diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 5496988e..00000000 --- a/.drone.yml +++ /dev/null @@ -1,5 +0,0 @@ -pipeline: - build: - image: felicianotech/docker-hugo:latest #cbrgm/drone-hugo:latest - validate: true - url: https://h.cowbay.org diff --git a/config.toml b/config.toml index a7657603..fb29c1fb 100644 --- a/config.toml +++ b/config.toml @@ -82,7 +82,7 @@ paginate = 5 #frontpage pagination # Add a writer, then use it in the markdown front matter like this: writer = "Lukas Herman" [params.writers] - [params.writers."Eric Chang"] + [params.writers."Lukas Herman"] link = "https://lherman.tk" email = "lherman.cs@gmail.com" bio = [ diff --git a/content/post/debian-buster-server-been-hacked.md b/content/post/debian-buster-server-been-hacked.md new file mode 100644 index 00000000..ceec208a --- /dev/null +++ b/content/post/debian-buster-server-been-hacked.md @@ -0,0 +1,171 @@ +--- +title: "[筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked" +date: 2020-07-10T09:48:24+08:00 +categories: ['筆記'] +image: https://h.cowbay.org/images/post-default-14.jpg +tags: ["debian"] +author: "Eric Chang" +--- + +上禮拜某天在開會的時候,LINE不斷傳來訊息 + +不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了 + +看來大概有啥事發生 + +不過畢竟不是正職的工作,就先放著吧 + +後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我 + +叫我趕快連進去看 + +是說,啊我又沒跟人家簽維護,趕什麼趕... + +總之,開完會後就了解一下狀況 + + + +了解狀況後(user 也只說不能連線..WTF),還是直接連進去看伺服器啥問題好了 + +連線的過程就發現,主機回應有點慢 + +不過還是可以連上,檢查一下ps / netstat 等等訊息,感覺就是有哪裡怪怪的 + +進去etc 看一下,一下 ls -lart 就發現不對,畫面整個跑掉 + +感覺就多了很多檔案 + +所以先裝個file manager 來看(這樣才能避免ls 被駭客調包的情況) + +總之就發現了一些不正常的檔案 + +/etc/.sh 等等族繁不及備載 + +於是先去FW 把這台機器對外開放的port 先關掉 + +然後開始紀錄邊清 + +底下是一些記錄下來的log 很亂,因為是邊清邊紀錄的關係 + +這是在某個特定日期時間被產生出來的檔案 + +```bash +/etc/allow.bak +/etc/deny.bak +/etc/fstab +/etc/sysctl.conf +/etc/gshadow +/etc/fstab.bak +/etc/subuid +/etc/subgid +/etc/.supervisor +/sbin/https +/swapfile +/var/mail/root +/var/lib/rkhunter/tmp/group +/var/lib/rkhunter/tmp/passwd +/var/lib/dpkg/info/python-meld3.list +/var/backups/dpkg.status.1.gz +/var/backups/shadow.bak +/var/backups/group.bak +/var/backups/dpkg.status.6.gz +/var/backups/dpkg.status.3.gz +/var/backups/dpkg.status.5.gz +/var/backups/apt.extended_states.0 +/var/backups/dpkg.status.2.gz +/var/backups/passwd.bak +/var/backups/gshadow.bak +/var/backups/dpkg.status.0 +/var/backups/dpkg.status.4.gz +/var/log/wtmp.1 +/var/log/supervisor +/var/log/dpkg.log.1 +/var/log/secure +/var/log/apt/term.log.1.gz +/var/log/apt/history.log.1.gz +/usr/lib/systemd +/usr/lib/mysql/mysql +``` + +/etc/.supervisor/conf.d/sh.conf + +```bash +[program:.sh] +directory=/etc/ +command=/bin/bash -c 'cp -f -r -- /etc/spts /bin/.sh 2>/dev/null && /bin/.sh -c >/dev/null 2>&1 && rm -rf -- /bin/.sh 2>/dev/null' +autostart=true +autorestart=true +startretries=999999999 +redirect_stderr=true +pidfile=/etc/psdewo.pid +stdout_logfile=/etc/usercenter_stdout +``` + +php.sh 這個忘了是在crontab 還是/etc/profile.d/底下看到的 +``` +#!/bin/bash +cp -f -r -- /bin/shh /bin/.sh 2>/dev/null +/bin/.sh -c >/dev/null 2>&1 +rm -rf -- .sh 2>/dev/null +``` +supervisor.sh +``` +#!/bin/bash +supervisord -c /etc/.supervisor/supervisord.conf >/dev/null 2>&1 +supervisorctl reload >/dev/null 2>&1 +``` + +某個 service 檔案 + +``` +[Unit] +Description=.sh + +Wants=network.target +After=syslog.target network-online.target + +[Service] +Type=forking +ExecStart=/bin/bash -c 'cp -f -r -- /bin/.funzip /bin/.sh 2>/dev/null && /bin/.sh -c >/dev/null 2>&1 && rm -rf -- /bin/.sh 2>/dev/null' +Restart=always +KillMode=process + +[Install] +WantedBy=multi-user.target +``` + +syslog 部份內容 +``` +Jul 7 06:20:01 pve CRON[12502]: (root) CMD (/sbin/httpss) +Jul 7 06:20:01 pve CRON[12499]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1) +Jul 7 06:21:01 pve CRON[14096]: (root) CMD (/usr/lib/mysql/mysql) +Jul 7 06:21:01 pve CRON[14095]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1) +Jul 7 06:21:01 pve CRON[14094]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null) +Jul 7 06:22:01 pve CRON[15995]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1) +Jul 7 06:22:01 pve CRON[15994]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null) +Jul 7 06:22:01 pve CRON[15996]: (root) CMD (/usr/lib/mysql/mysql) +Jul 7 06:23:01 pve CRON[17708]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1) +Jul 7 06:23:01 pve CRON[17709]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null) +Jul 7 06:23:01 pve CRON[17710]: (root) CMD (/usr/lib/mysql/mysql) +Jul 7 06:24:01 pve CRON[19353]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null) +Jul 7 06:24:01 pve CRON[19351]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1) +Jul 7 06:24:01 pve CRON[19352]: (root) CMD (/usr/lib/mysql/mysql) +Jul 7 06:25:01 pve CRON[21289]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null) +Jul 7 06:25:01 pve CRON[21290]: (root) CMD (/usr/lib/mysql/mysql) +Jul 7 06:25:01 pve CRON[21288]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )) +Jul 7 06:25:01 pve CRON[21291]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1) +``` + +比較特別的是,他會去修改 /etc/fstab 載入一個 swapfile + +WTF!? 沒事載入自己的 fstab 做啥?? + +然後還會在系統建立user 可以看一下 /etc/passwd , /etc/group , /etc/gshadow 這些檔案檢查 + +手邊最好有另一臺乾淨的同樣作業系統的機器 + +因為有很多系統指令已經被替換掉(netstat/ss/lsof 等等) + +需要從乾淨的系統弄過來,或者是重新從apt 安裝回來 + + diff --git a/public/about/index.html b/public/about/index.html index 418dc7d1..8218c9a8 100644 --- a/public/about/index.html +++ b/public/about/index.html @@ -45,9 +45,9 @@ - + - + @@ -603,7 +603,7 @@ title="pinterest icon"> - + diff --git a/public/categories/ansible/index.html b/public/categories/ansible/index.html index f6077b24..f2bcdd8b 100644 --- a/public/categories/ansible/index.html +++ b/public/categories/ansible/index.html @@ -45,9 +45,9 @@ - + - + @@ -608,6 +608,6 @@ if (!doNotTrack) { - + diff --git a/public/categories/index.xml b/public/categories/index.xml index 205bdc7a..98f0c708 100644 --- a/public/categories/index.xml +++ b/public/categories/index.xml @@ -6,7 +6,7 @@ Recent content in Categories on MC部落 Hugo -- gohugo.io en-us - Mon, 22 Jun 2020 09:05:42 +0800 + Fri, 10 Jul 2020 09:48:24 +0800 @@ -14,7 +14,7 @@ 筆記 https://h.cowbay.org/categories/%E7%AD%86%E8%A8%98/ - Mon, 22 Jun 2020 09:05:42 +0800 + Fri, 10 Jul 2020 09:48:24 +0800 https://h.cowbay.org/categories/%E7%AD%86%E8%A8%98/ diff --git a/public/categories/linux/index.html b/public/categories/linux/index.html index 5ebd43bc..63dba3b0 100644 --- a/public/categories/linux/index.html +++ b/public/categories/linux/index.html @@ -45,9 +45,9 @@ - + - + @@ -483,6 +483,6 @@ if (!doNotTrack) { - + diff --git a/public/categories/proxmox/index.html b/public/categories/proxmox/index.html index 6bb86de7..e425f437 100644 --- a/public/categories/proxmox/index.html +++ b/public/categories/proxmox/index.html @@ -45,9 +45,9 @@ - + - + @@ -487,6 +487,6 @@ if (!doNotTrack) { - + diff --git a/public/categories/ps/index.html b/public/categories/ps/index.html index bf51e7d7..e95585f0 100644 --- a/public/categories/ps/index.html +++ b/public/categories/ps/index.html @@ -45,9 +45,9 @@ - + - + @@ -422,6 +422,6 @@ if (!doNotTrack) { - + diff --git a/public/categories/碎念/index.html b/public/categories/碎念/index.html index 2ad1f737..13555740 100644 --- a/public/categories/碎念/index.html +++ b/public/categories/碎念/index.html @@ -45,9 +45,9 @@ - + - + @@ -485,6 +485,6 @@ if (!doNotTrack) { - + diff --git a/public/categories/筆記/index.html b/public/categories/筆記/index.html index 4b29a12f..91ecf791 100644 --- a/public/categories/筆記/index.html +++ b/public/categories/筆記/index.html @@ -21,8 +21,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/categories\/%E7%AD%86%E8%A8%98\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -45,9 +45,9 @@ - + - + @@ -301,6 +301,75 @@ if (!doNotTrack) { +
+ + +
+
+ 10 July + + + + + + / + + + + + + + + + / + + 筆記 + + +
+
+

+ [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked +

+
+
+
+

上禮拜某天在開會的時候,LINE不斷傳來訊息

+ +

不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了

+ +

看來大概有啥事發生

+ +

不過畢竟不是正職的工作,就先放著吧

+ +

後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我

+ +

叫我趕快連進去看

+ +

是說,啊我又沒跟人家簽維護,趕什麼趕…

+ +

總之,開完會後就了解一下狀況

+ +
Read the postThis is a Standard Post
+
+
+
+ + + + + + + + + + + +
+ + + +
@@ -359,7 +428,7 @@ if (!doNotTrack) { -
+
@@ -418,7 +487,7 @@ if (!doNotTrack) { -
+
@@ -479,7 +548,7 @@ if (!doNotTrack) { -
+
@@ -544,7 +613,7 @@ if (!doNotTrack) { -
+
@@ -609,7 +678,7 @@ if (!doNotTrack) { -
+
@@ -670,7 +739,7 @@ if (!doNotTrack) { -
+
@@ -735,7 +804,7 @@ if (!doNotTrack) { -
+
@@ -796,7 +865,7 @@ if (!doNotTrack) { -
+
@@ -855,7 +924,7 @@ if (!doNotTrack) { -
+
@@ -916,7 +985,7 @@ if (!doNotTrack) { -
+
@@ -979,7 +1048,7 @@ if (!doNotTrack) { -
+
@@ -1044,7 +1113,7 @@ if (!doNotTrack) { -
+
@@ -1103,7 +1172,7 @@ if (!doNotTrack) { -
+
@@ -1164,7 +1233,7 @@ if (!doNotTrack) { -
+
@@ -1233,7 +1302,7 @@ if (!doNotTrack) { -
+
@@ -1294,7 +1363,7 @@ if (!doNotTrack) { -
+
@@ -1359,7 +1428,7 @@ if (!doNotTrack) { -
+
@@ -1416,7 +1485,7 @@ if (!doNotTrack) { -
+
@@ -1475,7 +1544,7 @@ if (!doNotTrack) { -
+
@@ -1530,7 +1599,7 @@ if (!doNotTrack) { -
+
@@ -1585,7 +1654,7 @@ if (!doNotTrack) { -
+
@@ -1646,7 +1715,7 @@ if (!doNotTrack) { -
+
@@ -1707,7 +1776,7 @@ if (!doNotTrack) { -
+
@@ -1774,7 +1843,7 @@ if (!doNotTrack) { -
+
@@ -1839,7 +1908,7 @@ if (!doNotTrack) { -
+
@@ -1912,7 +1981,7 @@ if (!doNotTrack) { -
+
@@ -1981,7 +2050,7 @@ if (!doNotTrack) { -
+
@@ -2044,7 +2113,7 @@ if (!doNotTrack) { -
+
@@ -2101,7 +2170,7 @@ if (!doNotTrack) { -
+
@@ -2164,7 +2233,7 @@ if (!doNotTrack) { -
+
@@ -2225,7 +2294,7 @@ if (!doNotTrack) { -
+
@@ -2284,7 +2353,7 @@ if (!doNotTrack) { -
+
@@ -2341,7 +2410,7 @@ if (!doNotTrack) { -
+
@@ -2402,7 +2471,7 @@ if (!doNotTrack) { -
+
@@ -2459,7 +2528,7 @@ if (!doNotTrack) { -
+
@@ -2518,7 +2587,7 @@ if (!doNotTrack) { -
+
@@ -2579,7 +2648,7 @@ if (!doNotTrack) { -
+
@@ -2640,7 +2709,7 @@ if (!doNotTrack) { -
+
@@ -2711,7 +2780,7 @@ if (!doNotTrack) { -
+
@@ -2770,7 +2839,7 @@ if (!doNotTrack) { -
+
@@ -2868,7 +2937,7 @@ if (!doNotTrack) { -
+
@@ -2929,7 +2998,7 @@ if (!doNotTrack) { -
+
@@ -2990,7 +3059,7 @@ if (!doNotTrack) { -
+
@@ -3057,7 +3126,7 @@ if (!doNotTrack) { -
+
@@ -3117,7 +3186,7 @@ if (!doNotTrack) { -
+
@@ -3188,7 +3257,7 @@ if (!doNotTrack) { -
+
@@ -3382,6 +3451,6 @@ if (!doNotTrack) {
- + diff --git a/public/categories/筆記/index.xml b/public/categories/筆記/index.xml index 7c5a668c..a4db23bf 100644 --- a/public/categories/筆記/index.xml +++ b/public/categories/筆記/index.xml @@ -6,11 +6,34 @@ Recent content in 筆記 on MC部落 Hugo -- gohugo.io en-us - Mon, 22 Jun 2020 09:05:42 +0800 + Fri, 10 Jul 2020 09:48:24 +0800 + + [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + Fri, 10 Jul 2020 09:48:24 +0800 + + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + <p>上禮拜某天在開會的時候,LINE不斷傳來訊息</p> + +<p>不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了</p> + +<p>看來大概有啥事發生</p> + +<p>不過畢竟不是正職的工作,就先放著吧</p> + +<p>後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我</p> + +<p>叫我趕快連進去看</p> + +<p>是說,啊我又沒跟人家簽維護,趕什麼趕&hellip;</p> + +<p>總之,開完會後就了解一下狀況</p> + + Ubuntu 18.04 Kernel 4.15.0-106 Unable to Start Wireguard Interface https://h.cowbay.org/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/ diff --git a/public/categories/群暉/index.html b/public/categories/群暉/index.html index 83efc78c..832a5022 100644 --- a/public/categories/群暉/index.html +++ b/public/categories/群暉/index.html @@ -45,9 +45,9 @@ - + - + @@ -491,6 +491,6 @@ if (!doNotTrack) {
- + diff --git a/public/categories/雜念/index.html b/public/categories/雜念/index.html index 9da0a491..23315a3c 100644 --- a/public/categories/雜念/index.html +++ b/public/categories/雜念/index.html @@ -45,9 +45,9 @@ - + - + @@ -483,6 +483,6 @@ if (!doNotTrack) {
- + diff --git a/public/contact/index.html b/public/contact/index.html index eccc8048..b9446911 100644 --- a/public/contact/index.html +++ b/public/contact/index.html @@ -45,9 +45,9 @@ - + - + @@ -459,7 +459,7 @@ if (!doNotTrack) {
- + diff --git a/public/gallery/sammy93/index.html b/public/gallery/sammy93/index.html index a13057d6..aee7a013 100644 --- a/public/gallery/sammy93/index.html +++ b/public/gallery/sammy93/index.html @@ -45,9 +45,9 @@ - + - + @@ -598,7 +598,7 @@ title="pinterest icon">
- + diff --git a/public/index.html b/public/index.html index f751d36c..e5ff0baa 100644 --- a/public/index.html +++ b/public/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 22 June + 10 July @@ -319,22 +319,28 @@ if (!doNotTrack) {

