Submitted by gouki on 2019, July 26, 4:40 PM
如题。本来想切caddy的。caddy已经更新。但因为我用的是lightsail,结果又不能自动更新。而当前域名,我切到了aws 的lightsail。因为lightsail属于aws旗下,必须得由IAM等管理工具来配权限,然而lightsail却只有action没有policy。不知道怎么配了
但奇怪的是,ssldocker却可以申请证书。caddy一直报没有权限(caddy我还配置了aws_app_key.....反而不行,而ssldocker啥也不要)
再坚持几天。如果ssldocker继续 不稳定(systemd 重启失败多次),还是恢复成nginx + acme.sh (或者certbot)。。或者。。。实在不行,切回dnspod!!!NND
Tags: ssldocker, caddy, lightsail, aws
Linux | 评论:0
| 阅读:7906
Submitted by gouki on 2019, July 25, 11:00 AM
其实ssldocker的效率并不高,而且网上几乎没有啥文档
缺点:
1、不支持泛域名,比如我neatstudio.com和www.neatstudio.com,我得配两条记录
2、只能反向代理 ,不支持直接象nginx那样配一个php-fpm之类的
优点
1、http2https,自带
2、域名随意自动签,不需要其他软件
其实我本来是想用caddy的。但社区型软件就有一个很大的问题,比如这个域名ssl,到现在都不正常。应该是模块的版本号的问题。也懒得重新编译了(虽然 说性能比ssldocker好,但既然我要动手,那就先算了)
ssldocker就一个文件:ssldocker -c conf.json就完事了。
之前一直用supervisor,这回用systemd,好象也就两行代码的事情。不然我还得 ssldocker -c conf.json & 。现在两行代码解决
忍忍,先用着吧
Tags: ssldocker
Linux | 评论:0
| 阅读:7899
Submitted by gouki on 2019, July 22, 11:26 PM
尝试使用laravel的时候,看到有推荐且指定要用Homestead,其实我一直用MAMP,看博客的人都知道。用了N年了。但从更早的博客看的话,应该是会发现我是用虚拟机+NFS来进行代码和虚拟域名管理的。
那时候只要装一个hosts管理软件,然后指定127.0.0.1 为host,同时将虚拟机的端口映射出来就行了。所有的apache/nginx配置都在虚拟机里完成。好处当然有,在那个没有vagrant的年代,vmware+虚拟机文件,团队里就有统一的开发环境了,这时候不用担心他们用windows还是用mac又或者用linux。环境统统一样。
现在homestead,其实也是做了同样的事情。各种东西帮你装好(嗯,以前装虚拟机还要自己折腾)
之前弄好的时候,vagrant ssh都可以直接免密登录的(毕竟读Homestead.yaml,其实是Homestead下有一个Vagrantfile,里面的脚本让他可以读到Homestead.yaml)。
刚才修改了一下Homestead.yaml,结果登录的时候就需要输入密码了,密码当然没啥问题,不就是vagrant么。但为什么呢?报错信息是:Guest-specific operations were attempted on a machine that is not ready for guest communication. This should not happen and a bug should be reported.网上查了查,很多人出现过这个情况:有人说,删了~/.vagrant.d目录就行了。但我不行啊。这个目录下有6G,而且我下的box是支持parallels desktop的。如果重下,代价太大了。(网速太慢)
我尝试vagrant halt再vagrant up,发现一个问题,提示我有一个port从8025没法映射到mac 的8025,而改成2200了。我想了想,好象我在mac安装了mailhog,难道是因为这个原因?于是我brew services stop mailhog,再vagrant up,果然 没有报错
再回到之前的google搜索,在这里:https://github.com/hashicorp/vagrant/issues/8499,有个人也有提出:
The fix for this issue was released in the plugin. The root cause is due to the network reset after applying port forwards. It causes DHCP configured devices to drop their address and re-acquire a new lease which leads to the "Guest-specific operations..." error. The fix adds a pause after applying the forwards before continuing. If you find that the pause is not long enough, it can be configured using a provider configuration option: https://www.vagrantup.com/docs/vmware/configuration.html#port_forward_network_pause
Cheers!
