nginx/sites-enabled`裡面建立要enable的config: - ``` - cd config/nginx/sites-enabled ; ln -s ../sites-available/storj.conf . ; cd - - ``` - -4. 修改`config/nginx/nginx.conf`: - ``` - vim config/nginx/nginx.conf - ``` - 找到`include /config/nginx/site-confs/*;`這一行,把它comment掉,在下面新增一行: - ``` - include /config/nginx/sites-enabled/*.conf; - ``` - -5. 啟動swag: - ``` - cd ~/dockers/linuxserverswag ; sudo docker-compose up -d - ``` - -#### Restart -```bash -cd ~/dockers/linuxserverswag ; sudo docker-compose restart -``` - -#### Update certification -1. 進到dockr的swag bash裡面:`sudo docker exec -it swag /bin/bash` -2. 輸入 `certbot renew` -3. ![[Pasted image 20210422205534.png]] - -#### Trouble shooting -- 如果遇到類似下面的錯誤: - ``` - ERROR: for swag Cannot start service swag: driver failed programming external connectivity on endpoint swag (7c527d046631e0957de0b831ca25bed296de76e2eb96378964cb0110d7fb017d): Bind for 0.0.0.0:443 failed: port is already allocated. - ``` - 表示有其他程式佔住了80 port,可能是其他docker container或是service,必須先關閉它們。[^1] - -#### 參考來源 -1. [linuxserver/docker-swag: Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.](https://github.com/linuxserver/docker-swag) -2. [How to set up an easy and secure reverse proxy with Docker, Nginx & Letsencrypt](https://www.freecodecamp.org/news/docker-nginx-letsencrypt-easy-secure-reverse-proxy-40165ba3aee2/) -3. [SWAG setup - LinuxServer.io](https://docs.linuxserver.io/general/swag#understanding-the-proxy-conf-structure) - ------ -- 參考 - - [NGINX Docs | NGINX Reverse Proxy](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/) - - [Nginx 設定反向代理 Reverse Proxy](https://www.opencli.com/linux/nginx-config-reverse-proxy) - - [用 Nginx 伺服器建立反向代理](https://noob.tw/nginx-reverse-proxy/) - - [俄羅斯不愧是戰鬥民族:nginx - iT 邦幫忙::一起幫忙解決難題,拯救 IT 人的一天](https://ithelp.ithome.com.tw/articles/10188498) - -[^1]: [啟動docker時出現「Cannot start service :driver failed programming external connectivity on endpoint xxx, Bind for 0.0.0.0:80 failed: port is already allocated 」](https://mitsuiwei.com/docker-cannot-start-service/) - -# 新增網站 -## 新網站自帶SSL -進到Rasperberry Pi(192.168.1.20)之後,切換到`~/dockers/nginx_reverseproxy_l4`,並編輯`data/nginx.conf`,在裡面加入新網站的網域與要轉址的ip。 -例如,要加入一個trojan VPN,trojan VPN本身就有SSL加密,所以不用再經過swag,`data/nginx.conf`的改變如下: -![[Pasted image 20220506145247.png]] - -## 新http網站 -如果新的網站只是一般的http網站,那便把它掛到swag後面,這樣就可以經由https來訪問,假如要加入一個blog網站,但因為我們有2層的reverse proxy,第一層是layer 4,第2層是swag,所以如果是自帶https的要掛到layer 4之後,沒有https要先由layer 4轉到swag再轉到實際的server上。 -步驟如下: -1. 進到Rasperberry Pi(192.168.1.20) -2. 設定nginx_reverseproxy_l4,這邊我們需要把「沒有https」的網站由nginx_reverseproxy_l4導引到linuxserverswag - ``` - cd ~/dockers/nginx_reverseproxy_l4 - vim data/nginx.conf - ``` - 加入下圖紅框的設定: - ![[Pasted image 20220516152230.png]] -3. 切換到`~/dockers/linuxserverswag/config/nginx/sites-available` -4. 新增一個confing檔,例如叫做`blog.conf`,內容如下: - ``` - upstream blog { - server 192.168.1.30:80; ## 網址 - } - - server { - listen 443 ssl; - server_name blog.awin.one; ## 網域 - - include /config/nginx/sites-available/common.conf; - include /config/nginx/ssl.conf; - - location / { - proxy_pass http://192.168.1.30:80/; ## 網址 - include /config/nginx/sites-available/common_location.conf; - } - } - ``` - 改變3個有註解的地方就可以了。 -5. 