awin/Obsidian-Main
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vault backup: 2022-09-26 18:29:43

Browse Source 
Affected files:
.obsidian/workspace
01. 個人/02. 專注Study/20150803 - Android/Android programming.md
01. 個人/02. 專注Study/20220601 - C++/C++17 1.md
03. 資料收集/01. 架站/01. Nginx Layer4 Reverse Proxy.md
03. 資料收集/Android operating.md
03. 資料收集/DB/MySQL.md
03. 資料收集/DB/sqlite.md
03. 資料收集/NextDNS.md
03. 資料收集/SLAM.md
03. 資料收集/V2Ray.md
03. 資料收集/__templates/blogHeader.md
03. 資料收集/__templates/date.md
03. 資料收集/__templates/front matter.md
03. 資料收集/__templates/note.md
03. 資料收集/__templates/table.md
03. 資料收集/__templates/thisWeek.md
03. 資料收集/__templates/日記.md
03. 資料收集/__templates/讀書筆記.md
03. 資料收集/frp.md
03. 資料收集/youtube-dl.md
03. 資料收集/架站/02. SWAG Reverse proxy.md
03. 資料收集/架站/03. Trojan.md
03. 資料收集/架站/04. Gitea.md
03. 資料收集/架站/Nginx/Reverse Proxy(Layer4).md
03. 資料收集/模型/Traxxas Sledge.md
03. 資料收集/模型/舊化作例.md
03. 資料收集/財經.md
03. 資料收集/軍武/虎式.md
03. 資料收集/面試準備/技术面试最后反问面试官的话.md
This commit is contained in:
Awin Huang
2022-09-26 18:29:43 +08:00
parent be8ed59169
commit 95a804e0da
29 changed files with 13 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

