Initial commit: obsidian to gitea

2026-05-07 15:04:41 +08:00
commit a57afa86b4
323 changed files with 42569 additions and 0 deletions
--- a/Commands.md
+++ b/Commands.md
@@ -0,0 +1,311 @@
+### Python
+
+`pip install xxx -i https://pypi.tuna.tsinghua.edu.cn/simple`
+
+mirrors:
+- https://pypi.tuna.tsinghua.edu.cn/simple
+- https://mirrors.aliyun.com/pypi/simple/
+
+
+### RDMA
+
+`ibstat`
+`ibv_devinfo`
+
+`lspci | grep -i mellanox` (`apt install pciutils`)
+
+`wget https://content.mellanox.com/ofed/MLNX_OFED-24.10-2.1.8.0/MLNX_OFED_LINUX-24.10-2.1.8.0-ubuntu24.04-x86_64.tgz`
+`./mlnxofedinstall --user-space-only --without-fw-update --distro ubuntu24.04 --force`
+[MLNX_OFED Download Center](https://network.nvidia.com/products/infiniband-drivers/linux/mlnx_ofed/)
+
+`ib_send_bw <server_ip> --report_gbits`
+
+
+
+### Linux
+
+`cat /etc/os-release`
+`cat /proc/cpuinfo`
+
+
+
+### uv
+
+`curl -LsSf https://astral.sh/uv/install.sh | sh`
+`uv self update`
+
+
+
+## docker
+
+`docker system info` 来得到 config 配置
+
+`/etc/docker/daemon.json` 内配置：
+
+``` json
+{
+  "proxies": {
+    "http-proxy": "http://ipads:ipads123@202.120.40.82:11235",
+    "https-proxy": "http://ipads:ipads123@202.120.40.82:11235"
+  }
+}
+```
+
+
+
+## Proxy
+
+```
+p="http://127.0.0.1:7890"
+p="http://gahow:Jiahao_4465_proxy@47.83.188.3:9118"
+p="http://gahow:Jiahao_13387_proxy@47.245.13.144:12358"
+```
+
+server: tiny proxy
+
+```
+sudo apt install tinyproxy -y
+sudo vim /etc/tinyproxy/tinyproxy.conf
+sudo systemctl restart tinyproxy
+```
+
+
+trojan
+
+```
+trojan -c trojan_server.json
+```
+
+trojan_server.json
+
+```json
+{
+    "run_type": "server",
+    "local_addr": "0.0.0.0",
+    "local_port": 12358,
+    "remote_addr": "127.0.0.1",
+    "remote_port": 80,
+    "password": [
+        "Jiahao_4465_trojan_proxy"
+    ],
+    "log_level": 1,
+    "ssl": {
+        "cert": "/home/gahow/ca/certificate.crt",
+        "key": "/home/gahow/ca/privkey.key",
+        "key_password": "",
+        "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384",
+        "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
+        "prefer_server_cipher": true,
+        "alpn": [
+            "http/1.1"
+        ],
+        "alpn_port_override": {
+            "h2": 81
+        },
+        "reuse_session": true,
+        "session_ticket": false,
+        "session_timeout": 600,
+        "plain_http_response": "",
+        "curves": "",
+        "dhparam": ""
+    },
+    "tcp": {
+        "prefer_ipv4": false,
+        "no_delay": true,
+        "keep_alive": true,
+        "reuse_port": false,
+        "fast_open": false,
+        "fast_open_qlen": 20
+    },
+    "mysql": {
+        "enabled": false,
+        "server_addr": "127.0.0.1",
+        "server_port": 3306,
+        "database": "trojan",
+        "username": "trojan",
+        "password": "",
+        "key": "",
+        "cert": "",
+        "ca": ""
+    }
+}
+```
+
+trojan_client.json
+
+```json
+{
+    "run_type": "client",
+    "local_addr": "127.0.0.1",
+    "local_port": 1080,
+    "remote_addr": "47.245.13.144",
+    "remote_port": 12358,
+    "password": [
+        "Jiahao_13387_trojan_proxy"
+    ],
+    "log_level": 1,
+    "ssl": {
+        "verify": false,
+        "verify_hostname": true,
+        "cert": "",
+        "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
+        "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
+        "sni": "",
+        "alpn": [
+            "h2",
+            "http/1.1"
+        ],
+        "reuse_session": true,
+        "session_ticket": false,
+        "curves": ""
+    },
+    "tcp": {
+        "no_delay": true,
+        "keep_alive": true,
+        "reuse_port": false,
+        "fast_open": false,
+        "fast_open_qlen": 20
+    },
+    "forward_proxy": {
+	    "enabled": true,
+	    "listen_addr": "127.0.0.1",
+	    "listen_port": 3128
+	}
+}
+```
+
+
+http to socks5h
+```bash
+sudo apt update
+sudo apt install privoxy -y
+sudo vim /etc/privoxy/config
+
+# add some lines:
+#    listen-address  127.0.0.1:7890
+#    forward-socks5t   /   127.0.0.1:1080  .
