需求

各类公网的数据库，都限制了请求频次，有时候，自己需要批量的查询需求，得不到满足，于是，有了，自己掌握数据，自己搭建可供查询服务的需求

清单

1、数据库

2、基于Flask的API接口模块

配置清单

1、主程序文件

#!/usr/bin/python3
# -*- coding: utf-8 -*-
# Dasmz
# 2022-3-14

import datetime
import time
import flask
import ipaddress
import sqlite3

import ISO_3166_1

myDB = '这里是数据库的文件路径'

def getNow():
    return datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
    

def IPIsValid(vIPv4):
    try:
        vBLACKIPs = ['8.8.8.8', '1.1.1.1','0.0.0.0','255.255.255.255','192.168.1.1','1.0.0.0','6.6.6.6']
        if ipaddress.IPv4Address(vIPv4) != ipaddress.IPv4Address('127.0.0.1') and vIPv4 not in vBLACKIPs:
            return 'Y'
        else:
            return 'N'
    except Exception as e:
        print(e)
        print('Tracker.Error.82aE9F6a40E38E40.IPIsValid')
        return 'N' 

def getIPNetwork(aIPv4):
    x = aIPv4.split('.')
    x[3] = '0'
    return '.'.join(x)

def getIPRangeNetwork(aIPv4):
    x = aIPv4.split('.')
    return ["%s.%s.%d.0" % (x[0],x[1],i) for i in range(0,256)]

def runSelectSQL(aDB, aSQL):
    '''
    RETURN LIST
    '''
    try:
        conn = sqlite3.connect(aDB)
        csr = conn.cursor()
        csr.execute(aSQL)
        vData = csr.fetchall()
        conn.close()
        return vData     
    except Exception as e:
        print("Tracker.Error.82aE9F6a40E38E40.runSelectSQL")
        print(e)
        return []
    finally:
        conn.close() 

def procedureIP(aIPv4):
    try:
        vIP  = getIPNetwork(aIPv4 = aIPv4)    # 202.23.99.44 -> 202.23.99.0
        vSQL = "select location from ip where ip = '%s';" % vIP
        print(" + SQL: %s" % vSQL)
        vData = runSelectSQL(aDB = myDB, aSQL = vSQL)
        if vData[0][0]:
            if vData[0][0].startswith('CN-'):
                return vData[0][0].split()[0].replace('CN-','')
            else:
                return getCountryZHName(vData[0][0].split()[0])
        else:
            return '404'
    except Exception as e:
        print("Tracker.Error.aCCbfEAaCcfEBCD7.procedureIP")
        print(e)
        print("\n('%s','NotFoundTag')," % (vIP))
        return '404'

def procedureIP_full(aIPv4):
    try:
        vIP  = getIPNetwork(aIPv4 = aIPv4)    # 202.23.99.44 -> 202.23.99.0
        vSQL = "select location from ip where ip = '%s';" % vIP
        print(" + SQL: %s" % vSQL)
        vData = runSelectSQL(aDB = myDB, aSQL = vSQL)
        if vData[0][0]:
            return vData[0][0]
        else:
            return '404'
    except Exception as e:
        print("Tracker.Error.aCCbfEAaCcfEBCD7.procedureIP")
        print(e)
        print("\n('%s','NotFoundTag')," % (vIP))
        return '404'


def getCountryZHName(char2code):
    try:
        return ISO_3166_1.iso_3166_1.get(char2code)
    except Exception as e:
        print("Tracker.Error.D1b808762AC4dCAA.getCountryZHName")
        print(e)
        return '未知-%s' % char2code




app = flask.Flask(__name__)

@app.route('/ipservice', methods=['GET'])
def ipservice():
    try:
        aIP = flask.request.args.get("ip")
        aIPOK = IPIsValid(vIPv4 = aIP)
        if aIPOK == 'Y':
            print("\n\n\n + Target IP Address: %s" % aIP)
            vData = procedureIP(aIPv4 = aIP)
            return vData
        else:
            return '404'
    except Exception as e:
        print("Tracker.Error.67daA1cB92BBBafc.ipmsg")
        print(e)
        return '404'

