Apache HTTP Server 2.4.63 安装脚本（适用于 CentOS/RHEL） 简介此脚本用于从源码安装 Apache HTTP Server 2.4.63 及其依赖项，并配置 systemd 服务。安装步骤概览安装开发工具和依赖下载并编译 APR 和 APR-Util下载并编译安装 Apache创建 systemd 服务启动并启用 Apache开放防火墙端口#!/bin/bash set -e # 出现错误立即退出 echo "开始安装 Apache HTTP Server 2.4.63 及其依赖..." # 安装必要的依赖包 echo "安装开发工具和依赖..." yum groupinstall -y "Development Tools" yum install -y pcre-devel expat-devel libtool wget firewall-cmd \ openssl-devel zlib-devel autoconf automake cmake nghttp2 nghttp2-devel # 设置源码目录 SRC_DIR="/usr/local/src" APACHE_VERSION="httpd-2.4.63" cd "$SRC_DIR" || exit # 下载并安装 APR 1.7.6 echo "下载并安装 APR 1.7.6..." rm -rf apr-1.7.6.tar.gz apr-1.7.6 wget https://downloads.apache.org/apr/apr-1.7.6.tar.gz tar -xvzf apr-1.7.6.tar.gz cd apr-1.7.6 ./configure --prefix=/usr/local/apr make && make install cd .. # 下载并安装 APR-Util 1.6.3 echo "下载并安装 APR-Util 1.6.3..." rm -rf apr-util-1.6.3.tar.gz apr-util-1.6.3 wget https://downloads.apache.org/apr/apr-util-1.6.3.tar.gz tar -xvzf apr-util-1.6.3.tar.gz cd apr-util-1.6.3 ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr make && make install cd .. # 下载并安装 Apache HTTP Server 2.4.63 echo "下载并安装 Apache HTTP Server 2.4.63..." rm -rf "$APACHE_VERSION".tar.gz "$APACHE_VERSION" wget https://downloads.apache.org/httpd/"$APACHE_VERSION".tar.gz tar -xvzf "$APACHE_VERSION".tar.gz cd "$APACHE_VERSION" # 配置 Apache echo "配置 Apache..." export PATH=/usr/local/apr/bin:$PATH ./configure \ --prefix=/usr/local/apache2 \ --with-apr=/usr/local/apr \ --with-apr-util=/usr/local/apr-util \ --enable-so \ --enable-ssl \ --enable-cgi \ --enable-rewrite \ --enable-deflate \ --enable-expires \ --enable-headers \ --enable-mime \ --enable-dir \ --enable-alias \ --enable-setenvif \ --enable-proxy \ --enable-proxy-http \ --enable-proxy-fcgi \ --enable-suexec \ --with-mpm=event \ --enable-unixd \ --enable-log-config \ --enable-mods-shared=all # 编译并安装 echo "编译并安装 Apache..." make && make install # 创建 systemd 服务文件 echo "创建 systemd 服务文件..." cat <<EOF > /etc/systemd/system/httpd.service [Unit] Description=The Apache HTTP Server After=network.target [Service] Type=forking ExecStart=/usr/local/apache2/bin/apachectl start ExecReload=/usr/local/apache2/bin/apachectl graceful ExecStop=/usr/local/apache2/bin/apachectl stop PrivateTmp=true [Install] WantedBy=multi-user.target EOF # 刷新 systemd 并启用 Apache 服务 echo "启用并启动 Apache 服务..." systemctl daemon-reload systemctl enable httpd --now # 检查服务状态 systemctl status httpd # 开放防火墙端口 echo "开放防火墙端口..." firewall-cmd --permanent --add-service=http firewall-cmd --reload echo "Apache HTTP Server 2.4.63 已成功安装并配置！" echo "你可以使用 'systemctl status httpd' 查看服务状态。" echo "默认网站目录：/usr/local/apache2/htdocs" echo "主配置文件：/usr/local/apache2/conf/httpd.conf" ## 安装后路径说明 类型 路径 安装目录 /usr/local/apache2 网站根目录 /usr/local/apache2/htdocs 配置文件 /usr/local/apache2/conf/httpd.conf

Debian12升级pve8 #!