Docker embedded DNS

 1. 

在docker 1.10版本中，docker daemon實現了一個叫做embedded DNS server的東西，用來當你建立的容器滿足以下條件時：

• 使用自定義網路；
• 容器建立時候通過--name,--network-alias or --link提供了一個name；
• 
  

https://philipzheng.gitbook.io/docker_practice/advanced_network/dns

https://www.796t.com/content/1549334006.html

2. Good

nameserver 127.0.0.11
options ndots:0

nslookup c2 127.0.0.11

https://zjuturtle.com/2017/11/22/docker-network/

3. office embeedded dns

https://docs.docker.com.zh.xy2401.com/v17.09/engine/userguide/networking/configure-dns/

4. Install dns

https://medium.com/nagoya-foundation/running-a-dns-server-in-docker-61cc2003e899

https://stackoverflow.com/questions/73227593/how-to-set-bind9-docker-container-as-dns-of-other-container

https://ithelp.ithome.com.tw/users/20067006/ironman/3369?page=3

CA container smll-ca

 https://hub.docker.com/r/smallstep/step-ca

vi usage

 https://dywang.csie.cyut.edu.tw/dywang/rhcsaNote/node23.html

nginx 變數與語法與範例

 # Map

http://shouce.jb51.net/nginx-doc/Text/3.18_map.html

https://www.astralweb.com.tw/how-to-set-map-on-nginx/

# 語法

https://blog.learn-or-die.com/zh-tw/nginx/

https://linuxhint.com/nginx-location-regex-examples/

# good

https://segmentfault.com/a/1190000013267839

# 認識 Header

CSP

https://medium.com/hannah-lin/content-security-policy-csp-%E5%B9%AB%E4%BD%A0%E7%B6%B2%E7%AB%99%E5%88%97%E7%99%BD%E5%90%8D%E5%96%AE%E5%90%A7-df38c990f63c

#Variable

https://www.javatpoint.com/nginx-variables

http://nginx.org/en/docs/varindex.html

#Log

https://www.digitalocean.com/community/tutorials/nginx-access-logs-error-logs

# Bug

# authentication 404 

https://nova.moe/grafana-basic-auth/

https://nginx.org/en/docs/http/ngx_http_auth_basic_module.html#auth_basic

#nginx 與 php-fpm 運作介紹與設定

https://tec.xenby.com/20-nginx-%E8%88%87-php-fpm-%E9%81%8B%E4%BD%9C%E4%BB%8B%E7%B4%B9%E8%88%87%E8%A8%AD%E5%AE%9A%E8%AC%9B%E8%A7%A3

# 重導範例 1

rewrite ^/welcome $the_scheme://$the_host redirect;

location = / {
return 404;
}

# 加入 Header 在 proxy_pass 範例

location / {

add_header Access-Control-Allow-Origin *;

                proxy_pass http://drive-nextcloud/;

proxy_read_timeout 600;

                add_header X-server-header "test" always;

                add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;

                add_header X-Download-Options       "noopen"        always;

        }

https://stackoverflow.com/questions/14501047/how-to-add-a-response-header-on-nginx-when-using-proxy-pass

# nginx 可以學習

https://ithelp.ithome.com.tw/articles/10241034

https://ithelp.ithome.com.tw/articles/10280441

nextcloud onlyoffice

## nextcloud3 intro

https://nextcloud.com/blog/announcing-nextcloud-hub-3-brand-new-design-and-photos-2-0-with-editor-and-ai/

 

# nextcloud mismulus

https://ithelp.ithome.com.tw/articles/10297375?sc=iThelpR

# nextcloud apps

https://apps.nextcloud.com/

#nextcloud version

https://hub.docker.com/_/nextcloud/

# nextcloud install

https://www.asustor.com/zh-tw/online/College_topic?topic=273

https://ithelp.ithome.com.tw/articles/10240195

# nextcloud trust domain 

Trusted domains are used by Nextcloud to prevent Host Header Poisoning. You need to specify every domain at which your Nextcloud can be accessed. This means if you have Nextcloud installed at “192.168.0.29” and also want it to be accessible at “cloud.example.com” you’d need to modify the trusted_domains entry in your config/config.php. The initial config would look like the following: 'trusted_domains' => array ( 0 => '192.168.0.29', ), To add a new domain just add new entries by ap…

https://help.nextcloud.com/t/ubuntu-server-trusted-domains/80534

https://www.hacksplaining.com/prevention/host-header-poisoning

https://www.sjoerdlangkemper.nl/2017/09/13/attacks-on-host-header/

https://portswigger.net/web-security/host-header

# docker-onlyoffice-nextcloud/docker-compose.yml

https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud/blob/master/docker-compose.yml

