一晃三年

距离上一篇日记发布已有三年。这三年是幸福的也是痛苦的。一一和仔仔都有惊无险的降生了。公司里接二连三的发生各种状况,业绩如过山车一般波动,资金又出现了巨大的问题,爸爸身体也出了状况。

处置了一处房产,出租了部分厂房,搬迁了部分车间,一路硬扛到现在。有时感觉两年间内心被反复的磨啊磨啊,心气被消耗的差不多了。很难受,提着一股气在走。

今天下午在一家银行坐着等行长签字,开始最重要的一次长期资金结构调整。调整的好,公司平稳发展,五年内不再有后顾之忧。为这一刻全家付出了太多。

家庭NAS系统折腾笔记

2014.4.7

重新把这篇2010年12月的草稿拿出来写完吧……无敌的拖延症哦

最新的情况是这样的,2010年的Buffalo NAS 因为速度之内跑到10兆(受限于当时的百兆网络环境,但估计上千兆了速度也提升不大),现在在新计划里沦为附NAS,主要就做做定期的备份。

新房子在4个房间个客厅分别预埋了1根cat5e的网线,汇总到门口鞋柜里德线箱里。所以准备将主要的网络设备都放在鞋柜里。

拓扑图草图(2014.4.7):
新家网络拓扑图

门口鞋柜:
主宽带光猫:中国电信提供
电力猫:待定
主交换机:思科 CISCO SG200-08 (看中链路聚合能力,待定,等群晖nas新款一起入)
主NAS:群晖 1813+ (取消,备用笔记本装黑群晖先用着(200GB+500GB),根据历代发布时间个人推测新款会在2014年6月前后发布)
备用电源:施耐德 APC Smart-UPS SUA750ICH(等群晖新款一起入,目前笔记本装黑群晖自带电池咯~)

客厅:
附宽带同轴盒:广电提供
电力猫:待定
主无线路由:AUSU RT-AC68U (先用现住处的RT-AC66U顶着)

书房:
副交换机:CISCO SG90D-08
台式机:跳转
附NAS:Buffalo (纯二次备份用)

–2010.12.21–

目前进度:

外网访问:路由器端口转发+dyndns.org动态域名

ThinkPad x120e Fan Control

Remember to monitor the temperature!

https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X120e#Fan_control

sudo nano /etc/modprobe.d/modprobe.conf
options thinkpad_acpi fan_control=1
sudo rmmod thinkpad_acpi && sudo modprobe thinkpad_acpi

Check the state:
cat /proc/acpi/ibm/fan

# echo level 0 > /proc/acpi/ibm/fan (fan off)
# echo level 2 > /proc/acpi/ibm/fan (low speed)
# echo level 4 > /proc/acpi/ibm/fan (medium speed)
# echo level 7 > /proc/acpi/ibm/fan (maximum speed)
# echo level auto > /proc/acpi/ibm/fan (automatic – default)
# echo level disengaged > /proc/acpi/ibm/fan (disengaged)
If you receive a PERMISSION DENIED error you can use the following command syntax instead as a work-around:
# echo level 0 | sudo tee /proc/acpi/ibm/fan (fan off)
# echo level 2 | sudo tee /proc/acpi/ibm/fan (low speed)
# echo level 4 | sudo tee /proc/acpi/ibm/fan (medium speed)
# echo level 7 | sudo tee /proc/acpi/ibm/fan (maximum speed)
# echo level auto | sudo tee /proc/acpi/ibm/fan (automatic – default)
# echo level disengaged | sudo tee /proc/acpi/ibm/fan (disengaged)

Remember to monitor the temperature!

BitTorrent Sync on Raspberry Pi

mkdir ~/.btsync && cd ~/.btsync
wget http://btsync.s3-website-us-east-1.amazonaws.com/btsync_arm.tar.gz
tar -xvf btsync_arm.tar.gz

sudo ./btsync  # can be killed with `sudo killall btsync`

sudo nano /etc/init.d/btsync

#! /bin/sh
# /etc/init.d/btsync
#

# Carry out specific functions when asked to by the system
case "$1" in
start)
    /home/pi/.btsync/btsync
    ;;
stop)
    killall btsync
    ;;
*)
    echo "Usage: /etc/init.d/btsync {start|stop}"
    exit 1
    ;;
esac

exit 0

sudo chmod 755 /etc/init.d/btsync
sudo /etc/init.d/btsync start       # test that the script starts
sudo /etc/init.d/btsync stop        # test that the script stops
sudo update-rc.d btsync defaults

sudo reboot

phpMyAdmin

Always do these two commands first:

sudo apt-get update
sudo apt-get upgrade

To install phpmyadmin you have two options
1. install from the source:

sudo apt-get install phpmyadmin

That’s it, but the version is not so up-to-date.