@app.route('/ipservicefull', methods=['GET'])
def ipservicefull():
    try:
        aIP = flask.request.args.get("ip")
        aIPOK = IPIsValid(vIPv4 = aIP)
        if aIPOK == 'Y':
            print("\n\n\n + Target IP Address: %s" % aIP)
            vData = procedureIP_full(aIPv4 = aIP)
            return vData
        else:
            return '404'
    except Exception as e:
        print("Tracker.Error.67daA1cB92BBBafc.ipmsg")
        print(e)
        return '404'


if __name__ == "__main__":
    app.run(host='0.0.0.0',port=18040)

ISO标准国家地区代码文件 ISO_3166_1.py 主要就是一个对照关系的字典，增加了一个UK英国，自己习惯用UK表示英国，这个GB才是其非标准定义。

iso_3166_1 = {
"AX":"奥兰群岛",
"AL":"阿尔巴尼亚",
"DZ":"阿尔及利亚",
"AS":"美属萨摩亚",
"AD":"安道尔",
"AO":"安哥拉",
"AI":"安圭拉",
"AQ":"南极洲",
"AG":"安提瓜和巴布达",
"AR":"阿根廷",
"AM":"亚美尼亚",
"AW":"阿鲁巴",
"AU":"澳大利亚",
"AT":"奥地利",
"AZ":"阿塞拜疆",
"BS":"巴哈马",
"BH":"巴林",
"BD":"孟加拉国",
"BB":"巴巴多斯",
"BY":"白俄罗斯",
"BE":"比利时",
"BZ":"伯利兹",
"BJ":"贝宁",
"BM":"百慕大",
"BT":"不丹",
"BO":"玻利维亚",
"BA":"波黑",
"BW":"博茨瓦纳",
"BV":"布维岛",
"BR":"巴西",
"IO":"英属印度洋领地",
"BN":"文莱",
"BG":"保加利亚",
"BF":"布基纳法索",
"BI":"布隆迪",
"KH":"柬埔寨",
"CM":"喀麦隆",
"CA":"加拿大",
"CV":"佛得角",
"KY":"开曼群岛",
"CF":"中非",
"TD":"乍得",
"CL":"智利",
"CN":"中国",
"CX":"圣诞岛",
"CC":"科科斯群岛",
"CO":"哥伦比亚",
"KM":"科摩罗",
"CG":"刚果布",
"CD":"刚果金",
"CK":"库克群岛",
"CR":"哥斯达黎加",
"CI":"科特迪瓦",
"HR":"克罗地亚",
"CU":"古巴",
"CY":"塞浦路斯",
"CZ":"捷克",
"DK":"丹麦",
"DJ":"吉布提",
"DM":"多米尼克",
"DO":"多米尼加",
"EC":"厄瓜多尔",
"EG":"埃及",
"SV":"萨尔瓦多",
"GQ":"赤道几内亚",
"ER":"厄立特里亚",
"EE":"爱沙尼亚",
"ET":"埃塞俄比亚",
"FK":"福克兰群岛",
"FO":"法罗群岛",
"FJ":"斐济",
"FI":"芬兰",
"FR":"法国",
"GF":"法属圭亚那",
"PF":"法属波利尼西亚",
"TF":"法属南部领地",
"GA":"加蓬",
"GM":"冈比亚",
"GE":"格鲁吉亚",
"DE":"德国",
"GH":"加纳",
"GI":"直布罗陀",
"GR":"希腊",
"GL":"格陵兰",
"GD":"格林纳达",
"GP":"瓜德罗普",
"GU":"关岛",
"GT":"危地马拉",
"GG":"格恩西岛",
"GN":"几内亚",
"GW":"几内亚比绍",
"GY":"圭亚那",
"HT":"海地",
"HM":"赫德岛和麦克唐纳岛",
"VA":"梵蒂冈",
"HN":"洪都拉斯",
"HK":"中国香港",
"HU":"匈牙利",
"IS":"冰岛",