# user basic auth

https://github.com/nextcloud/user_external#readme

https://github.com/nextcloud/user_external#readme

https://github.com/nextcloud/user_external/blob/master/lib/BasicAuth.php

https://stackoverflow.com/questions/42365264/nextcloud-external-login-for-users-in-another-database

https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04

https://github.com/nextcloud/desktop/issues/2046

https://github.com/nextcloud/user_external/tree/master/lib

https://help.nextcloud.com/t/issues-with-basic-auth-on-parent-directory/26112

https://help.nextcloud.com/t/issues-with-basic-auth-on-parent-directory/26112

###################################################

# only office

########################################################

setting: https://helpcenter.onlyoffice.com/gettingstarted/integration/Nextcloud.aspx

onlyoffice: https://github.com/ONLYOFFICE/DocumentServer

#fig:

https://api.onlyoffice.com/editors/nextcloud

# onlyoffice nextcloud setting or install

https://helpcenter.onlyoffice.com/gettingstarted/integration/Nextcloud.aspx

https://www.onlyoffice.com/office-for-nextcloud.aspx

https://hub.docker.com/r/onlyoffice/documentserver

#nx folder:

https://help.nextcloud.com/t/werent-there-files-directories-that-require-the-www-data-www-data-to-be-the-owner/66811

# nextcloud source code

https://github.com/nextcloud/server

https://github.com/ONLYOFFICE/DocumentServer/tags

# nextcloud https  and http mix

https://bayton.org/docs/nextcloud/nexcloud-behind-a-proxy-fixing-mixed-content-warnings-with-ssl/

#token

https://api.onlyoffice.com/editors/signature/

#test nextcloud

https://nx.armor.hinet.net/status.php

#nextcloud passwd

https://xenby.com/b/103-%E6%95%99%E5%AD%B8%E5%B0%8D%E7%B6%B2%E9%A0%81%E5%95%9F%E7%94%A8%E5%AF%86%E7%A2%BC%E9%A9%97%E8%AD%89-nginx

# onlyoffice jwt setting (try but no work)

https://help.nextcloud.com/t/onlyoffice-secret-key-issue/56464/12

https://helpcenter.onlyoffice.com/installation/docs-configure-jwt.aspx

# onlyoffice nginx proxy

https://github.com/ONLYOFFICE/document-server-proxy/tree/master/nginx

https://aarondevelops.com/nextcloud-onlyoffice/

https://www.jianshu.com/p/3f99d45fb4b8

#onlyoffice https self

https://linuxhandbook.com/nextcloud-onlyoffice/

#onlyoffice docker environment

https://helpcenter.onlyoffice.com/installation/groups-https-docker.aspx

https://helpcenter.onlyoffice.com/installation/docs-community-install-docker.aspx

# onlyoffice nginx https - tick [unreachable ]

https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud/issues/22

https://community.nethserver.org/t/onlyoffice-cannot-be-reached/20196/10

https://forum.onlyoffice.com/t/onlyoffice-cannot-be-reached-please-contact-admin/1199

https://help.nextcloud.com/t/nextcloud-18-onlyoffice-cannot-be-reached-please-contact-admin/80869

# mix content

https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/81

# onlyoffice with nextcloud container

https://www.jianshu.com/p/fc3a2697e11d

#onlyoffce decative welcome page

https://forum.onlyoffice.com/t/hide-deactivate-welcome-page/566

# Onlyoffice License and function

https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud

# Onlyoffice nginx exampe

https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud/blob/66ef6e9ff93aba2066e298163f0c2673d4f98df8/nginx.conf#L91

rabbitmq add user

 1. user command line

• rabbitmqctl add_user daniel daniel
• rabbitmqctl set_user_tags daniel administrator
• rabbitmqctl set_permissions -p / daniel ".*" ".*" ".*"

2. ref

https://stackoverflow.com/questions/40436425/how-do-i-create-or-add-a-user-to-rabbitmq

https://stackoverflow.com/questions/24639448/rabbitmq-set-permissions-syntax

Docker composer user authoor

 https://blog.wu-boy.com/2019/10/three-ways-to-setup-docker-user-and-group/

bug: mariadb Got an error reading communication

 Finally: not to solve it , but we can look

1. 

https://severalnines.com/blog/common-mysql-error-got-error-reading-communication-packet/

https://www.percona.com/blog/2016/05/16/mysql-got-an-error-reading-communication-packet-errors/

