-
Notifications
You must be signed in to change notification settings - Fork 66
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 21e4062
Showing
44 changed files
with
1,163 additions
and
0 deletions.
There are no files selected for viewing
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,186 @@ | ||
| frp配置 | ||
|
|
||
| 1.下载好frp软件包,里面会有frps和frpc程序以及各自的配置文件 | ||
|
|
||
|  | ||
|
|
||
| 2.目前在用的frps_full.ini文件如下 | ||
|
|
||
| ``` | ||
| # [common] is integral section | ||
| [common] | ||
| # A literal address or host name for IPv6 must be enclosed | ||
| # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" | ||
| # For single "bind_addr" field, no need square brackets, like "bind_addr = ::". | ||
| bind_addr = 0.0.0.0 | ||
| bind_port = 7000 | ||
| # udp port to help make udp hole to penetrate nat | ||
| bind_udp_port = 7001 | ||
| # udp port used for kcp protocol, it can be same with 'bind_port' | ||
| # if not set, kcp is disabled in frps | ||
| kcp_bind_port = 7000 | ||
| # specify which address proxy will listen for, default value is same with bind_addr | ||
| # proxy_bind_addr = 127.0.0.1 | ||
| # if you want to support virtual host, you must set the http port for listening (optional) | ||
| # Note: http port and https port can be same with bind_port | ||
| vhost_http_port = 7080 | ||
| vhost_https_port = 7443 | ||
| # response header timeout(seconds) for vhost http server, default is 60s | ||
| # vhost_http_timeout = 60 | ||
| # tcpmux_httpconnect_port specifies the port that the server listens for TCP | ||
| # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP | ||
| # requests on one single port. If it's not - it will listen on this value for | ||
| # HTTP CONNECT requests. By default, this value is 0. | ||
| # tcpmux_httpconnect_port = 1337 | ||
| # set dashboard_addr and dashboard_port to view dashboard of frps | ||
| # dashboard_addr's default value is same with bind_addr | ||
| # dashboard is available only if dashboard_port is set | ||
| dashboard_addr = 0.0.0.0 | ||
| dashboard_port = 7500 | ||
| # dashboard user and passwd for basic auth protect | ||
| dashboard_user = admin | ||
| dashboard_pwd = admin | ||
| # enable_prometheus will export prometheus metrics on {dashboard_addr}:{dashboard_port} in /metrics api. | ||
| enable_prometheus = true | ||
| # dashboard assets directory(only for debug mode) | ||
| # assets_dir = ./static | ||
| # console or real logFile path like ./frps.log | ||
| log_file = ./frps.log | ||
| # trace, debug, info, warn, error | ||
| log_level = info | ||
| log_max_days = 3 | ||
| # disable log colors when log_file is console, default is false | ||
| disable_log_color = false | ||
| # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. | ||
| detailed_errors_to_client = true | ||
| # authentication_method specifies what authentication method to use authenticate frpc with frps. | ||
| # If "token" is specified - token will be read into login message. | ||
| # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". | ||