247
03. 資料收集/架站/02. SWAG Reverse proxy.md Normal file
View File

@@ -0,0 +1,247 @@
[SWAG](https://docs.linuxserver.io/general/swag)可以幫我們反向代理並且有https。是由linuxserver.io包裝的Nginx webserver和reverse proxy的container。
#### 建立docker-compose
1. 建立folder
```bash
mkdir -p ~/dockers/linuxserverswag ; cd ~/dockers/linuxserverswag
```
2. 建立`docker-compose.yaml`
```
vim docker-compose.yaml
```
填入內容如下:
```yaml
version: "2.1"
services:
swag:
image: ghcr.io/linuxserver/swag
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- TZ=Asia/Taipei
- URL=awin.one
- SUBDOMAINS=wildcard
- VALIDATION=dns
- CERTPROVIDER= #optional
- DNSPLUGIN=cloudflare #optional
- PROPAGATION= #optional
- DUCKDNSTOKEN= #optional
- EMAIL=awinhuang@gmail.com
- ONLY_SUBDOMAINS=false #optional
- EXTRA_DOMAINS= #optional
- STAGING=false #optional
- MAXMINDDB_LICENSE_KEY= #optional
volumes:
- ./config:/config
ports:
- 44320:443
- 8020:80 #optional
restart: unless-stopped
```
3. 先跑一次:
```bash
sudo docker-compose up
```
會發現有錯誤,這是正常的,錯誤訊息像這樣:
```
swag | Unsafe permissions on credentials configuration file: /config/dns-conf/cloudflare.ini
swag | Cleaning up challenges
swag | Error determining zone_id: 9103 Unknown X-Auth-Key or X-Auth-Email. Please confirm that you have supplied valid Cloudflare API credentials. (Did you enter the correct email address and Global key?)
swag | ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/cloudflare.ini file.
```
按`ctrl + c`退出。這時候`config`目錄也會有swag所mapping出來的相關檔案。修改`config/dns-conf/cloudflare.ini`
```bash
vim config/dns-conf/cloudflare.ini
```
把`config/dns-conf/cloudflare.ini`改為:
```
# Instructions: https://github.com/certbot/certbot/blob/master/certbot-dns-cloudflare/certbot_dns_cloudflare/__init__.py#L20
# Replace with your values
With global api key:
dns_cloudflare_email = awinhuang@gmail.com
dns_cloudflare_api_key = <YOUR_API_KEY_FROM_CLOUDFLARE>
# With token (comment out both lines above and uncomment below):
#dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567
```
4. 再跑一次:
```bash
sudo docker-compose up
```
這一次就可以順利取得認證了,訊息像這樣:
```
swag | IMPORTANT NOTES:
swag | - Congratulations! Your certificate and chain have been saved at:
swag | /etc/letsencrypt/live/awin.one/fullchain.pem
swag | Your key file has been saved at:
swag | /etc/letsencrypt/live/awin.one/privkey.pem
swag | Your certificate will expire on 2021-04-26. To obtain a new or
swag | tweaked version of this certificate in the future, simply run
swag | certbot again. To non-interactively renew *all* of your
swag | certificates, run "certbot renew"
swag | - If you like Certbot, please consider supporting our work by:
swag |
swag | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
swag | Donating to EFF: https://eff.org/donate-le
swag |
swag | New certificate generated; starting nginx
swag | Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind,
swag | and add a new env variable "MAXMINDDB_LICENSE_KEY", set to your license key.
swag | [cont-init.d] 50-config: exited 0.
swag | [cont-init.d] 60-renew: executing...
swag | The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
swag | [cont-init.d] 60-renew: exited 0.
swag | [cont-init.d] 70-templates: executing...
swag | [cont-init.d] 70-templates: exited 0.
swag | [cont-init.d] 99-custom-files: executing...
swag | [custom-init] no custom files found exiting...
swag | [cont-init.d] 99-custom-files: exited 0.
swag | [cont-init.d] done.
swag | [services.d] starting services
swag | [services.d] done.
swag | nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
swag | Server ready
```
最後一行的`swag | Server ready`表示server已經跑起來了。先按下`ctrl + c`退出再來設定reverse proxy。
5. 修正`config/dns-conf/cloudflare.ini`的安全性問題
```
cd ~/dockers/linuxserverswag ; chmod 600 config/dns-conf/cloudflare.ini
```
#### Setup reverse proxy
1. 建立folder
```
cd ~/dockers/linuxserverswag ; mkdir -p config/nginx/sites-available config/nginx/sites-enabled
```
2. 建立以下檔案:
- `config/nginx/sites-available/common.conf`,內容:
```
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
```
- `config/nginx/sites-available/common_location.conf`,內容:
```
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
```
- `config/nginx/sites-available/storj.conf`,內容:
```
upstream storj {
server 192.168.1.11:14002;
}
server {
listen 443 ssl;
server_name storj.awin.one;
include /config/nginx/sites-available/common.conf;
include /config/nginx/ssl.conf;
location / {
proxy_pass http://192.168.1.11:14002/;
include /config/nginx/sites-available/common_location.conf;
}
}
```
- `config/nginx/sites-available/blog.conf`,內容:
```
upstream blog {
server 192.168.1.30:80;
}
server {
listen 443 ssl;
server_name blog.awin.one;
include /config/nginx/sites-available/common.conf;
include /config/nginx/ssl.conf;
location / {
proxy_pass http://192.168.1.30:80/;
include /config/nginx/sites-available/common_location.conf;
}
}
```
- `config/nginx/sites-available/gitea.conf`,內容:
```
upstream gitea {
server 192.168.1.32:3000; ## 網址
}
server {
listen 443 ssl;
server_name gitea.awin.one; ## 網域
include /config/nginx/sites-available/common.conf;
include /config/nginx/ssl.conf;
location / {
proxy_pass http://192.168.1.32:3000/; ## 網址
include /config/nginx/sites-available/common_location.conf;
}
}
```
3. 在`config/nginx/sites-enabled`裡面建立要enable的config
```
cd config/nginx/sites-enabled ; ln -s ../sites-available/storj.conf . ; cd -
```
4. 修改`config/nginx/nginx.conf`
```
vim config/nginx/nginx.conf
```
找到`include /config/nginx/site-confs/*;`這一行把它comment掉在下面新增一行
```
include /config/nginx/sites-enabled/*.conf;
```
5. 啟動swag
```
cd ~/dockers/linuxserverswag ; sudo docker-compose up -d
```
#### Restart
```bash
cd ~/dockers/linuxserverswag ; sudo docker-compose restart
```
#### Update certification
1. 進到dockr的swag bash裡面`sudo docker exec -it swag /bin/bash`
2. 輸入 `certbot renew`
3. ![[Pasted image 20210422205534.png]]
#### Trouble shooting
- 如果遇到類似下面的錯誤:
```
ERROR: for swag Cannot start service swag: driver failed programming external connectivity on endpoint swag (7c527d046631e0957de0b831ca25bed296de76e2eb96378964cb0110d7fb017d): Bind for 0.0.0.0:443 failed: port is already allocated.
```
表示有其他程式佔住了80 port可能是其他docker container或是service必須先關閉它們。[^1]
#### 參考來源
1. [linuxserver/docker-swag: Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.](https://github.com/linuxserver/docker-swag)
2. [How to set up an easy and secure reverse proxy with Docker, Nginx & Letsencrypt](https://www.freecodecamp.org/news/docker-nginx-letsencrypt-easy-secure-reverse-proxy-40165ba3aee2/)
3. [SWAG setup - LinuxServer.io](https://docs.linuxserver.io/general/swag#understanding-the-proxy-conf-structure)
4. [NGINX Docs | NGINX Reverse Proxy](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/)
5. [Nginx 設定反向代理 Reverse Proxy](https://www.opencli.com/linux/nginx-config-reverse-proxy)
6. [用 Nginx 伺服器建立反向代理](https://noob.tw/nginx-reverse-proxy/)
7. [俄羅斯不愧是戰鬥民族nginx - iT 邦幫忙::一起幫忙解決難題,拯救 IT 人的一天](https://ithelp.ithome.com.tw/articles/10188498)
[^1]: [啟動docker時出現「Cannot start service :driver failed programming external connectivity on endpoint xxx, Bind for 0.0.0.0:80 failed: port is already allocated 」](https://mitsuiwei.com/docker-cannot-start-service/)

