blob: aba8e182f1e495e34cb65d76753c331f31dc5a56 (
plain)
| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 | ---
title: "Cheat Sheet"
date: 2025-04-01T23:09:53+08:00
lastmod: 2025-06-12T01:09:39+08:00
---
goto: [Hurd Cheat Sheet (in a separated page)](/notes/hurd/cheat-sheet)
{class="mono"}
## GRUB
Update GRUB after `grub` package is updated. Replace `/boot` with your mount
point of the EFI partition in `--efi-directory=/boot`. Replace `GRUB` with your
bootloader id in `--bootloader-id=GRUB`.
```sh
grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg
```
## (Private) My Service Infrastructure Management
All commands should be run at the project root path.
### Install Deno
Script from <https://docs.deno.com/runtime/getting_started/installation/>
```sh
curl -fsSL https://deno.land/install.sh | sh
```
### Add Git Server User / Set Password
```sh
docker run -it --rm -v "./data/git/user-info:/user-info" httpd htpasswd /user-info [username]
```
### Certbot
A complete command is `[prefix] [docker (based on challenge kind)] [command] [challenge] [domains] [test] [misc]`
| part | for | segment |
| :-: | :-: | --- |
| prefix | * | `docker run -it --rm --name certbot -v "./data/certbot/certs:/etc/letsencrypt" -v "./data/certbot/data:/var/lib/letsencrypt" certbot/certbot` |
| docker | challenge standalone | `-p "0.0.0.0:80:80"` |
| docker | challenge nginx | `-v "./data/certbot/webroot:/var/www/certbot"` |
| command | create/expand/shrink | `certonly` |
| command | renew | `renew` |
| challenge | standalone | `--standalone` |
| challenge | nginx | `--webroot -w /var/www/certbot` |
| domains | * | `[-d [domain]]...` |
| test | * | `--test-cert --dry-run` |
| misc | agree tos | `--agree-tos` |
| misc | cert name | `--cert-name [name]` |
| misc | email | `--email [email]` |
For example, **test** create/expand/shrink with standalone server:
```sh
docker run -it --rm --name certbot \
  -v "./data/certbot/certs:/etc/letsencrypt" \
  -v "./data/certbot/data:/var/lib/letsencrypt" \
  -p "0.0.0.0:80:80" \
  certbot/certbot \
  certonly \
  --standalone \
  --cert-name crupest.life \
  -d crupest.life -d mail.crupest.life -d timeline.crupest.life \
  --test-cert --dry-run
```
## System Setup
### Debian setup
#### Setup SSL Certificates and Curl
```sh
apt-get update
apt-get install ca-certificates curl
install -m 0755 -d /etc/apt/keyrings
```
### Docker Setup
#### Uninstall Packages Provided by Stock Repo
```bash
for pkg in docker.io docker-doc docker-compose \
    podman-docker containerd runc; do
  apt-get remove $pkg;
done
```
#### Install Certs From Docker
Remember to [setup ssl and curl](#setup-ssl-certificates-and-curl) first.
```sh
curl -fsSL https://download.docker.com/linux/debian/gpg \
  -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
```
#### Add Docker Repos
```bash
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
  https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  tee /etc/apt/sources.list.d/docker.list > /dev/null
```
#### Install Docker Packages
```sh
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io \
  docker-buildx-plugin docker-compose-plugin
```
#### Start And Enable Docker
Remember to log out and log back to let user group change take effects.
```sh
systemctl enable docker
systemctl start docker
groupadd -f docker
usermod -aG docker $USER
```
 |