作者: zach

  • 国内各大镜像源下载地址

    企业提供镜像站(推荐以下几家公司):
    阿里云开源镜像:http://mirrors.aliyun.com/
    搜狐开源镜像:http://mirrors.sohu.com/
    网易开源镜像:http://mirrors.163.com/
    LUPA:http://mirror.lupaworld.com/
    首都在线科技股份有限公司:http://mirrors.yun-idc.com/
    常州贝特康姆软件技术有限公司(原cn99):http://centos.bitcomm.cn/

    大学校园镜像(推荐以下几所大学):
    浙江大学:http://mirrors.zju.edu.cn/
    北京理工大学:
    http://mirror.bit.edu.cn (IPv4 only)
    http://mirror.bit6.edu.cn (IPv6 only)
    北京交通大学:
    http://mirror.bjtu.edu.cn (IPv4 only)
    http://mirror6.bjtu.edu.cn (IPv6 only)
    http://debian.bjtu.edu.cn (IPv4+IPv6)
    上海交通大学:
    http://ftp.sjtu.edu.cn/ (IPv4 only)
    http://ftp6.sjtu.edu.cn (IPv6 only)
    清华大学:
    http://mirrors.tuna.tsinghua.edu.cn/ (IPv4+IPv6)
    http://mirrors.6.tuna.tsinghua.edu.cn/ (IPv6 only)
    http://mirrors.4.tuna.tsinghua.edu.cn/ (IPv4 only)
    中国科学技术大学:
    http://mirrors.ustc.edu.cn/ (IPv4+IPv6)
    http://mirrors4.ustc.edu.cn/
    http://mirrors6.ustc.edu.cn/
    东北大学:
    http://mirror.neu.edu.cn/ (IPv4 only)
    http://mirror.neu6.edu.cn/ (IPv6 only)
    华中科技大学:
    http://mirrors.hust.edu.cn/
    http://mirrors.hustunique.com/
    大连东软信息学院:
    http://mirrors.neusoft.edu.cn/

    npm镜像
    cnpmjs:http://cnpmjs.org/

    原文链接:http://www.luyixian.cn/news_show_303101.aspx

  • Dbian10编译nginx实验部署HTTP3(Quiche)

    Dbian10编译nginx实验部署HTTP3(Quiche)

    前面我们写过centos7编译nginx支持http的实验部署,这次我们使用新版的Debian10实现编译,主要是看有哪些小的注意点。使用nginx-1.19.0版本和0.4.0版本的Cloudflare开发的quiche

    1.安装依赖软件及更新

    sudo apt update &&  apt upgrade && dist-upgrade && apt autoremove
    apt install make build-essential clang golang cmake -y

    2.安装构建quiched的Rust cargo

     curl https://sh.rustup.rs -sSf | sh

    选择1按照默认设置安装,然后执行临时系统环境设置,并测试cargo是否输出

     source $HOME/.cargo/env
    cargo -v

    由于cargo的Rust Crates 源在国外,国内在编译调用在线的依赖的时候很慢很慢,我们更新使用国内中科大的源.新增cargo的配置文件$HOME/.cargo/config

    vim $HOME/.cargo/config
    
    [source.crates-io]
    registry = "https://github.com/rust-lang/crates.io-index"
    replace-with = 'ustc'
    [source.ustc]
    registry = "git://mirrors.ustc.edu.cn/crates.io-index"

    这里对debian有一个问题,编译的时候bash命令好像不会寻找系统环境中我们刚才安装的cargo命令,会出现/bin/sh: cargo: 未找到命令,因此我们专门做一条软链便于系统寻找cargo命令。

     ln -s $HOME/.cargo/bin/cargo /usr/local/bin/cargo

    3.nginx编译参数,nginx configure参数需要包含以下内容

    --build="quiche-$(git --git-dir=../quiche/.git rev-parse --short HEAD)" --with-http_v3_module  --with-openssl=../quiche/deps/boringssl --with-quiche=../quiche
    4.具体编译nginx和正常一样即可

    5.nginx网站配制参数

    # Enable QUIC and HTTP/3.
    listen 443 quic reuseport;
     
    # Enable HTTP/2 (optional).
    listen 443 ssl http2;
    
    # Add Alt-Svc header to negotiate HTTP/3.
    add_header alt-svc 'quic=":443"; ma=2592000; v="46,43",h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000';
    

    6.测试,可以使用https://http3check.net进行测试.

    至此,我们完成了http3在debian10上的部署,主要核心还是要搞定cargo组件,有点麻烦!See U!