2. Manually install:
download it last edition from the homepage. Select the “all language version” if you want to use it in other than English later.
update it to the root folder of your website.
unzip it

unzip phpMyAdmin*.zip

then follow the official docs to install it.

This will give you the last version.

Tips:
To remove the warning: mcrypt module is missing (something like that…)

sudo apt-get install php5-mcrypt
sudo /etc/init.d/apache2 restart

To remove the warning: The configuration file now needs a secret passphrase (blowfish_secret).

cd /the_path_to_your_phpmyadmin_folder/
sudo nano config.ini.php

add the follow codes before the ?> replace the password to your own random password.

$cfg[‘blowfish_secret’] = ‘password

To remove the warning:The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click here.

creat a datebase named phpmyadmin, create a user in the privileges tab. Username should be phpmyadmin, choose the option of “Create database with same name and grant all privileges”.

Then import the create_tables.sql from the example folder of phpmyadmin.

replace the config.inc.php with the config.sample.inc.php from the sample folder.

remove the // from the start of the following lines, change the red part with phpmyadmin and its password.

/* User used to manipulate with storage */
// $cfg[‘Servers’][$i][‘controlhost’] = ”;
// $cfg[‘Servers’][$i][‘controluser’] = ‘pma‘;
// $cfg[‘Servers’][$i][‘controlpass’] = ‘pmapass‘;

/* Storage database and tables */
// $cfg[‘Servers’][$i][‘pmadb’] = ‘phpmyadmin’;
// $cfg[‘Servers’][$i][‘bookmarktable’] = ‘pma__bookmark’;
// $cfg[‘Servers’][$i][‘relation’] = ‘pma__relation’;
// $cfg[‘Servers’][$i][‘table_info’] = ‘pma__table_info’;
// $cfg[‘Servers’][$i][‘table_coords’] = ‘pma__table_coords’;
// $cfg[‘Servers’][$i][‘pdf_pages’] = ‘pma__pdf_pages’;
// $cfg[‘Servers’][$i][‘column_info’] = ‘pma__column_info’;
// $cfg[‘Servers’][$i][‘history’] = ‘pma__history’;
// $cfg[‘Servers’][$i][‘table_uiprefs’] = ‘pma__table_uiprefs’;
// $cfg[‘Servers’][$i][‘tracking’] = ‘pma__tracking’;
// $cfg[‘Servers’][$i][‘designer_coords’] = ‘pma__designer_coords’;
// $cfg[‘Servers’][$i][‘userconfig’] = ‘pma__userconfig’;
// $cfg[‘Servers’][$i][‘recent’] = ‘pma__recent’;

To force using phpmyadmin with SSL (https):
Put this following line at the bottom of config.inc.php(before ?>)

$cfg[‘ForceSSL’] = true;

VPS 安装SSL笔记

自签名SSL就不说了,网上教程一大堆,也很简单,可以参考下文中提到的这篇Linode的官方教程
商业SSL证书按说也不难,可是网上的教程都是理想状态的,可我偏偏遇到了不理想的状况。

事情是这样的:
平台:
Linode的VPS
Debian 7
Apache
mysql
php

SSL证书提供商:
StartSSL-免费,一年有效期
RapidSSL-原价40+,域名提供商name.com给的是24刀,一年有效期
我先买了R家的,想想不划算,退款,申请了S家的,打了个电话验证就好了。

买SSL证书前请检查对应域名的联系邮箱是否有效能接收邮件,因为验证域名所有权时要用到。

我的VPS是基于Linode的教程设置为标准的LAMP系统。

然后基于这篇Linode的官方教程以及这篇StartSSL的第三方教程完成了SSL的基本配置。(中间摸索了3天T T)

