-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
1687 lines (804 loc) · 98.3 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<!doctype html>
<html class="theme-next muse use-motion">
<head>
<meta charset="UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>
<meta http-equiv="Cache-Control" content="no-transform" />
<meta http-equiv="Cache-Control" content="no-siteapp" />
<link href="/vendors/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css" />
<link href="//fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext" rel="stylesheet" type="text/css">
<link href="/vendors/font-awesome/css/font-awesome.min.css?v=4.4.0" rel="stylesheet" type="text/css" />
<link href="/css/main.css?v=5.0.1" rel="stylesheet" type="text/css" />
<meta name="keywords" content="Hexo, NexT" />
<link rel="shortcut icon" type="image/x-icon" href="/favicon.ico?v=5.0.1" />
<meta name="description" content="没有什么能够阻挡,你对自由的向往!">
<meta property="og:type" content="website">
<meta property="og:title" content="匿名">
<meta property="og:url" content="https://zhgcao.github.io/index.html">
<meta property="og:site_name" content="匿名">
<meta property="og:description" content="没有什么能够阻挡,你对自由的向往!">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="匿名">
<meta name="twitter:description" content="没有什么能够阻挡,你对自由的向往!">
<script type="text/javascript" id="hexo.configuration">
var NexT = window.NexT || {};
var CONFIG = {
scheme: 'Muse',
sidebar: {"position":"left","display":"post"},
fancybox: true,
motion: true,
duoshuo: {
userId: 0,
author: '博主'
}
};
</script>
<link rel="canonical" href="https://zhgcao.github.io/"/>
<title> 匿名 </title>
</head>
<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
<div class="container one-collumn sidebar-position-left
page-home
">
<div class="headband"></div>
<header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
<div class="header-inner"><div class="site-meta ">
<div class="custom-logo-site-title">
<a href="/" class="brand" rel="start">
<span class="logo-line-before"><i></i></span>
<span class="site-title">匿名</span>
<span class="logo-line-after"><i></i></span>
</a>
</div>
<p class="site-subtitle">爱自由、爱爬墙</p>
</div>
<div class="site-nav-toggle">
<button>
<span class="btn-bar"></span>
<span class="btn-bar"></span>
<span class="btn-bar"></span>
</button>
</div>
<nav class="site-nav">
<ul id="menu" class="menu">
<li class="menu-item menu-item-home">
<a href="/" rel="section">
<i class="menu-item-icon fa fa-fw fa-home"></i> <br />
首页
</a>
</li>
<li class="menu-item menu-item-archives">
<a href="/archives" rel="section">
<i class="menu-item-icon fa fa-fw fa-archive"></i> <br />
归档
</a>
</li>
<li class="menu-item menu-item-tags">
<a href="/tags" rel="section">
<i class="menu-item-icon fa fa-fw fa-tags"></i> <br />
标签
</a>
</li>
</ul>
</nav>
</div>
</header>
<main id="main" class="main">
<div class="main-inner">
<div class="content-wrap">
<div id="content" class="content">
<section id="posts" class="posts-expand">
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/09/06/ubuntu-install-gateone/" itemprop="url">
Ubuntu 安装配置 GateOne
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-09-06T19:03:29+08:00" content="2016-09-06">
2016-09-06
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<p>平常要操作VPS,大多是用putty这样的SSH客户端连接,但某些情况,不能直接通过SSH连接,putty就无法使用了。<br>最近试用了一下GateOne,这是一个Web方式的SSH,安装设置好后,就可以通过Web页面来访问VPS了,试用下来,还是挺好用的。</p>
<p>GateOne是开源的,在GitHub上的地址:<a href="https://github.com/liftoff/GateOne" target="_blank" rel="external">https://github.com/liftoff/GateOne</a><br>官方的介绍:<a href="http://liftoff.github.io/GateOne/" target="_blank" rel="external">http://liftoff.github.io/GateOne/</a></p>