+
+sudo privoxy /etc/privoxy/config
+```
+
+
+## Mount
+
+`mount_webdav`, `umount`
+
+
+## IP
+
+`curl ipinfo.io / curl ip-api.com`
+
+
+
+## Model download
+
+`uvx modelscope download --model Qwen/Qwen3-VL-8B-Instruct --local_dir ./Qwen3-VL-8B-Instruct`
+
+
+
+## Self signed ca
+
+```bash
+# 进入 root（如果你已经是 root 可跳过）
+# sudo -i
+
+# 创建目录并进入
+mkdir -p /root/ca
+cd /root/ca
+chmod 700 /root/ca
+
+# ---------- A. 生成 CA（根证书） ----------
+# 生成 CA 私钥（4096 bits）
+openssl genrsa -out /root/ca/ca.key 4096
+
+# 生成自签 CA 根证书（有效期 10 年 => 3650 天）
+openssl req -x509 -new -nodes -key /root/ca/ca.key \
+  -sha256 -days 3650 -out /root/ca/ca.crt \
+  -subj "/C=CN/ST=Shanghai/L=Shanghai/O=MyOrg/OU=MyUnit/CN=MyLocalCA"
+
+chmod 600 /root/ca/ca.key
+chmod 644 /root/ca/ca.crt
+
+# ---------- B. 生成服务器私钥与 CSR（包含 SAN 配置） ----------
+# 服务器私钥（2048 bits）
+openssl genrsa -out /root/ca/privkey.key 2048
+chmod 600 /root/ca/privkey.key
+
+# 生成用于 CSR 的配置文件（内含 SAN）
+cat > /root/ca/server.csr.cnf <<'EOF'
+[req]
+default_bits = 2048
+prompt = no
+default_md = sha256
+distinguished_name = dn
+req_extensions = req_ext
+
+[dn]
+C=CN
+ST=Shanghai
+L=Shanghai
+O=MyOrg
+OU=MyUnit
+CN = my.example.com
+
+[req_ext]
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = my.example.com
+DNS.2 = localhost
+IP.1 = 127.0.0.1
+EOF
+
+# 生成 CSR
+openssl req -new -key /root/ca/privkey.key -out /root/ca/server.csr -config /root/ca/server.csr.cnf
+
+# ---------- C. 用 CA 签发服务器证书（包含 SAN） ----------
+# v3 扩展文件（可复用）
+cat > /root/ca/v3.ext <<'EOF'
+authorityKeyIdentifier=keyid,issuer
+basicConstraints=CA:FALSE
+keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = my.example.com
+DNS.2 = localhost
+IP.1 = 127.0.0.1
+EOF
+
+# 用 CA 签发（有效期 1 年 = 365 天），-CAcreateserial 会生成 /root/ca/ca.srl
+openssl x509 -req -in /root/ca/server.csr -CA /root/ca/ca.crt -CAkey /root/ca/ca.key \
+  -CAcreateserial -out /root/ca/certificate.crt -days 365 -sha256 -extfile /root/ca/v3.ext
+
+chmod 644 /root/ca/certificate.crt
+
+# ---------- 可选：合并为一个 PEM（某些软件需要） ----------
+cat /root/ca/privkey.key /root/ca/certificate.crt > /root/ca/server.pem
+chmod 600 /root/ca/server.pem
+
+# 输出结果路径
+echo "生成完成："
+echo " CA 根证书: /root/ca/ca.crt"
+echo " CA 私钥  : /root/ca/ca.key"
+echo " 服务器私钥: /root/ca/privkey.key"
+echo " 服务器证书: /root/ca/certificate.crt"
+echo " 合并 PEM  : /root/ca/server.pem (可选)"
+echo " CA serial : /root/ca/ca.srl"
+```
+
+
+修复 apt
+
+```bash
+sudo dpkg --remove --force-depends x11-utils zutty
+
+sudo apt --fix-broken install
+sudo dpkg --configure -a
+
+sudo apt update
+sudo apt install -y --no-install-recommends bubblewrap
+```