剛剛的config檔,新增到`sites-enabled`裡面 - 1. `cd ~/dockers/linuxserverswag/config/nginx/sites-enabled` - 2. `ln -s ../sites-available/blog.conf .` -6. 重新啟動swag:`cd ~/dockers/linuxserverswag ; sudo docker-compose restart` diff --git a/03. 資料收集/RC.md b/03. 資料收集/Hobby/RC.md similarity index 100% rename from 03. 資料收集/RC.md rename to 03. 資料收集/Hobby/RC.md diff --git a/03. 資料收集/模型/Traxxas Sledge.md b/03. 資料收集/Hobby/模型/Traxxas Sledge.md similarity index 100% rename from 03. 資料收集/模型/Traxxas Sledge.md rename to 03. 資料收集/Hobby/模型/Traxxas Sledge.md diff --git a/03. 資料收集/模型/舊化作例.md b/03. 資料收集/Hobby/模型/舊化作例.md similarity index 100% rename from 03. 資料收集/模型/舊化作例.md rename to 03. 資料收集/Hobby/模型/舊化作例.md diff --git a/03. 資料收集/軍武/虎式.md b/03. 資料收集/Hobby/軍武/虎式.md similarity index 100% rename from 03. 資料收集/軍武/虎式.md rename to 03. 資料收集/Hobby/軍武/虎式.md diff --git a/03. 資料收集/COM/20210726 - COM Interface.md b/03. 資料收集/Programming/COM/20210726 - COM Interface.md similarity index 100% rename from 03. 資料收集/COM/20210726 - COM Interface.md rename to 03. 資料收集/Programming/COM/20210726 - COM Interface.md diff --git a/03. 資料收集/DB/MySQL.md b/03. 資料收集/Programming/DB/MySQL.md similarity index 100% rename from 03. 資料收集/DB/MySQL.md rename to 03. 資料收集/Programming/DB/MySQL.md diff --git a/03. 資料收集/DB/sqlite.md b/03. 資料收集/Programming/DB/sqlite.md similarity index 100% rename from 03. 資料收集/DB/sqlite.md rename to 03. 資料收集/Programming/DB/sqlite.md diff --git a/03. 資料收集/Design Pattern.md b/03. 資料收集/Programming/Design Pattern.md similarity index 100% rename from 03. 資料收集/Design Pattern.md rename to 03. 資料收集/Programming/Design Pattern.md diff --git a/03. 資料收集/FFMPEG/00. Introduction.md b/03. 資料收集/Programming/FFMPEG/00. Introduction.md similarity index 100% rename from 03. 資料收集/FFMPEG/00. Introduction.md rename to 03. 資料收集/Programming/FFMPEG/00. Introduction.md diff --git a/03. 資料收集/FFMPEG/01. Setup.md b/03. 資料收集/Programming/FFMPEG/01. Setup.md similarity index 100% rename from 03. 資料收集/FFMPEG/01. Setup.md rename to 03. 資料收集/Programming/FFMPEG/01. Setup.md diff --git a/03. 資料收集/FFMpeg.md b/03. 資料收集/Programming/FFMpeg.md similarity index 100% rename from 03. 資料收集/FFMpeg.md rename to 03. 資料收集/Programming/FFMpeg.md diff --git a/03. 資料收集/Flask.md b/03. 資料收集/Programming/Flask.md similarity index 100% rename from 03. 資料收集/Flask.md rename to 03. 資料收集/Programming/Flask.md diff --git a/03. 資料收集/Media Foundation/20210604 - Windows media foundation.md b/03. 資料收集/Programming/Media Foundation/20210604 - Windows media foundation.md similarity index 100% rename from 03. 資料收集/Media Foundation/20210604 - Windows media foundation.md rename to 03. 資料收集/Programming/Media Foundation/20210604 - Windows media foundation.md diff --git a/03. 資料收集/OpenCV.md b/03. 資料收集/Programming/OpenCV.md similarity index 100% rename from 03. 資料收集/OpenCV.md rename to 03. 資料收集/Programming/OpenCV.md diff --git a/03. 資料收集/OpenGL.md b/03. 資料收集/Programming/OpenGL.md similarity index 100% rename from 03. 資料收集/OpenGL.md rename to 03. 資料收集/Programming/OpenGL.md diff --git a/03. 資料收集/Python/argparse.ArgumentParser.md b/03. 資料收集/Programming/Python/argparse.ArgumentParser.md similarity index 100% rename from 03. 資料收集/Python/argparse.ArgumentParser.md rename to 03. 資料收集/Programming/Python/argparse.ArgumentParser.md diff --git a/03. 