"IN":"印度",
"ID":"印度尼西亚",
"IR":"伊朗",
"IQ":"伊拉克",
"IE":"爱尔兰",
"IM":"英国属地曼岛",
"IL":"以色列",
"IT":"意大利",
"JM":"牙买加",
"JP":"日本",
"JE":"泽西岛",
"JO":"约旦",
"KZ":"哈萨克斯坦",
"KE":"肯尼亚",
"KI":"基里巴斯",
"KP":"朝鲜",
"KR":"韩国",
"KW":"科威特",
"KG":"吉尔吉斯斯坦",
"LA":"老挝",
"LV":"拉脱维亚",
"LB":"黎巴嫩",
"LS":"莱索托",
"LR":"利比里亚",
"LY":"利比亚",
"LI":"列支敦士登",
"LT":"立陶宛",
"LU":"卢森堡",
"MO":"中国澳门",
"MK":"前南马其顿",
"MG":"马达加斯加",
"MW":"马拉维",
"MY":"马来西亚",
"MV":"马尔代夫",
"ML":"马里",
"MT":"马耳他",
"MH":"马绍尔群岛",
"MQ":"马提尼克",
"MR":"毛利塔尼亚",
"MU":"毛里求斯",
"YT":"马约特",
"MX":"墨西哥",
"FM":"密克罗尼西亚联邦",
"MD":"摩尔多瓦",
"MC":"摩纳哥",
"MN":"蒙古",
"ME":"黑山",
"MS":"蒙特塞拉特",
"MA":"摩洛哥",
"MZ":"莫桑比克",
"MM":"缅甸",
"NA":"纳米比亚",
"NR":"瑙鲁",
"NP":"尼泊尔",
"NL":"荷兰",
"AN":"荷属安的列斯",
"NC":"新喀里多尼亚",
"NZ":"新西兰",
"NI":"尼加拉瓜",
"NE":"尼日尔",
"NG":"尼日利亚",
"NU":"纽埃",
"NF":"诺福克岛",
"MP":"北马里亚纳",
"NO":"挪威",
"OM":"阿曼",
"PK":"巴基斯坦",
"PW":"帕劳",
"PS":"巴勒斯坦",
"PA":"巴拿马",
"PG":"巴布亚新几内亚",
"PY":"巴拉圭",
"PE":"秘鲁",
"PH":"菲律宾",
"PN":"皮特凯恩",
"PL":"波兰",
"PT":"葡萄牙",
"PR":"波多黎各",
"QA":"卡塔尔",
"RE":"留尼汪",
"RO":"罗马尼亚",
"RU":"俄罗斯联邦",
"RW":"卢旺达",
"SH":"圣赫勒拿",
"KN":"圣基茨和尼维斯",
"LC":"圣卢西亚",
"PM":"圣皮埃尔和密克隆",
"VC":"圣文森特和格林纳丁斯",
"WS":"萨摩亚",
"SM":"圣马力诺",
"ST":"圣多美和普林西比",
"SA":"沙特阿拉伯",
"SN":"塞内加尔",
"RS":"塞尔维亚",
"SC":"塞舌尔",
"SL":"塞拉利昂",
"SG":"新加坡",
"SK":"斯洛伐克",
"SI":"斯洛文尼亚",
"SB":"所罗门群岛",
"SO":"索马里",
"ZA":"南非",
"GS":"南乔治亚岛和南桑德韦奇岛",
"ES":"西班牙",
"LK":"斯里兰卡",
"SD":"苏丹",
"SR":"苏里南",
"SJ":"斯瓦尔巴岛和扬马延岛",
"SZ":"斯威士兰",
"SE":"瑞典",
"CH":"瑞士",
"SY":"叙利亚",
"TW":"台湾",
"TJ":"塔吉克斯坦",
"TZ":"坦桑尼亚",
"TH":"泰国",
"TL":"东帝汶",
"TG":"多哥",
"TK":"托克劳",
"TO":"汤加",
"TT":"特立尼达和多巴哥",
"TN":"突尼斯",
"TR":"土耳其",
"TM":"土库曼斯坦",
"TC":"特克斯和凯科斯群岛",
"TV":"图瓦卢",
"UG":"乌干达",
"UA":"乌克兰",
"AE":"阿联酋",
"GB":"英国",
"US":"美国",
"UM":"美国本土外小岛屿",
"UY":"乌拉圭",
"UZ":"乌兹别克斯坦",
"VU":"瓦努阿图",
"VE":"委内瑞拉",
"VN":"越南",
"VG":"英属维尔京群岛",
"VI":"美属维尔京群岛",
"WF":"瓦利斯和富图纳",
"EH":"西撒哈拉",
"YE":"也门",
"YU":"南斯拉夫",
"ZM":"赞比亚",
"ZW":"津巴布韦",
"UK":"英国",
}

