分类目录归档:后端

讲讲不同的后端代码,学习的过程!

ss 一键安装脚本

Shel代码

#!/bin/bash

cd /usr/local/src

yum -y update
wget -qO- https://raw.githubusercontent.com/v3u3i87/ops/master/gitInstall.sh | bash && source /etc/bashrc && git --version

yum install python-setuptools && easy_install pip
pip install --upgrade pip
pip install git+https://github.com/shadowsocks/shadowsocks.git@master
pip install shadowsocks


#读取外网 IP: curl -s ipecho.net/plain;echo

#多用户配置
touch /etc/shadowsocks.json

tee /etc/shadowsocks.json <<-'EOF'
{
 "server":"0.0.0.0",
 "local_address": "127.0.0.1",
 "local_port":1080,
  "port_password": {
     "9933": "9933##111"
 },
 "timeout":300,
 "method":"aes-256-cfb",
 "fast_open": false
}
EOF

#设置自启
echo -e "/usr/bin/ssserver  -c /etc/shadowsocks.json -d start \n" >> /etc/rc.local

chmod +x /etc/rc.d/rc.local

/usr/bin/ssserver -c /etc/shadowsocks.json -d start

#一行命令执行,需要server可以访问 github

wget -qO- https://raw.githubusercontent.com/v3u3i87/ops/master/ssInstall.sh | bash

关于配置文件 请自行学习

vps test

#硬盘IO及全球下载速度测试

wget -qO- bench.sh | bash

#全国网络测试
wget -N --no-check-certificate https://raw.githubusercontent.com/91yun/91yuntest/master/test_91yun.sh && chmod +x test_91yun.sh && ./test_91yun.sh


#服务器性能测试
wget --no-check-certificate https://github.com/teddysun/across/raw/master/unixbench.sh && chmod +x unixbench.sh && ./unixbench.sh

#Ping值监测小工具
--https://www.zhujiboke.com/2018/02/1265.html
screen -S uping
wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/uPing/master/uping.py
python uping.py


--- mPing一键测试回程Ping值 https://www.zhujiboke.com/2017/12/1171.html
wget https://raw.githubusercontent.com/helloxz/mping/master/mping.sh
bash mping.sh


----SuperSpeed – 一键测试服务器到国内的速度 https://www.zhujiboke.com/2017/09/778.html
wget https://raw.githubusercontent.com/oooldking/script/master/superspeed.sh
chmod +x superspeed.sh
./superspeed.sh


---Ping.pe 延迟稳定性测试工具
http://ping.pe/

set fetch cors in php

#set fetch cors

fetch('https://api.github.com/users/github', {
    method: 'GET',
    headers: {
      'Accept': 'application/json, text/javascript, */*; q=0.01',
      'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8'
    },
    mode: 'cors',
    credentials: 'credentials',
    cache: 'default'
  })
  .then((resp) => {
    try {
      return resp.json();
    } catch (err) {}
    return resp.text();
  })
  .then((data) => {
    console.log(data);
  })
  .catch((err) => {
    console.error(err);
  });

cors是表明可否通过header跨域。
credentials表明是否在跨域的时候可以传数据,比如cookie等信息。
credentials为真的时候,服务段不能用*来匹配,必须要指定一个完整的域信息

#set php cors

       header("Access-Control-Allow-Credentials: false");
        header("Access-Control-Allow-Origin: *");
        header("Access-Control-Allow-Methods: GET, HEAD, POST, PUT, PATCH, DELETE OPTIONS");
        header("Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin, Accept, Authorization, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers");

Nginx configuration for CORS-enabled HTTPS proxy with origin white-list defined by a simple regex