- Ubuntu 18.04 Kernel 4.15.0-106 Unable to Start Wireguard Interface + [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked

-

工作用的電腦,昨天終於難得的reboot了(uptime 看了一下,大概是三百多天)

+

上禮拜某天在開會的時候,LINE不斷傳來訊息

-

結果重開機之後,發現原本在打tunnel 連 ptt 的 wireguard VPN 掛掉了

+

不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了

-

手動下指令也啟動不了

+

看來大概有啥事發生

-

查了一下發現是 ubuntu 18.04 kernel 4.15.0-106 的包

+

不過畢竟不是正職的工作,就先放著吧

-

看來就連kernel 最好都不要自動升級…

+

後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我

-
Read the postThis is a Standard Post
+

叫我趕快連進去看

+ +

是說,啊我又沒跟人家簽維護,趕什麼趕…

+ +

總之,開完會後就了解一下狀況

+ +
Read the postThis is a Standard Post
@@ -352,12 +358,12 @@ if (!doNotTrack) { -
+
- 08 April + 22 June @@ -379,18 +385,22 @@ if (!doNotTrack) {

- [筆記] ubuntu 18.04 preseeds + Ubuntu 18.04 Kernel 4.15.0-106 Unable to Start Wireguard Interface

-

ubuntu 18.04 預設移掉了 /etc/rc.local 的功能

+

工作用的電腦,昨天終於難得的reboot了(uptime 看了一下,大概是三百多天)

-

變成要用 systemd 的方式來運作,可是有點難用…

+

結果重開機之後,發現原本在打tunnel 連 ptt 的 wireguard VPN 掛掉了

-

紀錄一下步驟,再來研究怎麼整合到 preseed 裡面

+

手動下指令也啟動不了

-
Read the postThis is a Standard Post
+

查了一下發現是 ubuntu 18.04 kernel 4.15.0-106 的包

+ +

看來就連kernel 最好都不要自動升級…

+ +
Read the postThis is a Standard Post
@@ -408,12 +418,12 @@ if (!doNotTrack) { -
+
- 06 April + 08 April @@ -435,20 +445,18 @@ if (!doNotTrack) {

- [筆記] 在 Ubuntu 1404 Preseed 加入開機後自動發郵件通知安裝完成 + [筆記] ubuntu 18.04 preseeds

-

這是之前做過的task,client透過pxe開機後,會自動安裝ubuntu 14.04

- -

在安裝完成後,會發出郵件通知管理者已經安裝完成

+

ubuntu 18.04 預設移掉了 /etc/rc.local 的功能

-

可是某次ansible 更新之後,反而沒辦法安裝完成

+

變成要用 systemd 的方式來運作,可是有點難用…

-

這次順手修改一下,同時更新了ansible 的template

+

紀錄一下步驟,再來研究怎麼整合到 preseed 裡面

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -466,12 +474,12 @@ if (!doNotTrack) { -
+
- 04 March + 06 April @@ -493,24 +501,20 @@ if (!doNotTrack) {

- [筆記] 設定ubuntu 18.04 的NetworkManager config 不要更改 /etc/resolv.conf + [筆記] 在 Ubuntu 1404 Preseed 加入開機後自動發郵件通知安裝完成

-

ubuntu 18.04 的 DNS 設定很煩

- -

系統預設會用NetworkManager 去管理

- -

然後NetworkManager 又很「靈活」的許多種修改 /etc/resolv.conf 的方式

+

這是之前做過的task,client透過pxe開機後,會自動安裝ubuntu 14.04

-

之前都是很粗暴的停用 NetworkManager

+

在安裝完成後,會發出郵件通知管理者已經安裝完成

-

但是用筆電的user 又需要用 NetworkManager 來管理無線網路

+

可是某次ansible 更新之後,反而沒辦法安裝完成

-

今天找了一下文件,讓NetworkManager 可以執行,卻不會去異動 /etc/resolv.conf

+

這次順手修改一下,同時更新了ansible 的template

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -528,12 +532,12 @@ if (!doNotTrack) { -
+
- 19 February + 04 March @@ -555,24 +559,24 @@ if (!doNotTrack) {

- [筆記] 在ubuntu 18.04 環境下 安裝 it 850UM 讀卡機 展延自然人憑證 / install it 850UM Card Reader in Ubuntu 18.04 + [筆記] 設定ubuntu 18.04 的NetworkManager config 不要更改 /etc/resolv.conf

-

早上忘了要幹什麼,去看到手上的自然人憑證到期日是今年的 417

+

ubuntu 18.04 的 DNS 設定很煩

-

想說快到期了,看看能不能線上申請展延

+

系統預設會用NetworkManager 去管理

-

結果辦公室沒有Linux 可以用的讀卡機

+

然後NetworkManager 又很「靈活」的許多種修改 /etc/resolv.conf 的方式

-

OOXX 咧,我們可是號稱全Linux 環境捏!

+

之前都是很粗暴的停用 NetworkManager

-

結果居然沒有對應的硬體!?

+

但是用筆電的user 又需要用 NetworkManager 來管理無線網路

-

於是馬上敗了一台據說有支援 Linux 的 IT 850UM 讀卡機!

+

今天找了一下文件,讓NetworkManager 可以執行,卻不會去異動 /etc/resolv.conf

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -847,7 +851,7 @@ if (!doNotTrack) {
- + diff --git a/public/index.xml b/public/index.xml index b72999b0..182957dc 100644 --- a/public/index.xml +++ b/public/index.xml @@ -6,11 +6,34 @@ Recent content on MC部落 Hugo -- gohugo.io en-us - Mon, 22 Jun 2020 09:05:42 +0800 + Fri, 10 Jul 2020 09:48:24 +0800 + + [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + Fri, 10 Jul 2020 09:48:24 +0800 + + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + <p>上禮拜某天在開會的時候,LINE不斷傳來訊息</p> + +<p>不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了</p> + +<p>看來大概有啥事發生</p> + +<p>不過畢竟不是正職的工作,就先放著吧</p> + +<p>後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我</p> + +<p>叫我趕快連進去看</p> + +<p>是說,啊我又沒跟人家簽維護,趕什麼趕&hellip;</p> + +<p>總之,開完會後就了解一下狀況</p> + + Ubuntu 18.04 Kernel 4.15.0-106 Unable to Start Wireguard Interface https://h.cowbay.org/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/ diff --git a/public/page/10/index.html b/public/page/10/index.html index de2ce4d0..0622af5f 100644 --- a/public/page/10/index.html +++ b/public/page/10/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 12 December + 13 December @@ -313,28 +313,26 @@ if (!doNotTrack) { / - 碎念 + 筆記

- [碎念] mdadm 超級慢的rebuild 速度 Incredibly Slow mdadm Rebuild + [筆記] Freenas Smartd 啟動失敗 Smartd Failed to Start in Freenas

-

最近在做一台老機器的P2V

- -

偏偏user說不能關機,所以我用dd + ssh 做線上移轉

+

這兩天在弄兩台Freenas ,準備當作Proxmox 的Storage & Server Backup

-

這部份有空再來寫

+

因為伺服器的限制,只能接六個SATA,我接了六個2T的硬碟做raid10

-

只是因為原來的設定有用mdadm 做raid1

+

然後把Freenas 安裝在隨身碟上

-

這部份導致移轉過去proxmox 後,會出現raid degrade 導致無法正常開機

+

不過會一直出現Smartd failed to start 的錯誤訊息

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -352,12 +350,12 @@ if (!doNotTrack) { -
+
- 07 December + 12 December @@ -373,26 +371,28 @@ if (!doNotTrack) { / - 筆記 + 碎念

- [筆記] 建立一個帶著走的 VIM 環境 Creating portable Vim environment + [碎念] mdadm 超級慢的rebuild 速度 Incredibly Slow mdadm Rebuild

-

因為工作的關係,現在很多時間都花在VIM的操作上

+

最近在做一台老機器的P2V

-

所以之前花了滿多時間,調整出一個適合自己的VIM環境

+

偏偏user說不能關機,所以我用dd + ssh 做線上移轉

-

原本的作法是把這個設定好的環境,丟到自己建立的gitea 上面

+

這部份有空再來寫

-

然後每到一台新的機器,就要去clone 下來

+

只是因為原來的設定有用mdadm 做raid1

-
Read the postThis is a Standard Post
+

這部份導致移轉過去proxmox 後,會出現raid degrade 導致無法正常開機

+ +
Read the postThis is a Standard Post
@@ -410,12 +410,12 @@ if (!doNotTrack) { -
+
- 04 December + 07 December @@ -431,34 +431,26 @@ if (!doNotTrack) { / - 群暉 + 筆記

- [雜念] 群暉 Synology NAS DS 415+ 誇張的維修費用 + [筆記] 建立一個帶著走的 VIM 環境 Creating portable Vim environment

-

前幾天公司的一台 Synology DS 415+ 發生異常

- -

注意到的時候,四顆硬碟燈號都不斷的在閃爍

- -

但是已經無法登入系統

- -

重開機之後更慘,四顆硬碟燈號全部橘燈恆亮

- -

底下的電源藍燈不斷的在閃爍

+

因為工作的關係,現在很多時間都花在VIM的操作上

-

雖然我一再表示不希望送修了

+

所以之前花了滿多時間,調整出一個適合自己的VIM環境

-

一來是已經過保,二來是DS415+ 本身就有intel bug,三來是因為對synology的NAS 實在沒有愛…

+

原本的作法是把這個設定好的環境,丟到自己建立的gitea 上面

-

不過主管還是希望能夠先問群暉維修的費用多少

+

然後每到一台新的機器,就要去clone 下來

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -476,12 +468,12 @@ if (!doNotTrack) { -
+
- 30 November + 04 December @@ -497,36 +489,34 @@ if (!doNotTrack) { / - 筆記 + 群暉

- [筆記] 用 proxmox & Mellanox SFP 網卡土炮 10G LAB + [雜念] 群暉 Synology NAS DS 415+ 誇張的維修費用

-

想做一個 10G 的 LAB 環境出來已經很久了。

- -

只是礙於10G RJ45的卡太貴了,然後光纖的種類又太複雜

+

前幾天公司的一台 Synology DS 415+ 發生異常

-

如果直接在淘寶購買,很怕會買錯(什麼LC/FC LC/LC 多模單模 單芯雙芯 SFP/SFP+ 又是什麼光模塊的一大堆規格)

+

注意到的時候,四顆硬碟燈號都不斷的在閃爍

-

所以一直沒有付諸行動。

+

但是已經無法登入系統

-

硬體的工作很久沒碰了,剛好在蝦皮看到有個賣家在賣 mellanox 的X2網卡,以在台灣的價格來說,算很便宜的 (550)

+

重開機之後更慘,四顆硬碟燈號全部橘燈恆亮

-

聊了一下,跟他請教了關於線材、光纖模塊的問題,回答也都很快很到位

+

底下的電源藍燈不斷的在閃爍

-

就直接下訂了兩張網卡、兩個光纖模塊、一條LC/LC 光纖線

+

雖然我一再表示不希望送修了

-

就是到貨有點久,等了兩個禮拜左右,一直到昨天東西才寄到

+

一來是已經過保,二來是DS415+ 本身就有intel bug,三來是因為對synology的NAS 實在沒有愛…

-

今天就花了點時間測試一下

+

不過主管還是希望能夠先問群暉維修的費用多少

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -544,12 +534,12 @@ if (!doNotTrack) { -
+
- 29 November + 30 November @@ -571,18 +561,30 @@ if (!doNotTrack) {

- [筆記] 還是 Ansible Selectattr + [筆記] 用 proxmox & Mellanox SFP 網卡土炮 10G LAB

-

在上一篇 Ansible how to use ‘list’ in yaml file

+

想做一個 10G 的 LAB 環境出來已經很久了。

+ +

只是礙於10G RJ45的卡太貴了,然後光纖的種類又太複雜

-

有提到怎麼用 with_items / set_fact 來取得在yaml 檔案中的清單

+

如果直接在淘寶購買,很怕會買錯(什麼LC/FC LC/LC 多模單模 單芯雙芯 SFP/SFP+ 又是什麼光模塊的一大堆規格)

+ +

所以一直沒有付諸行動。

-

不過就是有點醜

+

硬體的工作很久沒碰了,剛好在蝦皮看到有個賣家在賣 mellanox 的X2網卡,以在台灣的價格來說,算很便宜的 (550)

-
Read the postThis is a Standard Post
+

聊了一下,跟他請教了關於線材、光纖模塊的問題,回答也都很快很到位

+ +

就直接下訂了兩張網卡、兩個光纖模塊、一條LC/LC 光纖線

+ +

就是到貨有點久,等了兩個禮拜左右,一直到昨天東西才寄到

+ +

今天就花了點時間測試一下

+ +
Read the postThis is a Standard Post
@@ -865,7 +867,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/11/index.html b/public/page/11/index.html index 6a90043f..fe53ed4c 100644 --- a/public/page/11/index.html +++ b/public/page/11/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,6 +292,62 @@ if (!doNotTrack) { +
+ + +
+
+ 29 November + + + + / + + + + + + + + + + / + + 筆記 + + +
+
+

+ [筆記] 還是 Ansible Selectattr +

+
+
+ +
+
+
+ + + + + + + + +
+ + + +
@@ -382,8 +438,8 @@ if (!doNotTrack) { -
- +
+ @@ -440,8 +496,8 @@ if (!doNotTrack) { -
- +
+ @@ -498,8 +554,8 @@ if (!doNotTrack) { -
- +
+ @@ -555,63 +611,6 @@ if (!doNotTrack) {
- - - - - - - -
- - - - -
- - -
-
- 06 November - - - - / - - - - - - - - - - / - - 筆記 - - -
-
-

- Nice Du Report Tool Durep -

-
-
-
-

最近在重新規劃前人留下的backup爛攤子 -各個伺服器統一備份到一台backup storage -想說如果每天能夠看到backup storage的磁碟用量的話 -就可以抓出備份空間成長速度、推估需要多大的磁碟空間 -找了一些工具,結果發現 durep 這個 ubuntu 內建的工具 -基本上可以滿足我的需求

- -
Read the postThis is a Standard Post
-
-
-
-
-
@@ -887,7 +886,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/12/index.html b/public/page/12/index.html index 70f890b6..b3505d6c 100644 --- a/public/page/12/index.html +++ b/public/page/12/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,6 +292,63 @@ if (!doNotTrack) { +
+ + +
+
+ 06 November + + + + / + + + + + + + + + + / + + 筆記 + + +
+
+

+ Nice Du Report Tool Durep +

+
+
+
+

最近在重新規劃前人留下的backup爛攤子 +各個伺服器統一備份到一台backup storage +想說如果每天能夠看到backup storage的磁碟用量的話 +就可以抓出備份空間成長速度、推估需要多大的磁碟空間 +找了一些工具,結果發現 durep 這個 ubuntu 內建的工具 +基本上可以滿足我的需求

+ +
Read the postThis is a Standard Post
+
+
+
+
+ + + + + + + + +
+ + + +
@@ -355,8 +412,8 @@ if (!doNotTrack) { -
- +
+ @@ -684,7 +741,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/2/index.html b/public/page/2/index.html index c042cce8..f42e73ef 100644 --- a/public/page/2/index.html +++ b/public/page/2/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 17 January + 19 February @@ -319,20 +319,24 @@ if (!doNotTrack) {

- [筆記] 測試 proxmox 存取由 synology HA cluster 分享的NFS 目錄 / Proxmox With Synology High Availability + [筆記] 在ubuntu 18.04 環境下 安裝 it 850UM 讀卡機 展延自然人憑證 / install it 850UM Card Reader in Ubuntu 18.04

-

前幾天修復了因為intel cpu bug 導致無法使用的 synology DS415+

+

早上忘了要幹什麼,去看到手上的自然人憑證到期日是今年的 417

-

詳情請看 https://h.cowbay.org/post/first-try-synology-ha/

+

想說快到期了,看看能不能線上申請展延

-

今天趁尾牙前夕,手邊沒啥要緊事

+

結果辦公室沒有Linux 可以用的讀卡機

-

就來玩玩看promox 加上 synology high availability 再加上 NFS share 的環境

+

OOXX 咧,我們可是號稱全Linux 環境捏!

