From b867001fd35e388fd2369c376d8e850e59a9efc0 Mon Sep 17 00:00:00 2001 From: wener Date: Fri, 3 Nov 2023 17:24:55 +0800 Subject: [PATCH] update --- notes/ai/ai-awesome.md | 10 +- notes/ai/claude.md | 12 + notes/ai/model-awesome.md | 9 + notes/ai/prompt-awesome.md | 5 + notes/culture/{ => game}/game-awesome.md | 2 + notes/culture/tv/tv-awesome.md | 15 + notes/db/design-schema.md | 65 ++- .../relational/postgresql/postgresql-faq.md | 26 ++ .../postgresql/postgresql-sql-faq.md | 11 + notes/db/schema/nacos/schema.mysql.sql | 418 +++++++++--------- notes/dev/design/README.md | 2 + notes/dev/dict.md | 14 + notes/devops/container/container-awesome.md | 24 +- notes/devops/kubernetes/app/argo/README.md | 18 + .../kubernetes/app/argo/workflow/README.md | 135 ++++++ .../argo/workflow/argo-workflow-executor.md | 9 + notes/evolve/parenting.md | 35 ++ notes/java/build/jib.md | 4 +- notes/java/build/maven/README.md | 40 +- notes/java/java-faq.md | 44 ++ notes/languages/languages-awesome.md | 23 + notes/languages/markdown/README.md | 1 + notes/languages/regexp.md | 1 + notes/os/alpine/alpine-version.md | 12 +- notes/os/centos/centos-faq.md | 8 + notes/os/linux/fs/README.md | 25 +- notes/os/linux/init/openrc.md | 8 +- notes/os/linux/sys/procfs.md | 9 + notes/os/macos/launchd.md | 11 + notes/os/macos/macos-faq.md | 4 + notes/platform/aliyun/README.md | 10 +- notes/queue/nats/nats-faq.md | 15 + notes/reference/time.md | 15 + notes/security/acme-awesome.md | 2 + notes/security/{ => cert}/cfssl.md | 0 notes/security/cert/smallstep.md | 207 ++++++++- notes/security/openssl.md | 4 + notes/security/passkey.md | 31 ++ notes/security/security-awesome.md | 18 + notes/service/api/api-awesome.md | 3 + notes/service/api/nacos.md | 2 + notes/service/cms/docusaurus.mdx | 42 +- notes/service/data/data-breach.md | 19 +- .../{dynamic365.md => dynamic365/README.md} | 5 + .../erp/dynamic365/dynamic365-sales.md | 10 + notes/service/forge/coding.md | 6 + notes/service/forge/copilot.md | 7 + notes/service/forge/gitea/gitea-action.md | 1 + notes/service/forge/gitea/gitea-runner.md | 1 + notes/service/media/media-awesome.md | 22 + notes/service/media/resource-awesome.md | 2 + notes/service/network/network-awesome.md | 2 + .../service/network/proxy/clash/clash-meta.md | 7 +- notes/service/network/proxy/hysteria.md | 65 ++- notes/service/network/proxy/proxy-awesome.md | 23 +- notes/service/network/proxy/tuic.md | 7 +- notes/service/network/proxy/v2ray/README.md | 6 + notes/service/network/vpn/vpn-awesome.md | 5 +- notes/service/password/bitwarden.md | 1 + notes/service/service-awesome.md | 34 +- notes/service/storage/backup/rclone.md | 22 +- notes/service/storage/croc.md | 36 ++ notes/web/browser/browser-awesome.md | 13 + notes/web/framework/nextjs/nextjs-version.md | 9 + notes/web/nodejs/mikro-orm.md | 4 +- notes/web/nodejs/nodejs-awesome.md | 7 +- notes/web/script/js/js-awesome.md | 17 + notes/web/spec/webauthn.md | 3 + notes/web/webrtc/webrtc-awesome.md | 18 + package.json | 18 +- prettier.config.cjs | 32 -- 71 files changed, 1424 insertions(+), 327 deletions(-) create mode 100644 notes/ai/claude.md