show code js

2021年10月14日 星期四

Centos Install Mysql update

 (1)source:

### see: https://dev.mysql.com/downloads/repo/yum/ ###

wget  http://repo.mysql.com/mysql80-community-release-el6-3.noarch.rpm

yum localinstall mysql80-community-release-el6-3.noarch.rpm -y

yum module disable mysql

yum install mysql-community-server -y 

systemctl enable mysqld

systemctl start mysqld

systemctl status mysqld

(2)getpswd:

mysql_secure_installation

grep 'temporary password' /var/log/mysqld.log

login mysql -u root -p, to test and quit

mysql>\s

mysql>quit

(3)set use utf8

nano /etc/my.cnf 

### find:

pid-file=/var/run/mysqld/mysqld.pid

### after add:

-------

init_connect='SET collation_connection = utf8mb4_unicode_ci'

init_connect='SET NAMES utf8mb4'

character-set-server=utf8mb4

#character-set-database=utf8mb4

collation-server=utf8mb4_unicode_ci

skip-character-set-client-handshake

[client]

default-character-set=utf8mb4

[mysql]

default-character-set=utf8mb4

--------

systemctl restart mysqld 

(4)grant(all on db.* to 'ur'@'localhost' identified by `pswd`)

CREATE USER 'ur'@'localhost' IDENTIFIED BY 'pswd';

GRANT ALL PRIVILEGES ON db.* TO 'ur'@'localhost';

flush privileges;

at 沒有留言:
Labels: ,

2021年7月20日 星期二

Create git server for self on centos

 :server

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

1.install

yum install git -y

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

2.add user

adduser git

passwd git

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

3.create directory for sample project

su git

cd ~

mkdir project.git

cd project.git

git init --bare

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

4.create ssh directory and file

cd ..

mkdir .ssh

cd .ssh

touch authorized_keys

chmod 700 ~/.ssh/

chmod 600 ~/.ssh/authorized_keys

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

5.create ssh key

su root

cd ~

ssh-keygen

scp ~/.ssh/id_rsa.pub git@gitserver:~/.ssh/authorized_keys

# or cat ~/.ssh/id_rsa.pub >> /home/git/.ssh/authorized_keys

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

:client

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

1.config

git config --global user.name "Your Name" 

git config --global user.email "Your_Mail@example.com"

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

2.type1:clone

:server create directory in /home/project.git

git clone git@gitserver:~/project.git

cd project 

touch test.txt

git add --all

git commit -a -m "First Version"

git push origin master

eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX

3.type2:create new project

:server create directory in /home/new_project.git

mkdir new_project

cd new_project

git init

git remote add origin git@gitserver:~/new_project.git

touch test.txt

git add --all

git commit -a -m "First Version"

git push origin master

at 沒有留言:
Labels: , ,

2021年7月18日 星期日

fail2ban

可防範對某一服務的暴力破解或掃描的行為

  1. readyeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    install and active firewalldeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    install epel-release
  2. installeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    yum install -y fail2ban
  3. add /etc/fail2ban/jail.local, can use nanoeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    [DEFAULT]eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    # white listeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    ignoreip = 127.0.0.1eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    # ban time eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    bantime  = 600eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    # ho much time to try to maxretryeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    findtime = 600eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    # try timeeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    maxretry = 5eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    [sshd]eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    # [service name]eHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    enabled = true
  4. activeeHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    systemctl enable fail2baneHz5i_DM2l+65vRL!H2^3i3=ns)Y3z1A1%^{-[ly|11{6Gum;}dT6Vre,!?6Kn2|gl^)x=x1{dX
    systemctl start fail2ban

at 沒有留言:
Labels: ,
訂閱: 文章 (Atom)