海运的博客

编译curl http3 quic支持

发布时间:December 27, 2021 // 分类: // No Comments

方法一,使用openssl ngtcp2 nghttp3编译curl支持http3 quic:

apt install build-essential autoconf libtool pkg-config 
git clone --depth 1 -b OpenSSL_1_1_1m+quic https://github.com/quictls/openssl
cd openssl/
./config enable-tls1_3 --prefix=/usr/local/openssl
 make && make install
cd ../
git clone https://github.com/ngtcp2/nghttp3
cd nghttp3/
autoreconf -fi
./configure --prefix=/usr/local/nghttp3 --enable-lib-only
make && make install
cd ../
git clone https://github.com/ngtcp2/ngtcp2
cd ngtcp2/
autoreconf -fi
./configure PKG_CONFIG_PATH=/usr/local/openssl/lib/pkgconfig:/usr/local/nghttp3/lib/pkgconfig LDFLAGS="-Wl,-rpath,/usr/local/openssl/lib" --prefix=/usr/local/ngtcp2 --enable-lib-only 
 make && make install
cd ../
wget https://github.com/curl/curl/releases/download/curl-7_80_0/curl-7.80.0.tar.gz
tar zxf curl-7.80.0.tar.gz 
cd curl-7.80.0/
LDFLAGS="-Wl,-rpath,/usr/local/openssl/lib64" ./configure --with-openssl=/usr/local/openssl/ --with-nghttp3=/usr/local/nghttp3 --with-ngtcp2=/usr/local/ngtcp2 --prefix=/usr/local/curl
make && make install
LD_LIBRARY_PATH="/usr/local/curl/lib/:/usr/local/openssl/lib/" /usr/local/curl/bin/curl -V

方法二,通过quiche编译支持http3 quic:

apt install build-essential cmake pkg-config
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source $HOME/.cargo/env
git clone --recursive https://github.com/cloudflare/quiche
cd quiche/
cargo build --package quiche --release --features ffi,pkg-config-meta,qlog
mkdir quiche/deps/boringssl/src/lib
ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
cd ../
wget https://github.com/curl/curl/releases/download/curl-7_80_0/curl-7.80.0.tar.gz
tar zxf curl-7.80.0.tar.gz 
cd curl-7.80.0/
./configure LDFLAGS="-Wl,-rpath,$PWD/../quiche/target/release" --with-openssl=$PWD/../quiche/quiche/deps/boringssl/src --with-quiche=$PWD/../quiche/target/release --prefix=/usr/local/curl
make && make install
cp ../quiche/target/release/libquiche.so /usr/local/curl/lib/
LD_LIBRARY_PATH="/usr/local/curl/lib/"  /usr/local/curl/bin/curl -V

使用curl测试http3 quic:

LD_LIBRARY_PATH="/usr/local/curl/lib/:/usr/local/openssl/lib/"  /usr/local/curl/bin/curl --http3 https://www.haiyun.me  -I

使用中遇到的问题,quiche编译的curl下载一会后断流,openssl编译的curl下载速度很慢。
参考:
https://github.com/curl/curl/blob/master/docs/HTTP3.md

此内容被密码保护

发布时间:December 17, 2021 // 分类: // No Comments

请输入密码访问

此内容被密码保护

发布时间:December 15, 2021 // 分类: // No Comments

请输入密码访问

PVE/postfix配置smtp发送邮件

发布时间:December 9, 2021 // 分类: // No Comments

安装认证模块:

apt install libsasl2-modules
#如需pcre匹配安装
#apt install postfix-pcre

修改/etc/postfix/main.cf添加:

myhostname=pve.lan
#配置文件内有relayhost要先注释,465端口是SMTPS,587端口是STARTTLS
relayhost = smtp.qq.com:465

#此参数被smtp_tls_security_level取代
#smtp_use_tls = yes
#使用SMTPS非STARTTLS加密方式
smtp_tls_wrappermode = yes
#加密级别
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

#本地用户替换为smtp认证用户,smtp_generic_maps和sender_canonical_maps都可以
smtp_generic_maps = hash:/etc/postfix/generic
#sender_canonical_maps = hash:/etc/postfix/sender_canonical
#使用pcre匹配本机用户
#sender_canonical_maps = pcre:/etc/postfix/sender_pcre_canonical
#header检查并替换发送者名称
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks

sender_canonical或generic映射本机用户到smtp账号:

cat /etc/postfix/generic
#本机所有用户,注意pve.lan为主配置文件myhostname
@pve.lan support@haiyun.me
#下面2个等效
root support@haiyun.me
root@pve.lan support@haiyun.me

正则映射:

cat /etc/postfix/sender_pcre_canonical
#匹配所有hostname和所有用户
/.*/ support@haiyun.me

smtp账号密码:

cat /etc/postfix/sasl_passwd
smtp.qq.com support@haiyun.me:password

生成hash数据库,pcre不用生成:

postmap /etc/postfix/sasl_passwd
postmap /etc/postfix/generic
postmap /etc/postfix/sender_canonical

替换发件人姓名:

cat /etc/postfix/smtp_header_checks 
/^From:.*/ REPLACE From: 重要通知 <support@haiyun.me>

发送邮件测试:

apt install bsd-mailx
echo "www.haiyun.me" |mail -s test support@haiyun.me
echo "test" | /usr/bin/pvemailforward

将其它用户邮件转发到root用户:

cat /etc/aliases
postmaster: root
nobody: root
#也可使用~/.forward 
#root: support@haiyun.me
postalias /etc/aliases

将root用户邮件转发到外部邮箱:

cat ~/.forward 
support@haiyun.me

参考:
https://serverfault.com/questions/717719/how-can-i-strip-or-rewrite-the-senders-name-of-a-from-address-when-using-postfi
https://forum.proxmox.com/threads/get-postfix-to-send-notifications-email-externally.59940/

