瘦了就帅了

瘦了就帅了 Cuile

凡战者，以正合，以奇胜。

Organizations

小差别
- 见微知著，是对事物发展规律的洞察。
- 触类旁通，是对事物内在逻辑的洞悉。
tips Created Tue, 10 May 2022 17:18:14 +0800
七态为品
- 交浅语深，动机不良。
- 口说是非，心态不正。
- 刻薄挑剔，人际不和。
- 言高行低，品行不端。
- 至亲成仇，情感不真。
- 违规为乐，习惯不好。
- 酒后失控，心态不稳。
tips Created Tue, 10 May 2022 17:09:59 +0800

Docker 环境 Django 开发简介

1 准备环境

开发环境还是建议使用 Docker 来搭建，方便快捷。不过 Django 的官方镜像已经弃用了，官方建议新版本使用 Python 官方提供的镜像来构建。

Docker
  ┗ Python == 3.9.12-buster
      ┗ Django == 3.2.13 LTS
      ┗ django-simpleui==2022.11.30

可以参考[https://github.com/Cuile/Docker-to-Python/tree/master/Django]，提供了 Dockerfil、yml 文件，还提供全套使用命令。

2 创建项目

# 创建项目
$ django-admin startproject mysite
$ cd mysite

# 生成项目
$ python manage.py startapp websrc
# 运行项目测试
$ python manage.py runserver 0.0.0.0:80

修改配置后，建议使用项目调试的方式启动，不要使用快捷命令，项目正常启动稳定运行后，再使用快捷命令。

# settings.py

# 任意地址都可以访问 Django
ALLOWED_HOSTS = ['*'] 

# 添加 simpleui 模板，和创建的项目
INSTALLED_APPS = [
  'simpleui',
  'websrc',
  '......',
]

# 这个与多语种有关，在项目初始阶段不要修改，后续添加了多语种支持再修改，否则会导致无法启动。
# 具体参考(http://www.i18nguy.com/unicode/language-identifiers.html)，有个傻逼教程，上来就改成 zh-CN 果然导致项目无法正常启动。
# 正确的简体中文代码如下：
LANGUAGE_CODE = 'zh-Hans'

# 时区，上海就代表北京时间，这个不能写错，写错就启动不了
# 具体参考(https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)，这里是标准的，有个傻逼教程非给写成 Asia/Beijing 导致怎么都起不来，太TMD的二逼了。
# 正解的北京时间时区如下：
TIME_ZONE = 'Asia/Shanghai'

# 启动翻译，与上面的 LANGUAGE_CODE 设置相对应
USE_I18N = True
# 启动格式控制
USE_L10N = True
# 启动时区
USE_TZ = True

3 创建管理员账号

$ python manage.py createsuperuser
Username: admin
Email address: [email protected]
Password: **********
Password (again): *********
Superuser created successfully.

访问项目链接，比如"http://127.0.0.1:8000/admin/

gunicorn Supervisor Python docker Django Created Tue, 10 May 2022 16:30:13 +0800

CentOS 7 安装 Python3.9.12

1、查看已安装的Python

# 查看已安装的信息
$ yum info python3
# 查看python安装位置
$ whereis python3

2、卸载已安装的Python环境

# 卸载已安装的程序
$ yum erase python3
# 删除所有残余文件
$ whereis python3|xargs rm -frv
# 查看现有的python
$ whereis python3

3、yum安装依赖环境

$ yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel

4、官网下载Python3.9.12

$ yum -y install wget
# 尽量使用国内镜像站点下载比较快
$ wget https://mirrors.huaweicloud.com/python/3.9.12/Python-3.9.12.tgz

5、创建安装目录

$ tar -zxvf Python-3.9.12.tgz -C ./
$ cd  Python-3.9.12
$ mkdir /usr/local/python3 
$ ./configure --prefix=/usr/local/python3.9.12
$ make && make install

6、创建软链接

$ ln -s /usr/local/python3.9.12/bin/python3 /usr/bin/python3
$ ln -s /usr/local/python3.9.12/bin/pip3 /usr/bin/pip3

7、测试

$ python3 -V
Python 3.9.12

$ pip3 -V
pip 22.0.4 from /usr/local/python3.9.12/lib/python3.9/site-packages/pip (python 3.9)