<h2 id="安装"><a href="#安装" class="headerlink" title="安装"></a>安装</h2><p>GateOne是用Python基于tornado框架开发的,要安装GateOne,需要先安装python、pip、tornado。<br>python、pip的安装略过,tornado可以用如下命令安装:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># pip install tornado</span></span><br></pre></td></tr></table></figure></p>
<p>找一个目录,从GitHub下载GateOne的代码并安装(需要root权限):<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># git clone git://github.com/liftoff/GateOne</span></span><br><span class="line"><span class="comment"># cd GateOne/</span></span><br><span class="line"><span class="comment"># python setup.py install</span></span><br></pre></td></tr></table></figure></p>
<h2 id="启动"><a href="#启动" class="headerlink" title="启动"></a>启动</h2><p>安装完成后,直接执行如下命令就能启动GateOne(如果有Nginx、Apache等web服务器占用了443端口,需要先停止):<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># gateone</span></span><br></pre></td></tr></table></figure></p>
<p>如果要以后台方式启动,可以用如下命令:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># service gateone start</span></span><br></pre></td></tr></table></figure></p>
<p>执行后,在浏览器输入<code>https://<VPS IP></code> 就能使用了。</p>
<h2 id="配合Nginx的设置"><a href="#配合Nginx的设置" class="headerlink" title="配合Nginx的设置"></a>配合Nginx的设置</h2><p>虽然GateOne并不需要设置就能用,但其自带的SSL证书是无效的,访问时会提示网站不可信,同时,可能也不希望其独占443端口,这时可以配合Nginx来使用。</p>
<p>先修改GateOne的配置文件:<code>/etc/gateone/conf.d/10server.conf</code><br>找到以下几项内容:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">"address": "127.0.0.1", </span><br><span class="line">"disable_ssl": true,</span><br><span class="line">"port": 54321,</span><br><span class="line">"url_prefix": "/gateone/",</span><br></pre></td></tr></table></figure></p>
<p>address改为”127.0.0.1”,这样外网不能直接访问GateOne,只能通过Nginx转发<br>disable_ssl设为True,表示不用GateOne自带的证书<br>port改为一个未占用的端口,要和Nginx设置一致<br>url_prefix改为”/gateone/“,要和Nginx设置一致</p>
<p>修改Nginx的设置文件,如<code>/etc/nginx/sites-enabled/default</code>,设置示例如下:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br></pre></td><td class="code"><pre><span class="line">server {</span><br><span class="line"> listen 443 ssl;</span><br><span class="line"> server_name <domain>;</span><br><span class="line"> </span><br><span class="line"> ssl on;</span><br><span class="line"> ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;</span><br><span class="line"> ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem; </span><br><span class="line"></span><br><span class="line"> # GateOne</span><br><span class="line"> location /gateone/ {</span><br><span class="line"> proxy_pass http://127.0.0.1:54321;</span><br><span class="line"></span><br><span class="line"> proxy_redirect off;</span><br><span class="line"> proxy_pass_header Server;</span><br><span class="line"> proxy_set_header Host $http_host;</span><br><span class="line"> proxy_set_header X-Real-IP $http_address;</span><br><span class="line"> proxy_set_header X-Scheme $scheme;</span><br><span class="line"></span><br><span class="line"> proxy_http_version 1.1;</span><br><span class="line"> proxy_set_header Upgrade $http_upgrade;</span><br><span class="line"> proxy_set_header Connection "upgrade";</span><br><span class="line"> }</span><br></pre></td></tr></table></figure></p>
<p>其中的location和proxy_pass中的端口,要和GateOne中的设置一致。</p>
<p>设置好后,重启Nginx和GateOne,然后在浏览器输入<code>https://<Domain>/gateone/</code> 就能使用了。</p>
<h2 id="使用"><a href="#使用" class="headerlink" title="使用"></a>使用</h2><p>GateOne用起来很方便,基本试试就会了,功能也比较强大,一个页面还可以最多开4个窗口,另外,还支持直接查看图片、pdf等文件,这点比putty还方便。</p>
</div>
<div>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/07/07/ubuntu-install-letsencrypt/" itemprop="url">
Ubuntu 安装 Let's Encrypt 获取免费证书
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-07-07T12:41:11+08:00" content="2016-07-07">
2016-07-07
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<p>以前给自己的网站申请免费证书,要去<a href="https://www.startssl.com/" target="_blank" rel="external">StartSSL</a>这里申请,申请的步骤相对比较繁琐,证书到期前还要记得到网站去更新。</p>
<p>最近发现了一个开源的工具:Certbot(原来的名字叫Let’s Encrypt),安装以后申请证书相当的方便,证书到期前还能用定时任务自动更新,申请到的证书也能被各大主流浏览器接受。<br>Certbot的介绍:<a href="https://letsencrypt.org/" target="_blank" rel="external">https://letsencrypt.org/</a><br>在GitHub上的开源项目地址:<a href="https://github.com/certbot/certbot" target="_blank" rel="external">https://github.com/certbot/certbot</a></p>
<p>下面以Ubuntu 16.04为例,简要介绍如何安装和使用这个工具。</p>
<h2 id="安装"><a href="#安装" class="headerlink" title="安装"></a>安装</h2><p>在 Ubuntu 16.04 下,安装非常的容易,执行以下一条命令即可:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># apt-get install letsencrypt</span></span><br></pre></td></tr></table></figure></p>
<h2 id="获取证书"><a href="#获取证书" class="headerlink" title="获取证书"></a>获取证书</h2><p>首先要有至少一个域名并指向安装工具的服务器,Certbot在获取证书时会使用80端口来验证域名,所以要先停止Apache、Nginx等web服务器,然后执行以下命令:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># letsencrypt certonly</span></span><br></pre></td></tr></table></figure></p>
<p>然后会出现一个交互的窗口,总共3步:<br>首先输入一个email地址,用于接收紧急通知和恢复。<br>第二步选择同意他们的服务条款。<br>第三步输入要申请的域名,如果有多个域名可以一起申请,多个域名以逗号或空格分开,目前还不支持通配的域名证书。</p>
<p>顺利的话,会看到以下信息:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br></pre></td><td class="code"><pre><span class="line">IMPORTANT NOTES:</span><br><span class="line"> - If you lose your account credentials, you can recover through</span><br><span class="line"> e-mails sent to <email address>.</span><br><span class="line"> - Congratulations! Your certificate and chain have been saved at</span><br><span class="line"> /etc/letsencrypt/live/<domain>/fullchain.pem. Your cert will expire</span><br><span class="line"> on 2016-10-05. To obtain a new version of the certificate in the</span><br><span class="line"> future, simply run Let's Encrypt again.</span><br><span class="line"> - Your account credentials have been saved in your Let's Encrypt</span><br><span class="line"> configuration directory at /etc/letsencrypt. You should make a</span><br><span class="line"> secure backup of this folder now. This configuration directory will</span><br><span class="line"> also contain certificates and private keys obtained by Let's</span><br><span class="line"> Encrypt so making regular backups of this folder is ideal.</span><br><span class="line"> - If you like Let's Encrypt, please consider supporting our work by:</span><br><span class="line"></span><br><span class="line"> Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate</span><br><span class="line"> Donating to EFF: https://eff.org/donate-le</span><br></pre></td></tr></table></figure></p>
<p>这样就表示申请成功了,申请的域名保存在<code>/etc/letsencrypt/live/<domain></code>目录下(<code><domain></code>是申请时输入的第一个域名),目录下有4个文件:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># ls /etc/letsencrypt/live/<domain>/</span></span><br><span class="line">cert.pem chain.pem fullchain.pem privkey.pem</span><br></pre></td></tr></table></figure></p>
<p>其中<code>fullchain.pem</code>为证书文件,<code>privkey.pem</code>为证书的私钥。</p>
<h2 id="使用申请的证书"><a href="#使用申请的证书" class="headerlink" title="使用申请的证书"></a>使用申请的证书</h2><p>以Nginx为例,把证书配置到Nginx的配置文件即可,如以下:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line">server {</span><br><span class="line"> listen 443 ssl;</span><br><span class="line"> server_name <domain>;</span><br><span class="line"> </span><br><span class="line"> # SSL证书的设置</span><br><span class="line"> ssl on;</span><br><span class="line"> ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;</span><br><span class="line"> ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;</span><br><span class="line"> </span><br><span class="line"> ...</span><br><span class="line">}</span><br></pre></td></tr></table></figure></p>