| authentication_method = token | ||
| # authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false.authenticate_heartbeats = false | ||
| # AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. | ||
| authenticate_new_work_conns = false | ||
| # auth token | ||
| token = aquarprojectawsome | ||
| # oidc_issuer specifies the issuer to verify OIDC tokens with. | ||
| # By default, this value is "". | ||
| oidc_issuer = | ||
| # oidc_audience specifies the audience OIDC tokens should contain when validated. | ||
| # By default, this value is "". | ||
| oidc_audience = | ||
| # oidc_skip_expiry_check specifies whether to skip checking if the OIDC token is expired. | ||
| # By default, this value is false. | ||
| oidc_skip_expiry_check = false | ||
| # oidc_skip_issuer_check specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.# By default, this value is false. | ||
| oidc_skip_issuer_check = false | ||
| # heartbeat configure, it's not recommended to modify the default value | ||
| # the default value of heartbeat_timeout is 90. Set negative value to disable it. | ||
| # heartbeat_timeout = 90 | ||
| # user_conn_timeout configure, it's not recommended to modify the default value | ||
| # the default value of user_conn_timeout is 10 | ||
| # user_conn_timeout = 10 | ||
| # only allow frpc to bind ports you list, if you set nothing, there won't be any limit | ||
| allow_ports = 2000-3000,3001,3003,4000-50000 | ||
| # pool_count in each proxy will change to max_pool_count if they exceed the maximum value | ||
| max_pool_count = 5 | ||
| # max ports can be used for each client, default value is 0 means no limit | ||
| max_ports_per_client = 0 | ||
| # tls_only specifies whether to only accept TLS-encrypted connections. By default, the value is false. | ||
| tls_only = false | ||
| # tls_cert_file = server.crt | ||
| # tls_key_file = server.key | ||
| # tls_trusted_ca_file = ca.crt | ||
| # if subdomain_host is not empty, you can set subdomain when type is http or https in frpc's configure file | ||
| # when subdomain is test, the host used by routing is test.frps.com | ||
| subdomain_host = frps.com | ||
| # if tcp stream multiplexing is used, default is true | ||
| tcp_mux = true | ||
| # specify keep alive interval for tcp mux. | ||
| # only valid if tcp_mux is true. | ||
| # tcp_mux_keepalive_interval = 60 | ||
| # custom 404 page for HTTP requests | ||
| # custom_404_page = /path/to/404.html | ||
| # specify udp packet size, unit is byte. If not set, the default value is 1500. | ||
| # This parameter should be same between client and server. | ||
| # It affects the udp and sudp proxy. | ||
| udp_packet_size = 1500 | ||
| #[plugin.user-manager] | ||
| #addr = 127.0.0.1:9000 | ||
| #path = /handler | ||
| #ops = Login | ||
| # | ||
| #[plugin.port-manager] | ||
| #addr = 127.0.0.1:9001 | ||
| #path = /handler | ||
| #ops = NewProxy | ||
| ``` | ||
|
|
||
| 3.将systemd下的frps.service拷贝到systemd目录中 | ||
|
|
||
| ``` | ||
| sudo cp systemd/frps.service /lib/systemd/system/ | ||