8、pip升级、换源

# pip升级
$ python3 -m pip install --upgrade pip
# pip换源
# 推荐使用清华的源，因为使用https协议
$ pip3 config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple

pip CentOS 7 Python Created Fri, 06 May 2022 13:11:27 +0800

Docker 安装

其实网上相关的文章已经非常多了，所以这篇文章的作用只是记录和明确一条确定可行的操作路径，为以后的操作节省时间，毕竟像我一样大部分人都不是专业的系统管理员，能够快速解决问题就可以了，并不想做过多的专业研究与探索。

本操作手册是官方手册与网上手册的结合版本，集两家之所长，亲自操作可用。

Debian

# 安装 Docker 证书
sudo apt-get install -y ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc\
sudo echo
      "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian
      $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |
      sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

# 安装 Docker
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# 启动 Docker
sudo systemctl enable docker.service
sudo systemctl start docker.service

# 测试
sudo docker version
> Client: Docker Engine - Community
> ...
> Server: Docker Engine - Community
> ...
sudo docker compose version
> Docker Compose version v...

# 使用非 root 用户管理 Docker
# 创建 docker 用户组
sudo groupadd docker
# 将当前用户添加到 docker 用户组
sudo usermod -aG docker $USER
# 重启
# 再次测试
docker version
> Client: Docker Engine - Community
> ...
> Server: Docker Engine - Community
> ...
docker compose version
> Docker Compose version v...

CentOS | Rocky

# 查看系统版本
cat /etc/redhat-release
> CentOS Linux release 7.6.1810 (Core) // CentOs 7 以上版本

# 查看系统内核版本
uname -r
> 4.10.4-1.el7.elrepo.x86_64 // 内核版本要>3.10

# 卸载旧版本
yum remove docker
            docker-client
            docker-client-latest
            docker-common
            docker-latest
            docker-latest-logrotate
            docker-logrotate
            docker-selinux
            docker-engine-selinux
            docker-engine

# 安装依赖包
yum install -y yum-utils lvm2
                device-mapper-persistent-data

# 添加 Docker 软件源
# 如果系统已切换到阿里云镜像源地址，可跳过此步。
# 阿里云镜像自带docker源
yum-config-manager
    --add-repo
    https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo

# 使用官方源
yum-config-manager
    --add-repo
    https://download.docker.com/linux/centos/docker-ce.repo

yum makecache fast
# CentOS 8 or Rocky 9 使用timer替换fast
yum makecache timer

# 安装 Docker
# 如果在 Rocky 9 系统上，会提示containerd.io版本过低，或下载失败，需要独立安装containerd.io
# 可以重试几次
yum install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin

# 启动 Docker
# 设为开机启动
systemctl enable docker.service
# 启动服务
systemctl start docker.service

# 测试
docker run hello-world
> Unable to find image 'hello-world:latest' locally
> latest: Pulling from library/hello-world
> 1b930d010525: Pull complete
> Digest: sha256:6540fc08ee6e6b7b63468dc3317e3303aae178cb8a45ed3123180328bcc1d20f
> Status: Downloaded newer image for hello-world:latest
> 
> Hello from Docker!
> This message shows that your installation appears to be working correctly.
> 
> To generate this message, Docker took the following steps:
>  1. The Docker client contacted the Docker daemon.
>  2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
>     (amd64)
>  3. The Docker daemon created a new container from that image which runs the
>     executable that produces the output you are currently reading.
>  4. The Docker daemon streamed that output to the Docker client, which sent it
>     to your terminal.
> 
> To try something more ambitious, you can run an Ubuntu container with:
>  docker run -it ubuntu bash
> 
> Share images, automate workflows, and more with a free Docker ID:
>  https://hub.docker.com/
> 
> For more examples and ideas, visit:
>  https://docs.docker.com/get-started/

docker compose version
> Docker Compose version v...

若能正常输出以上信息，则说明安装成功。

linux CentOS Debian rocky Docker Created Fri, 06 May 2022 11:05:23 +0800

修复 ProxmoxVE RRD 错误

Proxmox系统安装后，日志报错

rrdcached[4513]: handle_request_update: Could not read RRD file.
pmxcfs[4527]: [status] notice: RRDC update error /var/lib/rrdcached/db/pve2-vm/85235: -1
pmxcfs[4527]: [status] notice: RRD update error /var/lib/rrdcached/db/pve2-vm/85235: mmaping file '/var/lib/rrdcached/db/pve2-vm/85235': Invalid argument

修复命令

$ rm -r /var/lib/rrdcached/db
$ systemctl restart rrdcached.service

参考文档

Strange RRD error

rrd proxmoxve Created Tue, 08 Feb 2022 10:42:35 +0800

FFmpeg脚本

脚本基于Windows10系统设计

查看软件版本

D:\ffmpeg\bin>ver

Microsoft Windows [版本 10.0.18362.356]