-
Read the postThis is a Standard Post
+

結果居然沒有對應的硬體!?

+ +

於是馬上敗了一台據說有支援 Linux 的 IT 850UM 讀卡機!

+ +
Read the postThis is a Standard Post
@@ -350,12 +354,12 @@ if (!doNotTrack) { -
+
- 10 January + 17 January @@ -377,24 +381,20 @@ if (!doNotTrack) {

- [筆記] 第一次玩 Synology High Availability / first try synology high availability + [筆記] 測試 proxmox 存取由 synology HA cluster 分享的NFS 目錄 / Proxmox With Synology High Availability

-

上禮拜,原本擔任 proxmox cluster 的主要 storage 的 ds415+ 掛點了

- -

原因應該就是之前的 intel c2000 series cpu 的 bug

- -

只是不知道為什麼這台兩三年來都沒有關機的NAS

+

前幾天修復了因為intel cpu bug 導致無法使用的 synology DS415+

-

比其他三台多撐了那麼久 (已經有兩台送修回來,一台也是同樣症狀,被放在一邊)

+

詳情請看 https://h.cowbay.org/post/first-try-synology-ha/

-

趁著這次機會,看看網路上說的換電阻大法有沒有用!

+

今天趁尾牙前夕,手邊沒啥要緊事

-

如果有用,就拿這兩台來玩玩 synology high availability !

+

就來玩玩看promox 加上 synology high availability 再加上 NFS share 的環境

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -412,12 +412,12 @@ if (!doNotTrack) { -
+
- 07 January + 10 January @@ -439,20 +439,24 @@ if (!doNotTrack) {

- [筆記] postgresql 效能測試 / postgresql benchmakr using pgbench + [筆記] 第一次玩 Synology High Availability / first try synology high availability

-

昨天老闆在slack 上面問說現在的幾台 DB Server 有沒有跑過 pgbench

+

上禮拜,原本擔任 proxmox cluster 的主要 storage 的 ds415+ 掛點了

-

分數大概如何,想要跟他的筆電做個比較

+

原因應該就是之前的 intel c2000 series cpu 的 bug

-

之前有跑過幾次,這次就順便測試一下不同的硬體配置、以及不同的軟體版本

+

只是不知道為什麼這台兩三年來都沒有關機的NAS

-

對於pgbench 跑分會有多大的影響

+

比其他三台多撐了那麼久 (已經有兩台送修回來,一台也是同樣症狀,被放在一邊)

-
Read the postThis is a Standard Post
+

趁著這次機會,看看網路上說的換電阻大法有沒有用!

+ +

如果有用,就拿這兩台來玩玩 synology high availability !

+ +
Read the postThis is a Standard Post
@@ -470,12 +474,12 @@ if (!doNotTrack) { -
+
- 03 January + 07 January @@ -497,18 +501,20 @@ if (!doNotTrack) {

- [筆記] 用ubuntu livecd 救援群暉 synology NAS內的資料 / rescue synology nas with ubuntu livecd + [筆記] postgresql 效能測試 / postgresql benchmakr using pgbench

-

2020/01/02 , 2020年上工的第一天,群暉的 DS415+ NAS 掛了!

+

昨天老闆在slack 上面問說現在的幾台 DB Server 有沒有跑過 pgbench

-

因為群暉的文件在最關鍵的一步寫得亂七八糟!

+

分數大概如何,想要跟他的筆電做個比較

-

所以在這邊紀錄一下我操作的步驟!

+

之前有跑過幾次,這次就順便測試一下不同的硬體配置、以及不同的軟體版本

-
Read the postThis is a Standard Post
+

對於pgbench 跑分會有多大的影響

+ +
Read the postThis is a Standard Post
@@ -526,7 +532,7 @@ if (!doNotTrack) { -
+
@@ -547,26 +553,24 @@ if (!doNotTrack) { / - 雜念 + 筆記

- [碎念] Synology 群暉的文件不知道在工三小 / what a piss in synology document + [筆記] 用ubuntu livecd 救援群暉 synology NAS內的資料 / rescue synology nas with ubuntu livecd

-

2020/01/02 2020 上工的第一天,公司碩果僅存的唯一一台 Synology DS415+ 也終於掛了

- -

開機沒多久就連不上,反覆幾次之後,出現了開機時所有燈號都狂閃的狀況

+

2020/01/02 , 2020年上工的第一天,群暉的 DS415+ NAS 掛了!

-

終於宣告不治

+

因為群暉的文件在最關鍵的一步寫得亂七八糟!

-

問題很明顯的就是Intel C2000 系列 CPU 的瑕疵

+

所以在這邊紀錄一下我操作的步驟!

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -843,7 +847,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/3/index.html b/public/page/3/index.html index 814df0c7..00c20565 100644 --- a/public/page/3/index.html +++ b/public/page/3/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 27 December + 03 January @@ -313,26 +313,26 @@ if (!doNotTrack) { / - 筆記 + 雜念

- [筆記]在ansible中,取得loop register後的值/ Ansible Get Value From Loop Register + [碎念] Synology 群暉的文件不知道在工三小 / what a piss in synology document

-

今天在寫一支客製化 firefox 的playbook

+

2020/01/02 2020 上工的第一天,公司碩果僅存的唯一一台 Synology DS415+ 也終於掛了

-

因為firefox 會給每個user 建立一個由亂數字串組成的default profile

+

開機沒多久就連不上,反覆幾次之後,出現了開機時所有燈號都狂閃的狀況

-

所以每個user的 default profile 都不同

+

終於宣告不治

-

也因此在用register處理的時候,碰到了一些問題

+

問題很明顯的就是Intel C2000 系列 CPU 的瑕疵

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -350,12 +350,12 @@ if (!doNotTrack) { -
+
- 24 December + 27 December @@ -377,22 +377,20 @@ if (!doNotTrack) {

- [筆記] ansible 設定 ssh_args 開啟 ForwardX11 / config ansible ssh_args to enable forwardagent + [筆記]在ansible中,取得loop register後的值/ Ansible Get Value From Loop Register

-

正確來說,我不曉得到底怎麼「稱呼」這個 forwardx11 / forwardagent

- -

總之就是在寫一隻ansible playbook

+

今天在寫一支客製化 firefox 的playbook

-

目的是用來安裝、設定 firefox

+

因為firefox 會給每個user 建立一個由亂數字串組成的default profile

-

包含安裝 firefox addon

+

所以每個user的 default profile 都不同

-

但是一開始在執行的時候,碰到了一些錯誤

+

也因此在用register處理的時候,碰到了一些問題

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -410,12 +408,12 @@ if (!doNotTrack) { -
+
- 20 December + 24 December @@ -437,24 +435,22 @@ if (!doNotTrack) {

- [筆記] 測試 postgresql 的pg_prewarm 對效能的影響 / test pg_prewarm in postgresql 11 + [筆記] ansible 設定 ssh_args 開啟 ForwardX11 / config ansible ssh_args to enable forwardagent

-

老闆提到想要把新系統的 postgresql 資料庫都撈到記憶體裡面

- -

但是否決了我提出的ramdisk 作法(因為當機的話,資料就沒了)

+

正確來說,我不曉得到底怎麼「稱呼」這個 forwardx11 / forwardagent

-

在找資料的時候,發現了這個postgresql 的 pg_prewarm extension

+

總之就是在寫一隻ansible playbook

-

好像有點意思?就來測試看看吧!

+

目的是用來安裝、設定 firefox

-

只是目前還不知道該怎麼解讀測試的數據就是了…

+

包含安裝 firefox addon

-

幹!林北真的不是 DBA 啦 =.=

+

但是一開始在執行的時候,碰到了一些錯誤

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -472,12 +468,12 @@ if (!doNotTrack) { -
+
- 18 December + 20 December @@ -499,18 +495,24 @@ if (!doNotTrack) {

- [筆記] 在ansible playbook中不小心多打了一個空格 / Accidentally Typed an Extra Space in Ansible Playbook + [筆記] 測試 postgresql 的pg_prewarm 對效能的影響 / test pg_prewarm in postgresql 11

-

剛剛在跑一個修改過的playbook,卻發現一個詭異的狀況

+

老闆提到想要把新系統的 postgresql 資料庫都撈到記憶體裡面

-

在用template產生檔案之前,爲了避免錯誤,所以我先用 file module 去建立目錄

+

但是否決了我提出的ramdisk 作法(因為當機的話,資料就沒了)

-

怪就怪在,建立目錄的task沒錯,但是要產生檔案時,卻出現了目的目錄不存在的錯誤

+

在找資料的時候,發現了這個postgresql 的 pg_prewarm extension

-
Read the postThis is a Standard Post
+

好像有點意思?就來測試看看吧!

+ +

只是目前還不知道該怎麼解讀測試的數據就是了…

+ +

幹!林北真的不是 DBA 啦 =.=

+ +
Read the postThis is a Standard Post
@@ -528,12 +530,12 @@ if (!doNotTrack) { -
+
- 16 December + 18 December @@ -555,20 +557,18 @@ if (!doNotTrack) {

- 在ubuntu 18.04中,透過 dconf 設定系統層級的「我的最愛」/ Add System Wide Favorite Apps in dock with Dconf in ubuntu 18.04 + [筆記] 在ansible playbook中不小心多打了一個空格 / Accidentally Typed an Extra Space in Ansible Playbook

-

這幾天在ansible 寫了一份新的playbook給developer 用

- -

然後user反映說,希望能在ubuntu 18.04 內建的dock 裏面新增一個gnome-terminal的icon

+

剛剛在跑一個修改過的playbook,卻發現一個詭異的狀況

-

我才發現原來之前的寫法不能用在 ubuntu 18.04 上

+

在用template產生檔案之前,爲了避免錯誤,所以我先用 file module 去建立目錄

-

只好又弄了一份出來

+

怪就怪在,建立目錄的task沒錯,但是要產生檔案時,卻出現了目的目錄不存在的錯誤

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -847,7 +847,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/4/index.html b/public/page/4/index.html index dc13e4e3..cff95d4d 100644 --- a/public/page/4/index.html +++ b/public/page/4/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 31 October + 16 December @@ -319,28 +319,20 @@ if (!doNotTrack) {

- [筆記] ubuntu 18.04 透過 dconf 修改系統 proxy / modify system proxy with dconf in ubuntu 18.04 + 在ubuntu 18.04中,透過 dconf 設定系統層級的「我的最愛」/ Add System Wide Favorite Apps in dock with Dconf in ubuntu 18.04

-

最近在準備升級client 的作業系統,從 ubuntu 14.04 準備升級到 18.04 或明年的 20.04

- -

因為公司政策的關係,所以現在要連接internet ,需要申請

- -

然後 user 再去系統的proxy 設定新增一個 PAC 檔

- -

但是這個動作其實是去叫NetworkManager 這個服務

- -

可是在18.04 上,我會把這個服務關掉,因為他會干擾我的DNS設定

+

這幾天在ansible 寫了一份新的playbook給developer 用

-

所以想試試看有沒有辦法不使用 NetworkManager 服務

+

然後user反映說,希望能在ubuntu 18.04 內建的dock 裏面新增一個gnome-terminal的icon

-

又能夠在 user level 修改 proxy 參數

+

我才發現原來之前的寫法不能用在 ubuntu 18.04 上

-

就想到了用 dconf 來做

+

只好又弄了一份出來

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -358,12 +350,12 @@ if (!doNotTrack) { -
+
- 14 October + 31 October @@ -385,20 +377,28 @@ if (!doNotTrack) {

- [筆記] 超強的ALL-in-One VPN Server streisand / Awesome All in One Vpn Server Streisand + [筆記] ubuntu 18.04 透過 dconf 修改系統 proxy / modify system proxy with dconf in ubuntu 18.04

-

最近上班閒得發慌,沒事就上 github 找看看有沒有什麼好玩的專案

+

最近在準備升級client 的作業系統,從 ubuntu 14.04 準備升級到 18.04 或明年的 20.04

-

就不小心發現了這個 streisand

+

因為公司政策的關係,所以現在要連接internet ,需要申請

-

https://github.com/StreisandEffect/streisand

+

然後 user 再去系統的proxy 設定新增一個 PAC 檔

-

玩了一下,發現這根本就是終極的VPN Server solution ..

+

但是這個動作其實是去叫NetworkManager 這個服務

-
Read the postThis is a Standard Post
+

可是在18.04 上,我會把這個服務關掉,因為他會干擾我的DNS設定

+ +

所以想試試看有沒有辦法不使用 NetworkManager 服務

+ +

又能夠在 user level 修改 proxy 參數

+ +

就想到了用 dconf 來做

+ +
Read the postThis is a Standard Post
@@ -416,12 +416,12 @@ if (!doNotTrack) { -
+
- 04 October + 14 October @@ -437,22 +437,26 @@ if (!doNotTrack) { / - + 筆記

- [推薦] ulauncher ubuntu 18.04 底下,好用的 app launcher / Recommended Ulauncher in Ubuntu 1804 + [筆記] 超強的ALL-in-One VPN Server streisand / Awesome All in One Vpn Server Streisand

@@ -470,12 +474,12 @@ if (!doNotTrack) { -
+
- 20 September + 04 October @@ -491,30 +495,22 @@ if (!doNotTrack) { / - 筆記 +

- [筆記] 在ubuntu 18.04安裝psql 11 以及 pg_auto_failover / install psql 11 and pg_auto_failover in ubuntu 18.04 + [推薦] ulauncher ubuntu 18.04 底下,好用的 app launcher / Recommended Ulauncher in Ubuntu 1804

-

最近都在弄postgresql

- -

備份、還原測試得差不多了,就等著看到時候要用什麼方式

- -

前幾天看到 pg_auto_failover 這個postgresql 的extension

- -

https://github.com/citusdata/pg_auto_failover

- -

感覺挺不錯的,看起來設定很簡單,雖然之前已經測試了 keepalived 做 HA

+

這兩天在找關於在 ubuntu 中做搜尋的軟體

-

不過,反正當作練功嘛,多測試一套也不錯!

+

意外找到一個非常好用的工具 ulauncher

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -532,12 +528,12 @@ if (!doNotTrack) { -
+
- 10 September + 20 September @@ -559,16 +555,24 @@ if (!doNotTrack) {

- [筆記] 測試 USB 3.1 Gen2 NVME SSD 外接盒 & 內建pci-e ssd & 外接SATA SSD / Bencmark With External Internal Nvme Ssd and External Sata Ssd + [筆記] 在ubuntu 18.04安裝psql 11 以及 pg_auto_failover / install psql 11 and pg_auto_failover in ubuntu 18.04

-

前幾天在淘寶上買了個 SSK 的USB 3.1 Gen2 (type-c) NVME SSD 外接盒 -手邊也剛好有一條多的intel 600p nvme ssd 就順手來做個比較 -目標是看看有沒有可能直接用外接的SSD來跑postgresql

+

最近都在弄postgresql

-
Read the postThis is a Standard Post
+

備份、還原測試得差不多了,就等著看到時候要用什麼方式

+ +

前幾天看到 pg_auto_failover 這個postgresql 的extension

+ +

https://github.com/citusdata/pg_auto_failover

+ +

感覺挺不錯的,看起來設定很簡單,雖然之前已經測試了 keepalived 做 HA

+ +

不過,反正當作練功嘛,多測試一套也不錯!

