blob: 77e337ddf443c7854a589b59081f0d725b03acbd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
---
title: "Cheat Sheet"
date: 2025-04-01T23:09:53+08:00
lastmod: 2025-04-01T23:09:53+08:00
---
## GRUB
Update GRUB after `grub` package is updated. Replace `/boot` with your mount
point of the EFI partition in `--efi-directory=/boot`. Replace `GRUB` with your
bootloader id in `--bootloader-id=GRUB`.
```bash-session
# grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
# grub-mkconfig -o /boot/grub/grub.cfg
```
## (Private) My Service Infrastructure Management
All commands should be run at the project root path.
### Install Deno
Script from <https://docs.deno.com/runtime/getting_started/installation/>
```bash-session
$ curl -fsSL https://deno.land/install.sh | sh
```
### Add Git Server User / Set Password
```bash-session
$ docker run -it --rm -v "./data/git/user-info:/user-info" httpd htpasswd /user-info [username]
```
### Certbot
A complete command is `[prefix] [docker (based on challenge kind)] [command] [challenge] [domains] [test] [misc]`
| part | for | segment |
| --- | --- | --- |
| prefix | * | `docker run -it --rm --name certbot -v "./data/certbot/certs:/etc/letsencrypt" -v "./data/certbot/data:/var/lib/letsencrypt"` |
| docker | challenge standalone | `-p "0.0.0.0:80:80"` |
| docker | challenge nginx | `-v "./data/certbot/webroot:/var/www/certbot"` |
| command | create/expand/shrink | `certonly` |
| command | renew | `renew` |
| challenge | standalone | `--standalone` |
| challenge | nginx | `--webroot -w /var/www/certbot` |
| domains | * | `[-d [domain]]...` |
| test | * | `--test-cert --dry-run` |
| misc | agree tos | `--agree-tos` |
| misc | cert name | `--cert-name [name]` |
| misc | email | `--email [email]` |
For example, **test** create/expand/shrink with standalone server:
```bash-session
# docker run -it --rm --name certbot \
> -v "./data/certbot/certs:/etc/letsencrypt" -v "./data/certbot/data:/var/lib/letsencrypt"` \
> -p "0.0.0.0:80:80" \
> certonly \
> --standalone \
> -d crupest.life -d mail.crupest.life \
> --test-cert --dry-run
```
## System Setup
### Debian setup
#### Setup SSL Certificates and Curl
```bash-session
# apt-get update
# apt-get install ca-certificates curl
# install -m 0755 -d /etc/apt/keyrings
```
### Docker Setup
#### Uninstall Packages Provided by Stock Repo
```bash-session
# for pkg in docker.io docker-doc docker-compose \
> podman-docker containerd runc; do
> apt-get remove $pkg;
> done
```
#### Install Certs From Docker
Remember to [setup ssl and curl](#setup-ssl-certificates-and-curl) first.
```bash-session
# curl -fsSL https://download.docker.com/linux/debian/gpg \
> -o /etc/apt/keyrings/docker.asc
# chmod a+r /etc/apt/keyrings/docker.asc
```
#### Add Docker Repos
```bash-session
# echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
> https://download.docker.com/linux/debian \
> $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
> tee /etc/apt/sources.list.d/docker.list > /dev/null
```
#### Install Docker Packages
```bash-session
# apt-get update
# apt-get install docker-ce docker-ce-cli containerd.io \
> docker-buildx-plugin docker-compose-plugin
```
#### Start And Enable Docker
Remember to log out and log back to let user group change take effects.
```bash-session
# systemctl enable docker
# systemctl start docker
# groupadd -f docker
# usermod -aG docker $USER
```
### Font Config
```xml
<?xml version="1.0"?>
<!DOCTYPE fontconfig SYSTEM "urn:fontconfig:fonts.dtd">
<fontconfig>
<alias>
<family>sans-serif</family>
<prefer>
<family>MiSans</family>
<family>Noto Color Emoji</family>
</prefer>
</alias>
<alias>
<family>serif</family>
<prefer>
<family>MiSans</family>
<family>Noto Color Emoji</family>
</prefer>
</alias>
<alias>
<family>Maple Mono</family>
<prefer>
<family>Maple Mono NF</family>
<family>Maple Mono</family>
</prefer>
</alias>
<alias>
<family>Noto Sans</family>
<prefer>
<family>Noto Sans</family>
<family>Noto Sans CJK SC</family>
</prefer>
</alias>
<alias>
<family>Noto Serif</family>
<prefer>
<family>Noto Serif</family>
<family>Noto Serif CJK SC</family>
</prefer>
</alias>
</fontconfig>
```
|