D:\ffmpeg\bin>ffmpeg.exe -version

ffmpeg version N-94600-g661a9b274b Copyright (c) 2000-2019 the FFmpeg developers
built with gcc 9.1.1 (GCC) 20190807
configuration: --enable-gpl --enable-version3 --enable-sdl2 --enable-fontconfig --enable-gnutls --enable-iconv --enable-libass --enable-libdav1d --enable-libbluray --enable-li
bfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-libshine --enable-libsnappy --enable-libsoxr
 --enable-libtheora --enable-libtwolame --enable-libvpx --enable-libwavpack --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libzimg --enable-lzma 
--enable-zlib --enable-gmp --enable-libvidstab --enable-libvorbis --enable-libvo-amrwbenc --enable-libmysofa --enable-libspeex --enable-libxvid --enable-libaom --enable-libmfx
 --enable-amf --enable-ffnvcodec --enable-cuvid --enable-d3d11va --enable-nvenc --enable-nvdec --enable-dxva2 --enable-avisynth --enable-libopenmpt
libavutil      56. 33.100 / 56. 33.100
libavcodec     58. 55.100 / 58. 55.100
libavformat    58. 31.101 / 58. 31.101
libavdevice    58.  9.100 / 58.  9.100
libavfilter     7. 58.100 /  7. 58.100
libswscale      5.  6.100 /  5.  6.100
libswresample   3.  6.100 /  3.  6.100
libpostproc    55.  6.100 / 55.  6.100

添加LOGO

D:\ffmpeg\bin\ffmpeg ^
                    -c:v h264_qsv ^
                    -i %1 ^
                    -i F:\\电教馆\\logo.png ^
                    -c:v h264_qsv ^
                    -b:v 1894k ^
                    -filter_complex [1:v]scale=125:125[logo];[0:v][logo]overlay=30:25 ^
                    -c:a copy ^
                    -y ^
                    %2

去掉LOGO

D:\ffmpeg\bin\ffmpeg ^
                    -c:v h264_qsv ^
                    -i %1 ^
                    -c:v h264_qsv ^
                    -b:v 1894k ^
                    -filter_complex [0:v]split[split_main][split_delogo];[split_delogo]trim=start=1:end=5,delogo=x=270:y=820:w=1420:h=50:show=0[delogoed];[split_main][delogoed]overlay=eof_action=pass ^
                    -c:a copy ^
                    -y ^
                    %2

合并操作

D:\ffmpeg\bin\ffmpeg ^
                    -c:v h264_qsv ^
                    -i %1 ^
                    -i F:\\电教馆\\logo.png ^
                    -c:v h264_qsv ^
                    -b:v 1894k ^
                    -filter_complex [1:v]scale=125:125[logo];[0:v][logo]overlay=30:25[tmp_video];[tmp_video]split[main][delogo];[delogo]trim=start=1:end=5,delogo=x=270:y=820:w=1420:h=50:show=0[delogoed];[main][delogoed]overlay=eof_action=pass ^
                    -c:a copy ^
                    -y ^
                    %2

遍历文件夹下的MP4文件，打水印、去字幕、截图验证效果

@echo off & setlocal enabledelayedexpansion

echo #################################################
echo 开始处理视频文件
echo. 
:: 指定起始文件夹
set DIR="E:\六年级\"
REM set DIR="E:\六年级\第一学期\sx6s01001\"
echo DIR=%DIR%

REM 指定运行参数
set scale="scale=90:90"
set overlay="overlay=50:15"
set trim="trim=start=2:end=6"
set delogo="delogo=x=190:y=545:w=930:h=30:show=0"

:: 参数 /R 表示需要遍历子文件夹,去掉表示不遍历子文件夹
:: %%f 是一个变量,类似于迭代器,但是这个变量只能由一个字母组成,前面带上%%
:: 括号中是通配符,可以指定后缀名,*.*表示所有文件
for /R %DIR% %%f in (*.mp4) do (
	echo f=%%f
	call :check_info "%%f" ^
	&& echo ################################################# ^
	&& echo bit_rate=!bit_rate! ^
	&& call :process_mpeg4 "%%f","%%~df%%~pf%%~nf_out%%~xf",!bit_rate!,%scale%,%overlay%,%trim%,%delogo% ^
	&& call :screenshot "%%~df%%~pf%%~nf_out%%~xf","%%~df%%~pf%%~nf_out"
)
exit /b