| ``` | ||
|
|
||
| 4.编辑拷贝过去的frps.service文件`sudo vim /lib/systemd/system/frps.service`,将内容改成如下: | ||
|
|
||
| ``` | ||
| [Unit] | ||
| Description=Frp Server Service | ||
| After=network.target | ||
| [Service] | ||
| Type=simple | ||
| User=root | ||
| Group=root | ||
| Restart=on-failure | ||
| RestartSec=5s | ||
| ExecStart=/home/finetu/programs/frp_0.40.0_linux_amd64/frps -c /home/finetu/programs/frp_0.40.0_linux_amd64/frps_full.ini | ||
| LimitNOFILE=1048576 | ||
| [Install] | ||
| WantedBy=multi-user.target | ||
| ``` | ||
|
|
||
| 5.`systemctl daemon-reload` | ||
|
|
||
| 6.`systemctl status frps.service` | ||
|
|
||
| 7.`systemctl start frps.service` 若出现问题则`journalctl -u frps.service`查看日志 | ||
|
|
||
| 8.`systemctl enable frps.service` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
| pve 虚拟机设置及硬盘、显卡、usb设备直通 | ||
|
|
||
| ## 准备 | ||
|
|
||
| 给虚拟机直通设备都需要先把虚拟机建立出来,所以第一步是先把想要使用直通设备的虚拟机创建出来并且安装好系统。 | ||
| 需要注意的是,如果虚拟机需要直通显卡,那么这台虚拟机需要在创建虚拟机时进行以下设置: | ||
| 常规设置下: | ||
| 1.将机型设置为q35 | ||
| 2.scsi控制器设置为VirtIO SCSI | ||
| 3.将BIOS设置为OVMF(UEFI),EFI存储设置为local-lvm即可。 | ||
| 4.勾选添加TPM,TPM存储设置为local-lvm即可,版本v2.0 | ||
| CPU设置下: | ||
| 5将类型设置为host,这样可以获取cpu的所有指令集 | ||
| 网络设置下: | ||
| 1.将“模型”设置为VirtIO(半虚拟化),这是除了直通网卡外性能最好的方案。 | ||
|
|
||
| 安装完虚拟机后,如果网络使用的是VirtIO,还需要去网上下载与虚拟机系统对应的VirtIO驱动,安装完成后才可以联网。 | ||
|
|
||
| ## 显卡直通 | ||
|
|
||
| 0.如果你有两张显卡,那么检查你的物理机BIOS,将主CPU设置成不打算直通的那个。 | ||
|
|
||
| 1.进入pve节点的shell,执行`vi /etc/default/grub` ,在大概第8行的位置找到 | ||
|
|
||
| ``` | ||
| GRUB_CMDLINE_LINUX_DEFAULT="quiet" | ||
| ``` | ||
|
|
||
| 把它改成如下内容, 如果是amd cpu则改成amd_iommu: | ||
|
|
||
| ``` | ||
| GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on video=efifb:off,vesafb:off" | ||
| ``` | ||
|
|
||
| 改完后:wq保存退出 | ||
| 2.执行`update-grub` | ||
|
|
||
| 3.执行`vi /etc/modules`,在非注释的位置添加如下内容: | ||
|
|
||
| ```ini | ||
| vfio | ||
| vfio_iommu_type1 | ||
| vfio_pci | ||
| vfio_virqfd | ||
| ``` | ||
|
|
||
| 添加完后如下所示 | ||
|
|
||
| ```ini | ||
| # /etc/modules: kernel modules to load at boot time. | ||
| # | ||
| # This file contains the names of kernel modules that should be loaded | ||
| # at boot time, one per line. Lines beginning with "#" are ignored. | ||
| vfio | ||
| vfio_iommu_type1 | ||
| vfio_pci | ||
| vfio_virqfd | ||
| ``` | ||
|
|
||
| 完成后:wq保存退出 | ||
|
|
||
| 4.执行`update-grub` | ||
|
|
||
| 5.关闭需要直通显卡的虚拟机 | ||
|
|
||
| 6,重启pve | ||
|
|
||
| 7.在硬件设置功能中点添加-> PCI设备,在设备列表中选择想要直通的显卡。勾选“所有功能”,勾选PCI-Express,勾选“高级"(默认就已勾选) | ||
|
|
||
| 8.打开虚拟机可以看到已经有这个设备了,但是显示没有驱动,到官网上下载驱动,安装好以后显卡就可以正常使用了。 | ||
|
|
||
| 9.将原来的虚拟显卡去掉。关闭虚拟机,将硬件列表中原来的显示(Display)设置为:none(none)。 | ||
|
|
||
| 10.将新直通的独显设置为主显卡。找到硬件列表中的显卡配置项,双击打开设置页面,勾选“主GPU”后保存。 | ||
|
|
||
| 11.给独显的接口连接上显示器,重新打开虚拟机, 如果一切正常的话,就可以看到开机画面了。 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| pve下安装施耐德ups配套软件及简单配置 | ||
|
|
||
| 1.在pve的节点下打开console,安装apcupsd程序 | ||
|
|
||
| ```shell | ||
| apt-get install apcupsd | ||
| ``` | ||
|
|
||
| 2.执行`cp /etc/apcupsd/apcupsd.conf /etc/apcupsd/apcupsd.conf.bak`备份原有的配置文件 | ||
