blob: 9f90f08dfbc09c89ae39acf165305f5d17a08b67 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
---
title: "Cheat Sheet"
date: 2025-04-01T23:09:53+08:00
lastmod: 2025-06-12T01:09:39+08:00
---
goto: [Hurd Cheat Sheet (in a separated page)](/notes/hurd/cheat-sheet)
{class="mono"}
## GRUB
Update GRUB after `grub` package is updated. Replace `/boot` with your mount
point of the EFI partition in `--efi-directory=/boot`. Replace `GRUB` with your
bootloader id in `--bootloader-id=GRUB`.
```sh
grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg
```
## (Private) My Service Infrastructure Management
All commands should be run at the project root path.
### Install Deno
Script from <https://docs.deno.com/runtime/getting_started/installation/>
```sh
curl -fsSL https://deno.land/install.sh | sh
```
### Add Git Server User / Set Password
```sh
docker run -it --rm -v "./data/git/user-info:/user-info" httpd htpasswd /user-info [username]
```
### Certbot
A complete command is `[prefix] [docker (based on challenge kind)] [command] [challenge] [domains] [test] [misc]`
| part | for | segment |
| --- | --- | --- |
| prefix | * | `docker run -it --rm --name certbot -v "./data/certbot/certs:/etc/letsencrypt" -v "./data/certbot/data:/var/lib/letsencrypt"` |
| docker | challenge standalone | `-p "0.0.0.0:80:80"` |
| docker | challenge nginx | `-v "./data/certbot/webroot:/var/www/certbot"` |
| command | create/expand/shrink | `certonly` |
| command | renew | `renew` |
| challenge | standalone | `--standalone` |
| challenge | nginx | `--webroot -w /var/www/certbot` |
| domains | * | `[-d [domain]]...` |
| test | * | `--test-cert --dry-run` |
| misc | agree tos | `--agree-tos` |
| misc | cert name | `--cert-name [name]` |
| misc | email | `--email [email]` |
For example, **test** create/expand/shrink with standalone server:
```sh
docker run -it --rm --name certbot \
-v "./data/certbot/certs:/etc/letsencrypt" -v "./data/certbot/data:/var/lib/letsencrypt"` \
-p "0.0.0.0:80:80" \
certonly \
--standalone \
-d crupest.life -d mail.crupest.life \
--test-cert --dry-run
```
## System Setup
### Debian setup
#### Setup SSL Certificates and Curl
```sh
apt-get update
apt-get install ca-certificates curl
install -m 0755 -d /etc/apt/keyrings
```
### Docker Setup
#### Uninstall Packages Provided by Stock Repo
```bash
for pkg in docker.io docker-doc docker-compose \
podman-docker containerd runc; do
apt-get remove $pkg;
done
```
#### Install Certs From Docker
Remember to [setup ssl and curl](#setup-ssl-certificates-and-curl) first.
```sh
curl -fsSL https://download.docker.com/linux/debian/gpg \
-o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
```
#### Add Docker Repos
```bash
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
```
#### Install Docker Packages
```sh
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io \
docker-buildx-plugin docker-compose-plugin
```
#### Start And Enable Docker
Remember to log out and log back to let user group change take effects.
```sh
systemctl enable docker
systemctl start docker
groupadd -f docker
usermod -aG docker $USER
```
|