資料收集/Python/decorator.md b/03. 資料收集/Programming/Python/decorator.md similarity index 100% rename from 03. 資料收集/Python/decorator.md rename to 03. 資料收集/Programming/Python/decorator.md diff --git a/03. 資料收集/Python/logging.md b/03. 資料收集/Programming/Python/logging.md similarity index 100% rename from 03. 資料收集/Python/logging.md rename to 03. 資料收集/Programming/Python/logging.md diff --git a/03. 資料收集/Python/opencv.md b/03. 資料收集/Programming/Python/opencv.md similarity index 100% rename from 03. 資料收集/Python/opencv.md rename to 03. 資料收集/Programming/Python/opencv.md diff --git a/03. 資料收集/Python/subprocess.md b/03. 資料收集/Programming/Python/subprocess.md similarity index 100% rename from 03. 資料收集/Python/subprocess.md rename to 03. 資料收集/Programming/Python/subprocess.md diff --git a/03. 資料收集/Python/threading.md b/03. 資料收集/Programming/Python/threading.md similarity index 100% rename from 03. 資料收集/Python/threading.md rename to 03. 資料收集/Programming/Python/threading.md diff --git a/03. 資料收集/Python/tkinter.md b/03. 資料收集/Programming/Python/tkinter.md similarity index 100% rename from 03. 資料收集/Python/tkinter.md rename to 03. 資料收集/Programming/Python/tkinter.md diff --git a/03. 資料收集/Python/檢測工具.md b/03. 資料收集/Programming/Python/檢測工具.md similarity index 100% rename from 03. 資料收集/Python/檢測工具.md rename to 03. 資料收集/Programming/Python/檢測工具.md diff --git a/03. 資料收集/QT/Dropdown button.md b/03. 資料收集/Programming/QT/Dropdown button.md similarity index 100% rename from 03. 資料收集/QT/Dropdown button.md rename to 03. 資料收集/Programming/QT/Dropdown button.md diff --git a/03. 資料收集/QT/QVariant.md b/03. 資料收集/Programming/QT/QVariant.md similarity index 100% rename from 03. 資料收集/QT/QVariant.md rename to 03. 資料收集/Programming/QT/QVariant.md diff --git a/03. 資料收集/QT/Qt.md b/03. 資料收集/Programming/QT/Qt.md similarity index 100% rename from 03. 資料收集/QT/Qt.md rename to 03. 資料收集/Programming/QT/Qt.md diff --git a/03. 資料收集/Qt.md b/03. 資料收集/Programming/Qt.md similarity index 100% rename from 03. 資料收集/Qt.md rename to 03. 資料收集/Programming/Qt.md diff --git a/03. 資料收集/UML.md b/03. 資料收集/Programming/UML.md similarity index 100% rename from 03. 資料收集/UML.md rename to 03. 資料收集/Programming/UML.md diff --git a/03. 資料收集/演算法.md b/03. 資料收集/Programming/演算法.md similarity index 100% rename from 03. 資料收集/演算法.md rename to 03. 資料收集/Programming/演算法.md diff --git a/03. 資料收集/架站/03. Trojan.md b/03. 資料收集/架站/03. Trojan.md deleted file mode 100644 index 5a6391f..0000000 --- a/03. 資料收集/架站/03. Trojan.md +++ /dev/null @@ -1,14 +0,0 @@ -## 準備 -### 安裝Maria DB - - -## 1. 下載trojan安裝檔 -``` -wget https://raw.githubusercontent.com/Jrohy/trojan/master/install.sh -``` - -## 參考 -- [Trojan史上最全面的脚本!Trojan所有脚本集合! - 简书](https://www.jianshu.com/p/bb14fc75292d) -- [VPS 初体验(三)在 VPS 上快速搭建 trojan 服务 - Kiku 的个人博客](https://kiku.vip/2021/10/16/%E5%9C%A8%20VPS%20%E5%BF%AB%E9%80%9F%E6%90%AD%E5%BB%BA%20trojan%20%E6%9C%8D%E5%8A%A1/) -- [mku228/trojan: 科学上网/翻墙梯子/自由上网/trojan 搭建教程 免费机场、VPN工具 小白科学上网一键搭建VPN梯子最新2022教程](https://github.com/mku228/trojan) -- [Jrohy/trojan: trojan多用户管理部署程序, 支持web页面管理](https://github.com/Jrohy/trojan) \ No newline at end of file diff --git a/03. 資料收集/架站/04. Gitea.md b/03. 資料收集/架站/Gitea.md similarity index 100% rename from 03. 資料收集/架站/04. Gitea.md rename to 03. 