避免 Postfix 出現 IPv6 Error Message

2021-04-06 / Postfix, Ubuntu / ,

Postfix ipv6 error message

mail postfix/sendmail[79951]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol

如何修正

vim /etc/main.cf

#mynetworks = 127.0.0.1 [::1]
mynetworks = 127.0.0.1

wp-cli 安裝與使用

2021-04-06 / Uncategorized / ,

https://wp-cli.org/

curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
php wp-cli.phar --info
chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp

使用

/usr/local/bin/wp --allow-root

範例

#!/bin/sh
# all web directories
target_path="/var/www/j7.lb168.tw"
## 安全緣故,改用 mysql_config_editor
#allow_root="--allow-root"

cron="cron event run --due-now"

# date format for backup file (dd-mm-yyyy)
date="$(date +"%Y.%m.%d-%H-%M")"

# mysql, mysqldump and some other bin's path
WP="/usr/local/bin/wp --allow-root"
CHOWN="$(which chown)"
OWNER="www-data"

cd $target_path
$WP $cron
$CHOWN -R $OWNER:$OWNER $target_path

exit 0;

How to make Windows VM guest recognize and run on more than 2 cores under KVM

2021-04-06 / KVM, Ubuntu / , ,

Windows guests do not recognize all of the available cores under KVM and will usually detect only 2 cores. This happens since KVM exposes the available virtual CPU cores as physical CPUs (sockets). So, if the physical host running KVM has 2 CPUs with 4 cores each (a total of 8 cores), and the guest is configured for 8 CPUs, Windows will see 8 physical CPUs and will run only on 2, due to the hard coded limits in some of the editions of Windows Server.

To make Windows use all available cores, we need to configure the guest to expose the CPUs as cores and not as physical CPUs (sockets):

In virt-manager:

  1. Open the guest configuration screen
  2. Select Processor options tab
  3. Expand the “Topology” setting
  4. Set the sockets to 2
  5. Set the cores to 4 (for the guest to have a total of 8 cores) or 3 (for the guest to have a total of 6 cores).
  6. You can also expand the “Configration” settings and click on “copy host CPU configuration” to make the guest fully use all of the physical host’s CPU capabilities.

If you run the guest from command line, the KVM option for setting the CPU topology is: -smp 8,socket=2,cores=4

Gmail 的 IMAP、SMTP、POP3 各項 port 及安全性協定

2021-03-06 / Gmail, Google / , , ,
內送郵件 (POP) 伺服器pop.gmail.com需要安全資料傳輸層 (SSL):是通訊埠:995
外寄郵件 (SMTP) 伺服器smtp.gmail.com需要安全資料傳輸層 (SSL):是需要傳輸層安全性 (TLS):是 (如果可用)需要驗證:是傳輸層安全標準 (TLS)/STARTTLS 通訊埠:587。
伺服器逾時大於 1 分鐘 (建議設定 5 分鐘)
Incoming Mail (IMAP) Serverimap.gmail.com
Requires SSL: Yes
Port: 993
Outgoing Mail (SMTP) Serversmtp.gmail.com
Requires SSL: Yes
Requires TLS: Yes (if available)
Requires Authentication: Yes
Port for SSL: 465
Port for TLS/STARTTLS: 587

lxc guest container 與 host 如何複製檔案 – lxc/lxd

2021-03-01 / LXC, LXD / ,

通常要在 lxc 與 host 之間複製檔案都會用 scp,但是要打一長串的指令,lxc 提供了 pull 與 push 的功能讓你方便讓兩邊檔案複製。

從 lxc 把檔案複製出來

lxc file pull $target-container/$target-path/$target-file .