<p>配置后,重启Nginx,然后就可以通过<code>https://<domain></code>来访问了。</p>
<h2 id="更新证书"><a href="#更新证书" class="headerlink" title="更新证书"></a>更新证书</h2><p>Certbot申请的证书,有效期只有90天,到期前需要更新证书,可以用如下命令来测试一下更新证书,更新前,也需要先暂停Nginx,更新成功后,再重启Nginx:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># letsencrypt renew --dry-run --agree-tos</span></span><br></pre></td></tr></table></figure></p>
<p>其中<code>--dry-run</code>表示这是一个测试,并不真正更新,如果成功则表示可以更新证书,正式更新时把这个选项去掉即可。</p>
<p>看到如下信息就表示更新成功了:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">Congratulations, all renewals succeeded. The following certs have been renewed:</span><br><span class="line"> /etc/letsencrypt/live/<domain>/fullchain.pem (success)</span><br></pre></td></tr></table></figure></p>
<h2 id="自动更新证书"><a href="#自动更新证书" class="headerlink" title="自动更新证书"></a>自动更新证书</h2><p>可以写一个脚本,将停止Nginx、更新证书、重启Nginx这三步写入脚本,由系统定时自动调用,实现证书的自动更新。</p>
<p>比如在<code>/usr/bin/</code>创建一个脚本<code>cb-renew.sh</code>,脚本内容可以参考如下:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">#!/bin/sh</span><br><span class="line">systemctl stop nginx</span><br><span class="line">letsencrypt renew --agree-tos</span><br><span class="line">systemctl start nginx</span><br></pre></td></tr></table></figure></p>
<p>保存后,设置脚本为可执行:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># chmod +x /usr/bin/cb-renew.sh</span></span><br></pre></td></tr></table></figure></p>
<p>在<code>/etc/crontab</code>文件最后增加一行,如下表示每2个月1号的2点30分,以root用户自动执行更新脚本:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">30 2 1 */2 * root /usr/bin/cb-renew.sh</span><br></pre></td></tr></table></figure></p>
<p>重启系统cron进程:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># systemctl restart cron</span></span><br></pre></td></tr></table></figure></p>
<h2 id="其他Linux和Webserver的安装使用方法"><a href="#其他Linux和Webserver的安装使用方法" class="headerlink" title="其他Linux和Webserver的安装使用方法"></a>其他Linux和Webserver的安装使用方法</h2><p>Certbot目前还是Beta版本,不同的Linux版本,安装使用方法不太一样,其他情况可以访问:<a href="https://certbot.eff.org/" target="_blank" rel="external">https://certbot.eff.org/</a>,选择自己的Webserver和操作系统来了解安装使用方法。</p>
</div>
<div>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/07/03/201606-cost-effective-vps/" itemprop="url">
性价比较高的VPS(201606)
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-07-03T09:32:14+08:00" content="2016-07-03">
2016-07-03
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<p>原来用的VPS是在搬瓦工特价时申请的,只有128m内存,4G硬盘,虽然用来爬墙是足够了,但如果要折腾点别的,就觉得还是小了点,所以一直想着再申请个大一点的。正好最近也有两个朋友问我关于VPS的事,就去了解了一下。</p>
<h2 id="搬瓦工-BandwagonHost"><a href="#搬瓦工-BandwagonHost" class="headerlink" title="搬瓦工 (BandwagonHost)"></a>搬瓦工 (BandwagonHost)</h2><p><a href="https://bandwagonhost.com/" title="Link to BandwagonHost" target="_blank" rel="external">搬瓦工</a> 是我申请第一个VPS的地方,当时特价的时候很便宜,我的128m内存的,一年只需要6刀,而且一直很稳定,没出过啥问题。不过现在特价的没有了,最便宜的要20刀一年,而且这个20刀的只有256m内存,要知道当年特价的时候,512m的也只要10刀。</p>
<p>虽然价钱贵了,不过搬瓦工仍然是值得推荐的,一是他的服务一直比较稳定,算是一个比较老牌可靠的VPS提供商,二是他们的管理面板上可以一键安装Shadowsocks,对于国内买VPS用来爬墙的算是个很贴心的服务。</p>
<p>目前两款比较低配的OpenVZ的VPS参数如下:</p>
<table>
<thead>
<tr>
<th style="text-align:left">10G VPS</th>
<th style="text-align:left">20G VPS</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:left">价格: $19.99/年</td>
<td style="text-align:left">价格: $49.99/年</td>
</tr>
<tr>
<td style="text-align:left">硬盘: 10 GB SSD</td>
<td style="text-align:left">硬盘: 20 GB SSD</td>
</tr>
<tr>
<td style="text-align:left">内存: 256 MB</td>
<td style="text-align:left">内存: 512 MB </td>
</tr>
<tr>
