上週終於喝了一杯-吉茶(Gitea)
這款最近超級夯的Git私人版本控管伺服器,使用docker安裝起來非常快速!
我為什麼把Gitea叫做吉茶?
因為我發現Gitea網站的圖片與標語(slogan), 是一杯掛著茶包的茶!
https://gitea.io
Gitea – Git with a cup of tea
直翻成吉茶 Git Tea , 不是很好嗎!
來杯吉茶吧 https://try.gitea.io
Gitea安裝方式,請參考10014_(Docker)如何安裝Gitea(吉茶).txt
google 提供DNS代管服務,只要跟他買網址,就能免費代管.
而這些網址有些相當便宜, 如.com只要12美金 .pw只要9美金.
咖啡偶在中國拼音是 kafeiou
因此咖啡偶手癢,申請了一個 kafeiou.pw 網址 , 而pw是帛琉這個國家的縮寫, 但解釋成Professional Webstie(專業網站)也是可以的啦!
有了網址, 就應該來成立部落格網站!
部落格網站好多, 研究了一下, 有要錢的,有免費試用再收錢的,有免費有廣告的.
我參考傑瑞窩(https://jerrynest.io) ,
照著試用了Google雲端平台 以及 RedHat openshift, 但老實說,除了專業人士能看出門道外,如k8s, 個人感覺不夠平民.
於是呢, 就只好自己架設網站!
可是自己架設又很麻煩, 要考慮
1. 網站加密https ,可到Let’s Encrypt免費申請, 而且以後要注意3個月是否自動延期成功.
2. DNS沒有CAA功能, 無法申請Let’ Encrypt.
3. 網頁伺服器需要維護,否則會有資訊安全的問題,
4. 只有一台主機, 自己其他系統跟此部落格是否有衝突.
5. 須考慮部落格軟體是否方便升級,備份.
好險google的DNS有CAA功能, 第1,2項解決了.
第3項使用 apache 代理功能, 以及Linux系統更新解決.
第4,5項使用Docker解決.
至於docker是啥? 簡單的說就是APP虛擬化, 以前是作業系統虛擬化, 但是作業系統越來越多, 維護也是一樣困難, 所以現在很多改用docker , 可以一個作業系統, 搭配多個虛擬app, 可到 這裡 學習一下!
咖啡偶的部落格後來決定選用 wordpress 4.9.4 + php 7.2 ,
wordpress使用docker安裝方式,請參考10010_(Docker)如何安裝wordpress.txt
1:
ArrayList aArrayList = new ArrayList
2:
public YourClass implements Comparator {
…
…
private int id;
public int getID(){
return id;
}
public int compare(YourClass o) {
return this.getID()-o.getID();
}
}
3:
Collections.sort(aArrayList );
1. vi /etc/dovecot/conf.d/10-auth.conf uncommand the following setting #!include auth-ldap.conf.ext as !include auth-ldap.conf.ext
2. vi /etc/dovecot/conf.d/auth-ldap.conf.ext
auth_username_format = %Lu
passdb ldap {
args = /etc/dovecot/dovecot-ldap.conf.ext
}
userdb static {
args = uid=501 gid=501 home=/home/vmail/%u
}
3. vi /etc/dovecot/dovecot-ldap.conf.ext
hosts = ad_server_ip
base = dc=test,dc=com,dc=tw
ldap_version = 3
auth_bind = yes
ldap_version = 3
auth_bind_userdn = test%u
pass_filter = (&(objectclass=person)(uid=%u))
ps. uid and gid must the same with postfix and directory in linux server
ex: create one user “vmail”
user id is 501 , gid is 501
4. postfix’s main.cf
virtual_mailbox_domains = $mydomain
virtual_mailbox_base = /home/vmail/
virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
virtual_uid_maps = static:501
virtual_gid_maps = static:501
virtual_alias_maps = hash:/etc/aliases,ldap:/etc/postfix/ldap-aliases-inner.cf
#smtp auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#additional param
message_size_limit = 40960000
smtpd_helo_required = yes
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d
data_directory = /var/db/postfix
header_checks = regexp:/etc/postfix/header_checks
smtp_host_lookup = native, dns
…
5. vi /etc/postfix/ldap-users.cf
server_host = ad_server_ip
search_base = dc=test,dc=com,dc=tw
version = 3
query_filter = (&(objectclass=*)(mail=%s))
result_attribute = samaccountname #Account from DC
result_format = %s/Maildir/
bind = yes
bind_dn = cn=ldap,cn=Users,dc=test,dc=com,dc=tw
bind_pw = ldappassword
6. vi //etc/sysconfig/saslauthd
# Directory in which to place saslauthd’s listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd
# Mechanism to use when checking passwords. Run “saslauthd -v” to get a list
# of which mechanism your installation was compiled with the ablity to use.
#MECH=pam
MECH=ldap
# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS=”-O /etc/postfix/saslauthd.conf -c -r”
7. vi /etc/postfix/saslauthd.conf
ldap_servers: ldap://ad_server_ip:389/
ldap_search_base: dc=test,dc=com,dc=tw
ldap_auth_method: bind
ldap_version: 3
ldap_bind_dn: cn=ldap,cn=Users,dc=test,dc=com,dc=tw
ldap_bind_pw: ldappassword
ldap_filter: (sAMAccountName=%u)
8. vi /etc/postfix/ldap-aliases-inner.cf
server_host = ad_server_ip
search_base = dc=test,dc=com,dc=tw
#scope = sub
query_filter = (memberOf:1.2.840.113556.1.4.1941:=CN=%s,OU=aliases_inner,DC=test,DC=com,DC=tw)
result_attribute = mail
result_format = %s
version = 3
bind = yes
bind_dn = cn=ldap,cn=Users,dc=test,dc=com,dc=tw
bind_pw = ldappassword