PVE/Linux安装nut管理apc BK650M2-CH ups自动关机

发布时间:December 9, 2021 // 分类: // 5 Comments

先查看usb是否识别ups:

lsusb
Bus 001 Device 054: ID 051d:0002 American Power Conversion Uninterruptible Power Supply

安装:

apt install nut-server nut-client

配置nut运行为服务器模式,可控制多台电脑。

/etc/nut/nut.conf 
MODE=netserver

设置nut和ups连接方式,修改此配置后需重新启动upsdrvctl start生效。

/etc/nut/ups.conf
[myups]
       driver = usbhid-ups
       port = auto
       desc = "APC UPS"
       #忽略低电量和低运行时间,有的断电后会马上关机
       ignorelb
       #重写ups返回的低电量和低运行时间值,可用于控制停电时关机时间,满足一个关机,-1为禁用此项
       override.battery.charge.low = 99
       override.battery.runtime.low = -1
       #可以都设置为-1禁用ups低电量自动关机,使用下面的脚本自定义关机

连接ups,nut-server启动时自动加载,usb拔出后需手工启动。

upsdrvctl start

设置nut server监听ip和端口:

/etc/nut/upsd.conf 
LISTEN 0.0.0.0 3493

设置客户端连接验证密码:

/etc/nut/upsd.users
#管理员可set更改ups内变量参数,master可设置FSD关机标签,slave收到通知后关机
[admin]
    password = 123456
    actions = SET FSD
    instcmds = ALL
    upsmon master
[user1]
    password = 123456
    actions = FSD
    #instcmds = ALL
    upsmon master
#别的电脑连接使用此用户
[user2]
    password = 123456
    #actions = SET
    #instcmds = ALL
    upsmon slave

设置upsmon客户端连接nut server监控ups状态,当断电后执行关机等操作:

/etc/nut/upsmon.conf 
MONITOR myups@localhost 1 user1 123456 master

upsmon默认监控断电且ups电量过低时执行关机,可自定义关机:

upsmon.conf 
NOTIFYCMD /sbin/upssched
#当使用电池来电时syslog并执行上面的命令
NOTIFYFLAG ONBATT SYSLOG+EXEC
NOTIFYFLAG ONLINE SYSLOG+EXEC

upssched自定义操作:

/etc/nut/upssched.conf 
CMDSCRIPT /usr/local/bin/upssched
#此目录nut要可写
PIPEFN /run/nut/upssched.pipe
LOCKFN /run/nut/upssched.lock
#断电10秒后执行上面脚本并发送power-off参数
AT ONBATT * START-TIMER power-off 10
#来电后取消上面定时
AT ONLINE * CANCEL-TIMER power-off

关机脚本,要添加可执行权限:

/usr/local/bin/upssched
#! /bin/sh

case $1 in
  power-off)
    /sbin/upsmon -c fsd
    ;;
  *)
    logger -t upssched "Unrecognized command: $1"
    ;;
esac

启动并查看ups信息:

systemctl restart nut-server.service 
systemctl restart nut-client.service 
upsc myups

配置nut-cgi web管理界面:

apt install nut-cgi --no-install-recommends fcgiwrap nginx

nut-cgi连接nut-server配置:

/etc/nut/hosts.conf
MONITOR myups@localhost 1 user1 123456 master

nginx配置文件:

server {
  listen     89;
  charset utf-8;
 
  location /{
    alias /usr/share/nut/www/;
    try_files $uri $uri/ /index.html;
  }
 
  location /cgi-bin/nut/ {
    gzip off;
    alias /usr/lib/cgi-bin/nut/;
    include /etc/nginx/fastcgi_params;
    fastcgi_param SCRIPT_FILENAME /usr/lib/$fastcgi_script_name;
    fastcgi_pass  unix:/var/run/fcgiwrap.socket;
  }
  access_log off;
}

nut web界面效果:
2021-12-10_080005.jpg

参考:
https://loganmarchione.com/2017/02/raspberry-pi-ups-monitor-with-nginx-web-monitoring/
https://srackham.wordpress.com/2013/02/27/configuring-nut-for-the-eaton-3s-ups-on-ubuntu-linux/
https://alainlam.cn/?p=56
https://untitled.pw/hardware-iot/2767.html
https://www.wangchucheng.com/zh/posts/setting-up-ups-with-nut-on-linux/
https://forums.contribs.org/index.php?topic=44443.0

分类
最新文章
最近回复
  • 杰迪武士: 此文甚好甚强巨,依照此文在树莓派2 + Rasbian上部署成功 感谢博主美文共赏
  • 海运: ups不知有没选项可设置此参数,不过你可以在另外一台电脑上安装nut客户端自动关机。
  • kgami: 想请教一下,设置了的电脑自动关机之后,几秒后UPS怎么也跟着关机了,导致另外一台电脑没关机就断...
  • 海运: 写的很详细了啊,/etc/nut/hosts.conf用以nut-cgi连接nut服务器参数,...
  • ryan: 请问下nginx配置好了,怎么和这个nut链接呢?最后可视化管理这块能给个详细一点的教程么?谢谢。
  • 1: /etc/config/fstab配置文件 https://openwrt.org/zh/do...
  • 听雨看雪: 找了好久,终于找到UP主,给出的正确解决方案,太感谢了,困扰大半年的问题,重装了N道PVE系统...
  • zr: 大佬,这个bash-completion是从哪个源搞到的
  • 姚生: 要要下载
  • 阿东: 我在编译树莓派的时候也遇到同样的问题,后来发现是make menuconfig 的时候忘了带环...
归档