14
03. 資料收集/架站/03. Trojan.md Normal file
View File

@@ -0,0 +1,14 @@
## 準備
### 安裝Maria DB
## 1. 下載trojan安裝檔
```
wget https://raw.githubusercontent.com/Jrohy/trojan/master/install.sh
```
## 參考
- [Trojan史上最全面的脚本Trojan所有脚本集合 - 简书](https://www.jianshu.com/p/bb14fc75292d)
- [VPS 初体验(三)在 VPS 上快速搭建 trojan 服务 - Kiku 的个人博客](https://kiku.vip/2021/10/16/%E5%9C%A8%20VPS%20%E5%BF%AB%E9%80%9F%E6%90%AD%E5%BB%BA%20trojan%20%E6%9C%8D%E5%8A%A1/)
- [mku228/trojan: 科学上网/翻墙梯子/自由上网/trojan 搭建教程 免费机场、VPN工具 小白科学上网一键搭建VPN梯子最新2022教程](https://github.com/mku228/trojan)
- [Jrohy/trojan: trojan多用户管理部署程序, 支持web页面管理](https://github.com/Jrohy/trojan)

52
03. 資料收集/架站/04. Gitea.md Normal file
View File

@@ -0,0 +1,52 @@
## docker-compose.yml
```yaml
version: "3"
networks:
gitea:
external: false
services:
server:
image: gitea/gitea:latest
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_HOST=db:3306
- DB_NAME=gitea
- DB_USER=gitea
- DB_PASSWD=gitea
- TZ=Asia/Taipei
restart: always
networks:
- gitea
volumes:
- ./datas/gitea:/data
- /home/git/.ssh/:/data/git/.ssh
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "322:322"
depends_on:
- db
db:
image: mysql:8
restart: always
environment:
- MYSQL_ROOT_PASSWORD=gitea
- MYSQL_USER=gitea
- MYSQL_PASSWORD=gitea
- MYSQL_DATABASE=gitea
networks:
- gitea
volumes:
- ./datas/db:/var/lib/mysql
```
## 文件
- [Gitea Docs: Config Cheat Sheet](https://docs.gitea.io/zh-tw/config-cheat-sheet/)
- [How to Install Gitea on Ubuntu Using Docker](https://www.digitalocean.com/community/tutorials/how-to-install-gitea-on-ubuntu-using-docker)