2. flask + sqlmyachle

https://www.maxlist.xyz/2020/10/06/flask-sqlalchemy-parameter/

https://flask-sqlalchemy.palletsprojects.com/en/2.x/config/

3. performance

https://www.datadoghq.com/blog/monitoring-mysql-performance-metrics/

https://stackoverflow.com/questions/2214039/command-to-check-read-write-ratio

dock-compose file

 1 environment

https://docs.docker.com/compose/environment-variables/

2. yaml future

anchored_content: &anchor_name This string will appear as the value of two keys. other_anchor: *anchor_name

ref

https://stackoverflow.com/questions/45805380/meaning-of-ampersand-in-docker-compose-yml-file

netcat 使用

 netcat 可分兩種執行模式client mode和server mode。可以使用client mode去確認TCP/UDP port是否開啟。

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

參數：

-z :  -z: Zero-I/O mode (Don’t send any data, just emit a packet without payload)

-l:    localhost

 -v 則是會顯示該port 

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

TCP:

開啟 server :

nc -l 8080

傳送封包：

nc -z 127.0.0.1 8080

傳送檔案

https://www.digitalocean.com/community/tutorials/how-to-use-netcat-to-establish-and-test-tcp-and-udp-connections

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

UTP:

傳送封包：

nc -zu  ip port

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

參考

1. https://unix.stackexchange.com/questions/589561/what-is-nc-z-used-for

2, https://blog.gtwang.org/linux/linux-utility-netcat-examples/

3. https://shazi.info/netcat-%E7%B6%B2%E8%B7%AF%E7%AE%A1%E7%90%86%E5%B7%A5%E5%85%B7-nc%E6%8C%87%E4%BB%A4-%E7%AD%86%E8%A8%98/

rabbitmq fix

 1. problem network partion

https://www.cnblogs.com/liyongsan/p/9640361.html

grafana

 https://opensource.dwins.com/?p=463

https://ithelp.ithome.com.tw/articles/10293304

https://logz.io/blog/grafana-vs-kibana/

Jupyter network on dockerfile

 https://datadiaries.dev/running-python-310-and-jupyter-notebook-on-a-docker-container

https://tw511.com/a/01/52544.html

mariadb partition

 1. good 

https://ithelp.ithome.com.tw/articles/10276752

2. other

https://dba.stackexchange.com/questions/219748/how-do-i-add-a-partition-to-an-existing-table-in-mariadb-mysql

https://ithelp.ithome.com.tw/articles/10231019

https://ithelp.ithome.com.tw/articles/10081041

https://docs.oracle.com/cd/E17952_01/mysql-5.7-en/partitioning-columns-range.html

https://medium.com/ricos-note/sql-server-%E5%96%84%E7%94%A8partition-table-1%E7%B0%A1%E4%BB%8B-4f7fabace89a

https://stackoverflow.com/questions/6093585/how-to-partition-a-table-by-datetime-column-

rabbitmq release

 

Rabbitmq 3.10 Release Overview

https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.10.9

RabbitMQ 3.10.9

https://www.rabbitmq.com/versions.html

ubuntu searial rj32

 https://it001.pixnet.net/blog/post/325021405-it%E4%BA%8B%E4%BB%B6%E7%B0%BF-%E6%80%8E%E9%BA%BC%E7%94%A8ubuntu%E9%80%A3%E6%8E%A5%E7%B6%B2%E8%B7%AF%E8%A8%AD%E5%82%99%E7%9A%84serial-conso

Harbor reference

 

1. https://www.gushiciku.cn/pl/ggGW/zh-tw

Rabbitmq cluster reference

 1. Firewall port: will open in 4369 and 25672

https://www.rabbitmq.com/clustering.html#node-names

• 4369: epmd, a helper discovery daemon used by RabbitMQ nodes and CLI tools
• 6000 through 6500: used by RabbitMQ Stream replication
• 25672: used for inter-node and CLI tools communication (Erlang distribution server port) and is allocated from a dynamic range (limited to a single port by default, computed as AMQP port + 20000). Unless external connections on these ports are really necessary (e.g. the cluster uses federation or CLI tools are used on machines outside the subnet), these ports should not be publicly exposed. See networking guide for details.
• 35672-35682: used by CLI tools (Erlang distribution client ports) for communication with nodes and is allocated from a dynamic range (computed as server distribution port + 10000 through server distribution port + 10010).