自用的API地址，不公开地址。

需求描述

需要一些API地址，用来查询IP地址的归属国家/地区，查询IP地址的ISP信息，AS信息。

1、段落1，http://ip-api.com/YourSearchIP

获取其返回值的 countryCode as 字段的信息

curl http://ip-api.com/204.44.115.22
{
  "status"       : "success",
  "continent"    : "North America",
  "continentCode": "NA",
  "country"      : "United States",
  "countryCode"  : "US",
  "region"       : "TX",
  "regionName"   : "Texas",
  "city"         : "Dallas",
  "district"     : "",
  "zip"          : "75247",
  "lat"          : 32.8137,
  "lon"          : -96.8704,
  "timezone"     : "America/Chicago",
  "offset"       : -18000,
  "currency"     : "USD",
  "isp"          : "QuadraNet Enterprises LLC",
  "org"          : "Security Frame",
  "as"           : "AS8100 QuadraNet Enterprises LLC",
  "asname"       : "ASN-QUADRANET-GLOBAL",
  "mobile"       : false,
  "proxy"        : false,
  "hosting"      : true,
  "query"        : "204.44.115.22"
}

2. 段落2、http://ipinfo.io/YourSearchIP/geo

获取其返回值的 country org 字段的信息

curl http://ipinfo.io/204.44.115.22/geo

{
  "ip": "204.44.115.22",
  "hostname": "geek.gonetell.com",
  "city": "Dallas",
  "region": "Texas",
  "country": "US",
  "loc": "32.8152,-96.8703",
  "org": "AS8100 QuadraNet Enterprises LLC",
  "postal": "75247",
  "timezone": "America/Chicago",
  "readme": "https://ipinfo.io/missingauth"
}

3、段落3、https://ipapi.co/YourSearchIP/json

获取其返回值的 country_code asn org 字段的信息

curl https://ipapi.co/204.44.115.22/json
{
    "ip": "204.44.115.22",
    "version": "IPv4",
    "city": "Dallas",
    "region": "Texas",
    "region_code": "TX",
    "country": "US",
    "country_name": "United States",
    "country_code": "US",
    "country_code_iso3": "USA",
    "country_capital": "Washington",
    "country_tld": ".us",
    "continent_code": "NA",
    "in_eu": false,
    "postal": "75247",
    "latitude": 32.8137,
    "longitude": -96.8704,
    "timezone": "America/Chicago",
    "utc_offset": "-0500",
    "country_calling_code": "+1",
    "currency": "USD",
    "currency_name": "Dollar",
    "languages": "en-US,es-US,haw,fr",
    "country_area": 9629091.0,
    "country_population": 327167434,
    "asn": "AS8100",
    "org": "ASN-QUADRANET-GLOBAL"
}