/bin/bash set -e LOG_FILE="/var/log/install_pve8.log" touch "$LOG_FILE" exec > >(tee -a "$LOG_FILE") 2>&1 echo "$(date): Starting Proxmox VE 8.3 installation script" echo "$(date): Clearing crontab file" echo "" > /etc/crontab echo "$(date): Updating package manager and installing required tools" apt-get update -y apt-get install -y gnupg wget sudo echo "$(date): Adding Proxmox VE 8.x GPG key" wget -qO - "https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg" | gpg --dearmor -o /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg chmod 644 /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg echo "$(date): Adding Proxmox VE 8.x APT source" echo "deb https://mirrors.ustc.edu.cn/proxmox/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list echo "$(date): Updating Debian sources list to use Bookworm" cat << EOF > /etc/apt/sources.list deb https://mirrors.ustc.edu.cn/debian bookworm main contrib non-free deb https://mirrors.ustc.edu.cn/debian bookworm-updates main contrib non-free deb https://mirrors.ustc.edu.cn/debian-security bookworm-security main contrib non-free EOF echo "$(date): Updating package index" apt-get update -y echo "$(date): Holding openssh-server package" apt-mark hold openssh-server echo "$(date): Performing full system upgrade" apt full-upgrade -y echo "$(date): Cleaning /boot partition" dpkg --get-selections | grep linux-image | awk '{print $1}' | grep -v $(uname -r) | xargs -n1 sudo apt-get remove -y sudo apt-get autoremove -y echo "$(date): Updating initramfs" update-initramfs -u echo "$(date): Installing Proxmox VE 8.3 and dependencies" DEBIAN_FRONTEND="noninteractive" apt-get install -y proxmox-ve postfix open-iscsi echo "$(date): Configuring postfix" echo "postfix postfix/mailname string ${HOSTNAME}" | debconf-set-selections echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections dpkg-reconfigure -f noninteractive postfix echo "$(date): Cleaning up temporary files and unnecessary packages" apt-get autoremove -y apt-get clean rm -f /usr/local/installpve echo "$(date): Waiting for all processes to complete" sleep 10 echo "$(date): System will reboot in 5 seconds..." sleep 5 reboot

Alpine Linux安装docker localhost:~# cat /etc/os-release NAME="Alpine Linux" ID=alpine VERSION_ID=3.21.3 PRETTY_NAME="Alpine Linux v3.21" HOME_URL="https://alpinelinux.org/" BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues" localhost:~# apk update 3.21.3 [/media/cdrom/apks] OK: 100 distinct packages available localhost:~# apk add docker ERROR: unable to select packages: docker (no such package): required by: world[docker] fetch http://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86/APKINDEX.tar.gz localhost:~# sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories localhost:~# apk update fetch http://mirrors.aliyun.com/alpine/v3.21/main/x86/APKINDEX.tar.gz fetch http://mirrors.aliyun.com/alpine/v3.21/community/x86/APKINDEX.tar.gz 3.21.3 [/media/cdrom/apks] v3.21.3-132-g828df824e60 [http://mirrors.aliyun.com/alpine/v3.21/main] v3.21.3-131-gaafa5e74922 [http://mirrors.aliyun.com/alpine/v3.21/community] OK: 24186 distinct packages available localhost:~# apk add docker (1/22) Installing ca-certificates (20241121-r1) (2/22) Installing libseccomp (2.5.5-r1) (3/22) Installing runc (1.2.2-r2) (4/22) Installing containerd (2.0.0-r2) (5/22) Installing libffi (3.4.7-r0) (6/22) Installing libintl (0.22.5-r0) (7/22) Installing libmount (2.40.4-r0) (8/22) Installing pcre2 (10.43-r0) (9/22) Installing glib (2.82.5-r0) (10/22) Installing log_proxy (0.7.4-r0) (11/22) Installing containerd-openrc (2.0.0-r2) (12/22) Installing libmnl (1.0.5-r2) (13/22) Installing libnftnl (1.2.8-r0) (14/22) Installing libxtables (1.8.11-r1) (15/22) Installing iptables (1.8.11-r1) (16/22) Installing iptables-openrc (1.8.11-r1) (17/22) Installing tini-static (0.19.0-r3) (18/22) Installing docker-engine (27.3.1-r2) Executing docker-engine-27.3.1-r2.pre-install (19/22) Installing docker-openrc (27.3.1-r2) (20/22) Installing docker-cli (27.3.1-r2) (21/22) Installing docker-cli-buildx (0.19.1-r2) (22/22) Installing docker (27.3.1-r2) Executing busybox-1.37.0-r12.trigger Executing ca-certificates-20241121-r1.trigger Executing glib-2.82.5-r0.trigger OK: 222 MiB in 69 packages localhost:~# rc-service docker start * Caching service dependencies ... [ ok ] * /var/log/docker.log: creating file * /var/log/docker.log: correcting owner * Starting Docker Daemon ... [ ok ] localhost:~# rc-update add docker boot * service docker added to runlevel boot

LVM 磁盘扩容操作教程 一、前言在日常运维过程中，我们经常会遇到服务器磁盘空间不足的情况。这时候，我们可以通过 LVM (Logical Volume Manager) 的动态扩展功能来实现磁盘扩容，而无需重新分区或格式化磁盘。本教程将介绍在 CentOS 环境下，通过 LVM 实现磁盘扩容的详细步骤。二、环境说明设备名类型大小/dev/sda磁盘300G/dev/sda1/boot 分区1G/dev/sda2LVM 物理卷299Gcentos逻辑卷199G三、检查当前磁盘使用情况1. 查看卷组信息vgdisplay [root@ops-gitlab ~]# vgdisplay --- Volume group --- VG Name centos System ID Format lvm2 Metadata Areas 1 Metadata Sequence No 4 VG Access read/write VG Status resizable MAX LV 0 Cur LV 1 Open LV 1 Max PV 0 Cur PV 1 Act PV 1 VG Size <199.00 GiB PE Size 4.00 MiB Total PE 50943 Alloc PE / Size 50943 / <199.00 GiB Free PE / Size 0 / 0 VG UUID nQGMo4-0Tzw-qmMQ-uqSU-2qDd-Xq37-9s2c0e2. 查看磁盘空间使用情况df -h [root@ops-gitlab ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 7.9G 0 7.9G 0% /dev tmpfs 7.9G 0 7.9G 0% /dev/shm tmpfs 7.9G 8.6M 7.9G 1% /run tmpfs 7.9G 0 7.9G 0% /sys/fs/cgroup /dev/mapper/centos 199G 198G 1.3G 100% / /dev/sda1 1014M 170M 845M 17% /boot overlay 199G 198G 1.3G 100% /var/lib/docker/overlay2/e328a45adc6a314b292bddeeaf0e8824ea7b91bc8f15434f8154e94fc75341d8/merged tmpfs 1.6G 0 1.6G 0% /run/user/0 3. 查看分区及 LVM 信息lsblk [root@ops-gitlab ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 300G 0 disk ├─sda1 8:1 0 1G 0 part /boot └─sda2 8:2 0 299G 0 part └─centos 253:0 0 199G 0 lvm / 四、扩展 LVM 的详细步骤1. 扩展物理分区如果当前物理分区不足，例如 /dev/sda 磁盘有剩余空间，可以扩展 /dev/sda2 分区。使用 parted 工具扩展分区：parted /dev/sda在 parted 环境下执行以下操作：(parted) print # 查看当前分区 (parted) resizepart 2 100% # 扩展 sda2 分区到最大 (parted) quit2. 扩展物理卷 (PV)pvresize /dev/sda2 [root@ops-gitlab ~]# pvresize /dev/sda2 Physical volume "/dev/sda2" changed 1 physical volume(s) resized or updated / 0 physical volume(s) not resized 3. 查看卷组剩余空间vgdisplay查看 Free PE / Size 是否大于 0。4. 扩展逻辑卷 (LV)将剩余空间全部扩展给 / 根分区所在的逻辑卷：lvextend -l +100%FREE /dev/centos_ops-gitlab/root [root@ops-gitlab ~]# lvextend -l +100%FREE /dev/centos/root Size of logical volume centos/root changed from <199.00 GiB (50943 extents) to <299.00 GiB (76543 extents). Logical volume centos_ops-gitlab/root successfully resized. 5. 扩展文件系统如果是 xfs 文件系统：xfs_growfs /如果是 ext4 文件系统：resize2fs /dev/centos_ops-gitlab/root五、验证扩容结果df -h [root@ops-gitlab ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 7.9G 0 7.9G 0% /dev tmpfs 7.9G 0 7.9G 0% /dev/shm tmpfs 7.9G 8.6M 7.9G 1% /run tmpfs 7.9G 0 7.9G 0% /sys/fs/cgroup /dev/mapper/centos 299G 198G 102G 67% / /dev/sda1 1014M 170M 845M 17% /boot overlay 299G 198G 102G 67% /var/lib/docker/overlay2/e328a45adc6a314b292bddeeaf0e8824ea7b91bc8f15434f8154e94fc75341d8/merged tmpfs 1.6G 0 1.6G 0% /run/user/0 确认根分区的容量已经变大。六、注意事项操作前请务必备份数据，以防意外情况导致数据丢失。使用 parted 工具操作分区时，需谨慎，避免误操作。如果是云服务器，如阿里云或腾讯云，可直接在控制台申请扩容云盘，然后按照本教程调整 LVM。七、总结通过上述步骤，即可顺利完成 LVM 的扩容操作。LVM 的优势在于其灵活性，可以在不停机的情况下对磁盘进行调整，是生产环境中非常实用的工具。

