### Python `pip install xxx -i https://pypi.tuna.tsinghua.edu.cn/simple` mirrors: - https://pypi.tuna.tsinghua.edu.cn/simple - https://mirrors.aliyun.com/pypi/simple/ ### RDMA `ibstat` `ibv_devinfo` `lspci | grep -i mellanox` (`apt install pciutils`) `wget https://content.mellanox.com/ofed/MLNX_OFED-24.10-2.1.8.0/MLNX_OFED_LINUX-24.10-2.1.8.0-ubuntu24.04-x86_64.tgz` `./mlnxofedinstall --user-space-only --without-fw-update --distro ubuntu24.04 --force` [MLNX_OFED Download Center](https://network.nvidia.com/products/infiniband-drivers/linux/mlnx_ofed/) `ib_send_bw --report_gbits` ### Linux `cat /etc/os-release` `cat /proc/cpuinfo` ### uv `curl -LsSf https://astral.sh/uv/install.sh | sh` `uv self update` ## docker `docker system info` 来得到 config 配置 `/etc/docker/daemon.json` 内配置: ``` json { "proxies": { "http-proxy": "http://ipads:ipads123@202.120.40.82:11235", "https-proxy": "http://ipads:ipads123@202.120.40.82:11235" } } ``` ## Proxy ``` p="http://127.0.0.1:7890" p="http://gahow:Jiahao_4465_proxy@47.83.188.3:9118" p="http://gahow:Jiahao_13387_proxy@47.245.13.144:12358" ``` server: tiny proxy ``` sudo apt install tinyproxy -y sudo vim /etc/tinyproxy/tinyproxy.conf sudo systemctl restart tinyproxy ``` trojan ``` trojan -c trojan_server.json ``` trojan_server.json ```json { "run_type": "server", "local_addr": "0.0.0.0", "local_port": 12358, "remote_addr": "127.0.0.1", "remote_port": 80, "password": [ "Jiahao_4465_trojan_proxy" ], "log_level": 1, "ssl": { "cert": "/home/gahow/ca/certificate.crt", "key": "/home/gahow/ca/privkey.key", "key_password": "", "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384", "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384", "prefer_server_cipher": true, "alpn": [ "http/1.1" ], "alpn_port_override": { "h2": 81 }, "reuse_session": true, "session_ticket": false, "session_timeout": 600, "plain_http_response": "", "curves": "", "dhparam": "" }, "tcp": { "prefer_ipv4": false, "no_delay": true, "keep_alive": true, "reuse_port": false, "fast_open": false, "fast_open_qlen": 20 }, "mysql": { "enabled": false, "server_addr": "127.0.0.1", "server_port": 3306, "database": "trojan", "username": "trojan", "password": "", "key": "", "cert": "", "ca": "" } } ``` trojan_client.json ```json { "run_type": "client", "local_addr": "127.0.0.1", "local_port": 1080, "remote_addr": "47.245.13.144", "remote_port": 12358, "password": [ "Jiahao_13387_trojan_proxy" ], "log_level": 1, "ssl": { "verify": false, "verify_hostname": true, "cert": "", "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA", "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384", "sni": "", "alpn": [ "h2", "http/1.1" ], "reuse_session": true, "session_ticket": false, "curves": "" }, "tcp": { "no_delay": true, "keep_alive": true, "reuse_port": false, "fast_open": false, "fast_open_qlen": 20 }, "forward_proxy": { "enabled": true, "listen_addr": "127.0.0.1", "listen_port": 3128 } } ``` http to socks5h ```bash sudo apt update sudo apt install privoxy -y sudo vim /etc/privoxy/config # add some lines: # listen-address 127.0.0.1:7890 # forward-socks5t / 127.0.0.1:1080 . sudo privoxy /etc/privoxy/config ``` ## Mount `mount_webdav`, `umount` ## IP `curl ipinfo.io / curl ip-api.com` ## Model download `uvx modelscope download --model Qwen/Qwen3-VL-8B-Instruct --local_dir ./Qwen3-VL-8B-Instruct` ## Self signed ca ```bash # 进入 root(如果你已经是 root 可跳过) # sudo -i # 创建目录并进入 mkdir -p /root/ca cd /root/ca chmod 700 /root/ca # ---------- A. 生成 CA(根证书) ---------- # 生成 CA 私钥(4096 bits) openssl genrsa -out /root/ca/ca.key 4096 # 生成自签 CA 根证书(有效期 10 年 => 3650 天) openssl req -x509 -new -nodes -key /root/ca/ca.key \ -sha256 -days 3650 -out /root/ca/ca.crt \ -subj "/C=CN/ST=Shanghai/L=Shanghai/O=MyOrg/OU=MyUnit/CN=MyLocalCA" chmod 600 /root/ca/ca.key chmod 644 /root/ca/ca.crt # ---------- B. 生成服务器私钥与 CSR(包含 SAN 配置) ---------- # 服务器私钥(2048 bits) openssl genrsa -out /root/ca/privkey.key 2048 chmod 600 /root/ca/privkey.key # 生成用于 CSR 的配置文件(内含 SAN) cat > /root/ca/server.csr.cnf <<'EOF' [req] default_bits = 2048 prompt = no default_md = sha256 distinguished_name = dn req_extensions = req_ext [dn] C=CN ST=Shanghai L=Shanghai O=MyOrg OU=MyUnit CN = my.example.com [req_ext] subjectAltName = @alt_names [alt_names] DNS.1 = my.example.com DNS.2 = localhost IP.1 = 127.0.0.1 EOF # 生成 CSR openssl req -new -key /root/ca/privkey.key -out /root/ca/server.csr -config /root/ca/server.csr.cnf # ---------- C. 用 CA 签发服务器证书(包含 SAN) ---------- # v3 扩展文件(可复用) cat > /root/ca/v3.ext <<'EOF' authorityKeyIdentifier=keyid,issuer basicConstraints=CA:FALSE keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment subjectAltName = @alt_names [alt_names] DNS.1 = my.example.com DNS.2 = localhost IP.1 = 127.0.0.1 EOF # 用 CA 签发(有效期 1 年 = 365 天),-CAcreateserial 会生成 /root/ca/ca.srl openssl x509 -req -in /root/ca/server.csr -CA /root/ca/ca.crt -CAkey /root/ca/ca.key \ -CAcreateserial -out /root/ca/certificate.crt -days 365 -sha256 -extfile /root/ca/v3.ext chmod 644 /root/ca/certificate.crt # ---------- 可选:合并为一个 PEM(某些软件需要) ---------- cat /root/ca/privkey.key /root/ca/certificate.crt > /root/ca/server.pem chmod 600 /root/ca/server.pem # 输出结果路径 echo "生成完成:" echo " CA 根证书: /root/ca/ca.crt" echo " CA 私钥 : /root/ca/ca.key" echo " 服务器私钥: /root/ca/privkey.key" echo " 服务器证书: /root/ca/certificate.crt" echo " 合并 PEM : /root/ca/server.pem (可选)" echo " CA serial : /root/ca/ca.srl" ``` 修复 apt ```bash sudo dpkg --remove --force-depends x11-utils zutty sudo apt --fix-broken install sudo dpkg --configure -a sudo apt update sudo apt install -y --no-install-recommends bubblewrap ```