+ +
Read the postThis is a Standard Post
@@ -849,7 +853,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/5/index.html b/public/page/5/index.html index 9b977ad4..1dfb781b 100644 --- a/public/page/5/index.html +++ b/public/page/5/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 06 September + 10 September @@ -319,18 +319,16 @@ if (!doNotTrack) {

- [筆記] 用zfs的snapshot 快照功能來做 postgresql 的備份還原 / Postgresql Backup Restore Using Zfs Snapshot + [筆記] 測試 USB 3.1 Gen2 NVME SSD 外接盒 & 內建pci-e ssd & 外接SATA SSD / Bencmark With External Internal Nvme Ssd and External Sata Ssd

-

前面測試了用pgbarman / pgbackrest 來備份 postgresql

- -

這次改從system file level 來下手

- -

採用zfs 的快照來備份、還原postgresql 資料庫

+

前幾天在淘寶上買了個 SSK 的USB 3.1 Gen2 (type-c) NVME SSD 外接盒 +手邊也剛好有一條多的intel 600p nvme ssd 就順手來做個比較 +目標是看看有沒有可能直接用外接的SSD來跑postgresql

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -348,12 +346,12 @@ if (!doNotTrack) { -
+
- 05 September + 06 September @@ -375,14 +373,18 @@ if (!doNotTrack) {

- [筆記] 用pbackrest 備份還原 postgresql / Backup Restore Postgresql With Pgbackrest + [筆記] 用zfs的snapshot 快照功能來做 postgresql 的備份還原 / Postgresql Backup Restore Using Zfs Snapshot

@@ -400,12 +402,12 @@ if (!doNotTrack) { -
+
- 23 August + 05 September @@ -427,14 +429,14 @@ if (!doNotTrack) {

- [筆記] 在Ubuntu 18.04 下 透過 pgbarman rsync/ssh backup 備份 postgresql 10 / backup postgresql 10 with pgbarman via ssh/rsync in ubuntu 18.04 + [筆記] 用pbackrest 備份還原 postgresql / Backup Restore Postgresql With Pgbackrest

@@ -452,7 +454,7 @@ if (!doNotTrack) { -
+
@@ -479,20 +481,14 @@ if (!doNotTrack) {

- [筆記] 在Ubuntu 18.04 下 透過 pgbarman streaming backup 備份 postgresql 10/ backup postgresql 10 with pgbarman straming backup in ubuntu 18.04 + [筆記] 在Ubuntu 18.04 下 透過 pgbarman rsync/ssh backup 備份 postgresql 10 / backup postgresql 10 with pgbarman via ssh/rsync in ubuntu 18.04

@@ -510,12 +506,12 @@ if (!doNotTrack) { -
+
- 20 August + 23 August @@ -537,20 +533,20 @@ if (!doNotTrack) {

- [筆記] 在ubuntu 18.04 下安裝nvidia 顯示卡驅動程式以及 pgstrom / Install Nvidia Driver Cuda Pgstrom in Ubuntu 1804 + [筆記] 在Ubuntu 18.04 下 透過 pgbarman streaming backup 備份 postgresql 10/ backup postgresql 10 with pgbarman straming backup in ubuntu 18.04

-

因為老闆說要試試看用GPU 來跑postgresql 威力

+

很久以前就有看到這個用來備份postgresql 的 pgbarman

-

手邊剛好有一張 geforce gt 720

+

https://www.pgbarman.org/

-

一開始沒想太多,看到有這張卡的驅動程式,然後CUDA也有支援

+

前幾天老闆在slack 上面又提到,所以這次就花了點時間來玩玩看

-

就直接從桌機拔下來,接去LAB Server ,然後就開始一連串的難關了…

+

不過呢,雖然有弄起來,但是還真不知道有些問題是怎麼解決的…

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -833,7 +829,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/6/index.html b/public/page/6/index.html index ae330ee5..732e6b12 100644 --- a/public/page/6/index.html +++ b/public/page/6/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 16 August + 20 August @@ -319,26 +319,20 @@ if (!doNotTrack) {

- [筆記] 在gcp 中用wireguard建立VPN時,不要用 10.0.0.0/16 網段/Do No Use 10 0 0 0 Private Ipaddr in GCP + [筆記] 在ubuntu 18.04 下安裝nvidia 顯示卡驅動程式以及 pgstrom / Install Nvidia Driver Cuda Pgstrom in Ubuntu 1804

-

最近一直在玩 wireguard ,先前把各個分公司和總部的VPN 改用 wireguard 建立

- -

想說再打個VPN tunnel 來當跳板連 ptt 好了

- -

因為wireguard 建立很簡單,而且又可以指定想要繞出去的路由,不會影響原本的網路環境

+

因為老闆說要試試看用GPU 來跑postgresql 威力

-

本來是在vultr 的VPS上面建立這個tunnel

+

手邊剛好有一張 geforce gt 720

-

但是那台VPS連去ptt 很頓,卡卡的

+

一開始沒想太多,看到有這張卡的驅動程式,然後CUDA也有支援

-

所以改用google cloud platform 的free tier 來做

+

就直接從桌機拔下來,接去LAB Server ,然後就開始一連串的難關了…

-

反正只是拿來當跳板,不會有什麼流量、運算產生,可以一直保持免費的狀態

- -
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -356,12 +350,12 @@ if (!doNotTrack) { -
+
- 13 August + 16 August @@ -383,24 +377,26 @@ if (!doNotTrack) {

- [筆記] 透過 wireguard 建立多點 site to site VPN / Multiple Site to Site VPN Using Wireguard + [筆記] 在gcp 中用wireguard建立VPN時,不要用 10.0.0.0/16 網段/Do No Use 10 0 0 0 Private Ipaddr in GCP

-

因為實在受夠了現在用的 openwrt + strongswan 建立 IPSec VPN

+

最近一直在玩 wireguard ,先前把各個分公司和總部的VPN 改用 wireguard 建立

-

雖然說其實沒有什麼不好,但是畢竟不是我建立的,而當初的文件也都不見了

+

想說再打個VPN tunnel 來當跳板連 ptt 好了

-

完全沒辦法了解當時設計的邏輯,造成後續debug 困難

+

因為wireguard 建立很簡單,而且又可以指定想要繞出去的路由,不會影響原本的網路環境

-

可以想像一下,一台VPN router ping 不到remote、ping不到internet、甚至ping不到自己 是要怎麼debug !?(翻桌

+

本來是在vultr 的VPS上面建立這個tunnel

-

之前買了兩台edgerouter X 拿來玩了一下 wireguard,感覺還不錯,不過只有測試到點對點

+

但是那台VPS連去ptt 很頓,卡卡的

-

這次試試看躲在gateway後面,看看能不能建立多點的VPN環境

+

所以改用google cloud platform 的free tier 來做

-
Read the postThis is a Standard Post
+

反正只是拿來當跳板,不會有什麼流量、運算產生,可以一直保持免費的狀態

+ +
Read the postThis is a Standard Post
@@ -418,12 +414,12 @@ if (!doNotTrack) { -
+
- 06 August + 13 August @@ -445,32 +441,24 @@ if (!doNotTrack) {

- [筆記] 在edgerouter上用wireguard 建立site to site VPN / Site to Site Vpn Using Wireguard in Two Edgerouters + [筆記] 透過 wireguard 建立多點 site to site VPN / Multiple Site to Site VPN Using Wireguard

-

之前總部和分公司之間 是用buffalo 的小AP 灌 openwrt

- -

然後用strongswan 來打 IPSEC site to site VPN

- -

config 看起來不是很難 (只是看起來)

- -

但是實際上已經找不到當初的文件

- -

所以要維護很困難(光那些RSA KEY 就不知道為何、如何產生)

+

因為實在受夠了現在用的 openwrt + strongswan 建立 IPSec VPN

-

後來採購了兩台edgerouter X 做測試

+

雖然說其實沒有什麼不好,但是畢竟不是我建立的,而當初的文件也都不見了

-

也用openvpn 成功的建立了 site to site VPN

+

完全沒辦法了解當時設計的邏輯,造成後續debug 困難

-

本來想說 openvpn 已經夠簡單了

+

可以想像一下,一台VPN router ping 不到remote、ping不到internet、甚至ping不到自己 是要怎麼debug !?(翻桌

-

今天看到文章說用wireguard 可以更簡單

+

之前買了兩台edgerouter X 拿來玩了一下 wireguard,感覺還不錯,不過只有測試到點對點

-

於是研究了一下,發現還真的很簡單!

+

這次試試看躲在gateway後面,看看能不能建立多點的VPN環境

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -488,12 +476,12 @@ if (!doNotTrack) { -
+
- 05 August + 06 August @@ -509,31 +497,38 @@ if (!doNotTrack) { / - ansible + 筆記

- [筆記] 為了保存log 用script 指令執行ansible / Another Way to Keep Ansible Log using script command + [筆記] 在edgerouter上用wireguard 建立site to site VPN / Site to Site Vpn Using Wireguard in Two Edgerouters

-

之前為了能夠在執行完 ansible playbook 後,能有個log 可以看

+

之前總部和分公司之間 是用buffalo 的小AP 灌 openwrt

-

所以在每次執行的時候,都要加入 tee 的指令

+

然後用strongswan 來打 IPSEC site to site VPN

-

像是

+

config 看起來不是很難 (只是看起來)

-
ANSIBLE_CONFIG=/home/D/ansiblecontrol/ansible.cfg /usr/local/bin/ansible-playbook  /home/D/ansiblecontrol/playbook.user_client.yml --vault-password-file=/home/D/ansiblecontrol/vault.passwd -i /home/D/ansiblecontrol/inventory/production -f1 --limit tyuserclients |tee /tmp/tyuserclients.log
-
+

但是實際上已經找不到當初的文件

-

一直都是放在crontab 裡面執行,也就沒有去管他

+

所以要維護很困難(光那些RSA KEY 就不知道為何、如何產生)

-

反正也沒有人關心結果怎樣 (攤手

+

後來採購了兩台edgerouter X 做測試

-
Read the postThis is a Standard Post
+

也用openvpn 成功的建立了 site to site VPN

+ +

本來想說 openvpn 已經夠簡單了

+ +

今天看到文章說用wireguard 可以更簡單

+ +

於是研究了一下,發現還真的很簡單!

+ +
Read the postThis is a Standard Post
@@ -551,12 +546,12 @@ if (!doNotTrack) { -
+
- 31 July + 05 August @@ -572,34 +567,31 @@ if (!doNotTrack) { / - 筆記 + ansible

- [筆記] 用pxe 安裝系統,完成後送出郵件通知 / send mail notification after pxe install + [筆記] 為了保存log 用script 指令執行ansible / Another Way to Keep Ansible Log using script command

-

最近有個任務,需要大量安裝client

- -

想用PXE來處理,只要user開機按F12(acer 桌機) 選擇PXE Boot

- -

然後選擇OS版本,就可以自動進行安裝

+

之前為了能夠在執行完 ansible playbook 後,能有個log 可以看

-

安裝完成後,會自動重新開機,接著就用ansible來做user環境設定

+

所以在每次執行的時候,都要加入 tee 的指令

-

PXE的部份本來是沒有什麼問題,自動安裝系統的部份都做好了

+

像是

-

可是因為這次的量比較多,想說讓每一台在完成PXE安裝後的第一次重開機

+
ANSIBLE_CONFIG=/home/D/ansiblecontrol/ansible.cfg /usr/local/bin/ansible-playbook  /home/D/ansiblecontrol/playbook.user_client.yml --vault-password-file=/home/D/ansiblecontrol/vault.passwd -i /home/D/ansiblecontrol/inventory/production -f1 --limit tyuserclients |tee /tmp/tyuserclients.log
+
-

就送出一封郵件來通知我,說已經完成安裝,可以執行ansible 了

+

一直都是放在crontab 裡面執行,也就沒有去管他

-

看似很簡單的一件事情,卻搞了我兩天….

+

反正也沒有人關心結果怎樣 (攤手

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -884,7 +876,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/7/index.html b/public/page/7/index.html index 33849898..3a8fd116 100644 --- a/public/page/7/index.html +++ b/public/page/7/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 23 July + 31 July @@ -313,26 +313,34 @@ if (!doNotTrack) { / - ansible + 筆記

- [ansible] 用 ip 位置判斷是否要執行task /ansible run task depends on ipaddr + [筆記] 用pxe 安裝系統,完成後送出郵件通知 / send mail notification after pxe install

-

因為工作上的需要,要修改client端的 /etc/environment 檔案

+

最近有個任務,需要大量安裝client

-

在有權限使用proxy 服務的user的環境中,加入proxy 的設定

+

想用PXE來處理,只要user開機按F12(acer 桌機) 選擇PXE Boot

-

原本的清單中,有host/user/ip 這幾個值可以拿來判斷

+

然後選擇OS版本,就可以自動進行安裝

-

proxy server 那邊是採用ip 來控制,所以這邊也跟著用 ip 來判斷要不要修改 /etc/environment

+

安裝完成後,會自動重新開機,接著就用ansible來做user環境設定

-
Read the postThis is a Standard Post
+

PXE的部份本來是沒有什麼問題,自動安裝系統的部份都做好了

+ +

可是因為這次的量比較多,想說讓每一台在完成PXE安裝後的第一次重開機

+ +

就送出一封郵件來通知我,說已經完成安裝,可以執行ansible 了

+ +

看似很簡單的一件事情,卻搞了我兩天….

