show code js

2025年1月29日 星期三

docker clean

 #remove old container and images

  • run all container
  • remove old container and images,volume
  • docker system prune
  • docker volume prune
  • docker builder prune
  • stop all container{docker stop $(docker ps -q)}
  • stop docker desktop{Stop-Process -Name "Docker Desktop"}
  • wsl --shutdown
  • Optimize-VHD -Path C:\Users\yourname\AppData\Local\Docker\wsl\data\ext4.vhdx -Mode Full
  • Optimize-VHD -Path C:\Users\yourname\AppData\Local\Docker\wsl\main\ext4.vhdx -Mode Full
  • wsl
  • start docker desktop{Start-Process "Docker Desktop"}
  • start all container{docker start $(docker ps -aq)}

searxng

  • docker pull searxng/searxng
  • docker run -d -p 4000:8080 -e "BASE_URL=http://localhost:4000/" -e "INSTANCE_NAME=searxng" searxng/searxng

Install docker on ubuntu

  • sudo apt update
  • sudo apt install apt-transport-https ca-certificates curl software-properties-common
  • curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
  • sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  • sudo apt update
  • sudo apt install docker-ce
  • sudo docker run hello-world
  • sudo apt install docker-compose

Fail2ban for ubuntu

 

  • sudo apt install fail2ban -y
  • sudo systemctl enable fail2ban
  • sudo systemctl start fail2ban
  • sudo systemctl status fail2ban

  • sudo -s
  • cd /etc/fail2ban/
  • sudo cp fail2ban.conf fail2ban.local
  • sudo cp jail.conf jail.local

2025年1月28日 星期二

iRedMail Renew Cert

Connect MailServer 

  • check certs
    sudo openssl x509 -enddate -noout -in /etc/letsencrypt/live/your_domain/fullchain.pem
  • Stop service
    sudo systemctl stop nginx
    sudo systemctl stop postfix
    sudo systemctl stop dovecot
  • check http port can connect
    firewall open http
    sudo ufw allow http
  • Renew cert
    sudo certbot certonly --standalone -d your_domain --preferred-challenges http
  • check cert
    sudo openssl x509 -enddate -noout -in /etc/letsencrypt/live/your_domain/fullchain.pem
  • close http port
    sudo ufw delete allow http
    firewall close http
  • cert permission
    sudo chown root:root /etc/letsencrypt/live/your_domain/privkey.pem
    sudo chmod 600 /etc/letsencrypt/live/your_domain/privkey.pem
  • Start service
    sudo systemctl start nginx
    sudo systemctl start postfix
    sudo systemctl start dovecot

Auto Renew Config

  • sudo crontab -e
  • choose 1, and add below line in end
    0 3 * * * /usr/bin/certbot renew --quiet && systemctl reload nginx postfix dovecot
  • save