server_misc

  1. Homebrew
  2. PyPI
  3. Users and group
  4. SSH
  5. nginx
    1. Intro
    2. Get Familiar with Important Nginx Files and Directories
      1. Content
      2. Server Configuration
      3. Server Logs

[TOC]

Homebrew

#brew 改清华源

cd "$(brew --repo)"
git remote set-url origin https://mirrors.tuna.tsinghua.edu.cn/git/homebrew/brew.git

cd "$(brew --repo)/Library/Taps/homebrew/homebrew-core"
git remote set-url origin https://mirrors.tuna.tsinghua.edu.cn/git/homebrew/homebrew-core.git

brew update

PyPI

国内镜像:
https://pypi.tuna.tsinghua.edu.cn/simple

Users and group

# 创建user
adduser <user name>
# 将新建用户添加到已有组
add user_name group_name

#从已有组中删除用户
groupmems -g group_name -d user_name

# 查看用户所在组
groups user_name

#查看用户组的所有成员

groupmems -g group_name -l 

# 删除user
deluser <user name>

SSH

​ SSH(Secure Shell),允许客户端安全地登陆远程服务器。SSH有两种登陆方式,一有密码登陆,二有 ssh-key 登陆。两端连接时尝试建立认证关系。首次登陆将提示:

ssh username@host_ip 

The authenticity of host 'host ip' can't be established.
ECDSA key fingerprint is SHA256:'hash_string'.

Are you sure you want to continue connecting (yes/no)? #type yes

#after type yes;
Warning: Permanently added 'host_ip' (ECDSA) to the list of known hosts.
root@host_ip's password:#输入密码

# 如果以后想修改这对密钥的密码,执行 ssh-keygen -p 。按提示输入即可成功修改密码。

​ 用ssh-key 登陆方式可以不再需要登陆密码。ssh-keygen生成公私密钥。本地保存rsa私钥,远程添加公钥后,用ssh便可以直接登录。

#生成公私密钥:
ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (~/.ssh/id_rsa): #输入密钥名称,可按回车使用默认名
Enter passphrase (empty for no passphrase):# 输入私钥密码。
#再次确认密码

Your identification has been saved in testing.
Your public key has been saved in testing.pub.
The key fingerprint is:
SHA256:hash_string username@client_pc
The key's randomart image is:
+---[RSA 2048]----+
|.  o=E&+++       |
|.= .OB.==+=      |
|+.+..==.+*o.     |
|o.o .. ..o+      |
| . .   oS+       |
|        + .      |
|         .       |
|                 |
|                 |
+----[SHA256]-----+

# ./ 目录下有 id_rsa 和 id_rsa.pub;后者是公钥,前者是私钥。
# 添加公钥到远程服务器。
#方法一:本地操作
        ssh-copy-id username@host_ip -i <identity file> 
#        参数可选
#方法二: 密码登录服务器后在 ~/.ssh/authorized_keys 添加完整公钥
#在本地执行 
ssh username@host_ip
#登陆成功。

nginx

Intro

nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, originally written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VK, and Rambler. According to Netcraft, nginx served or proxied 26.34% busiest sites in June 2019. Here are some of the success stories: Dropbox, Netflix, Wordpress.com, FastMail.FM.

nginx 在商用的企业服务使用了10几年,开发了许多企业的专业服务。经开源发布后,大量开发人员也参与进来。经过多年商业战场的考验,nginx也酝酿出显著的特性。

Ubuntu 安装

#Install the prerequisites:

    sudo apt install curl gnupg2 ca-certificates lsb-release

#To set up the apt repository for stable nginx packages, run the following command:

    echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
        | sudo tee /etc/apt/sources.list.d/nginx.list

#If you would like to use mainline nginx packages, run the following command instead:

    echo "deb http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" \
        | sudo tee /etc/apt/sources.list.d/nginx.list

#Next, import an official nginx signing key so apt could verify the packages authenticity:

    curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -

#Verify that you now have the proper key:

    sudo apt-key fingerprint ABF5BD827BD9BF62

#The output should contain the full fingerprint 573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62 as follows:

    pub   rsa2048 2011-08-19 [SC] [expires: 2024-06-14]
          573B FD6B 3D8F BC64 1079  A6AB ABF5 BD82 7BD9 BF62
    uid   [ unknown] nginx signing key <signing-key@nginx.com>

#To install nginx, run the following commands:

    sudo apt update
    sudo apt install nginx

安装成功后,执行

#查看防火墙状态
ufw status

#若不包含nginx。
ufw allow "Nginx Full"

#若已经开启 apache2 ,关闭它
systemctl stop apache2

# 查看状态,应为active
systemctl status nginx

# systemctl 一些命令
# systemctl start/restart/stop/reload <service name>




Get Familiar with Important Nginx Files and Directories

From DigitalOcean:

Now that you know how to manage the service itself, you should take a few minutes to familiarize yourself with a few important directories and files.

Content

  • /var/www/html: The actual web content, which by default only consists of the default Nginx page you saw earlier, is served out of the /var/www/html directory. This can be changed by altering Nginx configuration files.

Server Configuration

  • /etc/nginx: The Nginx configuration directory. All of the Nginx configuration files reside here.
  • /etc/nginx/nginx.conf: The main Nginx configuration file. This can be modified to make changes to the Nginx global configuration.
  • /etc/nginx/sites-available/: The directory where per-site “server blocks” can be stored. Nginx will not use the configuration files found in this directory unless they are linked to the sites-enabled directory (see below). Typically, all server block configuration is done in this directory, and then enabled by linking to the other directory.
  • /etc/nginx/sites-enabled/: The directory where enabled per-site “server blocks” are stored. Typically, these are created by linking to configuration files found in the sites-available directory.
  • /etc/nginx/snippets: This directory contains configuration fragments that can be included elsewhere in the Nginx configuration. Potentially repeatable configuration segments are good candidates for refactoring into snippets.

Server Logs

  • /var/log/nginx/access.log: Every request to your web server is recorded in this log file unless Nginx is configured to do otherwise.
  • /var/log/nginx/error.log: Any Nginx errors will be recorded in this log.

转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论。

文章标题:server_misc

本文作者:枫云李

发布时间:2019-07-11, 00:00:00

最后更新:2020-01-16, 02:06:12

原始链接:https://primelyw.github.io/2019/07/11/server_misc/

版权声明: "署名-非商用-相同方式共享 4.0" 转载请保留原文链接及作者。

目录
github