拿到证书后首先将它和私匙,公匙等一堆东西打包保存到安全的地方(U盘之类的),如果像StartSSL那样登陆它后台设置页面也要相应证书的话,就也一起保存下来。请注意阅读网站说明。

下面做些自己配置的笔记以供将来参考:

首先是/etc/apache2/ports.conf
在添加 NameVirtualHost *:443 时将*替换成具体的服务器IP地址。80端口的*也一样处理。

然后再修改 /etc/apache2/sites-available/websiteurl
将已有的80端口http部分复制并在文件末尾黏贴,将80端口修改为443,并添加以下信息:

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/123.crt
SSLCertificateKeyFile /etc/apache2/ssl/123.key
SSLCACertificateFile /etc/apache2/ssl/123.pem

具体对应的证书请参考上文中提到的这篇StartSSL的第三方教程

然后不需要修改default-ssl文件。

重启apache服务:

sudo service apache2 restart

附录:
证书文件格式说明,识别及转换:
https://support.ssl.com/index.php?/Knowledgebase/Article/View/19

http://httpd.apache.org/docs/2.2/mod/mod_ssl.html

https://www.sslshopper.com/ssl-converter.html

http://docstore.mik.ua/orelly/weblinux2/apache/ch11_10.htm

http://stackoverflow.com/questions/14191468/openssl-encoding-errors-while-converting-cer-to-pem

http://blog.oneiroi.co.uk/openssl/x.509/pcks7/openssl-unable-to-load-certificate-wrong-asn1-encoding-routines-asn1-check-tlen-tag-tasn-dec-dot-c-1319/

在vps上生成证书时各字段的含义:
http://willjackson.org/blog/configuring-ssl-apache-debian-or-ubuntu

解决启动apache服务时的错误:SSLEngine模块缺失(英文怎么说忘了)
估计是之前按照教程做时无意间关闭了这个模块,把它启动起来就好了:

a2enmod ssl

相关网址:http://debian-handbook.info/browse/stable/sect.http-web-server.html 其中的“GOING FURTHER Adding support for SSL”部分。

解决启动apache服务时的警告(不影响启动):Restarting web server apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName

sudo nano /etc/apache2/conf.d/fqdn

输入:

ServerName localhos

再重启apache。

中文参考:
http://cnzhx.net/blog/ssl-on-lamp-on-vps/

apache无法启动请去看自己 /etc/apache2/sites-available/websiteurl 文件中定义的error.log

Aria2

Install aria2

sudo apt-get install aria2

creat the config file:

mkdir ~/.aria2
touch ~/.aria2/aria2.session
nano ~/.aria2/aria2.conf

Enter the follow words:

dir=/home/pi/Download
disable-ipv6=true
enable-rpc=true
rpc-allow-origin-all=true
rpc-listen-all=true
rpc-listen-port=6800
continue=true
input-file=/home/pi/.aria2/aria2.session
save-session=/home/pi/.aria2/aria2.session
max-concurrent-downloads=3

Test the installation:

aria2c –conf-path=/home/pi/.aria2/aria2.conf

Create an init script:

sudo nano /etc/init.d/aria2

Enter the follow words:

#! /bin/sh
# /etc/init.d/aria2

### BEGIN INIT INFO
# Provides: aria2cRPC
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: aria2c RPC init script.
# Description: Starts and stops aria2 RPC services.
### END INIT INFO

RETVAL=0
case “$1” in
start)
echo -n “Starting aria2c daemon: ”
umask 0000
aria2c –daemon=true –enable-rpc –rpc-listen-all -D –conf-path=/home/pi/.aria2/aria2.conf
RETVAL=$?
echo
;;
stop)
echo -n “Shutting down aria2c daemon: ”
/usr/bin/killall aria2c
RETVAL=$?
echo
;;
restart)
stop
sleep 3
start
;;
*)
echo $”Usage: $0 {start|stop|restart}”
RETVAL=1
esac
exit $RETVAL

start up the service automatically with:

sudo chmod +x /etc/init.d/aria2
sudo update-rc.d aria2 defaults

Install the Web-UI from github:
https://github.com/binux/yaaw
Put the files in the /var/www/yaaw/
The JSON-RPC Path is:

http://raspberrypi.address:6800/jsonrpc

Reboot the Pi:

sudo reboot