-
-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VPS : Setup Ubuntu VPS. #36
Comments
云主机 + Ubuntu 配置教程
Checklist:
参考:
|
配置服务器:网络设置/静态IP:更改镜像源:
sudo bash -c "cat << EOF > /etc/apt/sources.list && apt update
deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
EOF"
安装 clash:
echo -e "export http_proxy=http://127.0.0.1:7890\nexport https_proxy=http://127.0.0.1:7890" >> ~/.bashrc
echo -e "export http_proxy=http://127.0.0.1:7890\nexport https_proxy=http://127.0.0.1:7890" >> ~/.zshrc |
从0配置 Ubuntu VPS 主机:安装依赖:
apt update -y
apt install curl -y
apt install git -y
apt install zsh -y
apt install vim -y
apt install tmux -y
# ssh 登录保护:
apt install fail2ban -y
# Python 包安装: for docker-compose
apt install python3-pip -y
sudo apt update -y
sudo apt install curl -y
sudo apt install git -y
sudo apt install zsh -y
sudo apt install vim -y
sudo apt install tmux -y
# set zsh:
sudo chsh -s $(which zsh) 创建 dev 用户:
# 参数说明:
# -m 创建用户的主目录,如 /home/xxx
# -g 指定用户所属的群组
# -G 指定用户所属的附加群组,将新用户加入 sudo 群组中,以获得 root 权限
# -s 指定用户登入后所使用的shell。注意使用 /bin/bash 之类的路径,而非 /usr/bin/bash
useradd -m -g users -G sudo -s /bin/zsh dev
# 设置密码:
passwd dev
配置 zsh:
# 切换到新用户(注意要切换身份+env)
su - dev
q: 先不定制zsh(未装oh-my-zsh)
# 进入用户目录
cd ~
# 安装
sh -c "$(wget https://github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)"
# zsh theme:
wget https://raw.githubusercontent.com/skylerlee/zeta-zsh-theme/master/zeta.zsh-theme
#
cp zeta.zsh-theme ~/.oh-my-zsh/themes
# vim ~/.zshrc
ZSH_THEME="zeta"
# 自带:
ZSH_THEME="candy"
# 登出账号
exit |
配置 SSH key 登录:
sudo apt install openssh-server -y
ssh root@22.33.22.33 -p 22
# 交互式输入密码 🔥 VPS 侧 设置:
cd ~
mkdir .ssh
ssh-keygen
cd .ssh/
cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
chmod 700 ~/.ssh
vim /etc/ssh/sshd_config
# update:
RSAAuthentication yes
PubkeyAuthentication yes
PermitRootLogin yes
# set ok, then add this:
PasswordAuthentication no
# 检测配置文件是否异常
sshd -t
# 重启
service sshd restart 本机设置:
# 放入本地路径: 追加一个 `换行符`
~/.ssh/vps/id_rsa.crypto
# 修正权限:
chmod 600 ~/.ssh/vps/id_rsa.crypto
# 示例方式:
ssh root@22.33.22.33 -p 22 -i ~/.ssh/vps/id_rsa.crypto
禁用密码访问服务器:
# 设置登录成功, 再改此:
PasswordAuthentication no
service sshd restart
ssh root@22.33.22.33 -p 22
配置 SSH Config
Host vps.hw # 别名
HostName xx.xxx.xx.xxx # 替换 xx.xxx.xx.xxx 为服务器 ip 地址
Port 22 # 端口,稍后会进行修改
User xxx # 用户名
IdentityFile ~/.ssh/vps/key.hw # 私钥文件
# 命令行直接通过如下参数, 自动连接.
ssh vps.hy
|
SSH 超时断开问题:
ClientAliveInterval 60
ClientAliveCountMax 3 |
中间件定制:Tmux 使用:brew install tmux
|
Linux 性能调优:
|
安装 docker:配置源:# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
#
# change:
# - https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg
#
sudo curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://mirrors.aliyun.com/docker-ce/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
安装 docker 组件:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
sudo docker run hello-world 配置 docker:
dockerd-rootless-setuptool.sh install 配置开机启动:# 开机启动
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl status docker
创建 docker 用户组:
# 1. 创建 docker 用户组
sudo groupadd docker
# 2. 添加用户到 docker 用户组:
sudo usermod -aG docker $USER
# 3. 重启
sudo service docker restart
# 4. exit, 需要退出当前终端, 重新登入, 才能生效.
exit
docker run hello-world
配置 docker-compose:# 方法1:
apt install python3-pip -y
pip3 install docker-compose
# 方法2:
curl -sSL https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 get-pip.py
pip3 install docker-compose 限制 docker 容器日志:
{
"log-driver": "json-file",
"log-opts": { "max-size": "50m", "max-file": "3" }
}
{
"log-driver": "local",
"log-opts": {
"max-size": "50m"
}
}
sudo service docker restart |
docker 更新国内镜像源:2024 更新源:sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
"https://hub.uuuadc.top",
"https://docker.anyhub.us.kg",
"https://dockerhub.jobcher.com",
"https://dockerhub.icu",
"https://docker.ckyl.me",
"https://docker.awsl9527.cn"
]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker 可能已经过期的源:
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
"https://docker.m.daocloud.io",
"https://hub.uuuadc.top",
"https://docker.anyhub.us.kg",
"https://dockerhub.jobcher.com",
"https://dockerhub.icu",
"https://docker.ckyl.me",
"https://docker.awsl9527.cn"
]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
# 自动走镜像源:
docker pull redis
docker run hello-world |
git 设置:git config --global user.name "crypto"
git config --global user.email crypto@gmail.com
git config --global core.editor vim
|
Open
安全防护:
apt install fail2ban -y
|
Linux 服务器状态检测:
hostnamectl
uname -a
cat /proc/version
df -Th
df -hl
df -h
# 单位 MB
free -m
cat /proc/meminfo
cat /proc/sys/fs/file-max
9223372036854775807
ulimit -n
1024
# vim /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
📖 Abstract:
💯 Related:
The text was updated successfully, but these errors were encountered: