腾讯云开启ipv6,重启后地址失效 
Friday, January 2, 2026, 07:02 AM
这个脚本是在腾讯云后台的TAT执行脚本记录中找到的,内容:

[root@VM-4-3-rockylinux ~]# nl ipv6.sh
     1  if [ ! -f "/etc/tencentcloud_ipv6_base.sh" ]; then
     2  cat <<'EOF' > '/etc/tencentcloud_ipv6_base.sh'
     3  #!/bin/bash

     4  ## support ipv6 eip config from TAT
     5  ## Version:1.0

     6  DEFAULTMODE=$1
     7  DEFAULTADDR=$2
     8  DEFAULTULA=$3
     9  DEFAULTISP=$4
    10  DEFAULTDEV="eth0"

    11  DEVCOUNT=0
    12  ADDRCOUNT=0
    13  MODE=""
    14  ADDR=""
    15  ULA=""
    16  ISP="" # XXX not used yet
    17  DEV=""

    18  determine_device_name() {
    19      # init default value
    20      local ula_addr=${1:-}
    21      local devices=""
    22      local mac_addr=""

    23      # get dev from ula
    24      devices=($(ip -o link show 2>/dev/null | awk -F': ' '{print $2}' || echo ""))
    25      if [[ -n "$devices" ]]; then
    26          for dev in "${devices[@]}"; do
    27              if ip -6 addr show dev "$dev" 2>/dev/null | grep -q "inet6 $ula_addr" 2>/dev/null; then
    28                  echo "$dev"
    29                  return
    30              fi
    31          done
    32      fi

    33      # get dev from metadata
    34      mac_addr=$(curl -s -m 5 http://metadata.tencentyun.com/meta-data/mac 2>/dev/null || echo "")
    35      if [[ -n "$mac_addr" && -n "$devices" ]]; then
    36          for dev in "${devices[@]}"; do
    37              if ip link show "$dev" 2>/dev/null | grep -q "$mac_addr" 2>/dev/null; then
    38                  echo "$dev"
    39                  return
    40              fi
    41          done
    42      fi

    43      # fallback to default
    44      echo "$DEFAULTDEV"
    45  }

    46  sync_config_from_meta() {
    47      MODE=$DEFAULTMODE
    48      ADDR=$DEFAULTADDR
    49      ULA=$DEFAULTULA
    50      ISP=$DEFAULTISP
    51      DEV=$(determine_device_name "$ULA")
    52      # TODO
    53      DEVCOUNT=1
    54      ADDRCOUNT=1
    55  }

    56  setup_dhcpclient_dhclient()
    57  {
    58      local dev=$1

    59      if [[ $MODE == "PASSTHROUGH" ]]; then
    60          # stop client
    61          pid=`cat /var/run/dhclient6.pid`
    62          if [[ -n $pid ]]; then
    63              /usr/bin/kill -9 `cat /var/run/dhclient6.pid`
    64          fi
    65      else
    66          # start client
    67          if [[ ! -f /var/run/dhclient6.pid ]]; then
    68              /sbin/dhclient -6 -nw $dev
    69          fi
    70      fi
    71  }

    72  setup_dhcpclient_systemd()
    73  {
    74      local dev=$1
    75      local profile="/run/systemd/network/10-netplan-$dev.network"
    76      local disabled=`/usr/bin/grep "IPv6AcceptRA=false" $profile; echo $?`

    77      sed -i "/\[Network\]/aGateway=fe80::feee:ffff:feff:ffff" $profile
    78      if [[ $MODE == "PASSTHROUGH" ]]; then
    79          if [[ $disabled == "1" ]]; then
    80              # stop client
    81              sed -i "/\[Network\]/aIPv6AcceptRA=false" $profile
    82              sed -i "/\[Network\]/aAddress=${ADDR}" $profile
    83              networkctl reload
    84              sleep 1
    85          fi
    86          # XXX persistent config causes cloud-init not bringing up $dev
    87          # /usr/bin/sed -i "/eth0:/a\      accept_ra: false" /etc/netplan/00-installer-config.yaml
    88      else
    89          if [[ $disabled == "0" ]]; then
    90              # start client
    91              sed -i "/IPv6AcceptRA=false/d" $profile
    92              sed -i '/^Address=\([0-9a-fA-F]\{1,4\}:\)\{7\}[0-9a-fA-F]\{1,4\}/d' $profile
    93              networkctl reload
    94              sleep 1
    95          fi
    96          # persistent config
    97          # /usr/bin/sed -i "/accept-ra: false/d" /etc/netplan/00-installer-config.yaml
    98      fi
    99  }

   100  setup_dhcpclient_nm()
   101  {
   102      local dev=$1
   103      local connection="System $1"
   104      local method=`/usr/bin/nmcli c s "$connection" | grep ipv6.method | awk '{print $2}'`

   105      if [[ $MODE == "PASSTHROUGH" ]]; then
   106          if [[ $method == "auto" ]]; then
   107              # stop client
   108              /usr/bin/nmcli c m "$connection" ipv6.method ignore
   109          fi
   110      else
   111          if [[ $method == "ignore" ]]; then
   112              # start client
   113              /usr/bin/nmcli c m "$connection" ipv6.method auto
   114              /usr/bin/nmcli c up "$connection"
   115          fi
   116      fi
   117  }

   118  setup_dhclient()
   119  {
   120      if [[ -f /etc/opencloudos-release ]]; then
   121          setup_dhcpclient_nm $1
   122          return
   123      fi
   124      /usr/bin/ps -elF | /usr/bin/grep -w NetworkManager | /usr/bin/grep -v grep >/dev/null
   125      if (( $? == 0 )); then
   126          setup_dhcpclient_nm $1
   127          return
   128      fi
   129      /usr/bin/ps -elF | /usr/bin/grep -w systemd-networkd | /usr/bin/grep -v grep >/dev/null
   130      if (( $? == 0 )); then
   131          setup_dhcpclient_systemd $1
   132          return
   133      fi
   134      setup_dhcpclient_dhclient $1
   135  }

   136  setup_route()
   137  {
   138      if (( $DEVCOUNT == 1 && $ADDRCOUNT == 1 )); then
   139          /sbin/ip -6 route replace default dev $DEV via fe80::feee:ffff:feff:ffff
   140      fi
   141      # TODO policy route
   142  }

   143  # remove wrong addresses and config needed address
   144  # PASSTHROUGH mode: remove ULA and other GUA, config right GUA
   145  # NAT mode: do nothing
   146  # DUAL mode: remove other GUA, config right GUA
   147  setup_addr()
   148  {
   149      local dev=$1
   150      local addr=$2
   151      local ula=$3
   152      local old=

   153      if [[ $MODE == "PASSTHROUGH" ]]; then
   154          old=`/sbin/ip -6 addr show dev $dev | grep inet6 | grep -v 'inet6 fe80' | grep -v "inet6 $addr" | awk '{print $2}'`
   155      elif [[ $MODE == "DUAL" ]]; then
   156          old=`/sbin/ip -6 addr show dev $dev | grep inet6 | grep -v 'inet6 fe80' | grep -v "inet6 $ula" | grep -v "inet6 $addr" | awk '{print $2}'`
   157      else
   158          return 0
   159      fi
   160      for o in $old; do
   161          echo "removing $o"
   162          /sbin/ip -6 addr del dev $dev $o
   163      done
   164      /sbin/ip -6 addr add dev $dev $addr
   165  }

   166  sync_config_from_meta
   167  setup_dhclient $DEV
   168  setup_addr $DEV $ADDR $ULA
   169  setup_route
   170  EOF
   171  fi

   172  mode={{mode}}
   173  gua={{gua}}
   174  ula={{ula}}
   175  DEV="eth0" # default device

   176  rclocal=1

   177  config_rclocal()
   178  {
   179      local conf="/etc/rc.local"
   180      if (( $rclocal != 1 )); then
   181          return
   182      fi

   183      if [[ -h $conf ]]; then
   184          conf="/etc/rc.d/rc.local"
   185      fi
   186      grep -w tencentcloud_ipv6_base $conf | grep "$gua $ula"
   187      if (( $? == 1 )); then
   188          echo "bash /etc/tencentcloud_ipv6_base.sh $mode $gua $ula CAP" >> $conf
   189      fi
   190      chmod +x $conf
   191  }

   192  config_sysconfig()
   193  {
   194      local conf="/etc/sysconfig/network-scripts/init.ipv6-global"
   195      local key="Add some routes which should never appear on the wire"
   196      if [[ -f $conf ]]; then
   197          # duplicate check
   198          grep -w tencentcloud_ipv6_base $conf | grep "$gua $ula"
   199          if (( $? == 1 )); then
   200              lb=`grep -n "$key" $conf | awk -F: '{print $1}' | head -1`
   201              if [[ -n $lb ]]; then
   202                  sed -i "${lb} i          bash /etc/tencentcloud_ipv6_base.sh ${mode} ${gua} ${ula} CAP" $conf
   203              else
   204                  # cannot config
   205                  return
   206              fi
   207          fi
   208          rclocal=0
   209      fi
   210  }

   211  config_systemd_networking()
   212  {
   213      local conf="/lib/systemd/system/networking.service"
   214      local key="ExecStart"
   215      if [[ -f $conf ]]; then
   216          # duplicate check
   217          grep -w tencentcloud_ipv6_base $conf | grep "$gua $ula"
   218          if (( $? == 1 )); then
   219              lb=`grep -n $key $conf | awk -F: '{print $1}' | tail -1`
   220              if [[ -n $lb ]]; then
   221                  sed -i "${lb} a ExecStartPost=/bin/sh -c 'bash /etc/tencentcloud_ipv6_base.sh ${mode} ${gua} ${ula} CAP'" $conf
   222                  systemctl daemon-reload
   223              else
   224                  # cannot config
   225                  return
   226              fi
   227          fi
   228          rclocal=0
   229      fi
   230  }

   231  config_systemd_NetworkManager()
   232  {
   233      local conf="/lib/systemd/system/NetworkManager.service"
   234      local key="ExecStart"
   235      if [[ -f $conf ]]; then
   236          # duplicate check
   237          grep -w tencentcloud_ipv6_base $conf | grep "$gua $ula"
   238          if (( $? == 1 )); then
   239              lb=`grep -n $key $conf | awk -F: '{print $1}' | tail -1`
   240              if [[ -n $lb ]]; then
   241                  sed -i "${lb} a ExecStartPost=/bin/sh -c 'bash /etc/tencentcloud_ipv6_base.sh ${mode} ${gua} ${ula} CAP'" $conf
   242                  systemctl daemon-reload
   243              else
   244                  # cannot config
   245                  return
   246              fi
   247          fi
   248          rclocal=0
   249      fi
   250  }

   251  config_sysconfig
   252  config_systemd_networking
   253  config_systemd_NetworkManager
   254  config_rclocal

   255  # generic config
   256  bash /etc/tencentcloud_ipv6_base.sh PASSTHROUGH 机器外网IPV6地址 机器内网IPV6地址 CAP

机器外网IPV6地址 和 机器内网IPV6地址都可以在管理后台找到,填进去,执行下脚本IPV6就又行了.

Jan  2 14:20:37 localhost cloud-init[906]: Cloud-init v. 20.1 running 'init' at Fri, 02 Jan 2026 06:20:37 +0000. Up 6.03 seconds.
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: ++++++++++++++++++++++++++++++++++++++Net device info++++++++++++++++++++++++++++++++++++++
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +--------+------+----------------------------+---------------+--------+-------------------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: | Device |  Up  |          Address           |      Mask     | Scope  |     Hw-Address    |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +--------+------+----------------------------+---------------+--------+-------------------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |  eth0  | True |          10.0.4.3          | 255.255.252.0 | global | 52:54:00:1a:13:c8 |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |  eth0  | True | fe80::5054:ff:fe1a:13c8/64 |       .       |  link  | 52:54:00:1a:13:c8 |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   lo   | True |         127.0.0.1          |   255.0.0.0   |  host  |         .         |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   lo   | True |          ::1/128           |       .       |  host  |         .         |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +--------+------+----------------------------+---------------+--------+-------------------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +++++++++++++++++++++++++++Route IPv4 info++++++++++++++++++++++++++++
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +-------+-------------+----------+---------------+-----------+-------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: | Route | Destination | Gateway  |    Genmask    | Interface | Flags |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +-------+-------------+----------+---------------+-----------+-------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   0   |   0.0.0.0   | 10.0.4.1 |    0.0.0.0    |    eth0   |   UG  |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   1   |   10.0.4.0  | 0.0.0.0  | 255.255.252.0 |    eth0   |   U   |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +-------+-------------+----------+---------------+-----------+-------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: ++++++++++++++++++++++++++++Route IPv6 info++++++++++++++++++++++++++++
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +-------+-------------+---------------------------+-----------+-------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: | Route | Destination |          Gateway          | Interface | Flags |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +-------+-------------+---------------------------+-----------+-------+
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   1   |  fe80::/64  |             ::            |    eth0   |   U   |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   2   |     ::/0    | fe80::feee:ffff:feff:ffff |    eth0   |   UG  |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: |   4   |  multicast  |             ::            |    eth0   |   U   |
Jan  2 14:20:37 localhost cloud-init[906]: ci-info: +-------+-------------+---------------------------+-----------+-------+



[root@VM-4-3-rockylinux ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 52:54:00:1a:13:c8 brd ff:ff:ff:ff:ff:ff
    altname enp0s5
    altname ens5
    inet 10.0.4.3/22 brd 10.0.7.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 240d:xxxx:xxxx:xxxx:xxxx:xxxx:ce54:0/128 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe1a:13c8/64 scope link noprefixroute
       valid_lft forever preferred_lft forever


[ ] ( 4 次浏览 ) 永久链接 ( 3 / 10 )
Rocky Linux 9.7 docker 安装 php5.6 mariadb10.1 等老旧中间件服务 
Friday, January 2, 2026, 06:51 AM
docker pull 拉取所需指定版本的镜像

[root@VM-4-3-rockylinux ~]# docker images                                                                                                                                                                                                                         
IMAGE               ID             DISK USAGE   CONTENT SIZE   EXTRA
caddy:2.11-alpine   c006ba74d79d       76.8MB         20.8MB    U
gogs/gogs:0.12.9    0979e2a099f2        131MB         43.7MB    U
mariadb:10.1.48     1205b21b7138        486MB          113MB    U
php:5.6.40-fpm      4f070f1b7b93        495MB          126MB    U


数据库 docker-compose.yml:

[root@VM-4-3-rockylinux mariadb]# nl db.yaml
     1  # Use root/example as user/password credentials

     2  services:

     3    db:
     4      image: mariadb:10.1.48
     5      restart: always
     6      environment:
     7        MARIADB_ROOT_PASSWORD: xxxxx
     8        MYSQL_ROOT_PASSWORD: xxxxx
     9      volumes:
    10        - /root/mariadb/data/:/var/lib/mysql:z
    11        - /root/mariadb/run/:/var/run/mysqld:z
    12      ports:
    13        - "172.17.0.1:3306:3306" #使用docker ip


php docker-compose.yml:

[root@VM-4-3-rockylinux php]# nl php.yaml
     1  # Use root/example as user/password credentials

     2  services:

     3    php:
     4      image: php:5.6.40-fpm
     5      restart: always

     9      command: php-fpm #启动php-fpm 进程
    10      volumes:
    11        - /root/php/cfg/www.conf:/usr/local/etc/php-fpm.d/www.conf
    12        - /root/caddy/wwwroot:/home:Z #挂载caddy webroot,同一路径
    13      ports:
    14        - "127.0.0.1:9000:9000"


镜像内php默认mod 缺少 pdo_mysql 和 gd,使用官方提供的 docker-php-ext-configure 和 docker-php-ext-install 命令安装,
docker 内安装 pdo_mysql:
docker-php-ext-configure pdo_mysql && docker-php-ext-install pdo_mysql
docker 内安装 gd:
需要安装 libjpeg62-turbo-dev 和 libpng-dev 依赖
docker-php-ext-configure gd && docker-php-ext-install gd

安装完毕后:

[root@VM-4-3-rockylinux ~]# docker exec ddd138aef61b php-fpm -v
PHP 5.6.40 (fpm-fcgi) (built: Jan 23 2019 00:16:23)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
[root@VM-4-3-rockylinux ~]# docker exec ddd138aef61b php-fpm -m
[PHP Modules]
cgi-fcgi
Core
ctype
curl
date
dom
ereg
fileinfo
filter
ftp
gd
hash
iconv
json
libxml
mbstring
mhash
mysqlnd
openssl
pcre
PDO
pdo_mysql
pdo_sqlite
Phar
posix
readline
Reflection
session
SimpleXML
SPL
sqlite3
standard
tokenizer
xml
xmlreader
xmlwriter
zlib

[Zend Modules]



具体支持的php mod 可以看:
https://github.com/mlocati/docker-php-extension-installer?tab=readme-ov-file#supported-php-extensions

caddy docker-compose.yml:

[root@VM-4-3-rockylinux caddy]# nl caddy.yaml
     1  # Use root/example as user/password credentials

     2  services:

     3    caddy:
     4      image: caddy:2.11-alpine
     5      user: root
     6      restart: always

    10      volumes:
    11        - /root/caddy/conf:/etc/caddy
    12        - /root/caddy/wwwroot:/home:Z #挂载caddy webroot,同一路径
    13        - /root/caddy/caddy_data:/data
    14        - /root/caddy/caddy_config:/config
    15      network_mode: host


gogs docker-compose.yml:

[root@VM-4-3-rockylinux gogs]# nl gogs.yaml
     1  # Use root/example as user/password credentials

     2  services:

     3    gogs:
     4      image: gogs/gogs:0.12.9
     5      restart: always

     9      volumes:
    10        - /root/gogs/data:/data:Z
    11      ports:
    12        - "127.0.0.1:3000:3000"
    13        - "127.0.0.1:22:22"


服务运行OK:

[root@VM-4-3-rockylinux ~]# docker compose ls
NAME                STATUS              CONFIG FILES
caddy               running(1)          /root/caddy/caddy.yaml
gogs                running(1)          /root/gogs/gogs.yaml
mariadb             running(1)          /root/mariadb/db.yaml
php                 running(1)          /root/php/php.yaml

[ ] ( 4 次浏览 ) 永久链接 ( 3 / 10 )
腾讯云轻量服务器DD OpenBSD 7.5 
Monday, May 20, 2024, 02:20 PM
登入腾讯云后台,重装系统为Centos 7,使用初始密码ssh 登入系统
1.下载openbsd cd75.iso 镜像,dd 到虚拟本地磁盘/dev/vda

[root@VM-4-3-centos ~]# lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sr0     11:0    1 223.6M  0 rom
vda    253:0    0    30G  0 disk
└─vda1 253:1    0    30G  0 part /
[root@VM-4-3-centos ~]# wget https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/cd75.iso
--2024-05-20 20:59:11--  https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/cd75.iso
Resolving cdn.openbsd.org (cdn.openbsd.org)... 151.101.43.52, 2a04:4e42:a::820
Connecting to cdn.openbsd.org (cdn.openbsd.org)|151.101.43.52|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11429888 (11M) [application/octet-stream]
Saving to: ‘cd75.iso’

100%[===================================================================================================================================================================================================>] 11,429,888  21.0MB/s   in 0.5s

2024-05-20 20:59:12 (21.0 MB/s) - ‘cd75.iso’ saved [11429888/11429888]
[root@VM-4-3-centos ~]# ll
total 11164
-rw-r--r-- 1 root root 11429888 Mar 21 05:54 cd75.iso
[root@VM-4-3-centos ~]# dd if=cd75.iso of=/dev/vda bs=512k
21+1 records in
21+1 records out
11429888 bytes (11 MB) copied, 0.00920571 s, 1.2 GB/s
[root@VM-4-3-centos ~]# reboot

重启进VNC 提示“not boot device” 失败
再次重装系统为Centos 7,使用初始密码ssh 登入系统

2.下载openbsd miniroot75.img 镜像,dd 到虚拟本地磁盘/dev/vda

[root@VM-4-3-centos ~]# lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sr0     11:0    1 223.6M  0 rom
vda    253:0    0    30G  0 disk
└─vda1 253:1    0    30G  0 part /
[root@VM-4-3-centos ~]# ll
total 0
[root@VM-4-3-centos ~]# wget https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/miniroot75.img
--2024-05-20 21:03:39--  https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/miniroot75.img
Resolving cdn.openbsd.org (cdn.openbsd.org)... 151.101.43.52, 2a04:4e42:a::820
Connecting to cdn.openbsd.org (cdn.openbsd.org)|151.101.43.52|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5832704 (5.6M) [application/octet-stream]
Saving to: ‘miniroot75.img’

100%[===================================================================================================================================================================================================>] 5,832,704   13.8MB/s   in 0.4s

2024-05-20 21:03:39 (13.8 MB/s) - ‘miniroot75.img’ saved [5832704/5832704]

[root@VM-4-3-centos ~]# ls -lh
total 5.6M
-rw-r--r-- 1 root root 5.6M Mar 21 05:54 miniroot75.img
[root@VM-4-3-centos ~]# dd if=miniroot75.img of=/dev/vda bs=512k
11+1 records in
11+1 records out
5832704 bytes (5.8 MB) copied, 0.00625355 s, 933 MB/s
[root@VM-4-3-centos ~]# reboot

重启进VNC grub 花屏了 又失败
重装系统为Centos 7,使用初始密码ssh 登入系统

3.下载openbsd install75.img 镜像,dd 到虚拟本地磁盘/dev/vda

[root@VM-4-3-centos ~]# lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sr0     11:0    1 223.6M  0 rom
vda    253:0    0    30G  0 disk
└─vda1 253:1    0    30G  0 part /
[root@VM-4-3-centos ~]# wget https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/install75.img
--2024-05-20 21:14:45--  https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/install75.img
Resolving cdn.openbsd.org (cdn.openbsd.org)... 151.101.43.52, 2a04:4e42:a::820
Connecting to cdn.openbsd.org (cdn.openbsd.org)|151.101.43.52|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 696745984 (664M) [application/octet-stream]
Saving to: ‘install75.img’

100%[===================================================================================================================================================================================================>] 696,745,984 57.0MB/s   in 12s

2024-05-20 21:14:58 (54.0 MB/s) - ‘install75.img’ saved [696745984/696745984]

[root@VM-4-3-centos ~]# ls -lh
total 665M
-rw-r--r-- 1 root root 665M Mar 21 06:14 install75.img
[root@VM-4-3-centos ~]# fdisk -l

Disk /dev/vda: 32.2 GB, 32212254720 bytes, 62914560 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x0009ac89

   Device Boot      Start         End      Blocks   Id  System
/dev/vda1   *        2048    62914526    31456239+  83  Linux
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
1328+1 records in
1328+1 records out
696745984 bytes (697 MB) copied, 2.51045 s, 278 MB/s
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# dd if=install75.img of=/dev/vda bs=512k
Segmentation fault
[root@VM-4-3-centos ~]# reboot
Segmentation fault

直接dd sf了,又疯狂dd了好几次,重启命令也挂了,好家伙~直接腾讯云后台硬重启
重启时间有点长,重启完毕完了后进VNC看看,openbsd 文字安装向导出来了 NB!玄学

注:操作时候参考了以下文章:
https://marcocetica.com/posts/openbsd_digitalocean/
https://book.bsdcn.org/di-2-zhang-an-zhuang-freebsd/di-2.5-jie-teng-xun-yun-qing-liang-yun-ji-qi-ta-fu-wu-qi-dd-an-zhuang-freebsd
https://www.openbsd.org/faq/faq4.html#Download
https://cloudflare.cdn.openbsd.org/pub/OpenBSD/7.5/amd64/
[ ] ( 557 次浏览 ) 永久链接 ( 3 / 1796 )
安装完 OpenWrt 23.05.0 后,扩展ROOT分区 
Tuesday, October 17, 2023, 04:37 AM
OP一直有这个问题,就是把镜像写入到SD卡或者本地磁盘后,默认只使用了100多M的空间,导致SD卡有大量存储空间限制。

之前一直使用的方法是 fdisk 删除,重建分区大法,不过这方法会导致分区UUID变更,需要更新GRUB.CFG文件才行。

今天刚安装了OP最新稳定版 OpenWrt 23.05.0,就按照官方最新的DOC试试新方法。

ssh 登录系统,可见磁盘mmcblk0p2 需要扩容。

BusyBox v1.36.1 (2023-10-09 21:45:35 UTC) built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 23.05.0, r23497-6637af95aa
 -----------------------------------------------------
root@OpenWrt:~# uname -a
Linux OpenWrt 5.15.134 #0 SMP Mon Oct 9 21:45:35 2023 aarch64 GNU/Linux
root@OpenWrt:~# df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/root               102.3M     16.8M     83.5M  17% /
tmpfs                   245.2M     92.0K    245.1M   0% /tmp
tmpfs                   512.0K         0    512.0K   0% /dev
root@OpenWrt:~# lsblk
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
mmcblk0     179:0    0 14.4G  0 disk
├─mmcblk0p1 179:1    0   20M  0 part
└─mmcblk0p2 179:2    0  104M  0 part /


更新OPKG源,安装需要用到工具 parted losetup resize2fs.

root@OpenWrt:~# opkg update
Downloading https://downloads.openwrt.org/releases/23.05.0/targets/sunxi/cortexa53/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_core
Downloading https://downloads.openwrt.org/releases/23.05.0/targets/sunxi/cortexa53/packages/Packages.sig
Signature check passed.
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/base/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_base
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/base/Packages.sig
Signature check passed.
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/luci/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_luci
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/luci/Packages.sig
Signature check passed.
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_packages
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/packages/Packages.sig
Signature check passed.
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/routing/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_routing
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/routing/Packages.sig
Signature check passed.
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/telephony/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_telephony
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/telephony/Packages.sig
Signature check passed.
root@OpenWrt:~# opkg install parted losetup resize2fs
Installing parted (3.6-1) to root...
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/packages/parted_3.6-1_aarch64_cortex-a53.ipk
Installing libparted (3.6-1) to root...
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/packages/libparted_3.6-1_aarch64_cortex-a53.ipk
Installing libreadline8 (8.2-1) to root...
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/base/libreadline8_8.2-1_aarch64_cortex-a53.ipk
Installing losetup (2.39-2) to root...
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/base/losetup_2.39-2_aarch64_cortex-a53.ipk
Installing resize2fs (1.47.0-2) to root...
Downloading https://downloads.openwrt.org/releases/23.05.0/packages/aarch64_cortex-a53/base/resize2fs_1.47.0-2_aarch64_cortex-a53.ipk
Configuring resize2fs.
Configuring losetup.
Configuring libparted.
Configuring libreadline8.
Configuring parted.


扩容磁盘mmcblk0 分区2,第一次重启。

root@OpenWrt:~# echo -e "ok\nfix" | parted -l ---pretend-input-tty
Model: SD SD16G (sd/mmc)
Disk /dev/mmcblk0: 15.5GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  22.0MB  21.0MB  primary  fat16        boot, lba
 2      23.1MB  132MB   109MB   primary  ext2


root@OpenWrt:~# parted -s /dev/mmcblk0 resizepart 2 100%
root@OpenWrt:~# reboot


扩容分区 mmcblk0p2 对应的ext文件系统 /,第二次重启。

root@OpenWrt:~# lsblk
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
mmcblk0     179:0    0 14.4G  0 disk
├─mmcblk0p1 179:1    0   20M  0 part
└─mmcblk0p2 179:2    0 14.4G  0 part / #这里可以看到分区2已经被扩容了
root@OpenWrt:~# df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/root               102.3M     20.0M     80.3M  20% /
tmpfs                   245.2M     88.0K    245.1M   0% /tmp
tmpfs                   512.0K         0    512.0K   0% /dev
root@OpenWrt:~# losetup /dev/loop1 /dev/mmcblk0p2
root@OpenWrt:~# resize2fs -f /dev/loop1
resize2fs 1.47.0 (5-Feb-2023)
Resizing the filesystem on /dev/loop1 to 3779072 (4k) blocks.
The filesystem on /dev/loop1 is now 3779072 (4k) blocks long.

root@OpenWrt:~# reboot


2次重启完成后,进入系统,扩容已经完成。

root@OpenWrt:~# df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/root                14.2G     20.0M     14.2G   0% / #文件也已经被扩容
tmpfs                   245.2M     84.0K    245.1M   0% /tmp
tmpfs                   512.0K         0    512.0K   0% /dev
root@OpenWrt:~# lsblk
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
mmcblk0     179:0    0 14.4G  0 disk
├─mmcblk0p1 179:1    0   20M  0 part
└─mmcblk0p2 179:2    0 14.4G  0 part /