需求

下载一些电子书PDF，供自己阅读，这个网站收录最多，可供下载的类型非常多。

网站地址

Z-library官网地址 https://zh.z-lib.org/

Z-libraray的维基信息地址 https://zh.wikipedia.org/wiki/Z-Library

可选，

1、无需注册，更换IP，进行下载文件

2、注册，登录，捐赠1美元，无限制下载

段落1、需求

本地的环境是Debian / Ubuntu的Linux环境，需要安装openvpn3客户端，并连接到已有的服务端上。

客户端项目地址 https://github.com/OpenVPN/openvpn3-linux

段落2、openvpn3客户端安装

参考 https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux

登录本地的Debian / Ubuntu客户端的Linux环境，编辑文件 /etc/apt/sources.list.d/openvpn3.list

添加内容

# OpenVPN3 Official Apt Repository for openvpn3.
deb https://swupdate.openvpn.net/community/openvpn3/repos stretch main

// 执行更新
root@client:~# apt-get update

// 安装必要的组件
root@client:~# apt install apt-transport-https build-essential libssl-dev

// 添加密钥
root@client:~# wget https://swupdate.openvpn.net/repos/openvpn-repo-pkg-key.pub

root@client:~# apt-key add openvpn-repo-pkg-key.pub

// 再次更新
root@client:~# apt-get update
root@client:~# apt-get upgrade

// 安装客户端
root@client:~# apt install openvpn3

// 正常安装的提示信息
Setting up libjsoncpp1:amd64 (1.7.4-3) ...
Setting up python3-dbus (1.2.4-1+b1) ...
Setting up python3-gi (3.22.0-2) ...
Setting up openvpn3 (16~beta+stretch) ...
openvpn3-autoload.service is a disabled or a static unit, not starting it.

段落3、欢快使用openvpn3客户端

附录、报错记录1，如果，安装时候的报错信息如下

The following packages have unmet dependencies:
openvpn3 : Depends: libcap-ng0 (>= 0.7.9) but 0.7.7-3+b1 is to be installed
Depends: libgcc-s1 (>= 3.0) but it is not installable
Depends: libprotobuf17 but it is not installable
Depends: libssl1.1 (>= 1.1.1) but 1.1.0l-1~deb9u4 is to be installed
Depends: libstdc++6 (>= 9) but 6.3.0-18+deb9u1 is to be installed
Depends: libtinyxml2-6a (>= 6.0.0) but it is not installable
E: Unable to correct problems, you have held broken packages.

此报错，大概率，是你编辑文件 /etc/apt/sources.list.d/openvpn3.list 文件中，你当前的Debian/Ubuntu发型版本的名称写错了。

问题描述

上次刷机的迅雷赚钱包ARM机器，armbian里面没有iptables，其基于Debian 10的，那安装即可，但是，安装后出现报错

查看系统版本

lsb_release -a

Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster

uname -a

Linux ARMXLII 3.10.36 #52 SMP PREEMPT Mon Mar 15 14:14:47 CST 2021 armv7l GNU/Linux