<td style="text-align:left">CPU: 1x Intel Xeon</td>
<td style="text-align:left">CPU: 2x Intel Xeon</td>
</tr>
<tr>
<td style="text-align:left">带宽: 500 GB/月</td>
<td style="text-align:left">带宽: 1 TB/月 </td>
</tr>
<tr>
<td style="text-align:left"><a href="https://bandwagonhost.com/aff.php?aff=1322&pid=12" target="_blank" rel="external">购买链接</a></td>
<td style="text-align:left"><a href="https://bandwagonhost.com/aff.php?aff=1322&pid=13" target="_blank" rel="external">购买链接</a></td>
</tr>
</tbody>
</table>
<p>点击购买链接后,默认是月付的,要年付,需要在 Billing Cycle 中改为 “$x9.99 USD Annually”。<br>搬瓦工现在有5个机房可选,美国的洛杉矶、费利蒙、凤凰城、佛罗里达和荷兰的阿姆斯特丹,购买后也可以在5个机房之间随意转移VPS,还支持支付宝付款。</p>
<h2 id="HostUs"><a href="#HostUs" class="headerlink" title="HostUs"></a>HostUs</h2><p><a href="https://hostus.us/" title="Link to HostUs" target="_blank" rel="external">HostUs</a> 据说也是一个开了挺多年的VPS提供商,低价的VPS内存和流量都挺大的,而且在亚洲的香港和新加坡也有机房。</p>
<p>在HostUs购买VPS需要注意一点:注册时的IP、填的地址和电话,都要一致,如果翻墙注册时填国内的地址电话,很容易被认为是欺诈而取消掉。</p>
<p>个人觉得以下几个OpenVZ架构的VPS性价比不错:</p>
<table>
<thead>
<tr>
<th style="text-align:left">768MB</th>
<th style="text-align:left">2 GB</th>
<th style="text-align:left">亚太 256MB</th>
<th style="text-align:left">亚太 512MB</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:left">价格: $15/年</td>
<td style="text-align:left">价格: $35/年</td>
<td style="text-align:left">价格: $25/年</td>
<td style="text-align:left">价格: $35/年</td>
</tr>
<tr>
<td style="text-align:left">内存: 768 MB</td>
<td style="text-align:left">内存: 2 GB</td>
<td style="text-align:left">内存: 256 MB</td>
<td style="text-align:left">内存: 512 MB</td>
</tr>
<tr>
<td style="text-align:left">vSwap: 768 MB</td>
<td style="text-align:left">vSwap: 2 GB</td>
<td style="text-align:left">vSwap: 256 MB</td>
<td style="text-align:left">vSwap: 512 MB</td>
</tr>
<tr>
<td style="text-align:left">硬盘: 20 GB</td>
<td style="text-align:left">硬盘: 75 GB</td>
<td style="text-align:left">硬盘: 10 GB SSD</td>
<td style="text-align:left">硬盘: 15 GB SSD</td>
</tr>
<tr>
<td style="text-align:left">CPU: 1x</td>
<td style="text-align:left">CPU: 4x</td>
<td style="text-align:left">CPU: 1x</td>
<td style="text-align:left">CPU: 1x</td>
</tr>
<tr>
<td style="text-align:left">带宽: 2 TB/月</td>
<td style="text-align:left">带宽: 2 TB/月</td>
<td style="text-align:left">带宽: 500 GB/月</td>
<td style="text-align:left">带宽: 750 GB/月</td>
</tr>
<tr>
<td style="text-align:left">机房:美国洛杉矶、亚特兰大、达拉斯、华盛顿和英国伦敦</td>
<td style="text-align:left">机房:美国洛杉矶、亚特兰大、达拉斯、华盛顿和英国伦敦</td>
<td style="text-align:left">机房:香港、新加坡</td>
<td style="text-align:left">机房:香港、新加坡</td>
</tr>
<tr>
<td style="text-align:left"><a href="https://my.hostus.us/aff.php?aff=1361&pid=103" target="_blank" rel="external">购买链接</a></td>
<td style="text-align:left"><a href="https://my.hostus.us/aff.php?aff=1361&pid=142" target="_blank" rel="external">购买链接</a></td>
<td style="text-align:left"><a href="https://my.hostus.us/aff.php?aff=1361&pid=183" target="_blank" rel="external">购买链接</a></td>
<td style="text-align:left"><a href="https://my.hostus.us/aff.php?aff=1361&pid=179" target="_blank" rel="external">购买链接</a></td>
<td></td>
</tr>
</tbody>
</table>
<p>上面的几个都是OpenVZ架构的,如果需要KVM架构的,可以考虑下面两个:</p>
<table>
<thead>
<tr>
<th style="text-align:left">KVM-0.5</th>
<th style="text-align:left">KVM-1</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:left">价格: $4.35/月</td>
<td style="text-align:left">价格: $7.95/月</td>
</tr>
<tr>
<td style="text-align:left">内存: 512 MB</td>
<td style="text-align:left">内存: 1 GB </td>
</tr>
<tr>
<td style="text-align:left">硬盘: 15 GB SSD</td>
<td style="text-align:left">硬盘: 30 GB SSD</td>
</tr>
<tr>
<td style="text-align:left">带宽: 750 GB/月</td>
<td style="text-align:left">带宽: 1 TB/月 </td>
</tr>
<tr>