相对于fdisk,这个还是比较方便的。

参考文档:
https://openwrt.org/docs/guide-user/installation/openwrt_x86#expanding_root_partition
https://openwrt.org/docs/guide-user/installation/openwrt_x86#expanding_root_filesystem
https://openwrt.org/docs/guide-user/installation/installation_methods/sd_card
https://openwrt.org/docs/guide-user/advanced/expand_root
[ ] ( 843 次浏览 ) 永久链接 ( 3 / 2347 )
搭建带WEB用户管理的openvpn 
Monday, October 2, 2023, 04:09 AM
前段时间老大给了任务,要搭建一个供内部同事使用的openvpn,为了方便管理需要支持网页管理UI,故而折腾了一下。

1.下载开源的一键部署脚本,使用这位大佬的项目 https://github.com/Nyr/openvpn-install


wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

执行 下载,安装 就完事了。

如果是个人使用的话,到这里就结束了。缺点是添加、删除用户需要反复的执行该脚本,有点麻烦。

2.编辑 /lib/systemd/system/[email protected] 服务文件,在执行命令后面追加 --management 127.0.0.1 8989 开启管理端口。
如下:

[Unit]
Description=OpenVPN service for %I
After=network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO

[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/server
ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf --management 127.0.0.1 8989
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure

[Install]
WantedBy=multi-user.target


3.重载服务列表,重启openvpn服务,使配置生效。并查看端口情况。

root@ip:~# systemctl daemon-reload
root@ip:~# systemctl restart [email protected]e 
root@ip:~# netstat -nlp | grep openvpn
tcp        0      0 172.31.35.111:12345     0.0.0.0:*               LISTEN      19285/openvpn       
tcp        0      0 127.0.0.1:8989          0.0.0.0:*               LISTEN      19285/openvpn


4.确认管理端口开启后,下载ovpn-admin 用户管理服务,解压便可得到可执行的二进制文件。

root@ip:~# wget https://github.com/sharljimhtsin/ovpn-admin/releases/download/v3/ovpn-admin-linux-amd64.tar.gz


5.复制easyrsa 可执行文件 到 $PATH 目录下,ovpn-admin 需要用到。

root@ip:~# cp /etc/openvpn/server/easy-rsa/easyrsa /usr/local/bin/
root@ip:~# ls -lh /usr/local/bin/
total 172K
-rwxr-xr-x 1 root root 170K Jul 14 02:45 easyrsa


6.启动ovpn-admin.命令如下:

root@ip:~# EASYRSA_BATCH=1 ./ovpn-admin --listen.host="0.0.0.0" --listen.port="8080" --ovpn.network="TUN网卡IP/24" --ovpn.server=WANIP:12345:tcp --easyrsa.path=/etc/openvpn/server/easy-rsa/ --easyrsa.index-path=/etc/openvpn/server/easy-rsa/pki/index.txt --log.level=trace 
--web.basic-auth.user=admin --web.basic-auth.password=12345
DEBU[0000] mgmtStatusTimeFormat: 2006-01-02 15:04:05    
DEBU[0000] mgmtSetTimeFormat: successful connection to main/127.0.0.1:8989 
TRAC[0000] OpenVPN Version: OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021
Management Version: 3
 ND
INFO[0000] Bind: http://0.0.0.0:8080


比较关键的参数就是 --web.basic-auth.user=admin --web.basic-auth.password=12345 这2个是用于webui 管理的登录认证。
由于该进程需要常驻,我是用的是 screen,也可以用 nohup 之类的。或者使用 https://mysystemd.talos.sh/ 生成一个 systemd 服务。

7.检查服务端口情况。

root@ip:~# netstat -nlp | grep vpn
tcp        0      0 172.31.35.111:12345     0.0.0.0:*               LISTEN      19285/openvpn       
tcp        0      0 127.0.0.1:8989          0.0.0.0:*               LISTEN      19285/openvpn       
tcp6       0      0 :::8080                 :::*                    LISTEN      19300/./ovpn-admin


8.确认一切OK后,就可以使用 http://wanip:8080 + 之前配置的用户名密码 访问openvpn 的用户管理后台了。
[ ] ( 722 次浏览 ) 永久链接 ( 3 / 2324 )

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 下一页> >>