:check_info
	echo #################################################
	echo check_info
	for /F %%s in ('D:\ffmpeg\bin\ffprobe -hide_banner ^
											-unit -prefix -byte_binary_prefix ^
											-print_format flat ^
											-show_format -show_streams ^
											-i %1 ^| find "streams.stream.0.bit_rate"') do (set bit_rate=%%s)
	set bit_rate=%bit_rate:~27,5%
	set bit_rate=%bit_rate:.=%
goto :eof

:process_mpeg4
	echo #################################################
	echo process_mpeg4
	D:\ffmpeg\bin\ffmpeg -hide_banner ^
							-vcodec mpeg4 ^
							-i %1 -i F:\\电教馆\\logo.png ^
							-vcodec h264_qsv -b:v %3k ^
							-filter_complex [1:v]%4[logo];[0:v][logo]%5[tmp_video];[tmp_video]split[main][delogo];[delogo]%6,%7[delogoed];[main][delogoed]overlay=eof_action=pass ^
							-acodec copy ^
							-y %2
goto :eof

:process_h264_qsv
	echo #################################################
	echo process_h264_qsv
	D:\ffmpeg\bin\ffmpeg -hide_banner ^
							-vcodec h264_qsv ^
							-i %1 -i F:\\电教馆\\logo.png ^
							-vcodec h264_qsv -b:v %3k ^
							-filter_complex [1:v]%4[logo];[0:v][logo]%5[tmp_video];[tmp_video]split[main][delogo];[delogo]%6,%7[delogoed];[main][delogoed]overlay=eof_action=pass ^
							-acodec copy ^
							-y %2
goto :eof

:screenshot
	echo #################################################
	echo screenshot
	for /L %%i in (3,1,5) do (
		D:\ffmpeg\bin\ffmpeg -hide_banner ^
								-ss 00:0%%i -vcodec h264_qsv ^
								-i %1 ^
								-vframes 1 -f image2 ^
								-y %2_%%is_screenshot.jpg
	)
goto :eof

Windwos FFmpeg Created Tue, 08 Feb 2022 10:31:15 +0800

软件库管理

APT

Debian 全球镜像站

查找延迟最小的镜像

sudo apt install -y netselect-apt \
    && sudo netselect-apt \
    && sudo apt autoremove -y netselect-apt \
    && rm -f sources.list

The fastest 10 servers seem to be:

        http://mirrors.bfsu.edu.cn/debian/
        http://mirrors.tuna.tsinghua.edu.cn/debian/
        http://mirrors.neusoft.edu.cn/debian/
        http://mirrors.jlu.edu.cn/debian/
        http://ftp.cn.debian.org/debian/
        http://debian.cs.nycu.edu.tw/debian/
        http://mirror.i3d.net/debian/
        http://mirrors.163.com/debian/
        http://mirror.bizflycloud.vn/debian/
        http://ftp.kaist.ac.kr/debian/

Of the hosts tested we choose the fastest valid for http:
        http://mirrors.bfsu.edu.cn/debian/

Writing sources.list.
Done.

修改仓库

# PVE QEMU debian-12-generic-amd64.qcow2
# echo 'http://mirrors.bfsu.edu.cn/debian/' | sudo tee /etc/apt/mirrors/debian.list
# echo 'http://mirrors.bfsu.edu.cn/debian-security/' | sudo tee -a /etc/apt/mirrors/debian-security.list
sed -i -e "s/deb.debian.org/mirrors.bfsu.edu.cn/" /etc/apt/mirrors/debian.list
sed -i -e "s/deb.debian.org/mirrors.bfsu.edu.cn/" /etc/apt/mirrors/debian-security.list

# PVE LXC debian-12-standard_12.7-1_amd64.tar.zst
sed -i -e "s/deb.debian.org/mirrors.bfsu.edu.cn/" /etc/apt/sources.list
sed -i -e "s/security.debian.org/mirrors.bfsu.edu.cn\/debian-serurity/" /etc/apt/sources.list

# Docker imaage debian:12
sed -i -e "s/deb.debian.org/mirrors.bfsu.edu.cn/" /etc/apt/sources.list.d/debian.sources

# 启用非自由仓库
sed -i 's/main$/main contrib non-free non-free-firmware/' /etc/apt/sources.list

# update    
apt update

# 查询软件包版本信息、优先级和来源
apt policy <package_name>
apt-cache policy <package_name>

# 安装指定版本的包
apt install <package_name>=<version_number>

YUM

查询仓库

yum repolist
# 显示所有仓库
yum repolist all
# 显示所有启动的仓库
yum repolist enabled
# 显示所有禁用的仓库
yum repolist disabled