---EOF---
好了,问题解决。安心 睡觉
Tags: vagrant, homestead, mailhog
Linux | 评论:0
| 阅读:7996
Submitted by gouki on 2019, July 21, 9:14 AM
使用laravel的人,好象一直都推荐使用homestead,所以我也就尝试了一下。由于默认的vagrant都是用的virtual box,而我一直是嫌弃他繁,而且几年前耗的资源让我心有余悸,再加上我本地本来就有Parallels Desktop,所以我就找找资料,看看能不能使用parallels。
结果是出人意料的好,官方也支持,只是需要安装个插件,戳这里看一下:https://parallels.github.io/vagrant-parallels/docs/getting-started.html,几行命令行可:vagrant plugin install vagrant-parallels,
然后就是初始化了,vagrant init laravel/homestead,这时候会跳出个选择,就象这样:
XML/HTML代码
- ==> box: Loading metadata for box 'laravel/homestead'
- box: URL: https://vagrantcloud.com/laravel/homestead
- This box can work with multiple providers! The providers that it
- can work with are listed below. Please review the list and choose
- the provider you will be working with.
-
- 1) hyperv
- 2) parallels
- 3) virtualbox
- 4) vmware_desktop
-
- Enter your choice: 2
- ==> box: Adding box 'laravel/homestead' (v8.0.0) for provider: parallels
选择2 就行了。然后就会开始下载。由于下载地址在github上面,然后实际 是在aws的S3上,痛苦的事情就这样来了。。。不爬梯子动也不动。番了墙也只有400多K,所幸,1个多小时就下载下来了。
然后vagrant up --provider=parallels,这样就好了
XML/HTML代码
- vagrant up --provider=parallels
- /opt/vagrant/embedded/gems/2.2.4/gems/vagrant-2.2.4/lib/vagrant/util/which.rb:37: warning: Insecure world writable dir /server in PATH, mode 040777
- Bringing machine 'default' up with 'parallels' provider...
- ==> default: Registering VM image from the base box 'laravel/homestead'...
- ==> default: Creating new virtual machine as a linked clone of the box image...
- ==> default: Unregistering the box VM image...
- ==> default: Setting the default configuration for VM...
- ==> default: Checking if box 'laravel/homestead' version '8.0.0' is up to date...
- ==> default: Setting the name of the VM: blessappyzhancom_default_1563640904299_97304
- ==> default: Preparing network interfaces based on configuration...
- default: Adapter 0: shared
- ==> default: Clearing any previously set network interfaces...
- ==> default: Running 'pre-boot' VM customizations...
- ==> default: Booting VM...
- ==> default: Waiting for machine to boot. This may take a few minutes...
- default: SSH address: 10.211.55.9:22
- default: SSH username: vagrant
- default: SSH auth method: private key
- default: Warning: Connection refused. Retrying...
- default:
- default: Vagrant insecure key detected. Vagrant will automatically replace
- default: this with a newly generated keypair for better security.
- default:
- default: Inserting generated public key within guest...
- default: Removing insecure key from the guest if it's present...
- default: Key inserted! Disconnecting and reconnecting using new SSH key...
- ==> default: Machine booted and ready!
- ==> default: Checking for Parallels Tools installed on the VM...
- ==> default: Parallels Tools installed on this VM are outdated! In most cases
- ==> default: this is fine but in rare cases it can cause things such as shared
- ==> default: folders to not work properly. If you see shared folder errors,
- ==> default: please update Parallels Tools within the virtual machine and
- ==> default: reload your VM.
- ==> default: Installing the proper version of Parallels Tools. This may take a few minutes...
- ==> default: Parallels Tools have been installed. Rebooting the VM...
- ==> default: Attempting graceful shutdown of VM...
- ==> default: Running 'pre-boot' VM customizations...
- ==> default: Booting VM...
- ==> default: Waiting for machine to boot. This may take a few minutes...
- ==> default: Machine booted and ready!
- ==> default: Mounting shared folders...
- default: /vagrant => /server/wwwroot/yzhan/test.com
运行一下vagrant ssh ,顺利登录,而且看到 当前项目目录下有一个 .vagrant的目录,里面都是一些配置文件等。
到此,安装结束,看了下进程,占CPU0.x,内存400多M。ssh进去后php-fpm的进程超级多。从5.6~7.3的都有。安心的用了
Tags: vagrant
Linux | 评论:0
| 阅读:9658
Submitted by gouki on 2019, June 1, 12:57 AM
1、 nginx的proxy_pass要加载默认的 proxy_params,里面配置了怎么传递 真实IP
2、apache默认的combine的logformat默认没有取有代理 情况下的IP,所以需要加一个:
XML/HTML代码
- LogFormat "\"%{x-forwarded-for}i\" %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined2
然后CustomLog的时候就是使用 combined2,例如: CustomLog ${APACHE_LOG_DIR}/www.neatstudio.com.access.log combined2
上面那个logformat如果要全局使用,就放到apache.conf里。如果只是当前项目使用,则可以放到当前的hosts文件中
---EOF---
其实没啥,就是做个记录。老是会忘
Linux | 评论:0
| 阅读:7643