<td style="text-align:left">机房:美国洛杉矶、亚特兰大、华盛顿</td>
<td style="text-align:left">机房:美国洛杉矶、亚特兰大、华盛顿</td>
</tr>
<tr>
<td style="text-align:left"><a href="https://my.hostus.us/aff.php?aff=1361&pid=307" target="_blank" rel="external">购买链接</a></td>
<td style="text-align:left"><a href="https://my.hostus.us/aff.php?aff=1361&pid=308" target="_blank" rel="external">购买链接</a></td>
</tr>
</tbody>
</table>
<h2 id="Hostodo"><a href="#Hostodo" class="headerlink" title="Hostodo"></a>Hostodo</h2><p><a href="https://hostodo.com/" target="_blank" rel="external">Hostodo</a> 据说是一家2014年才开的VPS提供商,用的人似乎还不多,低价的VPS硬盘和流量比较大,似乎用来做个人网盘挺好的,不过因为开的时间还不够长,稳定性未知,如果做网盘建议做好备份。</p>
<p>个人觉得以下几个OpenVZ的VPS性价比不错:</p>
<table>
<thead>
<tr>
<th style="text-align:left">VZ-256</th>
<th style="text-align:left">VZ-512</th>
<th style="text-align:left">VZ-1000</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:left">价格: $10/年</td>
<td style="text-align:left">价格: $12/年</td>
<td style="text-align:left">价格: $18/年</td>
</tr>
<tr>
<td style="text-align:left">内存: 256 MB</td>
<td style="text-align:left">内存: 512 MB</td>
<td style="text-align:left">内存: 1 GB</td>
</tr>
<tr>
<td style="text-align:left">vSwap: 256 MB</td>
<td style="text-align:left">vSwap: 512 MB</td>
<td style="text-align:left">vSwap: 1 GB</td>
</tr>
<tr>
<td style="text-align:left">硬盘: 40 GB</td>
<td style="text-align:left">硬盘: 55 GB</td>
<td style="text-align:left">硬盘: 90 GB</td>
</tr>
<tr>
<td style="text-align:left">带宽: 1 TB/月</td>
<td style="text-align:left">带宽: 2 TB/月</td>
<td style="text-align:left">带宽: 3 TB/月</td>
</tr>
<tr>
<td style="text-align:left">优惠码: 无</td>
<td style="text-align:left">优惠码: LETYRLYSPECIAL512M</td>
<td style="text-align:left">优惠码: LowEnd1G</td>
</tr>
<tr>
<td style="text-align:left">购买链接:<br><a href="http://hostodo.com/portal/aff.php?aff=162&pid=12" target="_blank" rel="external">洛杉矶</a>,<a href="http://hostodo.com/portal/aff.php?aff=162&pid=42" target="_blank" rel="external">迈阿密</a>,<a href="http://hostodo.com/portal/aff.php?aff=162&pid=89" target="_blank" rel="external">达拉斯</a></td>
<td style="text-align:left">购买链接:<br><a href="http://hostodo.com/portal/aff.php?aff=162&pid=13" target="_blank" rel="external">洛杉矶</a>,<a href="http://hostodo.com/portal/aff.php?aff=162&pid=43" target="_blank" rel="external">迈阿密</a>,<a href="http://hostodo.com/portal/aff.php?aff=162&pid=90" target="_blank" rel="external">达拉斯</a></td>
<td style="text-align:left">购买链接:<br><a href="http://hostodo.com/portal/aff.php?aff=162&pid=14" target="_blank" rel="external">洛杉矶</a>,<a href="http://hostodo.com/portal/aff.php?aff=162&pid=44" target="_blank" rel="external">迈阿密</a>,<a href="http://hostodo.com/portal/aff.php?aff=162&pid=91" target="_blank" rel="external">达拉斯</a> </td>
</tr>
</tbody>
</table>
<p>注意VZ-512和VZ-1000都要优惠码,直接点链接默认是月付的,在 Billing Cycle 选择年付后默认的价格分别是$25/年和$45/年,要点击Continue后,找到“Have a promotion code? Click here to add it”,点击输入上面的优惠码才会变成$12/年和$18/年。</p>
<p>Hostodo还有个卖点,就是号称可以提供亚洲优化IP,见<a href="http://hostodo.com/portal/announcements/13/Asia-Optimized-IPs-Available.html" target="_blank" rel="external">官方公告</a>,如果有需求,可以发Ticket或邮件给他们申请。不过用网上看到的测试IP来测试Ping值,速度的提升有限,比原IP稍好一点,不能和香港、日本等亚洲机房比。</p>
</div>
<div>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/06/25/set-http-to-remote-git/" itemprop="url">
通过http(s)协议访问自建的Git远程仓库
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-06-25T12:35:51+08:00" content="2016-06-25">
2016-06-25
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<p>上一篇<a href="/2016/06/14/git-create-remote-server/">Git自建远程仓库</a>,里面创建的远程库,是通过SSH协议来连接的,除了SSH协议,Git还支持通过http(s)协议或Git协议来访问远程库,配置也不太复杂。</p>