# # Acts as a nginx HTTPS proxy server # enabling CORS only to domains matched by regex # /https?://.*\.mckinsey\.com(:[0-9]+)?)/ # # Based on: # * http://blog.themillhousegroup.com/2013/05/nginx-as-cors-enabled-https-proxy.html # * http://enable-cors.org/server_nginx.html # server { listen 443 default_server ssl; server_name localhost; # Fake certs - fine for development purposes 🙂 ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; ssl_session_timeout 5m; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Nginx doesn't support nested If statements, so we # concatenate compound conditions on the $cors variable # and process later # If request comes from allowed subdomain # (*.mckinsey.com) then we enable CORS if ($http_origin ~* (https?://.*\.mckinsey\.com(:[0-9]+)?$)) { set $cors "1"; } # OPTIONS indicates a CORS pre-flight request if ($request_method = 'OPTIONS') { set $cors "${cors}o"; } # Append CORS headers to any request from # allowed CORS domain, except OPTIONS if ($cors = "1") { more_set_headers 'Access-Control-Allow-Origin: $http_origin'; more_set_headers 'Access-Control-Allow-Credentials: true'; proxy_pass http://serverIP:serverPort; } # OPTIONS (pre-flight) request from allowed # CORS domain. return response directly if ($cors = "1o") { more_set_headers 'Access-Control-Allow-Origin: $http_origin'; more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE'; more_set_headers 'Access-Control-Allow-Credentials: true'; more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept'; add_header Content-Length 0; add_header Content-Type text/plain; return 204; } # Requests from non-allowed CORS domains proxy_pass http://serverIP:serverPort; } }

linux以密钥登录系统

本次列次全部是xxx,服务端执行权限为root

#本地电脑生成公钥和私钥文件
ssh-keygen -t rsa -C "xxx@email.com" -f "xxxx"

#登录服务器
groupadd xxx
useradd xxx -g xxx
passwd xxx

mkdir -p /home/xxx/.ssh
touch /home/xxx/.ssh/authorized_keys

cd /home/xxx/.ssh/
#写入公钥
vi test

cat test >> /home/xxx/.ssh/authorized_keys

#设置权限
chown -R 0700 /home/xxx/.ssh
chown -R 0644 /home/xxx/.ssh/authorized_keys
chown -R xxx:xxx /home/xxx

#开启SELinux时,还需要执行(root用户把/home改成/root)
restorecon -R -v /home

#设置服务端用户免密码登录
vi /etc/ssh/sshd_config

#禁用root账户登录,如果是用root用户登录请开启
PermitRootLogin no

#是否让 sshd 去检查用户家目录或相关档案的权限数据,
#这是为了担心使用者将某些重要档案的权限设错,可能会导致一些问题所致。
#例如使用者的 ~.ssh/ 权限设错时,某些特殊情况下会不许用户登入
StrictModes no

#是否允许用户自行使用成对的密钥系统进行登入行为,仅针对 version 2。
#至于自制的公钥数据就放置于用户家目录下的 .ssh/authorized_keys 内
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

#有了证书登录了,就禁用密码登录吧,安全要紧
PasswordAuthentication no

#重起ssh服务
systemctl restart sshd.service

#本地mac 远程登录
ssh -i /local/.ssh/mqzhang xxx@ip

搭建git服务端同步部署代码到web目录

本文是在cneots7 下执行,本地是mac os

#在服务器上创建git用户

groupadd git
useradd git -g git
passwd yourpwd

#开放服务端用户免密码登录
vi /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
#指定公钥存放位置
AuthorizedKeysFile .ssh/authorized_keys

#切换用户 确保执行权限
su git

#创建相关免验证
cd /home/git/
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys

#mac os本地操作

目录下查看, id_rsa 、id_rsa.pub,若没有

cd ~/.ssh

一路回车

ssh-keygen -t rsa

就可以生成文件 id_rsa 、id_rsa.pub

#把id_rsa.pub内容写入到服务端文件authorized_keys
/home/git/.ssh/authorized_keys

#服务端防止git以ssh shell形式登录
vi /etc/passwd
#找到类似下面一行
git:x:1000:1000::/home/git:/bin/bash //原来的
git:x:1000:1000::/home/git:/usr/bin/git-shell //改为现在的