|
|
||
| 3.执行`vi /etc/apcupsd/apcupsd.conf`打开配置文件,修改默认配置文件中的两处配置。 | ||
|
|
||
| (1).注释掉默认的DEVICE配置,大概在第90行位置,否则会无法连接到ups | ||
|
|
||
|  | ||
|
|
||
| (2).修改TIMEOUT配置为3,即电池供电3分钟后尝试关机。此处默认为0,意为不根据供电时间触发关机。 | ||
|
|
||
|  | ||
|
|
||
| 3.重启apcupsd服务 | ||
|
|
||
| ```shell | ||
| systemctl restart apcupsd.service | ||
| ``` | ||
|
|
||
| 4.执行apcaccess查看状态,若输出与下图类似,有剩余电量信息及输出电压信息等,即表示ups连接正常。 | ||
|
|
||
|  | ||
|
|
||
| 5.拔掉ups的电源测试系统是否可以被正常关机 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| ## usb键鼠直通 | ||
|
|
||
| 1.先插上usb设备,要不然检测不到。 | ||
|
|
||
| 2.直接进入pve的硬件设置,添加设备->usb设备,就能找到了,加上以后重启虚拟机,就可以使用了。 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| ## 硬盘直通 | ||
|
|
||
| 1.在pve的shell控制台中执行`ls -l /dev/disk/by-id/`命令,列出所有硬盘设备的id及其对应的磁盘简称,执行后结果格式如下所示。其中ata-开头代表使用的是sata接口,此外还有scs、nvme等类型。 | ||
|
|
||
| ``` | ||
| root@pve:~# ls -l /dev/disk/by-id/ | ||
| total 0 | ||
| lrwxrwxrwx 1 root root 9 Apr 3 09:59 ata-HGST_HUS724040ALA640_PN1334PCJLA9MS -> ../../sda | ||
| lrwxrwxrwx 1 root root 10 Apr 3 09:59 ata-HGST_HUS724040ALA640_PN1334PCJLA9MS-part1 -> ../../sda1 | ||
| lrwxrwxrwx 1 root root 10 Apr 3 09:59 ata-HGST_HUS724040ALA640_PN1334PCJLA9MS-part2 -> ../../sda2 | ||
| lrwxrwxrwx 1 root root 9 Apr 3 09:59 ata-HGST_HUS724040ALA640_PN1334PCK2EUES -> ../../sdb | ||
| lrwxrwxrwx 1 root root 9 Apr 3 09:59 ata-INTEL_SSDSC2BA400G3_BTTV510004YG400HGN -> ../../sde | ||
| lrwxrwxrwx 1 root root 10 Apr 3 09:59 ata-INTEL_SSDSC2BA400G3_BTTV510004YG400HGN-part1 -> ../../sde1 | ||
| lrwxrwxrwx 1 root root 10 Apr 3 09:59 ata-INTEL_SSDSC2BA400G3_BTTV510004YG400HGN-part2 -> ../../sde2 | ||
| lrwxrwxrwx 1 root root 10 Apr 3 09:59 ata-INTEL_SSDSC2BA400G3_BTTV510004YG400HGN-part3 -> ../../sde3 | ||
| ``` | ||
|
|
||
| 2.找到想要直通的硬盘,拷贝id全文,如“ata-HGST\_HUS724040ALA640\_PN1334PCJLA9MS” | ||
|
|
||
| 3.按照如下格式执行语句,将这个设备直通给某个虚拟机。 | ||
|
|
||
| ``` | ||
| qm set <vm_id> –<disk_type>[n] /dev/disk/by-id/<type>-$brand-$model_$serial_number | ||
| ``` | ||
|
|
||
| 例如我想把“ata-...JLA9MS”这块硬盘直通给id为101的虚拟机,执行的语句是: | ||
|
|
||
| ``` | ||
| qm set 101 -scsi2 /dev/disk/by-id/ata-HGST_HUS724040ALA640_PN1334PCJLA9MS | ||
| ``` | ||
|
|
||
| 其中qm set是命令,101就是虚拟机的id,-scsi2指的是使用scis模式直通,且其通道编号是scsi2,每个虚拟机建立出来以后给他挂载的系统盘编号通常是xxx0,如sata0、scsi0等,新挂载的硬盘编号只要不与这台虚拟机上已有的编号重复即可。执行完以后如果一切正常,控制台会返回一个提示:“update VM ...”,具体如下所示: | ||
|
|
||
| ``` | ||
| root@pve:~# qm set 101 -scsi2 /dev/disk/by-id/ata-HGST_HUS724040ALA640_PN1334PCJLA9MS | ||
| update VM 101: -scsi2 /dev/disk/by-id/ata-HGST_HUS724040ALA640_PN1334PCJLA9MS | ||
| ``` | ||
|
|
||
| 4.这时候打开虚拟机的管理页就可以看到有一块新的硬盘出现在设备列表中,但颜色是橙色的,表示还没有生效,这时重启这台虚拟机就可以使其生效了。 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| # 开机IP自检及更新脚本 | ||
| 1.打开PVE的 | ||
| 1.安装netifaces软件包 | ||
| ``` | ||
| apt-get install python3-netifaces | ||
| ``` | ||
|
|
||
| 2.将[ipupdater.py](../files/ipupdater.py)拷贝至`/root/`目录下 | ||
| 在/root目录下使用rz工具或者使用vi/vim创建文件并复制脚本文本。 | ||
|
|
||
| 3.将[ipupdater.service](../files/ipupdater.service)拷贝至`/lib/systemd/system/`目录下 |
Oops, something went wrong.