2.  what is the port 35672-35682

https://www.rabbitmq.com/configure.html

ABBITMQ_CTL_ERL_ARGS 3. other port https://www.rabbitmq.com/troubleshooting-networking.html Inter-node and CLI tool communication on port 25672 AMQP 0-9-1 (and 1.0, if enabled) listener for non-TLS connections, 5672 AMQP 0-9-1 (and 1.0, if enabled) listener for TLS-enabled connections, 5671 HTTP API listener on ports 15672 (HTTP only) 4. rabbitmq command line https://www.rabbitmq.com/management-cli.html

Parameters for the erl command used when invoking rabbitmqctl. This could be set to specify a range of ports to use for Erlang distribution: -kernel inet_dist_listen_min 35672 -kernel inet_dist_listen_max 35680

certificate use text with multi-domain

 https://www.ibm.com/docs/en/ztpf/1.1.0.15?topic=gssccr-configuration-file-generating-self-signed-certificates-certificate-requests

https://infra.engineer/windows/12-use-openssl-to-generate-a-multi-domain-ucc-certificate

https://serverfault.com/questions/694105/how-to-generate-a-multi-domain-and-or-wildcard-openssl-certificate

https://thesecmaster.com/how-to-generate-a-csr-for-multi-domain-ssl-certificates-using-openssl/

https://support.qacafe.com/knowledge-base/how-do-i-display-the-contents-of-a-ssl-certificate/

alpine nginx logrote with supervisord

ls -alh /var/lib/logrotate.status

   8 cat /var/lib/logrotate.status

   9 history

  10 logrotate -v /etc/logrotate.d/nginx

  11 history

  12 logrotate -vdf /etc/logrotate.conf

  13 ls -al /var/log/nginx/

  14 logrotate -vdf /etc/logrotate.conf

https://blog.toright.com/posts/4622/nginx-log-%E4%BB%A5%E6%97%A5%E6%9C%9F%E6%AD%B8%E6%AA%94.html

https://jiaming0708.github.io/2021/01/26/logrotate-nginx/

 

log does not need rotating (log has already been rotated)

###########################

# good at logrotate

###########################

https://www.baeldung.com/linux/rotating-logs-logrotate

https://www.onitroad.com/jc/linux/how-to-install-and-configure-log-roate-in-alpine-linux.html

https://weinan.io/2019/04/06/cron.html

##############

# crond

###############

https://asaba.sakuragawa.moe/2018/10/%E5%9C%A8-alpine-linux-%E5%AE%B9%E5%99%A8%E4%B8%AD%E4%BD%BF%E7%94%A8-crontab/

https://askubuntu.com/questions/907388/start-cron-service-with-supervisor

###############################

 supervisdrd

###################################

https://stackoverflow.com/questions/49090469/docker-alpine-linux-running-2-programs

https://www.huweihuang.com/article/linux/supervisor-usage/

1. Dockerfile is:

FROM alpine:latest
RUN apk update && apk add --no-cache supervisor openssh nginx
COPY supervisord.conf /etc/supervisord.conf
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]

2. supervisord.conf is:

[supervisord]

nodaemon=true

[program:crond]

command=/usr/sbin/crond -f

[program:nginx]

command=nginx -g 'daemon off;'

##

var/www # crond --help

BusyBox v1.28.4 (2018-07-17 15:21:40 UTC) multi-call binary.

Usage: crond -fbS -l N -d N -L LOGFILE -c DIR

    -f  Foreground

    -b  Background (default)

    -S  Log to syslog (default)

    -l N    Set log level. Most verbose:0, default:8

    -d N    Set log level, log to stderr

    -L FILE Log to FILE

    -c DIR  Cron dir. Default:/var/spool/cron/cro

#######################

 for reference

#####################

https://stackoverflow.com/questions/43792897/supervisorctl-3-3-1-not-working-complaining-about-not-finding-conf-file

https://askubuntu.com/questions/911940/error-ini-file-does-not-include-supervisorctl-section

Open switch

 https://www.openvswitch.org/

https://www.dell.com/zh-tw/shop/productdetailstxn/networking-s-series-25-100gbe

install:

https://sites.google.com/a/cnsrl.cycu.edu.tw/da-shu-bi-ji/sdn/floodlight

https://github.com/YanHaoChen/Learning-SDN/blob/master/Switch/OpenvSwitch/Walkthrough/README.md

https://readthedocs.org/projects/python-ovs-vsctl/downloads/pdf/latest/

https://github.com/openvswitch/ovs

https://www.796t.com/content/1530269779.html

Book:

https://www.tenlong.com.tw/products/9787121413605?list_name=srh

https://www.tenlong.com.tw/products/9787121367861?list_name=sp

https://www.tenlong.com.tw/products/9787121310423?list_name=srh

Linux ssh key script

 #https://blog.gtwang.org/linux/linux-ssh-public-key-authentication/

cd ~

mkdir -p .ssh

chmod 700 ~/.ssh

ssh-keygen

ssh-copy-id andychung@TPDT-AMR-01045

Install the time chrony

 https://shazi.info/chrony-%E7%B3%BB%E7%B5%B1%E6%A0%A1%E6%99%82%E5%B7%A5%E5%85%B7%EF%BC%8C%E6%8A%8A%E9%81%8E%E6%99%82%E7%9A%84-ntpdate-%E4%B8%9F%E6%8E%89%E5%90%A7/

 yum install chrony -y

 service chronyd start

chkconfig chronyd on

 vim /etc/chrony.conf

service chronyd restart

https://xyz.cinc.biz/2016/09/centos-7-chrony.html

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-configuring_ntp_using_the_chrony_suite#sect-differences_between_ntpd_and_chronyd

Nginx 504 time out gateway

ref: https://www.cnblogs.com/lemon-flm/p/8352194.html

 nginx比较强大,可以针对单个域名请求做出单个连接超时的配置. 