  • ubuntu终端改为中文系统语言

    ubuntu终端改为中文系统语言

    1.安装简体中文语言包

    sudo apt-get install language-pack-zh-hans language-pack-zh-hans-base

    2.安装程序依赖语言包

    sudo apt-get install `check-language-support -l zh`

    3.设置本地语言为中文

    sudo localectl set-locale LANG=zh_CN.UTF-8

    4.重启系统

    sudo reboot

    5.检查系统本地语言

    locale

    显示如下即为中文生效

    LANG=zh_CN.UTF-8
    LANGUAGE=
    LC_CTYPE="zh_CN.UTF-8"
    LC_NUMERIC="zh_CN.UTF-8"
    LC_TIME="zh_CN.UTF-8"
    LC_COLLATE="zh_CN.UTF-8"
    LC_MONETARY="zh_CN.UTF-8"
    LC_MESSAGES="zh_CN.UTF-8"
    LC_PAPER="zh_CN.UTF-8"
    LC_NAME="zh_CN.UTF-8"
    LC_ADDRESS="zh_CN.UTF-8"
    LC_TELEPHONE="zh_CN.UTF-8"
    LC_MEASUREMENT="zh_CN.UTF-8"
    LC_IDENTIFICATION="zh_CN.UTF-8"
    LC_ALL=
  • 安装启用phpmyadmin

    1.下载phpmyadmin,可以下载到你想放置的网站目录下,前提是你的mysql、php和web服务器(nginx/httpd/litespeed/IIS等)安装好。

    wget  https://files.phpmyadmin.net/phpMyAdmin/5.0.2/phpMyAdmin-5.0.2-all-languages.zip
    unzip phpMyAdmin*
    mv phpMyAdmin-5.0.2-all-languages pma

    2.查询mysql的socket地址,用于后面对接php中的设置.UNIX socket: /var/lib/mysql/mysql.sock

    mysql -u root -p
    Enter password: 
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 10
    Server version: 8.0.19-10 Percona Server (GPL), Release 10, Revision f446c04
    
    Copyright (c) 2009-2020 Percona LLC and/or its affiliates
    Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql> STATUS;
    --------------
    mysql  Ver 8.0.19-10 for Linux on x86_64 (Percona Server (GPL), Release 10, Revision f446c04)
    
    Connection id:          10
    Current database:
    Current user:           root@localhost
    SSL:                    Not in use
    Current pager:          stdout
    Using outfile:          ''
    Using delimiter:        ;
    Server version:         8.0.19-10 Percona Server (GPL), Release 10, Revision f446c04
    Protocol version:       10
    Connection:             Localhost via UNIX socket
    Server characterset:    utf8
    Db     characterset:    utf8
    Client characterset:    utf8
    Conn.  characterset:    utf8
    UNIX socket:            /var/lib/mysql/mysql.sock
    Binary data as:         Hexadecimal
    Uptime:                 55 min 28 sec
    
    Threads: 2  Questions: 11  Slow queries: 0  Opens: 115  Flush tables: 3  Open tables: 35  Queries per second avg: 0.003
    --------------
    
    mysql> 

    3.修改php.ini中的mysqli.default_socket和pdo_mysql.default_socket设置为对应的/var/lib/mysql/mysql.sock

    vi  /etc/php.ini
    mysqli.default_socket = /var/lib/mysql/mysql.sock 
    pdo_mysql.default_socket = /var/lib/mysql/mysql.so

    你也可以设置mysql配置文件my.cnf

    vi /etc/my.cnf
    
    [client]
    socket          = /var/lib/mysql/mysql.sock
    [mysqld]
    socket          = /var/lib/mysql/mysql.sock

    至此,重启php或httpd就可以登录phpmyadmin.下一步我们讨论优化lnmp

  • 使用Percona源安装Percona Server  MySQL和TokuDB数据库引擎

    使用Percona源安装Percona Server MySQL和TokuDB数据库引擎

    1. 添加Percona官方源,详情参照官方安装文档
    yum install https://repo.percona.com/yum/percona-release-latest.noarch.rpm
    percona-release setup ps80
    yum install percona-server-server

    2.运行和测试percona mysql

    service mysql start
    service mysql status
    service mysql restart
    service mysql stop

    3.获取随机root密码,如无法出现可以重启数据库

     grep "A temporary password" /var/log/mysqld.log
    

    4.初始化数据库,修改默认密码,注意8.0默认有强制密码强度要求。

    mysql_secure_installation
    mysql_secure_installation
    
    Securing the MySQL server deployment.
    