+ +
Read the postThis is a Standard Post
@@ -350,12 +358,12 @@ if (!doNotTrack) { -
+
- 01 July + 23 July @@ -371,24 +379,26 @@ if (!doNotTrack) { / - Ansible + ansible

- [ansible] 引用事先定義好的yaml檔裡面的變數 - Ansible Selectattr From List in Dictionary file + [ansible] 用 ip 位置判斷是否要執行task /ansible run task depends on ipaddr

-

在ansible中,關於如何引用自定義的變數,一直讓我很頭疼

+

因為工作上的需要,要修改client端的 /etc/environment 檔案

-

尤其是有牽涉到從外部導入yaml檔案時,更是常常讓我不知道到底該怎麼抓出想要的變數

+

在有權限使用proxy 服務的user的環境中,加入proxy 的設定

-

這次還是用selectattr 來處理,希望下次能夠記得…

+

原本的清單中,有host/user/ip 這幾個值可以拿來判斷

-
Read the postThis is a Standard Post
+

proxy server 那邊是採用ip 來控制,所以這邊也跟著用 ip 來判斷要不要修改 /etc/environment

+ +
Read the postThis is a Standard Post
@@ -406,12 +416,12 @@ if (!doNotTrack) { -
+
- 20 June + 01 July @@ -427,28 +437,24 @@ if (!doNotTrack) { / - 筆記 + Ansible

- linux底下遠端遙控&管理的好用系統 Meshcentral / Remote Management & control system Meshcentral + [ansible] 引用事先定義好的yaml檔裡面的變數 - Ansible Selectattr From List in Dictionary file

-

之前在LAN/windows環境下,一直都是用ultravnc/winvnc/tigervnc之類的VNC軟體

- -

但是如果要過 internet ,就會碰到各種開port的問題

- -

在這種環境下,就有了當時 teamviewer 的橫空出世

+

在ansible中,關於如何引用自定義的變數,一直讓我很頭疼

-

解決了開PORT的問題,讓被控端(通常是資訊技術相對弱勢,需要接受幫助的一方)不需要懂太多

+

尤其是有牽涉到從外部導入yaml檔案時,更是常常讓我不知道到底該怎麼抓出想要的變數

-

只要下載teamviewer被控端,開啟後報ID 給協助者就好了

+

這次還是用selectattr 來處理,希望下次能夠記得…

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -466,12 +472,12 @@ if (!doNotTrack) { -
+
- 17 June + 20 June @@ -487,30 +493,28 @@ if (!doNotTrack) { / - Proxmox + 筆記

- Install Asus 10G NIC XG-C100C in Proxmox + linux底下遠端遙控&管理的好用系統 Meshcentral / Remote Management & control system Meshcentral

-

前幾天接的一個case

- -

因為費用的關係,所以沒有考慮用傳統定義上的伺服器(DELL R640)

+

之前在LAN/windows環境下,一直都是用ultravnc/winvnc/tigervnc之類的VNC軟體

-

改採用比較高階一點的洋垃圾,規格大概是 Intel E5-2680V2 x2 + 64G RAM + 128G SSD x2 (OS) + 960G SSD x4 (raid 10 , zfs)

+

但是如果要過 internet ,就會碰到各種開port的問題

-

storage 選擇QNAP NAS TS-932X + 960G SSD x 4 (raid 10 , NFS) + QNAP 10G Switch QSW-1280C-8C

+

在這種環境下,就有了當時 teamviewer 的橫空出世

-

既然storage這邊選用了10G的機種,伺服器上當然也要增加10G網卡

+

解決了開PORT的問題,讓被控端(通常是資訊技術相對弱勢,需要接受幫助的一方)不需要懂太多

-

一樣,成本考量,就不用INTEL 了,買了這張 ASUS 10G 網卡

+

只要下載teamviewer被控端,開啟後報ID 給協助者就好了

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -528,12 +532,12 @@ if (!doNotTrack) { -
+
- 21 May + 17 June @@ -549,22 +553,30 @@ if (!doNotTrack) { / - 筆記 + Proxmox

- [筆記] 修改 docker 容器內的時區 - Change Timezone in Docker + Install Asus 10G NIC XG-C100C in Proxmox

-

最近一直在玩一些docker,不過老是會碰到歪果扔寫的東西,時區都不一致

+

前幾天接的一個case

+ +

因為費用的關係,所以沒有考慮用傳統定義上的伺服器(DELL R640)

-

有的用 UTC,有的用localtime,就是沒碰到用 Asia/Taipei 的….

+

改採用比較高階一點的洋垃圾,規格大概是 Intel E5-2680V2 x2 + 64G RAM + 128G SSD x2 (OS) + 960G SSD x4 (raid 10 , zfs)

+ +

storage 選擇QNAP NAS TS-932X + 960G SSD x 4 (raid 10 , NFS) + QNAP 10G Switch QSW-1280C-8C

-
Read the postThis is a Standard Post
+

既然storage這邊選用了10G的機種,伺服器上當然也要增加10G網卡

+ +

一樣,成本考量,就不用INTEL 了,買了這張 ASUS 10G 網卡

+ +
Read the postThis is a Standard Post
@@ -849,7 +861,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/8/index.html b/public/page/8/index.html index 31398b11..937f98b2 100644 --- a/public/page/8/index.html +++ b/public/page/8/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 17 May + 21 May @@ -313,26 +313,22 @@ if (!doNotTrack) { / - linux + 筆記

- Transfer File Content Using Xclip in Terminal + [筆記] 修改 docker 容器內的時區 - Change Timezone in Docker

-

工作上常會需要用ssh登入遠端主機檢查LOG,有必要的時候,還要把log複製回本機來處理。

- -

以前都是傻傻的用 scp 傳檔案

- -

之前就記得有這個xclip/xsel 可以用,但是一直沒有弄清楚怎麼執行

+

最近一直在玩一些docker,不過老是會碰到歪果扔寫的東西,時區都不一致

-

早上研究了一下,順便做個筆記。

+

有的用 UTC,有的用localtime,就是沒碰到用 Asia/Taipei 的….

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -350,12 +346,12 @@ if (!doNotTrack) { -
+
- 23 April + 17 May @@ -371,28 +367,26 @@ if (!doNotTrack) { / - 筆記 + linux

- [筆記] inxi 蒐集詳盡的硬體資訊 / inxi Collect Detail Hardware Info + Transfer File Content Using Xclip in Terminal

-

最近因為一直碰到硬碟故障的問題,算起來那一批同時購買的5X顆 seagate 2T硬碟,已經有一半以上故障返修了….

- -

然後又因為一直沒有添購新的硬碟,只能用這些快過保/已過保的撐著

+

工作上常會需要用ssh登入遠端主機檢查LOG,有必要的時候,還要把log複製回本機來處理。

-

所以最近不斷的在更換機器內的硬碟,而且還沒有熱插拔!

+

以前都是傻傻的用 scp 傳檔案

-

也導致原本負責處理盤點資產的同事困擾,因為跟手邊的紀錄已經對不起來了

+

之前就記得有這個xclip/xsel 可以用,但是一直沒有弄清楚怎麼執行

-

然後就變成要對資產的時候,需要一台一台登入,然後去下不同的指令,取得想要的硬體資訊,超級麻煩的!

+

早上研究了一下,順便做個筆記。

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -410,7 +404,7 @@ if (!doNotTrack) { -
+
@@ -437,20 +431,22 @@ if (!doNotTrack) {

- [筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp + [筆記] inxi 蒐集詳盡的硬體資訊 / inxi Collect Detail Hardware Info

-

今天發生一件有點詭異的事情,本來應該要經過某個指令才會產生的檔案

+

最近因為一直碰到硬碟故障的問題,算起來那一批同時購買的5X顆 seagate 2T硬碟,已經有一半以上故障返修了….

-

居然不知為何自己產生了,在我記憶中沒有去執行過那個指令

+

然後又因為一直沒有添購新的硬碟,只能用這些快過保/已過保的撐著

-

翻了一下 bash_history ,裡面也只有下過哪些指令,沒有紀錄時間,完全沒有參考價值(攤手)

+

所以最近不斷的在更換機器內的硬碟,而且還沒有熱插拔!

-

所以翻了一下網路,至少把這兩台主要跑ansible的機器的log功能補上紀錄所有指令以及時間的部份

+

也導致原本負責處理盤點資產的同事困擾,因為跟手邊的紀錄已經對不起來了

-
Read the postThis is a Standard Post
+

然後就變成要對資產的時候,需要一台一台登入,然後去下不同的指令,取得想要的硬體資訊,超級麻煩的!

+ +
Read the postThis is a Standard Post
@@ -468,12 +464,12 @@ if (!doNotTrack) { -
+
- 01 April + 23 April @@ -495,18 +491,20 @@ if (!doNotTrack) {

- [筆記] 解決無法建立zpool 的錯誤 / Fix Zpool Device Busy Using dmsetup + [筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp

-

今天把其中一台proxmox 加上10G 光纖網卡,準備和另一台proxmox 組成10G 環境進行測試

+

今天發生一件有點詭異的事情,本來應該要經過某個指令才會產生的檔案

-

想說把本機的zpool 拆掉,重新建立一個raid0 的空間來做clone/migrate

+

居然不知為何自己產生了,在我記憶中沒有去執行過那個指令

-

可是一直出現device busy的錯誤訊息

+

翻了一下 bash_history ,裡面也只有下過哪些指令,沒有紀錄時間,完全沒有參考價值(攤手)

-
Read the postThis is a Standard Post
+

所以翻了一下網路,至少把這兩台主要跑ansible的機器的log功能補上紀錄所有指令以及時間的部份

+ +
Read the postThis is a Standard Post
@@ -524,12 +522,12 @@ if (!doNotTrack) { -
+
- 27 March + 01 April @@ -551,16 +549,18 @@ if (!doNotTrack) {

- [筆記] 用rsync 移轉 centos 6.2的老機器 Transfer Cent6.2 using rsync + [筆記] 解決無法建立zpool 的錯誤 / Fix Zpool Device Busy Using dmsetup

-

公司的一台老伺服器空間不足了,要執行指令都會中斷,所以想要擴充空間。

+

今天把其中一台proxmox 加上10G 光纖網卡,準備和另一台proxmox 組成10G 環境進行測試

-

看起來不難搞,事實上…..

+

想說把本機的zpool 拆掉,重新建立一個raid0 的空間來做clone/migrate

+ +

可是一直出現device busy的錯誤訊息

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -845,7 +845,7 @@ if (!doNotTrack) {
- + diff --git a/public/page/9/index.html b/public/page/9/index.html index 2f034c0b..f97a2e1e 100644 --- a/public/page/9/index.html +++ b/public/page/9/index.html @@ -22,8 +22,8 @@ "accountablePerson" : "", "copyrightHolder" : "", "copyrightYear" : "2020", - "datePublished": "2020-06-22 09:05:42 \x2b0800 CST", - "dateModified" : "2020-06-22 09:05:42 \x2b0800 CST", + "datePublished": "2020-07-10 09:48:24 \x2b0800 CST", + "dateModified" : "2020-07-10 09:48:24 \x2b0800 CST", "url" : "https:\/\/h.cowbay.org\/", "wordCount" : "0", "image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"", @@ -46,9 +46,9 @@ - + - + @@ -292,12 +292,12 @@ if (!doNotTrack) { -
+
- 20 March + 27 March @@ -311,21 +311,24 @@ if (!doNotTrack) { + / + + 筆記 + +

- [筆記] 測試mail server 的SSL憑證的指令 Command to test mailserver SSL + [筆記] 用rsync 移轉 centos 6.2的老機器 Transfer Cent6.2 using rsync

-

今天老闆出國,發slack說手機不能寄信,看了一下,似乎是因為用GMAIL的APP來收信

+

公司的一台老伺服器空間不足了,要執行指令都會中斷,所以想要擴充空間。

-

然後google 不知道跟人家改了什麼,結果不接受原本的認證了… WTF ….

- -

然後,這問題應該很久了,結果現在才在講 ….

+

看起來不難搞,事實上…..

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -343,12 +346,12 @@ if (!doNotTrack) { -
+
- 11 March + 20 March @@ -362,28 +365,21 @@ if (!doNotTrack) { - / - - 筆記 - -

- Install Timeshift on Ubuntu1804 + [筆記] 測試mail server 的SSL憑證的指令 Command to test mailserver SSL

-

最近要開始測試client安裝 ubuntu 18.04 的 ansible playbook

- -

因為要不斷的修正,所以想到一直有在自己電腦上執行的timeshift這個軟體

+

今天老闆出國,發slack說手機不能寄信,看了一下,似乎是因為用GMAIL的APP來收信

-

可以很簡單快速的備份、恢復系統狀態

+

然後google 不知道跟人家改了什麼,結果不接受原本的認證了… WTF ….

-

可是不知道為什麼,在ubuntu 18.04 上安裝就是會發生錯誤….

+

然後,這問題應該很久了,結果現在才在講 ….

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -401,12 +397,12 @@ if (!doNotTrack) { -
+
- 16 January + 11 March @@ -428,16 +424,20 @@ if (!doNotTrack) {

- 用DELL 6 i/R 建立RAID,並在上面安裝ubuntu 18.04 + Install Timeshift on Ubuntu1804

-

買了一張 DELL 6/iR 低階的raid 卡

+

最近要開始測試client安裝 ubuntu 18.04 的 ansible playbook

-

來測試把系統裝在硬體做的RAID上,結果沒想到居然不能開機…

+

因為要不斷的修正,所以想到一直有在自己電腦上執行的timeshift這個軟體

-
Read the postThis is a Standard Post
+

可以很簡單快速的備份、恢復系統狀態

+ +

可是不知道為什麼,在ubuntu 18.04 上安裝就是會發生錯誤….

+ +
Read the postThis is a Standard Post
@@ -455,7 +455,7 @@ if (!doNotTrack) { -
+
@@ -482,18 +482,16 @@ if (!doNotTrack) {

- Ubuntu 1804 Install Root on Raid + 用DELL 6 i/R 建立RAID,並在上面安裝ubuntu 18.04

-

最近在弄一台機器,想要把ubuntu 18.04 安裝在software raid上

- -

因為新開的機器大部分都是在proxmox上,所以很少碰實體機器了

+

買了一張 DELL 6/iR 低階的raid 卡

-

結果在安裝過程中,做raid碰到一些問題,來紀錄一下

+

來測試把系統裝在硬體做的RAID上,結果沒想到居然不能開機…

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -511,12 +509,12 @@ if (!doNotTrack) { -
+
- 13 December + 16 January @@ -538,20 +536,18 @@ if (!doNotTrack) {

- [筆記] Freenas Smartd 啟動失敗 Smartd Failed to Start in Freenas + Ubuntu 1804 Install Root on Raid