安装过程

apt-get update
apt-get install iptables iptables-persistent

查看防火墙的状态

iptables -L -v

执行上面查看防火墙状态的命令，出现的报错提示

iptables v1.8.2 (nf_tables):  TABLE_ADD failed (Invalid argument): table filter

报错的原因，其实就是预设的nf_tables，没有加载到对应的模块，把iptables-legacy启用即可，感谢留言解决此问题。

执行命令

update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

本篇章博客介绍，如何给你的服务器，增加IPv6地址

网络配置，有一定的风险，请勿直接在生产环境进行，请先用虚拟机测试OK，再进行生产实践。

网络配置，有一定的风险，请勿直接在生产环境进行，请先用虚拟机测试OK，再进行生产实践。

网络配置，有一定的风险，请勿直接在生产环境进行，请先用虚拟机测试OK，再进行生产实践。

假设你公网网卡名称为 eth0，本文以此名称示例，请修改到你自己的网卡名称

假设你的公网IPv6地址为 address 20a1:0db1:0021:0008:0000:0000:6115:eb3f

假设你的公网IPv6网关为 gateway 20a1:0db1:0021:0008:0000:0000:0000:0001

假设你的公网IPv6掩码为 netmask 64

段落1、如果系统为Debian / Ubuntu 16.04

修改 
/etc/network/interfaces.d/90-ipv6

iface eth0 inet6 static
    accept_ra 0
    address 20a1:0db1:0021:0008:0000:0000:6115:eb3f
    netmask 64
    mtu 1500
    gateway 20a1:0db1:0021:0008:0000:0000:0000:0001

重启网络服务
systemctl restart networking

段落2、如果系统为Ubuntu 18.04 / 20.04

修改
/etc/netplan/90-ipv6.yaml

network:
    ethernets:
        eth0:
            addresses:
            - 20a1:0db1:0021:0008:0000:0000:6115:eb3f/64
            gateway6: 20a1:0db1:0021:0008:0000:0000:0000:0001
    version: 2

应用到网络
netplan apply

段落3、如果系统为CentOS / AlmaLinux

修改
/etc/sysconfig/network-scripts/ifcfg-eth0

增加
IPV6ADDR=20a1:0db1:0021:0008:0000:0000:6115:eb3f/64
IPV6INIT=yes
IPV6_DEFAULTGW=20a1:0db1:0021:0008:0000:0000:0000:0001%eth0

重启网络服务
systemctl restart network

上面任意系统修改后，记得查看一下网络状况

ip -6 addr 

附录、如果商家给你的是一个/64透传的地址，则可能优先按照商家的教程配置，网络复杂，根据实际的配置

比如下面的配置，增加在 /etc/network/interfaces

iface ens3 inet6 static
        address 2a06:af81:1:8682::1/64
        gateway fe80::1

网络配置文件 /etc/network/interfaces的典型IPv6配置

# The primary network interface
auto eth0
iface eth0 inet static
address 15.12.178.81
netmask 255.255.255.0
gateway 15.12.178.1

iface eth0 inet6 static
	accept_ra 0
	address 2a04:ac0d:101:84e::
	netmask 64
	gateway 2a04:ac0d:0101:0000:0000:0000:0000:0001
post-up /sbin/ip -r route add 2a04:ac0d:0101:0000:0000:0000:0000:0001 dev eth0
post-up /sbin/ip -r route add default via 2a04:ac0d:0101:0000:0000:0000:0000:0001

# OVZ Debian 9
iface venet0 inet6 static
	address ::2
	netmask 128
	up ip -6 r a default dev venet0
	up ip addr add 210b:5100:60:370f:d3::5cb4/80 dev venet0

参数示意

1、 eth0为网卡 名称

2、 static静态地址

3、address为IP地址

4、netmask掩码

5、gateway网关

6、ip命令增加路由

段落1、需求

服务器的IPv4看Netflix，没希望，被Netflix的IP地址库封的死死的，手里有一台服务器，它的IPv6地址是英国的原生IPv6，可以支持观看Netflix