把檔案複製到 lxc 裡面

lxc file push $target-file $target-container/$target-path/

資料夾 -r

lxc file push -r $target-dir $target-container/$target-path/

pull 也以此類推,加上 -r。

查看記憶體時脈及世代 Linux or Ubuntu

2021-02-21 / Linux, RAM, Ubuntu / , ,

方法一:

sudo dmidecode -t memory

輸出結果:

# dmidecode 3.1
Getting SMBIOS data from sysfs.
SMBIOS 2.8 present.

Handle 0x0039, DMI type 16, 23 bytes
Physical Memory Array
	Location: System Board Or Motherboard
	Use: System Memory
	Error Correction Type: None
	Maximum Capacity: 64 GB
	Error Information Handle: Not Provided
	Number Of Devices: 4

Handle 0x0047, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelA-DIMM0
	Bank Locator: BANK 0
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: 6EF60200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

Handle 0x0048, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelA-DIMM1
	Bank Locator: BANK 1
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: 2CF20200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

Handle 0x0049, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelB-DIMM0
	Bank Locator: BANK 2
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: 04F40200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

Handle 0x004A, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelB-DIMM1
	Bank Locator: BANK 3
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: DBEF0200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

方法二:

sudo lshw -short -C memory

輸出結果:

H/W path               Device          Class          Description
=================================================================
/0/0                                   memory         64KiB BIOS
/0/39                                  memory         32GiB System Memory
/0/39/0                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/39/1                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/39/2                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/39/3                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/43                                  memory         384KiB L1 cache
/0/44                                  memory         1536KiB L2 cache
/0/45                                  memory         9MiB L3 cache
/0/100/14.2                            memory         RAM memory

使用 sed 跟 awk 將一列資料改成一行

2021-02-12 / Regular Expression / , 
dpkg -l | grep 5.4.0 | awk '/ii/{print $2}' | sed ':a ; N;s/\n/ / ; t a ; '

範例:查詢系統安裝了哪些跟 nvidia 有關的套件

ubuntu@guestOS:~$ dpkg -l | grep nvidia | grep ii
ii  libnvidia-cfg1-460:amd64                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA binary OpenGL/GLX configuration library
ii  libnvidia-common-460                          460.39-0ubuntu0.18.04.1                                   all          Shared files used by the NVIDIA libraries
ii  libnvidia-compute-460:amd64                   460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA libcompute package
ii  libnvidia-compute-460:i386                    460.39-0ubuntu0.18.04.1                                   i386         NVIDIA libcompute package
ii  libnvidia-decode-460:amd64                    460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA Video Decoding runtime libraries
ii  libnvidia-decode-460:i386                     460.39-0ubuntu0.18.04.1                                   i386         NVIDIA Video Decoding runtime libraries
ii  libnvidia-encode-460:amd64                    460.39-0ubuntu0.18.04.1                                   amd64        NVENC Video Encoding runtime library
ii  libnvidia-encode-460:i386                     460.39-0ubuntu0.18.04.1                                   i386         NVENC Video Encoding runtime library
ii  libnvidia-extra-460:amd64                     460.39-0ubuntu0.18.04.1                                   amd64        Extra libraries for the NVIDIA driver
ii  libnvidia-fbc1-460:amd64                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA OpenGL-based Framebuffer Capture runtime library
ii  libnvidia-fbc1-460:i386                       460.39-0ubuntu0.18.04.1                                   i386         NVIDIA OpenGL-based Framebuffer Capture runtime library
ii  libnvidia-gl-460:amd64                        460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA OpenGL/GLX/EGL/GLES GLVND libraries and Vulkan ICD
ii  libnvidia-gl-460:i386                         460.39-0ubuntu0.18.04.1                                   i386         NVIDIA OpenGL/GLX/EGL/GLES GLVND libraries and Vulkan ICD
ii  libnvidia-ifr1-460:amd64                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA OpenGL-based Inband Frame Readback runtime library
ii  libnvidia-ifr1-460:i386                       460.39-0ubuntu0.18.04.1                                   i386         NVIDIA OpenGL-based Inband Frame Readback runtime library
ii  nvidia-compute-utils-460                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA compute utilities
ii  nvidia-dkms-460                               460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA DKMS package
ii  nvidia-driver-460                             460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA driver metapackage
ii  nvidia-kernel-common-460                      460.39-0ubuntu0.18.04.1                                   amd64        Shared files used with the kernel module
ii  nvidia-kernel-source-460                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA kernel source package
ii  nvidia-prime                                  0.8.15.3~0.18.04.1                                        all          Tools to enable NVIDIA's Prime
ii  nvidia-settings                               440.82-0ubuntu0.18.04.1                                   amd64        Tool for configuring the NVIDIA graphics driver
ii  nvidia-utils-460                              460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA driver support binaries
ii  xserver-xorg-video-nvidia-460                 460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA binary Xorg driver