-

這兩天在弄兩台Freenas ,準備當作Proxmox 的Storage & Server Backup

- -

因為伺服器的限制,只能接六個SATA,我接了六個2T的硬碟做raid10

+

最近在弄一台機器,想要把ubuntu 18.04 安裝在software raid上

-

然後把Freenas 安裝在隨身碟上

+

因為新開的機器大部分都是在proxmox上,所以很少碰實體機器了

-

不過會一直出現Smartd failed to start 的錯誤訊息

+

結果在安裝過程中,做raid碰到一些問題,來紀錄一下

-
Read the postThis is a Standard Post
+
Read the postThis is a Standard Post
@@ -836,7 +832,7 @@ if (!doNotTrack) {
- + diff --git a/public/post/10g-lab-using-proxmox-and-mellanox/index.html b/public/post/10g-lab-using-proxmox-and-mellanox/index.html index a933a66b..3de0f4f1 100644 --- a/public/post/10g-lab-using-proxmox-and-mellanox/index.html +++ b/public/post/10g-lab-using-proxmox-and-mellanox/index.html @@ -45,9 +45,9 @@ - + - + @@ -818,7 +818,7 @@ title="pinterest icon">
- + diff --git a/public/post/accidentally-typed-an-extra-space-in-ansible-playbook/index.html b/public/post/accidentally-typed-an-extra-space-in-ansible-playbook/index.html index b493555f..0260c2eb 100644 --- a/public/post/accidentally-typed-an-extra-space-in-ansible-playbook/index.html +++ b/public/post/accidentally-typed-an-extra-space-in-ansible-playbook/index.html @@ -45,9 +45,9 @@ - + - + @@ -688,7 +688,7 @@ title="pinterest icon">
- + diff --git a/public/post/add-system-wide-favorite-apps-in-dconf/index.html b/public/post/add-system-wide-favorite-apps-in-dconf/index.html index 53dca5a7..33c94dfe 100644 --- a/public/post/add-system-wide-favorite-apps-in-dconf/index.html +++ b/public/post/add-system-wide-favorite-apps-in-dconf/index.html @@ -45,9 +45,9 @@ - + - + @@ -656,7 +656,7 @@ title="pinterest icon">
- + diff --git a/public/post/another-way-to-keep-ansible-log/index.html b/public/post/another-way-to-keep-ansible-log/index.html index 9d54ba36..93c6fbb8 100644 --- a/public/post/another-way-to-keep-ansible-log/index.html +++ b/public/post/another-way-to-keep-ansible-log/index.html @@ -45,9 +45,9 @@ - + - + @@ -618,7 +618,7 @@ title="pinterest icon">
- + diff --git a/public/post/ansible-get-value-from-loop-register/index.html b/public/post/ansible-get-value-from-loop-register/index.html index 8da423a4..ff6b84d0 100644 --- a/public/post/ansible-get-value-from-loop-register/index.html +++ b/public/post/ansible-get-value-from-loop-register/index.html @@ -45,9 +45,9 @@ - + - + @@ -723,7 +723,7 @@ title="pinterest icon">
- + diff --git a/public/post/ansible-run-task-depends-on-ipaddr/index.html b/public/post/ansible-run-task-depends-on-ipaddr/index.html index 58b41fbb..c398bb17 100644 --- a/public/post/ansible-run-task-depends-on-ipaddr/index.html +++ b/public/post/ansible-run-task-depends-on-ipaddr/index.html @@ -45,9 +45,9 @@ - + - + @@ -701,7 +701,7 @@ title="pinterest icon">
- + diff --git a/public/post/ansible-selectattr-filter/index.html b/public/post/ansible-selectattr-filter/index.html index 8ba8b462..2be6864d 100644 --- a/public/post/ansible-selectattr-filter/index.html +++ b/public/post/ansible-selectattr-filter/index.html @@ -45,9 +45,9 @@ - + - + @@ -621,7 +621,7 @@ title="pinterest icon">
- + diff --git a/public/post/ansible-selectattr-from-list-in-dictionary/index.html b/public/post/ansible-selectattr-from-list-in-dictionary/index.html index d163f775..f9fb1011 100644 --- a/public/post/ansible-selectattr-from-list-in-dictionary/index.html +++ b/public/post/ansible-selectattr-from-list-in-dictionary/index.html @@ -45,9 +45,9 @@ - + - + @@ -676,7 +676,7 @@ title="pinterest icon">
- + diff --git a/public/post/ansible-selectattr/index.html b/public/post/ansible-selectattr/index.html index c3d31363..8278632e 100644 --- a/public/post/ansible-selectattr/index.html +++ b/public/post/ansible-selectattr/index.html @@ -45,9 +45,9 @@ - + - + @@ -732,7 +732,7 @@ title="pinterest icon">
- + diff --git a/public/post/ansible-ssh-forwardagent/index.html b/public/post/ansible-ssh-forwardagent/index.html index 017269d5..4132fe11 100644 --- a/public/post/ansible-ssh-forwardagent/index.html +++ b/public/post/ansible-ssh-forwardagent/index.html @@ -45,9 +45,9 @@ - + - + @@ -770,7 +770,7 @@ title="pinterest icon">
- + diff --git a/public/post/awesome-all-in-one-vpn-server-streisand/index.html b/public/post/awesome-all-in-one-vpn-server-streisand/index.html index a64bb4d1..c105faf2 100644 --- a/public/post/awesome-all-in-one-vpn-server-streisand/index.html +++ b/public/post/awesome-all-in-one-vpn-server-streisand/index.html @@ -45,9 +45,9 @@ - + - + @@ -633,7 +633,7 @@ title="pinterest icon">
- + diff --git a/public/post/backup-restore-postgresql-with-pgbackrest/index.html b/public/post/backup-restore-postgresql-with-pgbackrest/index.html index 0a9c6cc6..3c9b8ef6 100644 --- a/public/post/backup-restore-postgresql-with-pgbackrest/index.html +++ b/public/post/backup-restore-postgresql-with-pgbackrest/index.html @@ -45,9 +45,9 @@ - + - + @@ -858,7 +858,7 @@ title="pinterest icon">
- + diff --git a/public/post/bencmark-with-external-internal-nvme-ssd-and-external-sata-ssd/index.html b/public/post/bencmark-with-external-internal-nvme-ssd-and-external-sata-ssd/index.html index a2efd332..60c2f4f7 100644 --- a/public/post/bencmark-with-external-internal-nvme-ssd-and-external-sata-ssd/index.html +++ b/public/post/bencmark-with-external-internal-nvme-ssd-and-external-sata-ssd/index.html @@ -45,9 +45,9 @@ - + - + @@ -1000,7 +1000,7 @@ title="pinterest icon">
- + diff --git a/public/post/bookstack-docker/index.html b/public/post/bookstack-docker/index.html index e9c64dd8..77654856 100644 --- a/public/post/bookstack-docker/index.html +++ b/public/post/bookstack-docker/index.html @@ -45,9 +45,9 @@ - + - + @@ -687,7 +687,7 @@ title="pinterest icon">
- + diff --git a/public/post/change-preferred-language-in-firefox/index.html b/public/post/change-preferred-language-in-firefox/index.html index fdef9d75..fef3389f 100644 --- a/public/post/change-preferred-language-in-firefox/index.html +++ b/public/post/change-preferred-language-in-firefox/index.html @@ -45,9 +45,9 @@ - + - + @@ -661,7 +661,7 @@ title="pinterest icon">
- + diff --git a/public/post/change-timezone-in-docker/index.html b/public/post/change-timezone-in-docker/index.html index 2f575ce5..2ce00365 100644 --- a/public/post/change-timezone-in-docker/index.html +++ b/public/post/change-timezone-in-docker/index.html @@ -45,9 +45,9 @@ - + - + @@ -725,7 +725,7 @@ title="pinterest icon">
- + diff --git a/public/post/command_to_test_main_ssl/index.html b/public/post/command_to_test_main_ssl/index.html index ae71c258..b7b895fa 100644 --- a/public/post/command_to_test_main_ssl/index.html +++ b/public/post/command_to_test_main_ssl/index.html @@ -45,9 +45,9 @@ - + - + @@ -802,7 +802,7 @@ title="pinterest icon">
- + diff --git a/public/post/config-networkmanager-in-ubuntu-to-stop-modify-resolvconf/index.html b/public/post/config-networkmanager-in-ubuntu-to-stop-modify-resolvconf/index.html index c2c23b7e..a5f71d58 100644 --- a/public/post/config-networkmanager-in-ubuntu-to-stop-modify-resolvconf/index.html +++ b/public/post/config-networkmanager-in-ubuntu-to-stop-modify-resolvconf/index.html @@ -45,9 +45,9 @@ - + - + @@ -651,7 +651,7 @@ title="pinterest icon">
- + diff --git a/public/post/copy_role_in_pgsql/index.html b/public/post/copy_role_in_pgsql/index.html index b69b0c48..550d19d3 100644 --- a/public/post/copy_role_in_pgsql/index.html +++ b/public/post/copy_role_in_pgsql/index.html @@ -45,9 +45,9 @@ - + - + @@ -619,7 +619,7 @@ title="pinterest icon">
- + diff --git a/public/post/create-portable-vim-environment/index.html b/public/post/create-portable-vim-environment/index.html index b937345b..5c11f807 100644 --- a/public/post/create-portable-vim-environment/index.html +++ b/public/post/create-portable-vim-environment/index.html @@ -45,9 +45,9 @@ - + - + @@ -632,7 +632,7 @@ title="pinterest icon">
- + diff --git a/public/post/debian-buster-server-been-hacked/index.html b/public/post/debian-buster-server-been-hacked/index.html new file mode 100644 index 00000000..d35eac62 --- /dev/null +++ b/public/post/debian-buster-server-been-hacked/index.html @@ -0,0 +1,756 @@ + + + + + + + + [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Skip to content + + +
+ + + + + + + +
+ +
+ +
+
+ +
+ 10 July / + + + + + + + + + / + + 筆記 + + + + +
+
+

[筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked

+
+
+
+
+

上禮拜某天在開會的時候,LINE不斷傳來訊息

+ +

不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了

+ +

看來大概有啥事發生

+ +

不過畢竟不是正職的工作,就先放著吧

+ +

後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我

+ +

叫我趕快連進去看

+ +

是說,啊我又沒跟人家簽維護,趕什麼趕…

+ +

總之,開完會後就了解一下狀況

+ +

了解狀況後(user 也只說不能連線..WTF),還是直接連進去看伺服器啥問題好了

+ +

連線的過程就發現,主機回應有點慢

+ +

不過還是可以連上,檢查一下ps / netstat 等等訊息,感覺就是有哪裡怪怪的

+ +

進去etc 看一下,一下 ls -lart 就發現不對,畫面整個跑掉

+ +

感覺就多了很多檔案

+ +

所以先裝個file manager 來看(這樣才能避免ls 被駭客調包的情況)

+ +

總之就發現了一些不正常的檔案

+ +

/etc/.sh 等等族繁不及備載

+ +

於是先去FW 把這台機器對外開放的port 先關掉

+ +

然後開始紀錄邊清

+ +

底下是一些記錄下來的log 很亂,因為是邊清邊紀錄的關係

+ +

這是在某個特定日期時間被產生出來的檔案

+ +
/etc/allow.bak
+/etc/deny.bak
+/etc/fstab
+/etc/sysctl.conf
+/etc/gshadow
+/etc/fstab.bak
+/etc/subuid
+/etc/subgid
+/etc/.supervisor
+/sbin/https
+/swapfile
+/var/mail/root
+/var/lib/rkhunter/tmp/group
+/var/lib/rkhunter/tmp/passwd
+/var/lib/dpkg/info/python-meld3.list
+/var/backups/dpkg.status.1.gz
+/var/backups/shadow.bak
+/var/backups/group.bak
+/var/backups/dpkg.status.6.gz
+/var/backups/dpkg.status.3.gz
+/var/backups/dpkg.status.5.gz
+/var/backups/apt.extended_states.0
+/var/backups/dpkg.status.2.gz
+/var/backups/passwd.bak
+/var/backups/gshadow.bak
+/var/backups/dpkg.status.0
+/var/backups/dpkg.status.4.gz
+/var/log/wtmp.1
+/var/log/supervisor
+/var/log/dpkg.log.1
+/var/log/secure
+/var/log/apt/term.log.1.gz
+/var/log/apt/history.log.1.gz
+/usr/lib/systemd
+/usr/lib/mysql/mysql
+
+ +

/etc/.supervisor/conf.d/sh.conf

+ +
[program:.sh]
+directory=/etc/
+command=/bin/bash -c 'cp -f -r -- /etc/spts /bin/.sh 2>/dev/null && /bin/.sh -c  >/dev/null 2>&1 && rm -rf -- /bin/.sh 2>/dev/null'
+autostart=true
+autorestart=true
+startretries=999999999
+redirect_stderr=true
+pidfile=/etc/psdewo.pid
+stdout_logfile=/etc/usercenter_stdout
+
+ +

php.sh 這個忘了是在crontab 還是/etc/profile.d/底下看到的

+ +
#!/bin/bash
+cp -f -r -- /bin/shh /bin/.sh 2>/dev/null
+/bin/.sh -c  >/dev/null 2>&1
+rm -rf -- .sh 2>/dev/null
+
+ +

supervisor.sh

+ +
#!/bin/bash
+supervisord -c /etc/.supervisor/supervisord.conf >/dev/null 2>&1
+supervisorctl reload >/dev/null 2>&1
+
+ +

某個 service 檔案

+ +
[Unit]
+Description=.sh
+
+Wants=network.target
+After=syslog.target network-online.target
+
+[Service]
+Type=forking
+ExecStart=/bin/bash -c 'cp -f -r -- /bin/.funzip /bin/.sh 2>/dev/null && /bin/.sh -c  >/dev/null 2>&1 && rm -rf -- /bin/.sh 2>/dev/null'
+Restart=always
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+
+ +

syslog 部份內容

+ +
Jul  7 06:20:01 pve CRON[12502]: (root) CMD (/sbin/httpss)
+Jul  7 06:20:01 pve CRON[12499]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1)
+Jul  7 06:21:01 pve CRON[14096]: (root) CMD (/usr/lib/mysql/mysql)
+Jul  7 06:21:01 pve CRON[14095]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1)
+Jul  7 06:21:01 pve CRON[14094]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c  >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null)
+Jul  7 06:22:01 pve CRON[15995]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1)
+Jul  7 06:22:01 pve CRON[15994]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c  >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null)
+Jul  7 06:22:01 pve CRON[15996]: (root) CMD (/usr/lib/mysql/mysql)
+Jul  7 06:23:01 pve CRON[17708]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1)
+Jul  7 06:23:01 pve CRON[17709]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c  >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null)
+Jul  7 06:23:01 pve CRON[17710]: (root) CMD (/usr/lib/mysql/mysql)
+Jul  7 06:24:01 pve CRON[19353]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c  >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null)
+Jul  7 06:24:01 pve CRON[19351]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1)
+Jul  7 06:24:01 pve CRON[19352]: (root) CMD (/usr/lib/mysql/mysql)
+Jul  7 06:25:01 pve CRON[21289]: (root) CMD ( cp -f -r -- /etc/.sh /tmp/.sh 2>/dev/null && /tmp/.sh -c  >/dev/null 2>&1 && rm -rf -- /tmp/.sh 2>/dev/null)
+Jul  7 06:25:01 pve CRON[21290]: (root) CMD (/usr/lib/mysql/mysql)
+Jul  7 06:25:01 pve CRON[21288]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ))
+Jul  7 06:25:01 pve CRON[21291]: (root) CMD ( echo /usr/local/lib/libprocesshider.so > /etc/ld.so.preload && lockr +i /etc/ld.so.preload >/dev/null 2>&1)
+
+ +

比較特別的是,他會去修改 /etc/fstab 載入一個 swapfile

+ +

WTF!? 沒事載入自己的 fstab 做啥??

+ +

然後還會在系統建立user 可以看一下 /etc/passwd , /etc/group , /etc/gshadow 這些檔案檢查

+ +

手邊最好有另一臺乾淨的同樣作業系統的機器

+ +

因為有很多系統指令已經被替換掉(netstat/ss/lsof 等等)