那么，就简单了，我们通过配置让Netflix的流量走到IPv6出口即可

入站的流量通过服务器的IPv4地址进入，出站的Netflix流量通过原生IPv6出站，其余非Netflix流媒体的流量，还是通过IPv4出站

通过 基于sjlleo/netflix-verify，检测VPS服务器IP地址或节点IP是否支持Netflix流媒体 2022-2-28

段落2、部署操作

操作1-3

// 在routing的rules列表中增加Netflix的相关域名,指定它走IPv6的路由

  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "type": "field",
        "domain": [
          "netflix.com",
          "netflix.net",
          "netflixdnstest1.com",
          "netflixdnstest2.com",
          "netflixdnstest3.com",
          "netflixdnstest4.com",
          "netflixdnstest5.com",
          "netflixdnstest6.com",
          "netflixdnstest7.com",
          "netflixdnstest8.com",
          "netflixdnstest9.com",
          "netflixdnstest10.com",
          "netflixinvestor.com",
          "netflixtechblog.com",
          "nflxext.com",
          "nflximg.com",
          "nflximg.net",
          "nflxsearch.net",
          "nflxso.net",
          "nflxvideo.net",
          "geosite:netflix"
        ],
        "outboundTag": "IPv6_OUT"
      },
      {
        "type": "field",
        "outboundTag": "IPv4_OUT",
        "network": "udp,tcp"
      }
    ]
  },

操作2-3

// 在入站的inbounds中增加"sniffing"的参数

  "inbounds": [
    {
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ]
      },
      "settings": {
        "clients": [
          {
            "id": "dc0d52a2-c6c3-44e4-85cf-b479f736c378",
            "alterId": 0
          }
        ]
      },
      "port": 8080,
      "protocol": "vmess"
    }
  ],

操作3-3

// 在outbounds出站中区分开IPv4/IPv6两项内容

  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "IPv4_OUT"
    },
    {
      "protocol": "freedom",
      "settings": {
        "domainStrategy": "UseIPv6"
      },
      "tag": "IPv6_OUT"
    },
    {
      "settings": {},
      "protocol": "blackhole",
      "tag": "blocked"
    }
  ]

段落9、额外信息

同理，一些主流的支持IPv6的网站，也可以根据这个办法，进行IPv6分流

"geosite:netflix"
"geosite:google"
"geosite:youtube"

还有一种方式备用，sni+dnsmasq 分流

搭建完后，修改配置/etc/sniproxy.conf，设置ipv6优先，完重启机器

resolver {
    nameserver 8.8.8.8
    nameserver 8.8.4.4 # local dns should be better
    mode ipv6_first
}

段落1、需求

在Ubuntu 20.04 LTS环境上，编译安装MySQL数据库

段落2、部署实施

更新包索引

apt-get update

安装MySQL Server

apt install mysql-server

安装的一些包信息如下

The following NEW packages will be installed:
  libcgi-fast-perl libcgi-pm-perl libencode-locale-perl libevent-core-2.1-7
  libevent-pthreads-2.1-7 libfcgi-perl libhtml-parser-perl libhtml-tagset-perl
  libhtml-template-perl libhttp-date-perl libhttp-message-perl libio-html-perl
  liblwp-mediatypes-perl libmecab2 libtimedate-perl liburi-perl mecab-ipadic
  mecab-ipadic-utf8 mecab-utils mysql-client-8.0 mysql-client-core-8.0
  mysql-common mysql-server mysql-server-8.0 mysql-server-core-8.0
0 upgraded, 25 newly installed, 0 to remove and 0 not upgraded.
Need to get 31.4 MB of archives.
After this operation, 262 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y

段落3、MySQL的安全加固

mysql_secure_installation

Press y|Y for Yes, any other key for No: y


LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2

// 数据MySQL数据库root用户的密码，密码可自定义，假设密码为，CbA5_eaC8_b0d4_Ff0a_2b76，输入密码时候，密码不显示，直接输入按回车
New password: CbA5_eaC8_b0d4_Ff0a_2b76
Re-enter new password: CbA5_eaC8_b0d4_Ff0a_2b76


Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y

// 移除匿名用户
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y

// 禁止root远程登录
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : N

// 移除测试库实例
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y

// 重载一下权限
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y

段落4、创建数据库的普通帐号

root@UK-d68b93f1d5:~# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.28-0ubuntu0.20.04.3 (Ubuntu)

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> 

// 数据库的版本信息
Server version: 8.0.28-0ubuntu0.20.04.3 (Ubuntu)