292
03. 資料收集/架站/Nginx/Reverse Proxy(Layer4).md Normal file
View File

@@ -0,0 +1,292 @@
## Reverse Proxy(Layer4)
[[Reverse Proxy(Layer4)#Reverse Proxy]]所用的方法雖然可以反向代理多個網站但是對於像是Trojan這種TLS不行被中斷的服務來說會導致handshake失敗所以需要用Nginx的stream來做Layer 4的轉發。
### docker-compose.yaml
需要先把`nginx.conf``mime.types`給copy到data目錄下。
依序執行下面2個命令
```shell
sudo docker run --rm -it nginx cat /etc/nginx/nginx.conf > nginx.conf
sudo docker run --rm -it nginx cat /etc/nginx/mime.types > mime.types
```
然後:
```shell
mkdir data ;\
mv nginx.conf mime.types data
```
建立`docker-compose.yaml`
```yaml
version: '3'
services:
nginx_reverseproxy_l4:
container_name: nginx
restart: always
image: nginx
ports:
- "80:80"
- "443:443"
volumes:
- ./data:/etc/nginx
```
修改`data/nginx.conf`
```nginx
events {
worker_connections 1024; <-- event 不用動
}
stream {
map $ssl_preread_server_name $backend_name {
tjn.awin.one trojan;
storj.awin.one swag;
}
# trojan
upstream trojan {
server 192.168.1.31:443;
}
# swag
upstream swag {
server 192.168.1.20:44320;
}
# 监听 443 并开启 ssl_preread
server {
listen 80 reuseport;
listen 443 reuseport;
listen [::]:443 reuseport;
proxy_pass $backend_name;
ssl_preread on;
}
}
http {
... <-- http 不用動
}
```
重點來源:
1. [Trojan 共用 443 端口方案 - 程小白](https://www.chengxiaobai.cn/record/trojan-shared-443-port-scheme.html)
2. [NaiveProxy + Trojan + 多HTTPS站点共存复用443端口 | 心底的河流](https://lhy.life/20200815-naiveproxy+trojan/)
3. `$ssl_preread_server_name`的官方說明:[Module ngx_stream_ssl_preread_module](http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html)
## Reverse Proxy
> **重要**確定docker與docker-compose已經安裝好。
> 參考[[RaspberryPi#Docker]]與[[RaspberryPi#docker-compose]]
### Use SWAG docker
[swag](https://github.com/linuxserver/docker-swag)(之前叫做letsencrypt)是linuxserver.io包裝的Nginx webserver和reverse proxy的container。
#### Setup HTTPS
1. 建立folder
```bash
mkdir -p ~/dockers/linuxserverswag ; cd ~/dockers/linuxserverswag
```
2. 建立`docker-compose.yaml`
```
vim docker-compose.yaml
```
填入內容如下:
```yaml
version: "2.1"
services:
swag:
image: ghcr.io/linuxserver/swag
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- TZ=Asia/Taipei
- URL=awin.one
- SUBDOMAINS=wildcard
- VALIDATION=dns
- CERTPROVIDER= #optional
- DNSPLUGIN=cloudflare #optional
- PROPAGATION= #optional
- DUCKDNSTOKEN= #optional
- EMAIL=awinhuang@gmail.com
- ONLY_SUBDOMAINS=false #optional
- EXTRA_DOMAINS= #optional
- STAGING=false #optional
- MAXMINDDB_LICENSE_KEY= #optional
volumes:
- ./config:/config
ports:
- 44320:443
- 8020:80 #optional
restart: unless-stopped
```
3. 先跑一次:
```bash
sudo docker-compose up
```
會發現有錯誤,這是正常的,錯誤訊息像這樣:
```
swag | Unsafe permissions on credentials configuration file: /config/dns-conf/cloudflare.ini
swag | Cleaning up challenges
swag | Error determining zone_id: 9103 Unknown X-Auth-Key or X-Auth-Email. Please confirm that you have supplied valid Cloudflare API credentials. (Did you enter the correct email address and Global key?)
swag | ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/cloudflare.ini file.
```
按`ctrl + c`退出。這時候`config`目錄也會有swag所mapping出來的相關檔案。修改`config/dns-conf/cloudflare.ini`
```bash
vim config/dns-conf/cloudflare.ini
```
把`config/dns-conf/cloudflare.ini`改為:
```
# Instructions: https://github.com/certbot/certbot/blob/master/certbot-dns-cloudflare/certbot_dns_cloudflare/__init__.py#L20
# Replace with your values
With global api key:
dns_cloudflare_email = awinhuang@gmail.com
dns_cloudflare_api_key = <YOUR_API_KEY_FROM_CLOUDFLARE>
# With token (comment out both lines above and uncomment below):
#dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567
```
4. 再跑一次:
```bash
sudo docker-compose up
```
這一次就可以順利取得認證了,訊息像這樣:
```
swag | IMPORTANT NOTES:
swag | - Congratulations! Your certificate and chain have been saved at:
swag | /etc/letsencrypt/live/awin.one/fullchain.pem
swag | Your key file has been saved at:
swag | /etc/letsencrypt/live/awin.one/privkey.pem
swag | Your certificate will expire on 2021-04-26. To obtain a new or
swag | tweaked version of this certificate in the future, simply run