+ +

需要從乾淨的系統弄過來,或者是重新從apt 安裝回來

+
+
+ +
+ + +

Categories + + 筆記 +

+
+ + + +

Tags + + debian + + +

+ + +
+ +
+ + Eric Chang + + + Written by: +
+
+ + +

塵世裡一個迷途小書僮

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+ +
+
+ +
+
+ + +comments powered by Disqus + + + + + + +
+
+ + + + + +
+ + + +
+ + + + + + diff --git a/public/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/index.html b/public/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/index.html index 538591c5..2f03bc47 100644 --- a/public/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/index.html +++ b/public/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/index.html @@ -45,9 +45,9 @@ - + - + @@ -687,7 +687,7 @@ title="pinterest icon">
- + diff --git a/public/post/enable-synology-public-ssh/index.html b/public/post/enable-synology-public-ssh/index.html index 78167745..0013d91c 100644 --- a/public/post/enable-synology-public-ssh/index.html +++ b/public/post/enable-synology-public-ssh/index.html @@ -45,9 +45,9 @@ - + - + @@ -705,7 +705,7 @@ title="pinterest icon">
- + diff --git a/public/post/first-try-synology-ha/index.html b/public/post/first-try-synology-ha/index.html index b8983114..a4449f5a 100644 --- a/public/post/first-try-synology-ha/index.html +++ b/public/post/first-try-synology-ha/index.html @@ -45,9 +45,9 @@ - + - + @@ -676,7 +676,7 @@ title="pinterest icon">
- + diff --git a/public/post/fix-zpool-device-busy-using-dmsetup/index.html b/public/post/fix-zpool-device-busy-using-dmsetup/index.html index 4133c1c8..1437ce9b 100644 --- a/public/post/fix-zpool-device-busy-using-dmsetup/index.html +++ b/public/post/fix-zpool-device-busy-using-dmsetup/index.html @@ -45,9 +45,9 @@ - + - + @@ -652,7 +652,7 @@ title="pinterest icon">
- + diff --git a/public/post/incredibly-slow-mdadm-rebuild/index.html b/public/post/incredibly-slow-mdadm-rebuild/index.html index 7a28819d..b2037701 100644 --- a/public/post/incredibly-slow-mdadm-rebuild/index.html +++ b/public/post/incredibly-slow-mdadm-rebuild/index.html @@ -45,9 +45,9 @@ - + - + @@ -675,7 +675,7 @@ title="pinterest icon">
- + diff --git a/public/post/index.xml b/public/post/index.xml index e2b811e0..a5358f47 100644 --- a/public/post/index.xml +++ b/public/post/index.xml @@ -6,11 +6,34 @@ Recent content in Posts on MC部落 Hugo -- gohugo.io en-us - Mon, 22 Jun 2020 09:05:42 +0800 + Fri, 10 Jul 2020 09:48:24 +0800 + + [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + Fri, 10 Jul 2020 09:48:24 +0800 + + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + <p>上禮拜某天在開會的時候,LINE不斷傳來訊息</p> + +<p>不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了</p> + +<p>看來大概有啥事發生</p> + +<p>不過畢竟不是正職的工作,就先放著吧</p> + +<p>後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我</p> + +<p>叫我趕快連進去看</p> + +<p>是說,啊我又沒跟人家簽維護,趕什麼趕&hellip;</p> + +<p>總之,開完會後就了解一下狀況</p> + + Ubuntu 18.04 Kernel 4.15.0-106 Unable to Start Wireguard Interface https://h.cowbay.org/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/ diff --git a/public/post/install-asus-10g-nic-in-proxmox/index.html b/public/post/install-asus-10g-nic-in-proxmox/index.html index d6721ede..5ef3649f 100644 --- a/public/post/install-asus-10g-nic-in-proxmox/index.html +++ b/public/post/install-asus-10g-nic-in-proxmox/index.html @@ -45,9 +45,9 @@ - + - + @@ -714,7 +714,7 @@ title="pinterest icon">
- + diff --git a/public/post/install-it500u-card-reader-in-ubuntu-1804/index.html b/public/post/install-it500u-card-reader-in-ubuntu-1804/index.html index 81b61af8..7cb2bc44 100644 --- a/public/post/install-it500u-card-reader-in-ubuntu-1804/index.html +++ b/public/post/install-it500u-card-reader-in-ubuntu-1804/index.html @@ -45,9 +45,9 @@ - + - + @@ -708,7 +708,7 @@ title="pinterest icon">
- + diff --git a/public/post/install-nvidia-driver-cuda-pgstrom-in-ubuntu-1804/index.html b/public/post/install-nvidia-driver-cuda-pgstrom-in-ubuntu-1804/index.html index 3459dc75..80031928 100644 --- a/public/post/install-nvidia-driver-cuda-pgstrom-in-ubuntu-1804/index.html +++ b/public/post/install-nvidia-driver-cuda-pgstrom-in-ubuntu-1804/index.html @@ -45,9 +45,9 @@ - + - + @@ -852,7 +852,7 @@ title="pinterest icon">
- + diff --git a/public/post/install-timeshift-on-ubuntu1804/index.html b/public/post/install-timeshift-on-ubuntu1804/index.html index 0597d556..61c314fd 100644 --- a/public/post/install-timeshift-on-ubuntu1804/index.html +++ b/public/post/install-timeshift-on-ubuntu1804/index.html @@ -45,9 +45,9 @@ - + - + @@ -1177,7 +1177,7 @@ title="pinterest icon">
- + diff --git a/public/post/install-ubuntu1804-on-dell-6ir-raid-controller/index.html b/public/post/install-ubuntu1804-on-dell-6ir-raid-controller/index.html index 09c3790b..38c1f617 100644 --- a/public/post/install-ubuntu1804-on-dell-6ir-raid-controller/index.html +++ b/public/post/install-ubuntu1804-on-dell-6ir-raid-controller/index.html @@ -45,9 +45,9 @@ - + - + @@ -638,7 +638,7 @@ title="pinterest icon">
- + diff --git a/public/post/inx-collect-detail-hardware-info/index.html b/public/post/inx-collect-detail-hardware-info/index.html index 8012c633..af52d00e 100644 --- a/public/post/inx-collect-detail-hardware-info/index.html +++ b/public/post/inx-collect-detail-hardware-info/index.html @@ -45,9 +45,9 @@ - + - + @@ -723,7 +723,7 @@ title="pinterest icon">
- + diff --git a/public/post/log-all-bash-commands/index.html b/public/post/log-all-bash-commands/index.html index b5e31ced..f5bcc5f7 100644 --- a/public/post/log-all-bash-commands/index.html +++ b/public/post/log-all-bash-commands/index.html @@ -45,9 +45,9 @@ - + - + @@ -656,7 +656,7 @@ title="pinterest icon">
- + diff --git a/public/post/multiple-site-to-site-vpn-using-wireguard/index.html b/public/post/multiple-site-to-site-vpn-using-wireguard/index.html index 7c7b9318..062ab346 100644 --- a/public/post/multiple-site-to-site-vpn-using-wireguard/index.html +++ b/public/post/multiple-site-to-site-vpn-using-wireguard/index.html @@ -45,9 +45,9 @@ - + - + @@ -880,7 +880,7 @@ title="pinterest icon">
- + diff --git a/public/post/nice-du-report-tool-durep/index.html b/public/post/nice-du-report-tool-durep/index.html index 7d9999e3..0bb5cc32 100644 --- a/public/post/nice-du-report-tool-durep/index.html +++ b/public/post/nice-du-report-tool-durep/index.html @@ -45,9 +45,9 @@ - + - + @@ -655,7 +655,7 @@ title="pinterest icon">
- + diff --git a/public/post/pg_auto_failover_in_ubuntu_1804_psql_11/index.html b/public/post/pg_auto_failover_in_ubuntu_1804_psql_11/index.html index 8bd9a8d8..52240b89 100644 --- a/public/post/pg_auto_failover_in_ubuntu_1804_psql_11/index.html +++ b/public/post/pg_auto_failover_in_ubuntu_1804_psql_11/index.html @@ -45,9 +45,9 @@ - + - + @@ -1574,7 +1574,7 @@ title="pinterest icon">
- + diff --git a/public/post/pgbarman-in-ubuntu-1804-postgresql-10-via-ssh/index.html b/public/post/pgbarman-in-ubuntu-1804-postgresql-10-via-ssh/index.html index 6d8dc8e5..8f66c941 100644 --- a/public/post/pgbarman-in-ubuntu-1804-postgresql-10-via-ssh/index.html +++ b/public/post/pgbarman-in-ubuntu-1804-postgresql-10-via-ssh/index.html @@ -45,9 +45,9 @@ - + - + @@ -744,7 +744,7 @@ title="pinterest icon">
- + diff --git a/public/post/pgbarman-in-ubuntu-1804-postgresql-10/index.html b/public/post/pgbarman-in-ubuntu-1804-postgresql-10/index.html index 38d2ddbc..de24b525 100644 --- a/public/post/pgbarman-in-ubuntu-1804-postgresql-10/index.html +++ b/public/post/pgbarman-in-ubuntu-1804-postgresql-10/index.html @@ -45,9 +45,9 @@ - + - + @@ -908,7 +908,7 @@ title="pinterest icon">
- + diff --git a/public/post/postgresql-backup-restore-using-zfs-snapshot/index.html b/public/post/postgresql-backup-restore-using-zfs-snapshot/index.html index e5fe31de..77d068a5 100644 --- a/public/post/postgresql-backup-restore-using-zfs-snapshot/index.html +++ b/public/post/postgresql-backup-restore-using-zfs-snapshot/index.html @@ -45,9 +45,9 @@ - + - + @@ -1009,7 +1009,7 @@ title="pinterest icon">
- + diff --git a/public/post/postgresql-pgbench-benchmark/index.html b/public/post/postgresql-pgbench-benchmark/index.html index 2d988ffc..7a4be726 100644 --- a/public/post/postgresql-pgbench-benchmark/index.html +++ b/public/post/postgresql-pgbench-benchmark/index.html @@ -45,9 +45,9 @@ - + - + @@ -693,7 +693,7 @@ title="pinterest icon">
- + diff --git a/public/post/proxmox-with-synology-high-availability/index.html b/public/post/proxmox-with-synology-high-availability/index.html index 54b2413e..29d8acf9 100644 --- a/public/post/proxmox-with-synology-high-availability/index.html +++ b/public/post/proxmox-with-synology-high-availability/index.html @@ -45,9 +45,9 @@ - + - + @@ -660,7 +660,7 @@ title="pinterest icon">
- + diff --git a/public/post/recommended-ulauncher-in-ubuntu-1804/index.html b/public/post/recommended-ulauncher-in-ubuntu-1804/index.html index 92026441..4d6d4a30 100644 --- a/public/post/recommended-ulauncher-in-ubuntu-1804/index.html +++ b/public/post/recommended-ulauncher-in-ubuntu-1804/index.html @@ -45,9 +45,9 @@ - + - + @@ -687,7 +687,7 @@ title="pinterest icon">
- + diff --git a/public/post/remote-management-system-meshcentral/index.html b/public/post/remote-management-system-meshcentral/index.html index 0a1f38c3..533bbcce 100644 --- a/public/post/remote-management-system-meshcentral/index.html +++ b/public/post/remote-management-system-meshcentral/index.html @@ -45,9 +45,9 @@ - + - + @@ -717,7 +717,7 @@ title="pinterest icon">
- + diff --git a/public/post/rescue-synology-nas-with-ubuntu-livecd/index.html b/public/post/rescue-synology-nas-with-ubuntu-livecd/index.html index b603f750..3b334a55 100644 --- a/public/post/rescue-synology-nas-with-ubuntu-livecd/index.html +++ b/public/post/rescue-synology-nas-with-ubuntu-livecd/index.html @@ -45,9 +45,9 @@ - + - + @@ -751,7 +751,7 @@ title="pinterest icon">
- + diff --git a/public/post/send-mail-to-notify-after-pxe-install/index.html b/public/post/send-mail-to-notify-after-pxe-install/index.html index 5f37bd44..a7f4d156 100644 --- a/public/post/send-mail-to-notify-after-pxe-install/index.html +++ b/public/post/send-mail-to-notify-after-pxe-install/index.html @@ -45,9 +45,9 @@ - + - + @@ -684,7 +684,7 @@ title="pinterest icon">
- + diff --git a/public/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/index.html b/public/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/index.html index 475dbb95..aa3abdc0 100644 --- a/public/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/index.html +++ b/public/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/index.html @@ -45,9 +45,9 @@ - + - + @@ -813,7 +813,7 @@ title="pinterest icon">
- + diff --git a/public/post/smartd-failed-to-start-in-freenas/index.html b/public/post/smartd-failed-to-start-in-freenas/index.html index 2d2ff5b2..29606ea3 100644 --- a/public/post/smartd-failed-to-start-in-freenas/index.html +++ b/public/post/smartd-failed-to-start-in-freenas/index.html @@ -45,9 +45,9 @@ - + - + @@ -617,7 +617,7 @@ title="pinterest icon">
- + diff --git a/public/post/synology-ds415-repair-cost/index.html b/public/post/synology-ds415-repair-cost/index.html index ac07c291..60d30e95 100644 --- a/public/post/synology-ds415-repair-cost/index.html +++ b/public/post/synology-ds415-repair-cost/index.html @@ -45,9 +45,9 @@ - + - + @@ -667,7 +667,7 @@ title="pinterest icon">
- + diff --git a/public/post/test-pg_prewarm/index.html b/public/post/test-pg_prewarm/index.html index b656a6db..09299fc3 100644 --- a/public/post/test-pg_prewarm/index.html +++ b/public/post/test-pg_prewarm/index.html @@ -45,9 +45,9 @@ - + - + @@ -983,7 +983,7 @@ title="pinterest icon">
- + diff --git a/public/post/transfer-cent62-using-rsync/index.html b/public/post/transfer-cent62-using-rsync/index.html index 610d3e5c..49756fb2 100644 --- a/public/post/transfer-cent62-using-rsync/index.html +++ b/public/post/transfer-cent62-using-rsync/index.html @@ -45,9 +45,9 @@ - + - + @@ -978,7 +978,7 @@ title="pinterest icon">
- + diff --git a/public/post/transfer-file-content-using-xclip-in-terminal/index.html b/public/post/transfer-file-content-using-xclip-in-terminal/index.html index b226b100..6de319e1 100644 --- a/public/post/transfer-file-content-using-xclip-in-terminal/index.html +++ b/public/post/transfer-file-content-using-xclip-in-terminal/index.html @@ -45,9 +45,9 @@ - + - + @@ -666,7 +666,7 @@ title="pinterest icon">
- + diff --git a/public/post/ubuntu-1404-preseed/index.html b/public/post/ubuntu-1404-preseed/index.html index 637c91ee..79a1f1b2 100644 --- a/public/post/ubuntu-1404-preseed/index.html +++ b/public/post/ubuntu-1404-preseed/index.html @@ -45,9 +45,9 @@ - + - + @@ -747,7 +747,7 @@ title="pinterest icon">
- + diff --git a/public/post/ubuntu-1804-install-root-on-raid/index.html b/public/post/ubuntu-1804-install-root-on-raid/index.html index 5fea4246..815fd10f 100644 --- a/public/post/ubuntu-1804-install-root-on-raid/index.html +++ b/public/post/ubuntu-1804-install-root-on-raid/index.html @@ -45,9 +45,9 @@ - + - + @@ -729,7 +729,7 @@ title="pinterest icon">
- + diff --git a/public/post/ubuntu-1804-preseeds/index.html b/public/post/ubuntu-1804-preseeds/index.html index bcdb8412..f5e248a2 100644 --- a/public/post/ubuntu-1804-preseeds/index.html +++ b/public/post/ubuntu-1804-preseeds/index.html @@ -45,9 +45,9 @@ - + - + @@ -835,7 +835,7 @@ title="pinterest icon">
- + diff --git a/public/post/ubuntu-dconf-proxy-settings/index.html b/public/post/ubuntu-dconf-proxy-settings/index.html index 1f3a43c0..9aed0ef6 100644 --- a/public/post/ubuntu-dconf-proxy-settings/index.html +++ b/public/post/ubuntu-dconf-proxy-settings/index.html @@ -45,9 +45,9 @@ - + - + @@ -657,7 +657,7 @@ title="pinterest icon">
- + diff --git a/public/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/index.html b/public/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/index.html index 657ad39c..6ed6698f 100644 --- a/public/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/index.html +++ b/public/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/index.html @@ -45,9 +45,9 @@ - + - + @@ -759,7 +759,7 @@ title="pinterest icon">
- + diff --git a/public/post/weird-client-server-connection/index.html b/public/post/weird-client-server-connection/index.html index e967bb33..e362d990 100644 --- a/public/post/weird-client-server-connection/index.html +++ b/public/post/weird-client-server-connection/index.html @@ -45,9 +45,9 @@ - + - + @@ -698,7 +698,7 @@ title="pinterest icon">
- + diff --git a/public/post/what-a-piss-in-synology-document/index.html b/public/post/what-a-piss-in-synology-document/index.html index a6add4ea..c3a7a31d 100644 --- a/public/post/what-a-piss-in-synology-document/index.html +++ b/public/post/what-a-piss-in-synology-document/index.html @@ -45,9 +45,9 @@ - + - + @@ -684,7 +684,7 @@ title="pinterest icon">
- + diff --git a/public/sitemap.xml b/public/sitemap.xml index 646abeab..57bb9d7b 100644 --- a/public/sitemap.xml +++ b/public/sitemap.xml @@ -2,43 +2,53 @@ + + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + 2020-07-10T09:48:24+08:00 + + https://h.cowbay.org/categories/ - 2020-06-22T09:05:42+08:00 + 2020-07-10T09:48:24+08:00 + + + + https://h.cowbay.org/tags/debian/ + 2020-07-10T09:48:24+08:00 https://h.cowbay.org/ - 2020-06-22T09:05:42+08:00 + 2020-07-10T09:48:24+08:00 https://h.cowbay.org/post/ - 2020-06-22T09:05:42+08:00 + 2020-07-10T09:48:24+08:00 https://h.cowbay.org/tags/ - 2020-06-22T09:05:42+08:00 + 2020-07-10T09:48:24+08:00 - https://h.cowbay.org/tags/ubuntu/ - 2020-06-22T09:05:42+08:00 + https://h.cowbay.org/categories/%E7%AD%86%E8%A8%98/ + 2020-07-10T09:48:24+08:00 - https://h.cowbay.org/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/ + https://h.cowbay.org/tags/ubuntu/ 2020-06-22T09:05:42+08:00 - https://h.cowbay.org/tags/wireguard/ + https://h.cowbay.org/post/ubuntu-kernel-4-15-0-106-unable-to-start-wireguard-interface/ 2020-06-22T09:05:42+08:00 - https://h.cowbay.org/categories/%E7%AD%86%E8%A8%98/ + https://h.cowbay.org/tags/wireguard/ 2020-06-22T09:05:42+08:00 @@ -498,12 +508,12 @@ - https://h.cowbay.org/categories/%E7%BE%A4%E6%9A%89/ + https://h.cowbay.org/tags/%E7%BE%A4%E6%9A%89/ 2018-12-04T10:25:19+08:00 - https://h.cowbay.org/tags/%E7%BE%A4%E6%9A%89/ + https://h.cowbay.org/categories/%E7%BE%A4%E6%9A%89/ 2018-12-04T10:25:19+08:00 diff --git a/public/tags/10g/index.html b/public/tags/10g/index.html index 0b6a0d05..6ba7fe41 100644 --- a/public/tags/10g/index.html +++ b/public/tags/10g/index.html @@ -45,9 +45,9 @@ - + - + @@ -484,6 +484,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/ansible/index.html b/public/tags/ansible/index.html index 15dbae57..5fd6f00a 100644 --- a/public/tags/ansible/index.html +++ b/public/tags/ansible/index.html @@ -45,9 +45,9 @@ - + - + @@ -876,6 +876,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/backup/index.html b/public/tags/backup/index.html index f36183bf..7f503dd4 100644 --- a/public/tags/backup/index.html +++ b/public/tags/backup/index.html @@ -45,9 +45,9 @@ - + - + @@ -524,6 +524,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/benchmark/index.html b/public/tags/benchmark/index.html index 05205701..bf1d83a0 100644 --- a/public/tags/benchmark/index.html +++ b/public/tags/benchmark/index.html @@ -45,9 +45,9 @@ - + - + @@ -470,6 +470,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/bookstack/index.html b/public/tags/bookstack/index.html index 3204046b..120aab8b 100644 --- a/public/tags/bookstack/index.html +++ b/public/tags/bookstack/index.html @@ -45,9 +45,9 @@ - + - + @@ -484,6 +484,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/bsd/index.html b/public/tags/bsd/index.html index df8ac809..eb90a4b2 100644 --- a/public/tags/bsd/index.html +++ b/public/tags/bsd/index.html @@ -45,9 +45,9 @@ - + - + @@ -476,6 +476,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/centos/index.html b/public/tags/centos/index.html index 5e96ae33..2ae6ea90 100644 --- a/public/tags/centos/index.html +++ b/public/tags/centos/index.html @@ -45,9 +45,9 @@ - + - + @@ -470,6 +470,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/dconf/index.html b/public/tags/dconf/index.html index 0838553a..afcdb5bc 100644 --- a/public/tags/dconf/index.html +++ b/public/tags/dconf/index.html @@ -45,9 +45,9 @@ - + - + @@ -534,6 +534,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/debian/index.html b/public/tags/debian/index.html new file mode 100644 index 00000000..deba9cf0 --- /dev/null +++ b/public/tags/debian/index.html @@ -0,0 +1,487 @@ + + + + + + + + debian + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Skip to content + + +
+ +
+