// 进入数据库，需要输入刚刚的密码
root@server:~# mysql -u root -p

// 创建数据库的普通用户 wordpress，看你本地版本，选择创建普通用户的命令，二选一执行
// MySQL 8.0, caching_sha2_password is the default authentication plugin
// MySQL 5.7, mysql_native_password is the default
mysql> CREATE USER 'wordpress'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'wordpress_57AADFEF668Ae2E8E6285858';
mysql> CREATE USER 'wordpress'@'localhost' IDENTIFIED WITH mysql_native_password BY 'wordpress_57AADFEF668Ae2E8E6285858';

// 如果是删除普通用户 wordpress
mysql> DROP USER 'wordpress'@'localhost';

// 如果是删除普通的数据库实例 wordpress
mysql> drop database wordpress;

// 查看数据库中的用户
mysql> select User from mysql.user;

// 查看数据库中的数据库实例
mysql> show databases;

// 创建一个数据库实例 wordpress
// MySQL 8.0比较推荐使用 utf8mb4
// MySQL 5.5比较推荐使用 utf8
// MySQL supports two kinds of UTF8 character sets: utf8 and utf8mb4
// MySQL's utf8mb4 character table is a superset of BMP and contains also 4-bytes characters. This character tables is supported since MySQL 5.5.3
// MySQL version 5.5.3 or later, use the utf8mb4 character set
mysql> create database wordpress character set utf8mb4 collate utf8mb4_bin;
mysql> create database wordpress character set utf8 collate utf8_bin;

// 把普通数据库账号和数据库实例关联起来
mysql> GRANT ALL privileges ON wordpress.* to wordpress@localhost;

// 也可以只把某个表的权限给到数据库用户
mysql> GRANT PRIVILEGE ON wordpress.tablename TO 'wordpress'@'host';

// 如果是单项权限的修改，可参考命令
mysql> GRANT CREATE, ALTER, DROP, INSERT, UPDATE, DELETE, SELECT, REFERENCES, RELOAD on wordpress.* TO 'wordpress'@'localhost' WITH GRANT OPTION;

// 权限生效
mysql> flush privileges;

// 推出交互
mysql> exit

// 查看MySQL服务状态 
systemctl status mysql.service
systemctl restart mysql.service

需求

为了衔接Nginx和MySQL数据库，我们需要安装php

Nginx没有内在支持php，故而，我们需要PHP-FPM (“fastCGI process manager”)来驱动它

部署实施

更新包清单

apt update

安装

apt install php-fpm

// Ubuntu 20.04.4 LTS 安装的日志记录 2022-3-1
The following additional packages will be installed:
  php-common php7.4-cli php7.4-common php7.4-fpm php7.4-json php7.4-opcache
  php7.4-readline
Suggested packages:
  php-pear
The following NEW packages will be installed:
  php-common php-fpm php7.4-cli php7.4-common php7.4-fpm php7.4-json
  php7.4-opcache php7.4-readline
0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded.
Need to get 4,080 kB of archives.
After this operation, 18.1 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
...
Setting up php-fpm (2:7.4+75) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for systemd (245.4-4ubuntu3.15) ...
Processing triggers for php7.4-cli (7.4.3-4ubuntu2.9) ...
Processing triggers for php7.4-fpm (7.4.3-4ubuntu2.9) ...

查看服务的状态

systemctl status php7.4-fpm

增加修改对于Nginx的衔接

server {

    # . . . other code

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
    }
}

重启服务

systemctl restart nginx

安装扩展模块，比如MySQL支持的模块

apt install php-mysql 

安装扩展模块，比如图片的模块

GD is an open source code library for the dynamic creation of images. GD is used for creating PNG, JPEG and GIF images and is commonly used to generate charts, graphics, thumbnails on the fly.

apt install php-gd

创建一个临时的PHP INFO测试文件，测试通的之后，记得删除

一般的路径为 /var/www/html/info.php

<?  phpinfo(); ?>

备注1, 一般推荐安装这个php 7.4的版本，不推荐安装旧的版本了。