#创建git仓库目录

mkdir -p /home/git/sj/h5.git

#初始化git仓库
git init --bare /home/git/sj/h5.git

#让仓库接收远程提交代码
cd /home/git/sj/h5.git
git config receive.denyCurrentBranch ignore

#赋予写入权限
chmod -R 777 /home/git/sj/h5.git

#创建同步代码脚本
vi /home/git/sj/h5.git/hooks/post-receive


#!/bin/sh echo "=====================start server===========================" unset GIT_DIR DeployPath="/code/h5" cd $DeployPath echo "deploying the test web" git fetch --all git reset --hard origin/dev git stash git pull origin dev time=`date` echo "web server pull at webserver at time: $time." echo "=====================end server==========================="

#设置执行权限
chmod +x /home/git/sj/h5.git/hooks/post-receive

#服务端创建git同步代码目录
cd /code

git clone /home/git/sj/h5.git
#赋予目标权限读写权限
chmod -R 777 /code/h5

#服务端更新参考
git update-server-info

git checkout -f

#本地创建代码仓库

git clone git@you in ip:sj/h5.git
#添加多个仓库
git remote add dev git@you in ip:sj/h5.git

#切换权限
su root
#git赋予到nginx组
usermod -a -G git nginx

#设置代码目录权限
chown -R git:nginx /code
chmod -R 777 /code

#搭建参考 http://www.jianshu.com/p/11b380b6aa4d
#多仓库使用参考 http://wonux.tech/git-remote.html

mac下VirtualBox共享centos7文件解决方式

远程虚拟机以前请确认你是否?
1.设置共享目录
2.已下载扩展包
3.设置扩展包到对象虚拟机

#挂载需要的服务
yum -y install gcc++ gcc make kernel kernel-devel kernel-headers bzip2

#设置内核
ln -s /usr/src/kernels/3.10.0-327.28.2.el7.x86_64 /usr/src/linux

#挂载光驱

#创建光驱目录
mkdir /mnt/cdrom
#挂在光驱
mount /dev/cdrom /mnt/cdrom
#卸载光驱
umount /dev/cdrom /mnt/cdrom

#进入目录
cd /mnt/cdrom

#执行安装
./VBoxLinuxAdditions.run

#重起
shutdown -r now

#查看是否有vbox
ps -ef | grep -i vbox

#创建目录
mkdir /mnt/code

#挂载共享
mount -t vboxsf code /mnt/code

#重起
shutdown -r now

注意重起后会失效,需要在ssh脚本中进行设置

解决virtualbox最小化安装centos7后不能上网

#文件
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

#将
ONBOOT=no
#改为
ONBOOT=yes

#保存后重启网卡:

systemctl restart network.service

此时就可以上网了。

因为是最小化安装,此时ifconfig命令不能用,可用

#查看分配网卡情况命令
ip addr

#安装net-tools工具
yum -y install net-tools

#然后就可以正常的使用ifconfig

#如果有必要请
yum -y update

git小型团队,协作使用约定

#git分支约定

master = 正式版本
develop = 开发版本

#git定型版本tag

当每个develop版本合并至master分支以后,打git tag 1.1.2版本标签,便于版本细节变化操作的跟踪.

#bug相关

当正式版本产生bug的时候,可能需要修改代码,为了后期便于维护,请根据以下约定进行操作.

#本地场景操作->确认至本地master版本

git checkout master

#更新本地分支

git pull origin master

#创建本地bug分支版本

git branch bug#1.1.2

#修复以后的操作

git checkout master
``

#合并分支

git merge bug#1.1.2


#写入日记

git commit -m “日记,写入本地合并的操作相关信息”


#打标签

git tag -a 1.1.2 -m “Release version 1.1.2”


#详解 git tag命令

-a 1.1.2 是增加名为1.1.2的标签
-m 后面跟着的是标签的注释


#提交标签到远程服务器上

git push origin master
git push origin --tags
–tags参数表示提交所有tag至服务器端,普通的git push origin master操作不会推送标签到服务器端。


#删除标签的命令

git tag -d  1.1.2


#删除远端服务器的标签

git push origin :refs/tags/1.1.2
```