FROM ubuntu:20.04 AS builder-ssl ENV DEBIAN_FRONTEND noninteractive RUN apt-get -y update && apt-get -y install git make gcc RUN git clone --depth 1 https://github.com/quictls/openssl.git RUN cd /openssl && ./config enable-tls1_3 && make -j$(nproc) && make install_sw FROM ubuntu:20.04 AS builder…
存储 – 块存储卷 – 引导卷 – 找到要分离的名字点进去 – 附加的实例 – 从实例分离 – 附加到实例(选择半虚拟化)
fdisk -l mount /dev/sdb2 /mnt for i in /dev /dev/pts /proc /sys /run; do sudo mount -B $i /mnt$i; done chroot /mnt update-grub #安装内核 exit systemctl stop…
1.准备好域名及搭好https服务的nginx,这里以域名123.com为例,https://123.com需要能正常访问
2.需要设置白名单的服务搭好 这里以端口10086为例
下面教程为debian/ubuntu系统
预先准备的组件,若已安装可跳过
apt install rsyslog iptables nano -y
下载处理白名单程序
wget -O /usr/local/bin/selfhelp-iptables https://github.com/aoyouer/selfhelp-iptables/releases/download/2.3.4/selfhelp-iptables
赋予运行权限
chmod +x /usr/local/bin/selfhelp-iptables
添加nginx路径反代上面程序的端口
编辑nginx配置 路径仅供参考
nano /etc/nginx/conf.d/123.com
在location / 或者location其他路径下添加,这里/2表示后续通过访问https://123.com/2来添加白名单,按需修改路径
location /2 {
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass …下载软件
https://download.multiotp.net/credential-provider/
安装VBVC运行库,64位下面两个都要安装
https://aka.ms/vs/16/release/vc_redist.x86.exe and https://aka.ms/vs/16/release/vc_redist.x64.exe
安装主体软件
勾上No remote server,其他默认 下一步
默认选中的 For remote desktop only (只有远程桌面开启两步验证)
下面的勾全去掉,不选
命令行开启两步验证及生成密钥图片 administrator改成你需要的用户,然后手机端扫描图片添加两步验证(如 authy)
"C:\Program Files (x86)\multiOTP\multiotp.exe" -fastcreatenopin administrator "C:\Program Files (x86)\multiOTP\multiotp.exe" -qrcode administrator d:/123.png
参考
https://inc.sysu.edu.cn/article/1050…
#要求内核大于3.11 apt install gcc make libmnl-dev pkg-config wget tar gzip -y cd /tmp wget https://ipset.netfilter.org/ipset-7.15.tar.bz2 tar -jxvf ipset-7.15.tar.bz2 rm -rf ipset-7.15.tar.bz2 cd ipset-7.15/ #./configure #./configure --enable-shared=no --enable-static=yes --prefix=/usr/local/ipset --disable-dependency-tracking ./configure --enable-shared=no --enable-static=yes --disable-dependency-tracking make…
最新版本的glibc是2.34,但是编译失败了,这里已2.33为教程
安装高于4.8的gcc yum -y install centos-release-scl yum -y install devtoolset-11 bison ca-certificates 开启gcc11 scl enable devtoolset-11 bash 编译make cd /usr/local/src/ wget https://ftp.gnu.org/gnu/make/make-4.3.tar.gz tar zxvf make-4.3.tar.gz && cd make-4.3 ./configure && make -j && make install ln -s -f /usr/local/bin/make /usr/bin/make…
前后一共折腾了不下5次,今天终于弄好了
这里使用的是非443端口,证书需要在宿主先申请好,我这里用的acme的cf api生成,教程这里忽略
证书这里举例用/root/crt/123.com.crt,KEY /root/crt/123.com.key,必须是域名.crt+域名.key形式
安装dokcer
curl -fsSL https://get.docker.com -o get-docker.sh && sh get-docker.sh
dcokcer运行,把/root/crt/ 映射进docker
docker run --restart unless-stopped --name derper -p 12345:12345 -p 3478:3478/udp -v /root/crt/:/crt/ -dt qctt/derper /derper -stun -a 0.0.0.0:12345 -hostname 123.com -certdir=/crt/ -certmode=manual
在tailscle控制页的Access Controls示例,OmitDefaultRegions …
from bgp.he.net
69.28.48.0/20 65.255.32.0/23 65.255.32.0/20 47.82.64.0/18 47.82.0.0/18 45.81.130.0/23 45.81.129.0/24 45.43.48.0/23 45.43.46.0/23 45.43.44.0/23 45.43.42.0/23 45.43.40.0/23 45.43.38.0/23 45.43.32.0/22 45.40.60.0/22 45.40.52.0/22 45.40.48.0/22 45.124.255.0/24 45.124.252.0/24 45.124.252.0/22 45.10.70.0/23 45.10.69.0/24 23.91.104.0/23 23.91.102.0/23 23.90.188.0/22 23.90.186.0/23 23.90.184.0/23 23.90.180.0/22 23.90.176.0/22 23.90.174.0/23 23.90.172.0/23 23.90.170.0/23 23.90.168.0/23 23.90.168.0/22 23.90.160.0/21 23.90.144.0/20 23.90.128.0/20 23.251.98.0/23…
from bgp.he.net
45.43.63.0/24 45.43.62.0/24 45.43.61.0/24 45.43.60.0/24 45.43.58.0/24 45.43.57.0/24 45.43.56.0/24 45.43.55.0/24 45.43.54.0/24 45.43.53.0/24 45.43.52.0/24 45.43.37.0/24 45.43.36.0/24 45.40.57.0/24 45.40.56.0/24 45.249.247.0/24 45.249.246.0/24 45.249.245.0/24 45.249.244.0/24 42.240.240.0/20 42.240.224.0/20 42.240.208.0/20 42.240.192.0/20 42.240.176.0/20 42.240.144.0/20 42.240.128.0/20 36.255.223.0/24 36.255.222.0/24 36.255.221.0/24 36.255.220.0/24 23.91.98.0/24 23.91.97.0/24 23.91.96.0/24 23.91.101.0/24 23.91.100.0/24 23.248.185.0/24 23.248.184.0/24 23.248.163.0/24…
一键安装docker
curl -fsSL https://get.docker.com -o get-docker.sh && sh get-docker.sh #创建docker #https://hub.docker.com/r/adguard/adguardhome docker pull adguard/adguardhome docker run --name adguardhome\ --restart unless-stopped\ -v /root/adguardhome/workdir:/opt/adguardhome/work\ -v /root/adguardhome/confdir:/opt/adguardhome/conf\ -p 3000:3000/tcp\ -p 36886:36886/tcp\…