修改仓库

最常用的修改操作就是启动和停用, 可以使用以下命令实现:

CentOS debian repo yum apt Created Tue, 08 Feb 2022 10:28:50 +0800

Linux系统内核升级

脚本基于Centos 7

1、查看系统内核版本

$ uname -r
3.10.0-514.26.2.el7.x86_64
$ cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core)

2、升级内核

导入elrepo的key，然后安装elrepo的yum源

$ rpm -import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
$ rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm

查看可用的内核相关包

$ yum --disablerepo="*" --enablerepo="elrepo-kernel" list available

主分支ml(mainline)，稳定版(stable)，长期维护版lt(longterm) 安装内核

$ yum -y --enablerepo=elrepo-kernel install kernel-ml.x86_64 kernel-ml-devel.x86_64

3、修改grub

# 查看系统内核列表
$ awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg
CentOS Linux (5.2.11-1.el7.elrepo.x86_64) 7 (Core) # 新内核（5.2.11）在0的位置上
CentOS Linux (3.10.0-957.27.2.el7.x86_64) 7 (Core)
CentOS Linux (3.10.0-514.26.2.el7.x86_64) 7 (Core)
CentOS Linux (3.10.0-514.el7.x86_64) 7 (Core)
CentOS Linux (0-rescue-963c2c41b08343f7b063dddac6b2e486) 7 (Core)

$ vim /etc/default/grub
#将 GRUB_DEFAULT=saved 改为 GRUB_DEFAULT=0

# 重建内核配置
$ grub2-mkconfig -o /boot/grub2/grub.cfg

# or 使用第二种命令行方式，减少操作复杂度，减少出错机率

# 查看系统内核列表
$ cat /boot/grub2/grub.cfg | grep menuentry
if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
  menuentry_id_option=""
export menuentry_id_option
menuentry 'CentOS Linux (6.2.2-1.el7.elrepo.x86_64) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.10.0-1160.81.1.el7.x86_64-advanced-fbc2582d-2e8a-4c41-8ba8-83656d8df89b' {
menuentry 'CentOS Linux (3.10.0-1160.83.1.el7.x86_64) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.10.0-1160.81.1.el7.x86_64-advanced-fbc2582d-2e8a-4c41-8ba8-83656d8df89b' {
menuentry 'CentOS Linux (3.10.0-1160.81.1.el7.x86_64) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.10.0-1160.81.1.el7.x86_64-advanced-fbc2582d-2e8a-4c41-8ba8-83656d8df89b' {
menuentry 'CentOS Linux (3.10.0-1160.el7.x86_64) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.10.0-1160.el7.x86_64-advanced-fbc2582d-2e8a-4c41-8ba8-83656d8df89b' {
menuentry 'CentOS Linux (0-rescue-9745ea2ecc634c89aef55f4dc21ee8fc) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-0-rescue-9745ea2ecc634c89aef55f4dc21ee8fc-advanced-fbc2582d-2e8a-4c41-8ba8-83656d8df89b' {
# 配置默认内核
$ grub2-set-default "CentOS Linux (6.2.2-1.el7.elrepo.x86_64) 7 (Core)"
# 验证修改结果
$ grub2-editenv list
saved_entry=CentOS Linux (6.2.2-1.el7.elrepo.x86_64) 7 (Core)

4、重启系统

$ reboot

#查看内核版本
$ uname -r
5.2.11-1.el7.elrepo.x86_64

kernel Linux Created Tue, 08 Feb 2022 10:17:48 +0800

iptables 配置

基于Centos 7

注意：CentOS 7默认的防火墙不是iptables,而是firewalld

停止firewalld服务

# 停止firewalld服务
systemctl stop firewalld
# 禁用firewalld服务
# systemctl mask firewalld
# 删除firewalld
yum erase firewalld

安装 iptables

# 先检查是否安装了iptables
systemctl status iptables
# 安装iptables
yum install iptables iptables-services -y

启动 iptables

# 注册iptables服务，相当于以前的chkconfig iptables on
systemctl enable iptables
# 开启服务
systemctl start iptables
# 查看状态
systemctl status iptables
# 重启防火墙
systemctl restart iptables
# 保存规则
service iptables save
# 如果报“-bash: service: command not found”，则需要安装initscripts
yum install initscripts -y

关键规则

注意添加规则的先后顺序

iptables Firewall linux Created Tue, 08 Feb 2022 10:09:48 +0800

Previous Next