    Enter password for user root:
    The 'validate_password' component is installed on the server.
    The subsequent steps will run with the existing configuration
    of the component.
    Using existing password for root.
    
    Estimated strength of the password: 100
    Change the password for root ? ((Press y|Y for Yes, any other key for No) :
    
     ... skipping.
    By default, a MySQL installation has an anonymous user,
    allowing anyone to log into MySQL without having to have
    a user account created for them. This is intended only for
    testing, and to make the installation go a bit smoother.
    You should remove them before moving into a production
    environment.
    
    Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
    Success.
    
    
    Normally, root should only be allowed to connect from
    'localhost'. This ensures that someone cannot guess at
    the root password from the network.
    
    Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
    Success.
    
    By default, MySQL comes with a database named 'test' that
    anyone can access. This is also intended only for testing,
    and should be removed before moving into a production
    environment.
    
    
    Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
     - Dropping test database...
    Success.
    
     - Removing privileges on test database...
    Success.
    
    Reloading the privilege tables will ensure that all changes
    made so far will take effect immediately.
    
    Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
    Success.
    
    All done!

    5. 解决phpMyadmin因加密认证不一样导致无法连接的问题

    mysql -p
    Enter password:
    mysql> alter user 'root'@'localhost' identified with mysql_native_password by '你的密码';
    Query OK, 0 rows affected (0.26 sec)
    
    mysql> FLUSH PRIVILEGES;
    Query OK, 0 rows affected (0.01 sec)

    6.编辑/etc/my.cnf配置文件,修改mysql默认编码

    vim /etc/my.cnf

    末尾加上

    [mysqld] 
    character_set_server=utf8

    7.安装jemalloc,记下/usr/lib64/libjemalloc.so.1路径

    yum install jemalloc 
    rpm -qa |grep jemalloc 
    jemalloc-3.6.0-3.el7.x86_64
    jemalloc-devel-3.6.0-3.el7.x86_64
    rpm -ql jemalloc-3.6.0-3.el7.x86_64
    /usr/bin/jemalloc.sh
    /usr/lib64/libjemalloc.so.1
    /usr/share/doc/jemalloc-3.6.0
    /usr/share/doc/jemalloc-3.6.0/COPYING
    /usr/share/doc/jemalloc-3.6.0/README
    /usr/share/doc/jemalloc-3.6.0/VERSION
    /usr/share/doc/jemalloc-3.6.0/jemalloc.html

    8.emalloc依赖文件,编辑/etc/my.cnf,末尾加入以下:

    [mysqld_safe] 
    malloc-lib=/usr/lib64/libjemalloc.so.1

    10.检查Transparent huge pages,安装ToukuDB引擎

    echo never > /sys/kernel/mm/transparent_hugepage/enabled 
    echo never > /sys/kernel/mm/transparent_hugepage/defrag
    yum install percona-server-tokudb
    service mysql restart

    11.修改selinux状态为permissive,编辑编辑/etc/selinux/config修改以下内容:

    selinux=permissive

    生效

    setenforce 0
    

    12.初始设置tokudb

    ps-admin --enable-tokudb -uroot -p
    service mysql restart

    13.检查确认是否启用tokudb

    mysql -u root -p
    Enter password: 
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 8
    Server version: 8.0.19-10 Percona Server (GPL), Release 10, Revision f446c04
    
    Copyright (c) 2009-2020 Percona LLC and/or its affiliates
    Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql> show engines;
    +--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+
    | Engine             | Support | Comment                                                                    | Transactions | XA   | Savepoints |
    +--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+
    | TokuDB             | YES     | Percona TokuDB Storage Engine with Fractal Tree(tm) Technology             | YES          | YES  | YES        |
    | FEDERATED          | NO      | Federated MySQL storage engine                                             | NULL         | NULL | NULL       |
    | PERFORMANCE_SCHEMA | YES     | Performance Schema                                                         | NO           | NO   | NO         |
    | TokuDB             | DEFAULT | Percona-XtraDB, Supports transactions, row-level locking, and foreign keys | YES          | YES  | YES        |
    | MEMORY             | YES     | Hash based, stored in memory, useful for temporary tables                  | NO           | NO   | NO         |
    | MyISAM             | YES     | MyISAM storage engine                                                      | NO           | NO   | NO         |
    | MRG_MYISAM         | YES     | Collection of identical MyISAM tables                                      | NO           | NO   | NO         |
    | BLACKHOLE          | YES     | /dev/null storage engine (anything you write to it disappears)             | NO           | NO   | NO         |
    | CSV                | YES     | CSV storage engine                                                         | NO           | NO   | NO         |
    | ARCHIVE            | YES     | Archive storage engine                                                     | NO           | NO   | NO         |
    +--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+
    10 rows in set (0.00 sec)
    