比如些动态解释和静态解释可以根据业务的需求配置

proxy_connect_timeout :后端服务器连接的超时时间_发起握手等候响应超时时间

proxy_read_timeout:连接成功后_等候后端服务器响应时间_其实已经进入后端的排队之中等候处理（也可以说是后端服务器处理请求的时间）

proxy_send_timeout :后端服务器数据回传时间_就是在规定时间之内后端服务器必须传完所有的数据

nginx使用proxy模块时，默认的读取超时时间是60s。

https://tecadmin.net/increase-request-timeout-in-nginx/

Docker container crond and alpine

 ###########################

# test crond

# https://www.linuxfixes.com/2022/01/solved-docker-cron-scheduled-job-not.html

# https://www.onitroad.com/jc/linux/how-to-install-and-configure-log-roate-in-alpine-linux.html

# https://weinan.io/2019/04/06/cron.html

# https://unix.stackexchange.com/questions/375577/why-is-crond-failing-to-run-a-non-root-crontab-on-alpine-linux

#

#############################

apk list -I | grep 'log'

mkdir /etc/periodic/1min

echo "*/1     *       *       *       *       run-parts /etc/periodic/1min" >> /etc/crontabs/root

tee /etc/periodic/1min/foo <<EOF

#!/bin/sh

echo "Hello, world"

date >> /tmp/foo_crond

EOF

crond -f -l 8

# Your can run in out side to start cornd 

docker exec -d share_nginx crond -f -l 8

Cenot7 systemd command

https://www.3chy2.com.tw/3c%E8%B3%87%E8%A8%8A/linux-systemd-%E8%A9%B3%E7%B4%B0%E4%BB%8B%E7%B4%B9-unit%E3%80%81unit-file%E3%80%81systemctl%E3%80%81target/

Linux Systemd 詳細介紹: Unit、Unit File、Systemctl、Target

2020-09-01

Systemd

簡介

CentOS 7 使用 Systemd 替換了SysV

Ubuntu 從 15.04 開始使用 Systemd

Systemd 是 Linux 系統工具，用來啟動守護進程，已成為大多數發行版的標準配置.....

.....

 

ref:

https://codingbee.net/rhcsa/rhcsa-the-target-unit

https://www.tecmint.com/list-all-running-services-under-systemd-in-linux/

nfs: https://codingbee.net/rhcsa/nfs-how-to-set-up-an-nfs-client-on-centos-7

https://www.systutorials.com/docs/linux/man/7-nfs.systemd/

https://fossies.org/linux/nfs-utils/systemd/var-lib-nfs-rpc_pipefs.mount

sourcecode

https://fossies.org/linux/nfs-utils/systemd/var-lib-nfs-rpc_pipefs.mount

C3 example

 1. D3 format

https://observablehq.com/@d3/d3-format

https://stackoverflow.com/questions/38639357/c3-js-timeseries-graph-with-percentage-y-axis

https://c3js.org/gettingstarted.html

1-5 c3:

https://hackmd.io/UEzl5wVER7-jVRZj7jqYpQ

https://hackmd.io/@ericacadu/H1k5d1Xew

2,  c3. example

https://a498390344.medium.com/d3-js-c3-js%E5%AD%B8%E7%BF%92%E7%AD%86%E8%A8%98-56ca4e2c88

https://hsuchihting.github.io/javascript/20200715/3292510004/

var chart = c3.generate({
bindto: "#chart",
data: {
columns: [
["data1", 30, 200, 100, 400, 150, 250],
["data2", 50, 20, 10, 40, 15, 25]
],
//新增 data2 的數據在右邊
axes: {
data2: "y2"
},
//自訂圖表類型
types: {
data1: "line", //指定 data1 的圖表類型
data2: "bar" // 指定 data2 的圖表類型
},
//自訂 data 顏色
colors: {
data1: "#03A9F4",
data2: "#76FF03"
}
},
legend: {
show: true //是否顯示項目
},
//客製左邊數據
axis: {
//客製 X 軸內容
x: {
type: "category",
categories: [2000, 2001, 2002, 2003, 2004, 2005],
label: {
text: "X軸名稱"
}
},
//客製 Y 軸內容
y: {
ticket:{
format: d3.format('s')
}
},
//客製右側 (data2) Y2 軸內容
y2: {
show: true,
label: {
text: "右邊Y軸名稱",
position: "outer-middle" //名稱位置
}
}
}
});

