LiuYuan's Blog
SSL证书监控脚本
2024-06-19 16:04:41    71    0    0 
  1. #!/bin/bash
  2. # 域名列表
  3. domains=("www.qq.com" "www.qq.com.cn" "www.ww.cn")
  4. #查询/etc/nginx/conf.d/*.conf配置文件中的域名,并去重,sh不支持数组,如果用这种方式 需要bash环境运行
  5. #domains=($(grep -hroP 'server_name\s+\K\S+' /etc/nginx/conf.d/*.conf | tr -d ';' | sort -u))
  7. # 企业微信群聊机器人的 Webhook 地址
  8. webhook_url="https://123/123"
  10. # 循环遍历域名列表
  11. for domain in "${domains[@]}"; do
  12.         echo "$domain" 
  13.     # 查询域名的证书有效期
  14.     expiration_date=$(openssl s_client -connect "$domain":443 -servername "$domain" 2>/dev/null | openssl x509 -noout -dates | grep notAfter | cut -d "=" -f 2)
  15.         echo "Certificate expiration for $domain: $expiration_date" 
  16.         # 将日期转换为时间戳
  17.         expiration_timestamp=$(date -d "$expiration_date" +%s)
  19.     # 当前时间戳
  20.     current_timestamp=$(date +%s)
  22.     # 计算剩余天数
  23.     remaining_days=$(( (expiration_timestamp - current_timestamp) / 86400 ))
  25.     # 如果剩余天数小于等于10天,则发送警告消息到企业微信群聊机器人
  26.     if [ $remaining_days -le 10 ]; then
  27.             subject="SSL Certificate Expiration Warning - $domai
命令备忘
2024-07-10 15:52:50    108    0    0 
  1. #命令备忘
  2. #当前目录下,文件和文件夹按大小排序并显示大小
  3. du -sh * | sort -hr
  4. #显示当前目录下所有文件夹的大小
  5. du --max-depth=1 -h
  6. #查看一个进程的父进程
  7. lsof -p <PID>
  8. pstree -p <PID>
  9. pstree -p | grep "<PID>"
  10. #系统日志指定大小和保留时间
  11. journalctl --vacuum-time=2d
  12. journalctl --vacuum-size=500M
  13. #npm源
  14. npm install --registry=https://registry.npm.taobao.org 
  15. npm install --registry=https://registry.npmmirror.com
  16. npm install --registry=https://mirrors.cloud.tencent.com/npm/
  17. #phpinfo
  18. <?php
  19. phpinfo();
  20. ?>
  21. #docker打tag并推送至远程仓库 harbor.net替换为仓库地址
  22. docker build --tag imagename:v$BUILD_ID .
  23.     docker tag imagename:v$BUILD_ID harbor.net/imagename:v$BUILD_ID
  24.     docker push harbor.net/imagename:v$BUILD_ID
MySQL备份脚本
2024-06-19 16:04:41    137    0    0 
  1. #MySQL备份脚本
  2. #!/bin/sh
  3. #定义数据库host及备份目录
  4. backup_host="10.0.0.1"
  5. backup_dir=/data/mysql_bak
  6. # 定义数据库账号密码及备份语句
  7. mysql_user="user"
  8. mysql_password="passwd"
  9. mysqldump_opts="-h $backup_host -u $mysql_user -p$mysql_password --default-character-set=utf8"
  10.             date=$(date '+%Y%m%d%H%M')
  11. #以下为定义数据库库名,二选一
  12. # 定义数据库库名
  13. databases='databasename1 databasename2'
  14. # 自动获取数据库库名
  15. databases=$(mysql -h $backup_host -u $mysql_user -p$mysql_password -e 'SHOW DATABASES;' | grep -Ev "(Database|information_schema|performance_schema|mysql|sys)")
  16. #测试数据库
  17. umask 0077
  18. test ! -d "$backup_dir" && mkdir -p "$backup_dir"
  19. test ! -w "$backup_dir" && echo "Error: $backup_dir is un-writeable." && exit 0
  20. # 循环备份
  21. for database in $databases
  22.               do
  23.               /usr/local/mysql/bin/mysqldump $mysqldump_opts $database > "$backup_dir/$database-$date.sql"
  24.   done
  25. # 打包备份文件并删除7天前的备份
  26. cd "$backup_dir"
  27.             tar zcvf "mysqlbak_$date.tar.gz" *.sql
  28. rm -rf *.sql
  29. find "$backup_dir" -type f -mtime +7
ansible安装
2024-06-19 15:27:28    97    0    0 
  1. #生成密钥,默认回车即可
  2. ssh-keygen
  3. #拷贝密钥至主机
  4. ssh-copy-id root@192.168.47.135  
  5. ssh-copy-id root@192.168.47.136
  6. cd /root/.SSH
  7. cat id_rsa.pub > authorized_keys
  8. vi /etc/ansible/hosts
  9. [test]
  10. 192.168.47.134
  11. 192.168.47.135
  12. 192.168.47.136
  13. yum -y install epel-release.noarch 
  14. yum -y install tree
  15. yum -y install ansible

windows

  1. # 安装pywinrm模块
  2. pip install pywinrm
  3. #在控制节点上创建或编辑Ansible的主机清单文件(例如 /etc/ansible/hosts):
  4. [windows]
  5. windows_host ansible_host=<windows_ip>
  7. [windows:vars]
  8. ansible_user=<your_username>
  9. ansible_password=<your_password>
  10. ansible_connection=winrm
  11. ansible_winrm_transport=basic
  12. ansible_winrm_server_cert_validation=ignore
  13. #创建一个简单的Ansible剧本(例如 win_ping.yml),测试连接到Windows主机:
  14. ---
  15. - name: Test connection to Windows host
  16.   hosts: windows
  17.   tasks:
  18.     - name: Ping the Windows host
  19.       win_ping:
  20. #在控制节点上运行Ansible剧本:
  21. ansible-playbook win_ping.yml

通过tree查看ansible有哪些文件,当然还有很多文件没有列举出来

  1.  tree /etc/ansible/
  2. /etc/ansible/      
  3. ├── ansible.cfg    #配置文件
  4. ├── hosts        #主机清单文件
  5. └── roles
nginx配置
2024-06-20 14:04:42    46    0    0

跨域配置
单域名跨域

  1. # 允许所有来源的跨域请求
  2. add_header 'Access-Control-Allow-Origin' 'https://test.test.com';
  3. add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  4. add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,token,Authorization';
  6. # 设置预检请求的有效期
  7. add_header 'Access-Control-Max-Age' 1728000;
  9. # 允许携带身份凭证(例如,cookie)
  10. add_header 'Access-Control-Allow-Credentials' 'true';
  12. # 处理预检请求(OPTIONS请求)
  13. if ($request_method = 'OPTIONS') {
  14.     return 204;
  15. }

多域名跨域

  1.     # 在http块中定义一个map,将请求的Origin映射到允许的Origin
  2.     map $http_origin $allowed_origin {
  3.           "~^(https://test1.test.com|https://test2.test.com|https://test3.test.com)$" $http_origin;
  4.           default "";
  5.       }
  6.     server {
  7.         listen 80;
  8.         listen 443 ssl http2;
  9.         server_name test.test.com;
  10.         index index.html index.htm index.php;
  11.         charset utf-8;
  12.         error_log  /var/log/nginx/test.test.com-error.log error
1/3
Footer
鄂ICP备2023008303号-1 | Security Badge 鄂公网安备42018502006657
Powered by Liuyuan