    mysql> 

    看到TokuDB | YES 字样即为成功安装。

    14.设置默认引擎为TokuDB,修改/etc/my.cnf文件[mysqld] 下面加入以下,并重启mysql服务器

    default-storage-engine=TOKUDB
    service mysql restart

    至此,我们完成了Percona Mysql的按照,并设置完成TOKUDB为默认数据库引擎。下一步我们进行phpmyadmin的安装

  • 编译安装PHP7.4

    编译安装PHP7.4

    1. 安装编译libzip新版需要的CMKAE3

    wget https://cmake.org/files/v3.17/cmake-3.17.2.tar.gz
    tar xvzf cmake-3.17.2.tar.gz
    yum remove cmake*
    yum install -y gcc gcc-c++ make automake openssl-deve
    cd cmake*
    ./bootstrap
    gmake
    gmake install
    /usr/local/bin/cmake --version
    ln -s /usr/local/bin/cmake /usr/bin/
    cmake --version

    2. 安装最新版本libzip

    yum -y remove libzip-devel
    wget https://libzip.org/download/libzip-1.6.1.tar.gz
    tar -zxvf libzip-1.6.1.tar.gz
    cd libzip-1.6.1
    mkdir build
    cd build
    cmake ..
    make & make test & make install
    cd ..
    export PKG_CONFIG_PATH="/usr/local/lib64/pkgconfig/"
    ldconfig /usr/local/lib
    ldconfig /usr/local/lib64

    3.下载php7.4

    yum install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libsqlite3x-devel oniguruma-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses curl gdbm-devel db4-devel libXpm-devel libX11-devel gd-devel gmp-devel expat-devel xmlrpc-c xmlrpc-c-devel libicu-devel libmcrypt-devel libmemcached-devel
    wget https://www.php.net/distributions/php-7.4.6.tar.gz
    tar xvzf php-7.4.6.tar.gz
    cd php-7.4.6
    ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-config-file-scan-dir=/usr/local/php/conf.d --enable-fpm --with-fpm-user=www --with-fpm-group=www --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-iconv-dir --with-freetype --with-jpeg  --with-zlib --enable-xml --disable-rpath --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --enable-mbregex --enable-mbstring --enable-intl --enable-pcntl --enable-ftp --enable-gd --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --with-zip --with-zlib --enable-soap --with-gettext  --enable-opcache --with-xsl --with-pear
    make & make test & make install
    

    测试与配置

    /usr/local/php/bin/php -v

    增加系统变量,便于全局使用php命令

    vim /etc/profile

    在文件末尾加入:

    PATH=$PATH:/usr/local/php/bin
    export PATH

    配置php基础设置

    cp php.ini-production /usr/local/php/etc/php.ini
    cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
    cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf
    cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
    chmod +x /etc/init.d/php-fpm
    service php-fpm start
    systemctl enable php-fpm

    至此,你可以在你的网站或目录下编辑测试文件进行测试php文件了。

    下一步我们再来介绍mysql数据库percona的源安装。

  • 一键编译一个NGINX加强版本

    一键编译一个NGINX加强版本

    这是一个NGINX的超前测试和补丁版本,由hakasenyang好像是一位韩国朋友。其特点就是前瞻性使用了nginx的开发版,OPENSSL的开发版,一些等价加密算法的补丁,以及加密算法的补丁。同时包含了

    1. 安装系统依赖软件,其中包含了一些nginx扩展组件需要的依赖。其中一些是额外扩展组件需要的依赖。
    yum -y install jemalloc-devel libuuid-devel libatomic libatomic_ops-devel expat-devel unzip autoconf automake libtool gd-devel libmaxminddb-devel libxslt-devel libxml2-devel gcc-c++ curl perl perl-core pcre-devel zlib-devel make unzip libuuid-devel

    如果安装依赖时候出现Transaction check error: package perl-4:5.16.3-295.el7.x86_64 is already installed package unzip-6.0-21.el7.x86_64 is already installed 类似错误,请删除对应的软件,然后安装依赖,据说是因为系统版本和Yum源版本出现了冲突。