<h2 id="Http协议"><a href="#Http协议" class="headerlink" title="Http协议"></a>Http协议</h2><p>以Ubuntu为例,可以通过Nginx来配置http(s)访问Git远程库,系统需要先安装了Nginx,如果没有安装,可以用以下命令安装:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># apt-get install nginx</span></span><br></pre></td></tr></table></figure></p>
<p>假设仓库放在/home/git目录下,在此目录下创建一个新的裸仓库,库名称为sample.git:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># git init --bare sample.git</span></span><br></pre></td></tr></table></figure></p>
<p>修改新建的库的权限,让所有人均可修改,因为通过http访问时,默认用户是<code>www-data</code>,不改权限会不能push。<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># chmod -R a+w sample.git</span></span><br></pre></td></tr></table></figure></p>
<p>可以让Nginx来管理访问时的用户鉴权,用以下命令增加一个git用户并按提示设置密码,可以创建多个用户。<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># htpasswd [-c] /etc/nginx/passwd git</span></span><br></pre></td></tr></table></figure></p>
<p>如果提示没有<code>htpasswd</code>命令,需要先安装apache2-utils包:<code>apt-get install apache2-utils</code>。<br><code>/etc/nginx/passwd</code>为用户名和密码文件,<code>-c</code> 参数表示创建一个新的密码文件,原来没有这个文件时必须要带,已经存在这个文件了就不要带<code>-c</code>参数了。</p>
<p>接着安装<code>fcgiwrap</code>包<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># apt-get install fcgiwrap</span></span><br></pre></td></tr></table></figure></p>
<p>修改Nginx的配置文件,增加如下内容:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br></pre></td><td class="code"><pre><span class="line"># 配置以 /git 开始的虚拟目录</span><br><span class="line">location ~ /git(/.*) {</span><br><span class="line"> # 使用 Basic 认证</span><br><span class="line"> auth_basic "Restricted";</span><br><span class="line"> # 认证的用户文件</span><br><span class="line"> auth_basic_user_file /etc/nginx/passwd;</span><br><span class="line"> </span><br><span class="line"> # FastCGI 参数</span><br><span class="line"> fastcgi_pass unix:/var/run/fcgiwrap.socket;</span><br><span class="line"> fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;</span><br><span class="line"> fastcgi_param GIT_HTTP_EXPORT_ALL "";</span><br><span class="line"> # git 库在服务器上的根目录</span><br><span class="line"> fastcgi_param GIT_PROJECT_ROOT /home/git;</span><br><span class="line"> fastcgi_param PATH_INFO $1;</span><br><span class="line"> # 将认证用户信息传递给 fastcgi 程序</span><br><span class="line"> fastcgi_param REMOTE_USER $remote_user;</span><br><span class="line"> # 包涵默认的 fastcgi 参数;</span><br><span class="line"> include fastcgi_params;</span><br><span class="line"> # 将允许客户端 post 的最大值调整为 100 兆</span><br><span class="line"> client_max_body_size 100M;</span><br><span class="line">}</span><br></pre></td></tr></table></figure></p>
<p>重启nginx后,在其他机器就可以用http协议访问远程库了,如:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ git <span class="built_in">clone</span> http://<ip or domainname>/git/sample.git</span><br></pre></td></tr></table></figure></p>
<p>系统会出现对话框,提示输入用户名和密码,输入上面用<code>htpasswd</code>命令创建的用户名和密码即可。</p>
<h2 id="Git协议"><a href="#Git协议" class="headerlink" title="Git协议"></a>Git协议</h2><p>顺便介绍下Git协议,这是git专用的一个协议,访问远程库的速度最快,但Git协议缺少用户的鉴权,所以一般只用于下载,默认情况下,通过Git协议不能push代码。<br>git安装后,已经支持通过Git协议,但需要在仓库的目录下增加一个空文件<code>git-daemon-export-ok</code>:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># touch /home/git/sample.git/git-daemon-export-ok</span></span><br></pre></td></tr></table></figure></p>
<p>加了这个文件,表示这个仓库支持通过Git协议访问。</p>
<p>用如下命令启动Git协议的守护进程,默认会监听在9418端口。<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># git daemon --reuseaddr --base-path=/home/git/ /home/git/</span></span><br></pre></td></tr></table></figure></p>
<p>然后其他机器就能通过Git协议访问这个远程库了:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ git <span class="built_in">clone</span> git://<ip or domainname>/sample.git</span><br></pre></td></tr></table></figure></p>
</div>