資料收集/架站/Gitea.md diff --git a/03. 資料收集/HTTP Server/Apache.md b/03. 資料收集/架站/HTTP Server/Apache.md similarity index 100% rename from 03. 資料收集/HTTP Server/Apache.md rename to 03. 資料收集/架站/HTTP Server/Apache.md diff --git a/03. 資料收集/架站/Nginx/Reverse Proxy(Layer4).md b/03. 資料收集/架站/HTTP Server/Nginx/Reverse Proxy(Layer4).md similarity index 97% rename from 03. 資料收集/架站/Nginx/Reverse Proxy(Layer4).md rename to 03. 資料收集/架站/HTTP Server/Nginx/Reverse Proxy(Layer4).md index 25d1cf3..fc927d9 100644 --- a/03. 資料收集/架站/Nginx/Reverse Proxy(Layer4).md +++ b/03. 資料收集/架站/HTTP Server/Nginx/Reverse Proxy(Layer4).md @@ -1,5 +1,5 @@ ## Reverse Proxy(Layer4) -[[Reverse Proxy(Layer4)#Reverse Proxy]]所用的方法雖然可以反向代理多個網站,但是對於像是Trojan這種TLS不行被中斷的服務來說,會導致handshake失敗,所以需要用Nginx的stream來做Layer 4的轉發。 +一般的Reverse Proxy所用的方法雖然可以反向代理多個網站,但是對於像是Trojan這種TLS不行被中斷的服務來說,會導致handshake失敗,所以需要用Nginx的stream來做Layer 4的轉發。 ### docker-compose.yaml 需要先把`nginx.conf`與`mime.types`給copy到data目錄下。 diff --git a/03. 資料收集/Pelican blog.md b/03. 資料收集/架站/Pelican blog.md similarity index 100% rename from 03. 資料收集/Pelican blog.md rename to 03. 資料收集/架站/Pelican blog.md diff --git a/03. 資料收集/Proxmox VE.md b/03. 資料收集/架站/Proxmox VE.md similarity index 100% rename from 03. 資料收集/Proxmox VE.md rename to 03. 資料收集/架站/Proxmox VE.md diff --git a/03. 資料收集/架站/02. SWAG Reverse proxy.md b/03. 資料收集/架站/SWAG Reverse proxy.md similarity index 100% rename from 03. 資料收集/架站/02. SWAG Reverse proxy.md rename to 03. 資料收集/架站/SWAG Reverse proxy.md diff --git a/03. 資料收集/Storj.md b/03. 資料收集/架站/Storj.md similarity index 100% rename from 03. 資料收集/Storj.md rename to 03. 資料收集/架站/Storj.md diff --git a/03. 資料收集/Trojan.md b/03. 資料收集/架站/Trojan.md similarity index 100% rename from 03. 資料收集/Trojan.md rename to 03. 資料收集/架站/Trojan.md diff --git a/03. 資料收集/802.11.md b/03. 資料收集/科技/802.11.md similarity index 100% rename from 03. 資料收集/802.11.md rename to 03. 資料收集/科技/802.11.md diff --git a/03. 資料收集/HDR Sensor.md b/03. 資料收集/科技/HDR Sensor.md similarity index 100% rename from 03. 資料收集/HDR Sensor.md rename to 03. 資料收集/科技/HDR Sensor.md diff --git a/03. 資料收集/量子電腦.md b/03. 資料收集/科技/量子電腦.md similarity index 100% rename from 03. 資料收集/量子電腦.md rename to 03. 資料收集/科技/量子電腦.md diff --git a/03. 資料收集/鋰電池.md b/03. 資料收集/科技/鋰電池.md similarity index 100% rename from 03. 資料收集/鋰電池.md rename to 03. 資料收集/科技/鋰電池.md diff --git a/03. 資料收集/IPFS.md b/03. 資料收集/軟體工具/IPFS.md similarity index 100% rename from 03. 資料收集/IPFS.md rename to 03. 資料收集/軟體工具/IPFS.md diff --git a/03. 資料收集/MkDocs.md b/03. 資料收集/軟體工具/MkDocs.md similarity index 100% rename from 03. 資料收集/MkDocs.md rename to 03. 資料收集/軟體工具/MkDocs.md diff --git a/03. 資料收集/Obsidian.md b/03. 資料收集/軟體工具/Obsidian.md similarity index 100% rename from 03. 資料收集/Obsidian.md rename to 03. 資料收集/軟體工具/Obsidian.md diff --git a/03. 資料收集/docker.md b/03. 資料收集/軟體工具/docker.md similarity index 100% rename from 03. 資料收集/docker.md rename to 03. 資料收集/軟體工具/docker.md diff --git a/03. 資料收集/git/apply.md b/03. 資料收集/軟體工具/git/apply.md similarity index 100% rename from 03. 資料收集/git/apply.md rename to 03. 資料收集/軟體工具/git/apply.md diff --git a/03. 資料收集/git/submodule.md b/03. 資料收集/軟體工具/git/submodule.md similarity index 100% rename from 03. 資料收集/git/submodule.md rename to 03. 資料收集/軟體工具/git/submodule.md