    2. 添加用于运行nginx的用户名和用户组

    /usr/sbin/groupadd -f www
    /usr/sbin/useradd -g www www

    3. 下载源码

    git clone https://github.com/hakasenyang/nginx-build.git --recursive

    4. 生产配置文件,修改你想要的版本和软件名称

    cp config.inc.example config.inc

    你可以编辑./src/core/nginx.h 更改版本值和文件名

    也可以编辑config.inc进行必要的配置

    5.安装

    sudo ./auto.sh

    6.增加系统服务,测试

    建立系统服务文件:

     /lib/systemd/system/nginx.service

    内容为:

    [Unit]
    Description=The NGINX HTTP and reverse proxy server
    After=syslog.target network-online.target remote-fs.target nss-lookup.target
    Wants=network-online.target
    
    [Service]
    Type=forking
    PIDFile=/run/nginx.pid
    ExecStartPre=/usr/sbin/nginx -t
    ExecStart=/usr/sbin/nginx
    ExecReload=/usr/sbin/nginx -s reload
    ExecStop=/bin/kill -s QUIT $MAINPID
    PrivateTmp=true
    
    [Install]
    WantedBy=multi-user.target

    测试如下,如果正常输出即为正常

    nginx -v
    nginx -t
    systemctl restart nginx
    systemctl enable nginx

    7. 建立自己的vhost

    编辑nginx.conf

    vim /etc/nginx/nginx.conf

    在倒数第二行花括号前增加

    include vhost/*.conf;

    建立vhost文件夹

    mkdir -p /etc/nginx/vhost
    server {
      listen 80;
      listen [::]:80;
      listen 443 ssl http2;
      listen [::]:443 ssl http2;
      ssl_certificate /usr/local/nginx/conf/ssl/xxx.crt;
      ssl_certificate_key /usr/local/nginx/conf/ssl/yyy.key;
      ssl_protocols  TLSv1.2 TLSv1.3;
      ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
      ssl_prefer_server_ciphers on;
      ssl_session_timeout 10m;
      ssl_session_cache builtin:1000 shared:SSL:10m;
      ssl_buffer_size 1400;
      add_header Strict-Transport-Security max-age=15768000;
      ssl_stapling on;
      ssl_stapling_verify on;
      server_name your.domain www.your.domain;
      access_log /data/wwwlogs/your.domain_nginx.log combined;
      index index.html index.htm index.php;
      root /data/wwwroot/your.domain;
      if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
      if ($host != zach.vip) {  return 301 $scheme://your.domain$request_uri;  }
      location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
        valid_referers none blocked *.zach.vip zach.vip www.zach.vip;
        if ($invalid_referer) {
            return 403;
        }
      }
    }

    至此,就可以用你域名访问你的网站了,后续我们再来编译php版本。

  • NGINX启动支持HTTP/3主线版本开发

    NGINX启动支持HTTP/3主线版本开发

    2020年4-30日,NGINX官方终于启动支持HTTP/3主线版本开发,为期一年内。

    盼星星盼月亮,希望能够尽快落地吧。不然NGINX都玩不过OpenLiteSpeed了。

    路线图

    里程碑: nginx-1.19

    12个月内 到期(04/30/21 18:00:00)

    现状:持续发展中

    干线:主线

    1.19计划的功能和改进

    • [进行中] HTTP / 3支持
    • [进行中] OCSP对客户端证书的支持

  • 昔我往矣

    昔我往矣

    昔我往矣,杨柳依依。

    今我来思,雨雪霏霏。

    行道迟迟,载渴载饥。

    我心伤悲,莫知我哀!

    深切悼念抗击新冠病毒疫情斗争英勇牺牲的英烈和同胞们。

  • CentOS 8 开启 BBR及内核升级

    CentOS 8 开启 BBR

    echo net.core.default_qdisc=fq >> /etc/sysctl.conf

    echo net.ipv4.tcp_congestion_control=bbr  >> /etc/sysctl.conf

    sysctl -p

    然后重启一下系统。

    检查 BBR 是否开启成功

    sysctl -n net.ipv4.tcp_congestion_control

    lsmod | grep bbr

    如果输出包含 BBR,说明启用成功。

    CentOS 8 升级内核

    参考资料:https://www.vpser.net/manage/centos-rhel-upgrade-kernel.html、https://www.aikaiyuan.com/12532.html