使用 awk 搜尋擷取套件名稱

ubuntu@guestOS:~$ dpkg -l | grep nvidia | awk '/ii/{print $2}' 
libnvidia-cfg1-460:amd64
libnvidia-common-460
libnvidia-compute-460:amd64
libnvidia-compute-460:i386
libnvidia-decode-460:amd64
libnvidia-decode-460:i386
libnvidia-encode-460:amd64
libnvidia-encode-460:i386
libnvidia-extra-460:amd64
libnvidia-fbc1-460:amd64
libnvidia-fbc1-460:i386
libnvidia-gl-460:amd64
libnvidia-gl-460:i386
libnvidia-ifr1-460:amd64
libnvidia-ifr1-460:i386
nvidia-compute-utils-460
nvidia-dkms-460
nvidia-driver-460
nvidia-kernel-common-460
nvidia-kernel-source-460
nvidia-prime
nvidia-settings
nvidia-utils-460
xserver-xorg-video-nvidia-460

使用 sed 將列改成行,並用空格分開

ubuntu@guestOS:~$ dpkg -l | grep nvidia | awk '/ii/{print $2}' | sed ':a ; N;s/\n/ / ; t a ; '
libnvidia-cfg1-460:amd64 libnvidia-common-460 libnvidia-compute-460:amd64 libnvidia-compute-460:i386 libnvidia-decode-460:amd64 libnvidia-decode-460:i386 libnvidia-encode-460:amd64 libnvidia-encode-460:i386 libnvidia-extra-460:amd64 libnvidia-fbc1-460:amd64 libnvidia-fbc1-460:i386 libnvidia-gl-460:amd64 libnvidia-gl-460:i386 libnvidia-ifr1-460:amd64 libnvidia-ifr1-460:i386 nvidia-compute-utils-460 nvidia-dkms-460 nvidia-driver-460 nvidia-kernel-common-460 nvidia-kernel-source-460 nvidia-prime nvidia-settings nvidia-utils-460 xserver-xorg-video-nvidia-460

讓 Nginx 支援 Brotli 壓縮 – 適用 Ubuntu 18.04 及 Ubuntu 20.04

2021-03-02 / nginx, Ubuntu / , ,

Brotli 是一個基於 LZ77 的無失真壓縮,其壓縮效能及 CPU 使用量上,整體平均來說大勝 gzip,然而 Nginx 官方並沒有支援,但是 Google 出了一個第三方的 module – ngx_brotli,讓 Nginx 可以實現 Brotli 壓縮。

Step 1 – 準備工作

確認 Nginx 版本

nginx -v
nginx version: nginx/1.19.5

安裝相依套件

sudo apt install -y libpcre3 libpcre3-dev zlib1g zlib1g-dev openssl libssl-dev

Step 2 – 下載所需要的原始碼

首先下載 Nginx 原始碼

wget https://nginx.org/download/nginx-1.19.5.tar.gz && tar -zxf nginx-1.19.5.tar.gz && rm  nginx-1.19.5.tar.gz

下載 ngx_brotli

git clone https://github.com/eustas/ngx_brotli.git && cd ngx_brotli && git submodule update --init

Step 3 – 編譯 ngx_brotli

cd ../nginx-1.19.5/
./configure --with-compat --add-dynamic-module=../ngx_brotli
make modules