python监控ssl证书时间 import socket import ssl from datetime import datetime import smtplib from email.mime.text import MIMEText from email.mime.multipart import MIMEMultipart from email.mime.base import MIMEBase from email import encoders import os import xlsxwriter # Author: ran # 获取域名SSL证书到期时间 def get_ssl_expiry_date(domain, port=443): context = ssl.create_default_context() with socket.create_connection((domain, port)) as sock: with context.wrap_socket(sock, server_hostname=domain) as ssl_sock: cert = ssl_sock.getpeercert() expiry_date = datetime.strptime(cert['notAfter'], '%b %d %H:%M:%S %Y %Z') return expiry_date # 计算证书剩余天数 def get_days_until_expiry(expiry_date): return (expiry_date - datetime.now()).days # 检查多个域名的SSL证书到期时间，并生成Excel文件 def check_ssl_expiry(domains, excel_path): data = [] for domain in domains: try: expiry_date = get_ssl_expiry_date(domain) days_left = get_days_until_expiry(expiry_date) status = "正常" if days_left >= 15 else "即将到期" if days_left >= 0 else "已过期" data.append([domain, expiry_date.strftime('%Y-%m-%d %H:%M:%S'), days_left, status]) except Exception as e: data.append([domain, "无法获取证书信息", "N/A", f"错误: {e}"]) # 创建Excel文件 with xlsxwriter.Workbook(excel_path) as workbook: worksheet = workbook.add_worksheet("SSL到期状态") headers = ["域名", "证书到期时间", "剩余天数", "状态"] worksheet.write_row(0, 0, headers) for row_num, row_data in enumerate(data, start=1): worksheet.write_row(row_num, 0, row_data) return data # 发送带附件的邮件 def send_email(smtp_config, subject, body, attachment_path): msg = MIMEMultipart() msg['From'] = f"{smtp_config['from_name']} <{smtp_config['from_email']}>" msg['To'] = f"{smtp_config['to_name']} <{smtp_config['to_email']}>" msg['Subject'] = subject # 添加邮件正文 msg.attach(MIMEText(body, 'plain', 'utf-8')) # 添加附件 with open(attachment_path, 'rb') as file: part = MIMEBase('application', 'octet-stream') part.set_payload(file.read()) encoders.encode_base64(part) part.add_header( 'Content-Disposition', f'attachment; filename="{attachment_path.split("/")[-1]}"' ) msg.attach(part) # 发送邮件 try: with smtplib.SMTP_SSL(smtp_config['smtp_server'], smtp_config['smtp_port']) as server: server.login(smtp_config['smtp_user'], smtp_config['smtp_password']) server.sendmail(smtp_config['from_email'], smtp_config['to_email'], msg.as_string()) print("邮件发送成功！") except Exception as e: print(f"邮件发送失败: {e}") # 主函数 if __name__ == "__main__": domains = [ "www.baidu.com", "www.google.com", ] # SMTP配置 smtp_config = { "smtp_server": "smtp.163.com", "smtp_port": 465, "smtp_user": "stmp账号", "smtp_password": "授权码", "from_email": "发信人", "from_name": "SSL监控", "to_email": "接收文件", "to_name": "管理员", } # Excel文件路径 excel_path = "/tmp/ssl_status.xlsx" # 检查SSL状态并生成Excel ssl_data = check_ssl_expiry(domains, excel_path) # 准备邮件内容 expiring_domains = [row[0] for row in ssl_data if row[3] == "即将到期"] body = "以下是SSL证书检查结果:\n\n" body += "\n".join([f"域名: {row[0]}, 到期时间: {row[1]}, 剩余天数: {row[2]}" for row in ssl_data]) if expiring_domains: body += f"\n\n注意: 以下域名的SSL证书即将到期:\n{', '.join(expiring_domains)}" # 发送邮件 send_email(smtp_config, "SSL证书到期提醒", body, excel_path) # 删除附件 if os.path.exists(excel_path): os.remove(excel_path) print(f"附件 {excel_path} 已删除。") 增加了stmp邮件通知和表格附件发送