    查看当前内核版本

    uname -r

    Linux 内核最新稳定版可以从 https://www.kernel.org 查看,当前最新稳定版为 5.2.13 ,ELRepo 上版本也是 5.2.13。

    升级内核

    安装 ELRepo 源:

    rpm –import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

    rpm -Uvh https://www.elrepo.org/elrepo-release-8.0-2.el8.elrepo.noarch.rpm

    启用 ELRepo 源仓库:

    yum –disablerepo=”*” –enablerepo=”elrepo-kernel” list available

    安装新内核:

    yum -y –enablerepo=elrepo-kernel install kernel-ml kernel-ml-devel

    如无意外,最新内核已经安装好。

    修改 grub 配置使用新内核版本启动

    查看当前默认启动内核:

    dnf install grubby

    grubby –default-kernel

    当前最新版本 5.3.8,一般安装完就会以最新内核启动,回返回信息:

    /boot/vmlinuz-5.3.8-1.el8.elrepo.x86_64

    如不是,查看所有内核:

    grubby –info=ALL

    列表:

    index=0

    kernel=”/boot/vmlinuz-5.3.8-1.el8.elrepo.x86_64″

    args=”ro consoleblank=0 crashkernel=auto rhgb quiet $tuned_params”

    root=”UUID=017899bc-0f07-4d05-825c-15f1f8e84d6a”

    initrd=”/boot/initramfs-5.3.8-1.el8.elrepo.x86_64.img $tuned_initrd”

    title=”Red Hat Enterprise Linux (5.3.8-1.el8.elrepo.x86_64) 8.0 (Ootpa)”

    id=”6e9de0df25a04991b05aa3980b4a01ef-5.3.8-1.el8.elrepo.x86_64″

    index=1

    kernel=”/vmlinuz-0-rescue-6e9de0df25a04991b05aa3980b4a01ef”

    args=”ro consoleblank=0 crashkernel=auto rhgb quiet”

    root=”UUID=017899bc-0f07-4d05-825c-15f1f8e84d6a”

    initrd=”/initramfs-0-rescue-6e9de0df25a04991b05aa3980b4a01ef.img”

    title=”Red Hat Enterprise Linux (0-rescue-6e9de0df25a04991b05aa3980b4a01ef) 8.0 (Ootpa)”

    id=”6e9de0df25a04991b05aa3980b4a01ef-0-rescue”

    index=2

    kernel=”/boot/vmlinuz-4.18.0-80.11.2.el8_0.x86_64″

    args=”ro consoleblank=0 crashkernel=auto rhgb quiet $tuned_params”

    root=”UUID=017899bc-0f07-4d05-825c-15f1f8e84d6a”

    initrd=”/boot/initramfs-4.18.0-80.11.2.el8_0.x86_64.img $tuned_initrd”

    title=”CentOS Linux (4.18.0-80.11.2.el8_0.x86_64) 8 (Core)”

    id=”cad5aebed85947769a25cf534d8f4e59-4.18.0-80.11.2.el8_0.x86_64″

    index=3

    kernel=”/vmlinuz-0-rescue-cad5aebed85947769a25cf534d8f4e59″

    args=”ro consoleblank=0 crashkernel=auto rhgb quiet”

    root=”UUID=017899bc-0f07-4d05-825c-15f1f8e84d6a”

    initrd=”/initramfs-0-rescue-cad5aebed85947769a25cf534d8f4e59.img”

    title=”CentOS Linux (0-rescue-cad5aebed85947769a25cf534d8f4e59) 8 (Core)”

    id=”cad5aebed85947769a25cf534d8f4e59-0-rescue”

    然后指定新内核启动:

    grubby –set-default /boot/vmlinuz-5.3.8-1.el8.elrepo.x86_64

    重启系统 reboot,然后 uname -r 查看就是新内核。

  • 欢迎来到2020

    欢迎来到2020

    欢迎来到2020,新的十年!

  • 如何启用WORDPRESS全站SSL

    本来以前Wordpress启用全站SSL很容易的,结果发现WP自己把这个过程弄复杂了,对于新的WP站点,我们可以简单如下处理:

    1.编辑wp-config.php文件,在PHP标记后面一行增加如下强制启用WP全站SSL的函数:

    <?php
    $_SERVER['HTTPS'] = 'on';
    define('FORCE_SSL_LOGIN', true);
    define('FORCE_SSL_ADMIN', true);
    
    #启用SSL

    2.在后台占地地址中变更http为https:

    在设置-常规中变更 WordPress地址(URL) 和 站点地址(URL) 均带hppts://

    当然,以上前提在于你已经搭建后服务器环境支持SSL并正确启用。以上是让WP实现软件兼容SSL环境。