<div>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/06/14/git-create-remote-server/" itemprop="url">
Git自建远程仓库
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-06-14T10:34:23+08:00" content="2016-06-14">
2016-06-14
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<p>用Git做代码控制时,除了放在GitHub这类公开的远程仓库,还可以很方便的自己建个远程仓库玩。</p>
<h2 id="准备"><a href="#准备" class="headerlink" title="准备"></a>准备</h2><p>找一台Linux机器,以Ubuntu为例,先添加一个git用户,供其他电脑访问远程库:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ sudo adduser git</span><br></pre></td></tr></table></figure></p>
<p>如果是个人使用或小范围团队使用,通过SSH来访问会比较简单,收集所有需要访问的用户的ssh pub key,写入 <code>/home/git/.ssh/authorized_keys</code>,一行一条。</p>
<p>为了安全,也可以限制 git 用户登录 shell,编辑 <code>/etc/passwd</code>,找到以下内容:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">git:x:1001:1001:,,,:/home/git:/bin/bash</span><br></pre></td></tr></table></figure></p>
<p>把 <code>/bin/bash</code> 修改为 <code>/usr/bin/git-shell</code><br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">git:x:1001:1001:,,,:/home/git:/usr/bin/git-shell</span><br></pre></td></tr></table></figure></p>
<p>git-shell一登录就会立即退出。</p>
<h2 id="新建远程仓库"><a href="#新建远程仓库" class="headerlink" title="新建远程仓库"></a>新建远程仓库</h2><p>远程仓库通常只需要做版本控制,不需要在上面直接修改提交代码,因此可以创建一个裸仓库,裸仓库没有工作区。<br>找一个放仓库的目录,如 <code>/home/git</code>,在这个目录下执行以下命令:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ sudo git init --bare sample.git</span><br></pre></td></tr></table></figure></p>
<p>sample可以根据实际修改为自己想要的名称,git远程仓库往往以<code>.git</code>为后缀,上面的命令会建立一个空的仓库,目录名为sample.git。</p>
<p>把目录的所有者改为git<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ sudo chown -R git:git sample.git</span><br></pre></td></tr></table></figure></p>
<p>至此远程仓库就建好了,在其他电脑,可以直接clone这个仓库:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ git <span class="built_in">clone</span> git@<remote server ip>:/home/git/sample</span><br></pre></td></tr></table></figure></p>
<h2 id="一个本地库关联多个远程库"><a href="#一个本地库关联多个远程库" class="headerlink" title="一个本地库关联多个远程库"></a>一个本地库关联多个远程库</h2><p>公司正式项目的远程仓库需要做每日构建,对提交的代码有一定的要求,必须要功能完备没有编译错误才能提交,同时还限制了在远程仓库上创建分支。如果有个功能需要多人来协作开发,就可以用多个远程库的方式,在功能还未开发完时在团队内同步代码。<br>自建的远程库可以克隆自项目原来的库,如执行以下命令:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ git <span class="built_in">clone</span> --bare -b <branch> --depth 1 <project url> [<<span class="built_in">local</span> dir>]</span><br></pre></td></tr></table></figure></p>
<p>和上面新建一样,<code>--bare</code>表示这是一个没有工作区的裸仓库。<br>如果项目库有多个分支,<code>-b <branch></code> 表示只克隆某个分支,不需要将全库克隆下来。<br><code>--depth 1</code> 表示是浅克隆,只克隆最新的变更记录,其他不克隆。<br><code><project url></code> 是项目远程仓库的地址,<code><local dir></code> 为本地目录,可选。</p>
<p>克隆后,同样把所有者改为git用户<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ sudo chown -R git:git <<span class="built_in">local</span> dir></span><br></pre></td></tr></table></figure></p>
<p>团队成员,在自己机器的本地库上,添加新的远程库:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ git remote add origin2 git@<team server ip>:/home/git/sample</span><br></pre></td></tr></table></figure></p>
<p>远程库的名称默认是origin,为了和原有的远程库区分开,这里把新增的远程库命名为origin2</p>
<p>添加后,这个本地库就关联了2个远程库,代码可以先提交到团队自己的远程库,其他人就能通过拉取这个远程仓库及时获取他人的开发内容,待功能全部完成后再一次性提交到项目正式的远程库。<br>从新建的远程库拉取和提交修改:<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">$ git pull origin2 master</span><br><span class="line">$ git push origin2 master</span><br></pre></td></tr></table></figure></p>
</div>
<div>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/06/09/nginx-reverse-proxy-google/" itemprop="url">
利用Nginx反向代理谷歌
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-06-09T11:23:56+08:00" content="2016-06-09">
2016-06-09
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">