3. flask

https://stackoverflow.com/questions/51669102/how-to-pass-data-to-html-page-using-flask

https://flask.palletsprojects.com/en/0.12.x/tutorial/templates/

https://yanwei-liu.medium.com/python%E7%B6%B2%E9%A0%81%E8%A8%AD%E8%A8%88-flask%E4%BD%BF%E7%94%A8%E7%AD%86%E8%A8%98-%E4%BA%8C-89549f4986de

https://devs.tw/post/448

docker xargs and command

 1 xargs

https://shengyu7697.github.io/linux-xargs/

2.kill commad

https://stackoverflow.com/questions/27757405/how-to-kill-process-inside-container-docker-top-command

https://stackoverflow.com/questions/34552232/cant-kill-processes-originating-in-a-docker-container

docker exec -it tadeu_debian ps aux | grep ping | awk '{ print $2 }' | xargs -I{} docker exec -i tadeu_debian kill -9

3. docker command

https://docs.docker.com/engine/reference/commandline/exec/

https://devconnected.com/docker-exec-command-with-examples/

COMMAND should be an executable, a chained or a quoted command will not work. Example: docker exec -ti my_container "echo a && echo b" will not work, but docker exec -ti my_container sh -c "echo a && echo b" will

docker rm all exit container

 sudo docker ps -a | grep Exit | cut -d ' ' -f 1 | xargs sudo docker rm

https://coderwall.com/p/zguz_w/docker-remove-all-exited-containers

mariadb lock

 http://blog.itpub.net/29773961/viewspace-2145185/

https://www.cnblogs.com/digdeep/p/4892953.html

https://www.twblogs.net/a/5c7faad4bd9eee35fc13486f

https://www.delftstack.com/zh-tw/howto/mysql/waiting-for-table-metadata-lock/

python webssh

# webssh office

https://pypi.org/project/webssh/

+---------+     http     +--------+    ssh    +-----------+
| browser | <==========> | webssh | <=======> | ssh server|
+---------+   websocket  +--------+    ssh    +-----------+

#  webssh and nginx

#https://www.s0nnet.com/archives/conf-webssh

#http://blog.51sec.org/2020/07/python-development-installation-on.html#point2

#https://xyz.cinc.biz/2021/05/nginx-reverse-proxy-websocket.html

# websocket

https://ithelp.ithome.com.tw/articles/10249282

# trouble

# cross domain https://github.com/huashengdun/webssh/issues/98

wssh --origin="*" --debug 

nginx ssh proxy

 主要是要會用 nginx stream module

------------------------------------------------------------

https://blog.csdn.net/carefree2005/article/details/121229818

一、stream模块简介

  stream模块一般用于TCP/UDP数据流的代理和负载均衡，通过stream模块我们可以代理转发tcp报文。ngx_stream_core_module模块从1.9.0版开始提供。默认情况下，此模块不是构建的，应该使用–with stream配置参数启用它，即我们需要使用./configure --with-stream的方式在编译的时候将stream模块添加进去。stream模块用法和http模块差不多，语法也基本相同。

二、使用场景说明

  stream主要有两个可用场景。一是实现流量的代理转发，这里所说的代理转发是只某些端口服务是有源IP地址限制的，例如mysql账户一般是限制了源地址为应用服务器，nginx可能同时是WEB应用服务器，开发人员需要验证一些数据库数据问题，但是账户源地址有限制，此时通过nginx进行数据流转发就可以实现开发终端到mysql的访问。二是实现流量的负载均衡，我们有多个tcp或者udp端口服务（比如DNS），通过stream模块我们可以实现数据流的负载均衡，支持负载均衡算法包括轮询、最小连接数、ip_hash等。

------------------------------------------------------------

# stream module install

https://alpine.pkgs.org/3.16/alpine-main-aarch64/nginx-mod-stream-1.22.0-r1.apk.html

# stream moduele

--ref: https://www.reddit.com/r/selfhosted/comments/eqvi05/reverse_proxy_ssh_connection_with_nginx/

stream { upstream ssh { server localhost:22; } server { listen 80; proxy_pass ssh; } }

----------

https://blog.csdn.net/C3399/article/details/124469967

# ssh tunnel

https://johnliu55.tw/ssh-tunnel.html

https://xenby.com/b/269-%E6%95%99%E5%AD%B8-%E9%80%8F%E9%81%8E-ssh-tunnel-%E5%B0%87%E4%BC%BA%E6%9C%8D%E5%99%A8%E5%85%A7%E9%83%A8%E6%9C%8D%E5%8B%99%E7%B6%81%E5%AE%9A%E5%88%B0%E6%9C%AC%E6%A9%9F%E9%9B%BB%E8%85%A6%E4%B8%8A