+ Tag: debian + + + + rss + + +

+
+ +

Posts

+
+ + + +
+ + + + +
+ + + +
+
+ 10 July 2020 / + + + + + + + + + + + + / + + 筆記 + + +
+
+

+ [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked +

+
+
+
+

上禮拜某天在開會的時候,LINE不斷傳來訊息

+ +

不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了

+ +

看來大概有啥事發生

+ +

不過畢竟不是正職的工作,就先放著吧

+ +

後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我

+ +

叫我趕快連進去看

+ +

是說,啊我又沒跟人家簽維護,趕什麼趕…

+ +

總之,開完會後就了解一下狀況

+ +
Read the postThis is a Standard Post
+
+
+
+
+ +
+ +
+ + + +
+ + + + + diff --git a/public/tags/debian/index.xml b/public/tags/debian/index.xml new file mode 100644 index 00000000..1e180c74 --- /dev/null +++ b/public/tags/debian/index.xml @@ -0,0 +1,38 @@ + + + + debian on MC部落 + https://h.cowbay.org/tags/debian/ + Recent content in debian on MC部落 + Hugo -- gohugo.io + en-us + Fri, 10 Jul 2020 09:48:24 +0800 + + + + + + [筆記] Debian Buster 伺服器被入侵了!/ Debian Buster Server Been Hacked + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + Fri, 10 Jul 2020 09:48:24 +0800 + + https://h.cowbay.org/post/debian-buster-server-been-hacked/ + <p>上禮拜某天在開會的時候,LINE不斷傳來訊息</p> + +<p>不過因為我向來開會都很認真(驕傲,所以都沒看,接著就變成來電了</p> + +<p>看來大概有啥事發生</p> + +<p>不過畢竟不是正職的工作,就先放著吧</p> + +<p>後來變成連學長都直接打來告訴我,某間公司的伺服器出事了,客戶找不到我</p> + +<p>叫我趕快連進去看</p> + +<p>是說,啊我又沒跟人家簽維護,趕什麼趕&hellip;</p> + +<p>總之,開完會後就了解一下狀況</p> + + + + \ No newline at end of file diff --git a/public/tags/docker/index.html b/public/tags/docker/index.html index 478651d1..dea4b9a2 100644 --- a/public/tags/docker/index.html +++ b/public/tags/docker/index.html @@ -45,9 +45,9 @@ - + - + @@ -532,6 +532,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/du/index.html b/public/tags/du/index.html index ce834379..6b076a49 100644 --- a/public/tags/du/index.html +++ b/public/tags/du/index.html @@ -45,9 +45,9 @@ - + - + @@ -473,6 +473,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/edgerouter/index.html b/public/tags/edgerouter/index.html index 95cf0815..e7c5b5c9 100644 --- a/public/tags/edgerouter/index.html +++ b/public/tags/edgerouter/index.html @@ -45,9 +45,9 @@ - + - + @@ -486,6 +486,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/failover/index.html b/public/tags/failover/index.html index 16f55145..22a779d1 100644 --- a/public/tags/failover/index.html +++ b/public/tags/failover/index.html @@ -45,9 +45,9 @@ - + - + @@ -478,6 +478,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/firefox/index.html b/public/tags/firefox/index.html index 2c2af045..e6b9868b 100644 --- a/public/tags/firefox/index.html +++ b/public/tags/firefox/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/forwardx11/index.html b/public/tags/forwardx11/index.html index f6ac1058..454011a6 100644 --- a/public/tags/forwardx11/index.html +++ b/public/tags/forwardx11/index.html @@ -45,9 +45,9 @@ - + - + @@ -476,6 +476,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/freenas/index.html b/public/tags/freenas/index.html index 5aafbba4..e06fc493 100644 --- a/public/tags/freenas/index.html +++ b/public/tags/freenas/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/high-availability/index.html b/public/tags/high-availability/index.html index 41896762..b8644637 100644 --- a/public/tags/high-availability/index.html +++ b/public/tags/high-availability/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/index.xml b/public/tags/index.xml index 3e868438..f22842bf 100644 --- a/public/tags/index.xml +++ b/public/tags/index.xml @@ -6,11 +6,20 @@ Recent content in Tags on MC部落 Hugo -- gohugo.io en-us - Mon, 22 Jun 2020 09:05:42 +0800 + Fri, 10 Jul 2020 09:48:24 +0800 + + debian + https://h.cowbay.org/tags/debian/ + Fri, 10 Jul 2020 09:48:24 +0800 + + https://h.cowbay.org/tags/debian/ + + + ubuntu https://h.cowbay.org/tags/ubuntu/ diff --git a/public/tags/inventory/index.html b/public/tags/inventory/index.html index 7ae66372..85ecd257 100644 --- a/public/tags/inventory/index.html +++ b/public/tags/inventory/index.html @@ -45,9 +45,9 @@ - + - + @@ -476,6 +476,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/launcher/index.html b/public/tags/launcher/index.html index ddd5467f..fa003be4 100644 --- a/public/tags/launcher/index.html +++ b/public/tags/launcher/index.html @@ -45,9 +45,9 @@ - + - + @@ -470,6 +470,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/linux/index.html b/public/tags/linux/index.html index 9b665a51..76e04646 100644 --- a/public/tags/linux/index.html +++ b/public/tags/linux/index.html @@ -45,9 +45,9 @@ - + - + @@ -830,6 +830,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/log/index.html b/public/tags/log/index.html index 6217cc33..e9ddfedf 100644 --- a/public/tags/log/index.html +++ b/public/tags/log/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) {
- + diff --git a/public/tags/mdadm/index.html b/public/tags/mdadm/index.html index ceeb5614..705fa627 100644 --- a/public/tags/mdadm/index.html +++ b/public/tags/mdadm/index.html @@ -45,9 +45,9 @@ - + - + @@ -476,6 +476,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/mellanox/index.html b/public/tags/mellanox/index.html index f7ebdef0..e491ea2d 100644 --- a/public/tags/mellanox/index.html +++ b/public/tags/mellanox/index.html @@ -45,9 +45,9 @@ - + - + @@ -484,6 +484,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/meshcentral/index.html b/public/tags/meshcentral/index.html index 1874154c..4cf7a011 100644 --- a/public/tags/meshcentral/index.html +++ b/public/tags/meshcentral/index.html @@ -45,9 +45,9 @@ - + - + @@ -476,6 +476,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/metabase/index.html b/public/tags/metabase/index.html index 0976f2ef..64555a04 100644 --- a/public/tags/metabase/index.html +++ b/public/tags/metabase/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/nas/index.html b/public/tags/nas/index.html index ab0b42cc..e6cea402 100644 --- a/public/tags/nas/index.html +++ b/public/tags/nas/index.html @@ -45,9 +45,9 @@ - + - + @@ -591,6 +591,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/networkmanager/index.html b/public/tags/networkmanager/index.html index de60843e..2b155c81 100644 --- a/public/tags/networkmanager/index.html +++ b/public/tags/networkmanager/index.html @@ -45,9 +45,9 @@ - + - + @@ -478,6 +478,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/nvidia/index.html b/public/tags/nvidia/index.html index 6ba1734b..dd2de3b5 100644 --- a/public/tags/nvidia/index.html +++ b/public/tags/nvidia/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/nvme/index.html b/public/tags/nvme/index.html index 24004709..53609a86 100644 --- a/public/tags/nvme/index.html +++ b/public/tags/nvme/index.html @@ -45,9 +45,9 @@ - + - + @@ -470,6 +470,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/pgbarman/index.html b/public/tags/pgbarman/index.html index 9f750ac1..e7aea559 100644 --- a/public/tags/pgbarman/index.html +++ b/public/tags/pgbarman/index.html @@ -45,9 +45,9 @@ - + - + @@ -520,6 +520,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/pgbench/index.html b/public/tags/pgbench/index.html index 49c43b0a..6d70724d 100644 --- a/public/tags/pgbench/index.html +++ b/public/tags/pgbench/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/postgresql/index.html b/public/tags/postgresql/index.html index 0d7271e7..e287bd1f 100644 --- a/public/tags/postgresql/index.html +++ b/public/tags/postgresql/index.html @@ -45,9 +45,9 @@ - + - + @@ -828,6 +828,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/preseeds/index.html b/public/tags/preseeds/index.html index 8db64df8..765a126c 100644 --- a/public/tags/preseeds/index.html +++ b/public/tags/preseeds/index.html @@ -45,9 +45,9 @@ - + - + @@ -472,6 +472,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/proxmox/index.html b/public/tags/proxmox/index.html index ec33b22e..b5a443d4 100644 --- a/public/tags/proxmox/index.html +++ b/public/tags/proxmox/index.html @@ -45,9 +45,9 @@ - + - + @@ -530,6 +530,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/ps/index.html b/public/tags/ps/index.html index 221c66e1..412ddebf 100644 --- a/public/tags/ps/index.html +++ b/public/tags/ps/index.html @@ -45,9 +45,9 @@ - + - + @@ -422,6 +422,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/psql/index.html b/public/tags/psql/index.html index 663a3faa..66332dc3 100644 --- a/public/tags/psql/index.html +++ b/public/tags/psql/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/pxe/index.html b/public/tags/pxe/index.html index 3db0c92f..338e3147 100644 --- a/public/tags/pxe/index.html +++ b/public/tags/pxe/index.html @@ -45,9 +45,9 @@ - + - + @@ -584,6 +584,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/raid/index.html b/public/tags/raid/index.html index 736056c7..b432dff6 100644 --- a/public/tags/raid/index.html +++ b/public/tags/raid/index.html @@ -45,9 +45,9 @@ - + - + @@ -472,6 +472,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/remote/index.html b/public/tags/remote/index.html index 15c010b8..4bd38bca 100644 --- a/public/tags/remote/index.html +++ b/public/tags/remote/index.html @@ -45,9 +45,9 @@ - + - + @@ -476,6 +476,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/resolv.conf/index.html b/public/tags/resolv.conf/index.html index ee267e51..0a3e72f4 100644 --- a/public/tags/resolv.conf/index.html +++ b/public/tags/resolv.conf/index.html @@ -45,9 +45,9 @@ - + - + @@ -478,6 +478,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/restore/index.html b/public/tags/restore/index.html index 1c8ff3ac..f247b440 100644 --- a/public/tags/restore/index.html +++ b/public/tags/restore/index.html @@ -45,9 +45,9 @@ - + - + @@ -472,6 +472,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/ssh/index.html b/public/tags/ssh/index.html index e24a906f..a14c6586 100644 --- a/public/tags/ssh/index.html +++ b/public/tags/ssh/index.html @@ -45,9 +45,9 @@ - + - + @@ -535,6 +535,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/synology/index.html b/public/tags/synology/index.html index fd00e407..c873dff8 100644 --- a/public/tags/synology/index.html +++ b/public/tags/synology/index.html @@ -45,9 +45,9 @@ - + - + @@ -751,6 +751,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/timezone/index.html b/public/tags/timezone/index.html index ff8a7601..207ed1da 100644 --- a/public/tags/timezone/index.html +++ b/public/tags/timezone/index.html @@ -45,9 +45,9 @@ - + - + @@ -470,6 +470,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/ubuntu/index.html b/public/tags/ubuntu/index.html index aef06288..aed3b088 100644 --- a/public/tags/ubuntu/index.html +++ b/public/tags/ubuntu/index.html @@ -45,9 +45,9 @@ - + - + @@ -904,6 +904,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/vim/index.html b/public/tags/vim/index.html index 083c172e..4c1c7ad3 100644 --- a/public/tags/vim/index.html +++ b/public/tags/vim/index.html @@ -45,9 +45,9 @@ - + - + @@ -474,6 +474,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/vpn/index.html b/public/tags/vpn/index.html index 4fe07fa3..0568b37e 100644 --- a/public/tags/vpn/index.html +++ b/public/tags/vpn/index.html @@ -45,9 +45,9 @@ - + - + @@ -652,6 +652,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/wireguard/index.html b/public/tags/wireguard/index.html index f3fbfea5..26ab4cef 100644 --- a/public/tags/wireguard/index.html +++ b/public/tags/wireguard/index.html @@ -45,9 +45,9 @@ - + - + @@ -642,6 +642,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/zfs/index.html b/public/tags/zfs/index.html index e94d0ab1..a2ba5b52 100644 --- a/public/tags/zfs/index.html +++ b/public/tags/zfs/index.html @@ -45,9 +45,9 @@ - + - + @@ -522,6 +522,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/短今/index.html b/public/tags/短今/index.html index 38a189e7..d9c7f7fa 100644 --- a/public/tags/短今/index.html +++ b/public/tags/短今/index.html @@ -45,9 +45,9 @@ - + - + @@ -422,6 +422,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/筆記/index.html b/public/tags/筆記/index.html index 36f17af0..9cef75d2 100644 --- a/public/tags/筆記/index.html +++ b/public/tags/筆記/index.html @@ -45,9 +45,9 @@ - + - + @@ -761,6 +761,6 @@ if (!doNotTrack) { - + diff --git a/public/tags/群暉/index.html b/public/tags/群暉/index.html index 3df65f40..dcec3bf2 100644 --- a/public/tags/群暉/index.html +++ b/public/tags/群暉/index.html @@ -45,9 +45,9 @@ - + - + @@ -482,6 +482,6 @@ if (!doNotTrack) { - +