更改檔案權限

cd objs/ && chmod 644 *.so

將 modules 複製到 Nginx 的 module 目錄

sudo cp *.so /usr/lib/nginx/modules/

Step 4 – 設定 Nginx

新增 ngx_brotli 的 conf 檔

sudo vim /usr/share/nginx/modules-available/mod-ngx_http_brotli.conf

於檔案內新增下列設定,新增完畢存檔離開。

load_module modules/ngx_http_brotli_filter_module.so;
load_module modules/ngx_http_brotli_static_module.so;

啟用 ngx_http_brotli 的 module

cd /etc/nginx/modules-enabled
sudo ln -s /usr/share/nginx/modules-available/mod-ngx_http_brotli.conf ./50-mod-ngx_http_brotli.conf
sudo vim /etc/nginx/nginx.conf

在 gzip 段落下面新增下列參數,如下圖:

##
# brotli
##
brotli on;
brotli_comp_level 5;
brotli_static on;
brotli_types text/css text/xml text/javascript application/json application/javascript application/x-javascript application/xml application/xml+rss application/xhtml+xml application/x-font-ttf font/opentype image/svg+xml image/x-icon application/font-woff text/plain;

重新啟動 Nginx

sudo service nginx restart

Step 5 – 驗收

可以看到支援的 MIME Type 都已經 br 壓縮了。

網站測試工具

2021-02-26 / cloud, www / , , ,

看載入網站 Waterfall View 的小幫手

除了看 Waterfall 之外,也可以知道 render block 卡在哪邊

https://webpagetest.org/

SSL Server Test by SSL Server Test (Powered by Qualys SSL Labs)

https://www.ssllabs.com/ssltest/index.html

Gzip, Brotli 壓縮測試網站

https://www.giftofspeed.com/gzip-test/

測試網站 http2 功能

https://gf.dev/http2-test

SSL/TLS Vulnerability & Configuration Scanner

https://gf.dev/tls-scanner

Header 檢查工具

https://gf.dev/http-headers-test

HTTP/2 Test

https://gf.dev/http2-test

FTTB test

https://gf.dev/ttfb-test

Google PageSpeed Insights

https://developers.google.com/speed/pagespeed/insights/

KVM 備份還原程序教學

2021-01-19 / KVM, Linux / , ,

KVM(Kernel-based Virtual Machine) 虛擬架構真的是一個很好的使用環境,不論是開發測試或是佈署成正式環境都很妥當,連 GCP 的 CE 也是採用 KVM 的架構。Guest 端可以支援不論是 Linux、FreeBSD、Solaris 甚至是 Microsoft Windows。

當然東西用下去正式跑的時候,備份就很重要了!

KVM 備份程序

先列出要備份的虛擬機器

ubuntu@host:/$ virsh list --all
 Id    Name                           State
----------------------------------------------------
 1     kudocker                       running
 2     nextcloud                      running

停止 kvm – nextcloud

ubuntu@host:/$ virsh shutdown nextcloud
Domain nextcloud is being shutdown

接下來將 VM 的資料備份成 XML 檔案

ubuntu@host:/$ virsh dumpxml nextcloud > /kvm_backup/nextcloud.xml
ubuntu@host:/$ ll /kvm_backup/nextcloud.xml
-rw-rw-r-- 1 ubuntu ubuntu 4943 Jan 19 16:40 /kvm_backup/nextcloud.xml

再來將 image 檔備份出來

sudo cp /var/lib/libvirt/images/nextcloud.qcow2 /kvm_backup

備份打完收工!

KVM 還原程序

virsh undefine nextcloud
sudo cp /kvm_backup/nextcloud.qcow2 /var/lib/libvirt/images
virsh define -file /kvm_backup/nextcloud.xml
virsh start nextcloud
  • 先將原本的 VM undefine
  • 將 image 檔還原
  • 重新載入定義檔
  • 開啟 VM