swag | certbot again. To non-interactively renew *all* of your
swag | certificates, run "certbot renew"
swag | - If you like Certbot, please consider supporting our work by:
swag |
swag | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
swag | Donating to EFF: https://eff.org/donate-le
swag |
swag | New certificate generated; starting nginx
swag | Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind,
swag | and add a new env variable "MAXMINDDB_LICENSE_KEY", set to your license key.
swag | [cont-init.d] 50-config: exited 0.
swag | [cont-init.d] 60-renew: executing...
swag | The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
swag | [cont-init.d] 60-renew: exited 0.
swag | [cont-init.d] 70-templates: executing...
swag | [cont-init.d] 70-templates: exited 0.
swag | [cont-init.d] 99-custom-files: executing...
swag | [custom-init] no custom files found exiting...
swag | [cont-init.d] 99-custom-files: exited 0.
swag | [cont-init.d] done.
swag | [services.d] starting services
swag | [services.d] done.
swag | nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
swag | Server ready
```
最後一行的`swag | Server ready`表示server已經跑起來了。先按下`ctrl + c`退出再來設定reverse proxy。
5. 修正`config/dns-conf/cloudflare.ini`的安全性問題
```
cd ~/dockers/linuxserverswag ; chmod 600 config/dns-conf/cloudflare.ini
```
#### Setup reverse proxy
1. 建立folder
```
cd ~/dockers/linuxserverswag ; mkdir -p config/nginx/sites-available config/nginx/sites-enabled
```
2. 建立以下檔案:
- `config/nginx/sites-available/common.conf`,內容:
```
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
```
- `config/nginx/sites-available/common_location.conf`,內容:
```
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
```
- `config/nginx/sites-available/storj.conf`,內容:
```
upstream storj {
server 192.168.1.11:14002;
}
server {
listen 443 ssl;
server_name storj.awin.one;
include /config/nginx/sites-available/common.conf;
include /config/nginx/ssl.conf;
location / {
proxy_pass http://192.168.1.11:14002/;
include /config/nginx/sites-available/common_location.conf;
}
}
```
3. 在`config/nginx/sites-enabled`裡面建立要enable的config
```
cd config/nginx/sites-enabled ; ln -s ../sites-available/storj.conf . ; cd -
```
4. 修改`config/nginx/nginx.conf`
```
vim config/nginx/nginx.conf
```
找到`include /config/nginx/site-confs/*;`這一行把它comment掉在下面新增一行
```
include /config/nginx/sites-enabled/*.conf;
```
5. 啟動swag
```
cd ~/dockers/linuxserverswag ; sudo docker-compose up -d
```
#### Restart
```bash
cd ~/dockers/linuxserverswag ; sudo docker-compose restart
```
#### Update certification
1. 進到dockr的swag bash裡面`sudo docker exec -it swag /bin/bash`
2. 輸入 `certbot renew`
3. ![[Pasted image 20210422205534.png]]
#### Trouble shooting
- 如果遇到類似下面的錯誤:
```
ERROR: for swag Cannot start service swag: driver failed programming external connectivity on endpoint swag (7c527d046631e0957de0b831ca25bed296de76e2eb96378964cb0110d7fb017d): Bind for 0.0.0.0:443 failed: port is already allocated.
```
表示有其他程式佔住了80 port可能是其他docker container或是service必須先關閉它們。[^1]
#### 參考來源
1. [linuxserver/docker-swag: Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.](https://github.com/linuxserver/docker-swag)
2. [How to set up an easy and secure reverse proxy with Docker, Nginx & Letsencrypt](https://www.freecodecamp.org/news/docker-nginx-letsencrypt-easy-secure-reverse-proxy-40165ba3aee2/)
3. [SWAG setup - LinuxServer.io](https://docs.linuxserver.io/general/swag#understanding-the-proxy-conf-structure)
-----
- 參考
- [NGINX Docs | NGINX Reverse Proxy](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/)
- [Nginx 設定反向代理 Reverse Proxy](https://www.opencli.com/linux/nginx-config-reverse-proxy)
- [用 Nginx 伺服器建立反向代理](https://noob.tw/nginx-reverse-proxy/)
- [俄羅斯不愧是戰鬥民族nginx - iT 邦幫忙::一起幫忙解決難題,拯救 IT 人的一天](https://ithelp.ithome.com.tw/articles/10188498)
[^1]: [啟動docker時出現「Cannot start service :driver failed programming external connectivity on endpoint xxx, Bind for 0.0.0.0:80 failed: port is already allocated 」](https://mitsuiwei.com/docker-cannot-start-service/)