Differences

This shows you the differences between two versions of the page.

--- config [2018/03/04 10:36] – created fe80:a032:fcd2:21e3:d6a9:04ef:17ba:9974
+++ config [2024/04/05 07:48] (current) – A User Not Logged in
@@ Line 1: / Line 1: @@
-====== Caddy ======
+====== Systemd ======
-systemd service:
+====== Docker ======
-```
-[Unit]
+pull from proxy:
-Description=Caddy HTTP/2 web server
-Documentation=https://caddyserver.com/docs
-After=network-online.target
-Wants=network-online.target systemd-networkd-wait-online.service
-[Service]
+<code>
-Restart=on-abnormal
-; User and group the process will run as.
+mkdir -p /etc/systemd/system/docker.service.d
-User=root
+cd /etc/systemd/system/docker.service.d
-Group=root
+cat > http-proxy.conf <<EOF
+Environment="HTTP_PROXY=http://127.0.0.1:8080"
+Environment="NO_PROXY=localhost,127.0.0.0/8,192.168.0.0/16"
+EOF
+systemctl daemon-reload
+systemctl restart docker.service
+cd -
-; Letsencrypt-issued certificates will be written to this directory.
+</code>
-Environment=CADDYPATH=/etc/ssl/caddy
-; Always set "-root" to something safe in case it gets forgotten in the Caddyfile.
+use docker hub mirrors:
-ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
-ExecReload=/bin/kill -USR1 $MAINPID
-; Use graceful shutdown with a reasonable timeout
+<code>
-KillMode=mixed
+mkdir -p /etc/docker
-KillSignal=SIGQUIT
+cat > /etc/docker/daemon.json << EOF
-TimeoutStopSec=5s
+{
+  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn/"]
+}
+EOF
+sudo systemctl restart docker.service
+</code>
-; Limit the number of file descriptors; see `man systemd.exec` for more limit settings.
+add current user to docker group:
-LimitNOFILE=1048576
-; Unmodified caddy is not expected to use more than that.
-LimitNPROC=512
-; Use private /tmp and /var/tmp, which are discarded after caddy stops.
+  sudo usermod -aG docker $USER
-#PrivateTmp=true
-; Use a minimal /dev
+install apps
-#PrivateDevices=true
-; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
-#ProtectHome=true
-; Make /usr, /boot, /etc and possibly some more folders read-only.
-ProtectSystem=full
-; except /etc/ssl/caddy, because we want Letsencrypt-certificates there.
-;   This merely retains r/w access rights, it does not add any new. Must still be writable on the host!
-ReadWriteDirectories=/etc/ssl/caddy
-; The following additional security directives only work with systemd v229 or later.
+  docker run --name mysql -p 3306:3306 -v $PWD/datadir:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=toor -d mysql
-; They further restrict privileges that can be gained by caddy. Uncomment if you like.
+  docker run -it -v ~/Documents:/var/www/html --name localhost -p 80:80 php:7.1-apache bash
-; Note that you may have to add capabilities required by any plugins in use.
-;CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-;AmbientCapabilities=CAP_NET_BIND_SERVICE
-;NoNewPrivileges=true
-[Install]
-WantedBy=multi-user.target
-```