# ref

https://iter01.com/68023.html

python alchmsql

 1. learning:

https://sites.google.com/site/sqlalchemynote/home/wu-jian--guan-lian-jiao-xue

2. https://docs.sqlalchemy.org/en/14/orm/query.html

3. https://www.codegrepper.com/code-examples/assembly/sqlalchemy+datetime+range+filter

docker volume

 Good https://phoenixnap.com/kb/nfs-docker-volumes

example

sudo docker volume create --driver local --opt type=nfs --opt o=addr=172.30.1.1,rw --opt device=:/remote_nfs_dir my-docker-nfs

[andychung@TPDT-AMR-01045 system-jupyterLab]$ sudo docker volume ls

local     my-docker-nfs

# structure

https://docs.docker.com/storage/volumes/

python time

 https://blog.goodjack.tw/2020/04/create-datetime-with-timezone-via-python3-without-pytz.html

https://www.programiz.com/python-programming/datetime/timestamp-datetime

https://www.adamsmith.haus/python/examples/5639/datetime-get-the-year,-month,-and-day-of-a-%60datetime%60

https://docs.python.org/zh-tw/3.8/library/datetime.html

python post data or json data

 good disc: https://stackoverflow.com/questions/9733638/how-to-post-json-data-with-python-requests

good disc2: https://stackoverflow.com/questions/26685248/difference-between-data-and-json-parameters-in-python-requests-package

good disc3: https://stackoverflow.com/questions/9733638/how-to-post-json-data-with-python-requests

office api: https://reqbin.com/code/python/m2g4va4a/python-requests-post-json-example

python json object is not serialable

problem: in class or object, we need define json encode data

Solution:

add  def __jsonencode__(self): 

create AdvancedJSONEncoder

example: 

-------------

import json

class User(object):

    def __init__(self, username):

        self.username = username

    def __jsonencode__(self):

        return {'username': self.username}

        

class AdvancedJSONEncoder(json.JSONEncoder):

    def default(self, obj):

        if hasattr(obj, '__jsonencode__'):

            return obj.__jsonencode__()

        #if isinstance(obj, set):

        #    return list(obj)

        return json.JSONEncoder.default(self, obj)

user = User('foo')

print(json.dumps(user,cls=AdvancedJSONEncoder))

-------------

good

https://myapollo.com.tw/zh-tw/python-make-json-serializable-class

other

https://www.kmp.tw/post/jsondumpsdatetimeerror/

python argument empty array error

Finally: 

. Python’s default arguments are evaluated once when the function is defined, not each time the function is called.

 There is a technique called memoization,  

https://nikos7am.com/posts/mutable-default-arguments/

Avoid using an empty list as a default argument to a function

A very common error in Python is the use of an empty list as a default argument to a function. This is not the right way to do it and can cause unwanted behavior. See for example below:

def append_to_list(element, list_to_append=[]):
    list_to_append.append(element)
    return list_to_append

>>> a = append_to_list(10)
[10]
>>> b = append_to_list(20)
[10, 20]

x509 and open ssl

 中華憑證

https://publicca.hinet.net/download/SSL/Lighttpd_INSTALL.pdf

https://justry.io/%E5%A6%82%E4%BD%95%E5%9C%A8apache%E5%AE%89%E8%A3%9Dssl%E6%86%91%E8%AD%89/

SSL 憑證製作與匯入/ 中繼憑證/根憑證

https://ithelp.ithome.com.tw/m/articles/10282250

https://www.sslbuyer.com/index.php?option=com_content&view=article&id=183:what-is-certificate-chain&catid=25&Itemid=4031

x509

https://zh.wikipedia.org/zh-tw/X.509

https://www.researchgate.net/figure/X509-SSL-certificate-format-46_fig3_321580115

憑證學習

https://blog.dexiang.me/zh-tw/technologies/x509/

https://haway.30cm.gg/ssl-key-csr-crt-pem/

憑證名稱欄

https://stellvia7.pixnet.net/blog/post/117141052-%5B%E8%BD%89%E8%B2%BC%5D-%E6%86%91%E8%AD%89%E7%9A%84%E9%81%8B%E4%BD%9C%E6%96%B9%E5%BC%8F-%28x.509%29

工具

＃csr check https://www.sslshopper.com/csr-decoder.html

https://support.qacafe.com/knowledge-base/how-do-i-display-the-contents-of-a-ssl-certificate/

https://www.sslshopper.com/article-most-common-openssl-commands.html

https://knowledge.digicert.com/solution/SO29559.html

python exception strange with finally return will result no exception

 

def say():

    try:

        1/0

    except Exception as e:

        print("exception in side")

        raise Exception("say exception")

    finally:

        print("finally")

        # have this line happen no exception disappear

        return True

        

try:

    say()

except Exception as e:

    print("exception out side")

    print(e)

#>>>

exception in side

finally

#>>> no return statement is corrent

exception in side

finally

exception out side

say exception

python pass function in class with multiple parameter

 

class myTest:

    def __init__(self):

        self.doSubs = [{'func':self.shout}, {'func':self.say}]

        #self.doSub = self.shout

    

    def shout(self, text = 'Good', name = 'day'): 

        return text.upper() + ', ' + name

    

    def say(self, text = "hi"): 

        return text.upper()

 #   def doRun(self):

 #       print(self.doSub('Hello', 'andy'))

        

    def doRun(self):

        for job in self.doSubs:

            print(job['func']())

            #print(job['func']('Hello', 'andy'))

        

        

test = myTest()

#print( test.shout('hello', 'andy') )

#yell = shout

test.doRun() 

    

#print(yell('Hello', 'andy')) 

Paper worker net

 https://ico.org.uk/for-organisations/guide-to-data-protection/

https://www.gartner.com/en

https://www.nist.gov/

https://cloudsecurityalliance.org/research/artifacts/

https://www.scmagazine.com/

https://www.sans.org/white-papers/

https://cseweb.ucsd.edu/~vahdat/papers/b4-sigcomm13.pdf

https://ithelp.ithome.com.tw/articles/10226074

wget download

 1. with more inforamtion with header ( response -S)

wget --server-response http://www.example.com/ 

ref: https://stackoverflow.com/questions/12120935/wget-output-document-and-headers-to-stdout

https://www.commandlinefu.com/commands/view/1811/dump-http-header-using-wget

2.  attach file name

wget --content-disposition <url>

3. outhor  filename

wget -O file_name 

O: more info

https://linuxize.com/post/wget-command-examples/

apple news

 https://www.apple.com/newsroom/

git new repostory

 #  branch rename

https://stackoverflow.com/questions/67302652/how-to-change-the-main-branch-to-master-on-github-command-line

#ref

1. branch: https://backlog.com/git-tutorial/tw/stepup/stepup2_2.html

2. git remote: https://git-scm.com/book/zh-tw/v2/Git-%E5%9F%BA%E7%A4%8E-%E8%88%87%E9%81%A0%E7%AB%AF%E5%8D%94%E5%90%8C%E5%B7%A5%E4%BD%9C

3. https://devconnected.com/how-to-change-git-remote-origin/

4. https://zlargon.gitbooks.io/git-tutorial/content/branch/create_delete.html

Curl command

 https://blog.techbridge.cc/2019/02/01/linux-curl-command-tutorial/

https://www.codegrepper.com/code-examples/whatever/curl+data+urlencode

wifi 11bf

 1. wiki : https://en.wikipedia.org/wiki/Channel_state_information

2. https://www.cool3c.com/article/166039

taiwan 物品遺失

1. 

• 首頁 >
• 悠遊卡歷史交易查詢

https://ezweb.easycard.com.tw/search/CardSearch.php

2.  警局

https://op2.npa.gov.tw/NM107-512Client/OP02A01Q_01.jsp

3. youbike

https://ntpc.youbike.com.tw/problem/lostnfound?_id=5cbd27e1083e7b26d01a7893

4. metro

https://web.metro.taipei/c/lf_metrotaipei.asp

https://www.ntmetro.com.tw/lost_property/?page=2&date_start=2022-03-04&date_end=2022-03-11

linux bash splite long command

 REF: https://linuxhint.com/split-long-bash-command/

use \

zstd -z \
    --ultra \
-r --rm \
--format=zstd *

mariadb_backup

 1. download all

mysqldump --all-databases --user=root --password > database.sql

2.  restore

mysql -u root -p < database.sql

3.  ref1   ref2

Linux create/delete user, group, and acl

 1.  Add special user and group

group ref useradd_ref  acl_birds

#groupadd -g 4200 sysadmin2

#useradd appadmin1 -u 4100 -g 4100  -s /bin/bash 

#deluser ...

2. 　useradd command and compare adduser ref

useradd is law level
The command useradd is also used to add users. It comes with some flags.  Some of them are as follows.
-D        Defaults
-m        Creates a home directory
-s         Defines the shell for the user
-e         Date on which the user account will be disabled
-b         Base directory for the home directory of the user
-u         UID
-g         Initial group number
-G        Additional groups by name
-c         Comment