rename notes/culture/{ => game}/game-awesome.md (99%) create mode 100644 notes/culture/tv/tv-awesome.md create mode 100644 notes/devops/kubernetes/app/argo/README.md create mode 100644 notes/devops/kubernetes/app/argo/workflow/README.md create mode 100644 notes/devops/kubernetes/app/argo/workflow/argo-workflow-executor.md create mode 100644 notes/os/macos/launchd.md create mode 100644 notes/reference/time.md rename notes/security/{ => cert}/cfssl.md (100%) create mode 100644 notes/security/passkey.md rename notes/service/erp/{dynamic365.md => dynamic365/README.md} (99%) create mode 100644 notes/service/erp/dynamic365/dynamic365-sales.md create mode 100644 notes/service/storage/croc.md delete mode 100644 prettier.config.cjs diff --git a/notes/ai/ai-awesome.md b/notes/ai/ai-awesome.md index fdccfa0b5f6..1b80f408ea6 100644 --- a/notes/ai/ai-awesome.md +++ b/notes/ai/ai-awesome.md @@ -57,6 +57,7 @@ tags: - https://anonymous-31415926.github.io/ - 发现 - https://www.theaivalley.com/ +- [ShishirPatil/gorilla](https://github.com/ShishirPatil/gorilla) ## Coding @@ -75,6 +76,7 @@ tags: - https://www.promptingguide.ai/zh/readings - https://jalammar.github.io/ - https://karpathy.ai/zero-to-hero.html +- https://github.com/premAI-io/state-of-open-source-ai ## Prompt @@ -138,8 +140,8 @@ tags: - [clue-ai/PromptCLUE](https://github.com/clue-ai/PromptCLUE) - [clue-ai/ChatYuan](https://github.com/clue-ai/ChatYuan) - [cocktailpeanut/dalai](https://github.com/cocktailpeanut/dalai) -- [belladoreai/llama-tokenizer-js](https://github.com/belladoreai/llama-tokenizer-js) - - https://github.com/cogentapps/chat-with-gpt/blob/main/app/src/core/tokenizer/bpe.ts +- [belladoreai/llama-tokenizer-js](https://github.com/belladoreai/llama-tokenizer-js) +- https://github.com/cogentapps/chat-with-gpt/blob/main/app/src/core/tokenizer/bpe.ts - https://github.com/dqbd/tiktoken - https://github.com/functorism/gpt4-tokenizer-visualizer - [run-llama/llama_index](https://github.com/run-llama/llama_index) @@ -180,7 +182,6 @@ tags: - [allenai/RL4LMs](https://github.com/allenai/RL4LMs) - [lucidrains/PaLM-rlhf-pytorch](https://github.com/lucidrains/PaLM-rlhf-pytorch) - ## Bot - [ConnectAI-E/Feishu-OpenAI](https://github.com/ConnectAI-E/Feishu-OpenAI) @@ -195,7 +196,7 @@ tags: - im:chat,im:chat:readonly - https://github.com/zhayujie/bot-on-anything - [chathub-dev/chathub](https://github.com/chathub-dev/chathub) - - All-in-one chatbot client + - All-in-one chatbot client ## Misc @@ -219,4 +220,3 @@ tags: - NodeJS - [erelsgl/limdu](https://github.com/erelsgl/limdu) - https://github.com/a16z-infra/ai-getting-started - diff --git a/notes/ai/claude.md b/notes/ai/claude.md new file mode 100644 index 00000000000..b41d7604127 --- /dev/null +++ b/notes/ai/claude.md @@ -0,0 +1,12 @@ +--- +title: claude +--- + +# claude + +> Anthropic + +- 160.79.104.0/23, 2607:6bc0::/48 + - https://docs.anthropic.com/claude/reference/ip-address-allowlisting +- https://www.anthropic.com/earlyaccess +- https://console.anthropic.com/ diff --git a/notes/ai/model-awesome.md b/notes/ai/model-awesome.md index 9751e75b1ff..48be29bbfb7 100644 --- a/notes/ai/model-awesome.md +++ b/notes/ai/model-awesome.md @@ -40,6 +40,11 @@ tags: - [ymcui/Chinese-LLaMA-Alpaca](https://github.com/ymcui/Chinese-LLaMA-Alpaca) - https://www.promptingguide.ai/zh/models/collection - [Releasing 3B and 7B RedPajama-INCITE family of models including base, instruction-tuned & chat models](https://www.together.xyz/blog/redpajama-models-v1) +- RedPajama-Data-v2 + - https://together.ai/blog/redpajama-data-v2 + - https://github.com/togethercomputer/RedPajama-Data + - https://huggingface.co/datasets/togethercomputer/RedPajama-Data-V2 + - en, de, fr, es, it - [hysts/ControlNet-v1-1](https://huggingface.co/spaces/hysts/ControlNet-v1-1) - ggml - [ggerganov/ggml](https://github.com/ggerganov/ggml) @@ -52,6 +57,10 @@ tags: - https://erichartford.com/uncensored-models - https://huggingface.co/spaces/facebook/seamless_m4t - https://github.com/LinkSoul-AI/Chinese-Llama-2-7b +- Jina AI 8k text embedding + - https://news.ycombinator.com/item?id=38020109 + - https://huggingface.co/jinaai/jina-embeddings-v2-base-en + - https://huggingface.co/jinaai/jina-embeddings-v2-small-en ```bash # AVX = 1 | AVX2 = 0 | AVX512 = 0 | FMA = 0 | NEON = 0 | ARM_FMA = 0 | F16C = 1 | FP16_VA = 0 | WASM_SIMD = 0 | BLAS = 0 | SSE3 = 1 | VSX = 0 | diff --git a/notes/ai/prompt-awesome.md b/notes/ai/prompt-awesome.md index b1d37d86268..1ceeb50a26f 100644 --- a/notes/ai/prompt-awesome.md +++ b/notes/ai/prompt-awesome.md @@ -42,3 +42,8 @@ tags: - https://arxiv.org/abs/2302.14045 Language Is Not All You Need: Aligning Perception with Language Models - https://help.openai.com/en/collections/3675942-prompt-engineering + +--- + +- DALL·E + - https://twitter.com/dr_cintas/status/1717896142044676356 diff --git a/notes/culture/game-awesome.md b/notes/culture/game/game-awesome.md similarity index 99% rename from notes/culture/game-awesome.md rename to notes/culture/game/game-awesome.md index 2aedae67aab..c11e083f7f6 100644 --- a/notes/culture/game-awesome.md +++ b/notes/culture/game/game-awesome.md @@ -38,6 +38,8 @@ https://www.game-game.com.ua/ | Roguelike | | Roguelite | +- https://store.epicgames.com/en-US/free-games + ## Nitendo Switch > SW-1452-6543-9033 diff --git a/notes/culture/tv/tv-awesome.md b/notes/culture/tv/tv-awesome.md new file mode 100644 index 00000000000..5eedd6b5d2a --- /dev/null +++ b/notes/culture/tv/tv-awesome.md @@ -0,0 +1,15 @@ +--- +tags: +- Awesome +--- + +# TV Awesome + +## To Be Watched + +- Gen V +- R&M S7 +- The Mandalorian Season 4 +- Loki Season 2 +- Severance Season 2 +- 万神殿 第二季 Pantheon Season 2 diff --git a/notes/db/design-schema.md b/notes/db/design-schema.md index 2de78bdfe1e..d597b9529db 100644 --- a/notes/db/design-schema.md +++ b/notes/db/design-schema.md @@ -120,22 +120,42 @@ a-1-b-0 > - 元数据不要用于业务依赖 > - 可以创建模板表然后 CREATE TABLE LIKE -| column | for | -| ---------- | -------------------------------------------------------- | -| id | 主键 | -| sid | 租户维度单调递增 - 用户友好 | -| tid | 租户 ID | -| eid | 用于导入数据关联 - tid+eid 唯一 | -| cid | 外部系统租户 ID - Colocate ID/Corp ID - tid+cid+rid 唯一 | -| rid | 外部系统资源 ID - Ref ID/Relative ID | -| created_at | -| updated_at | -| deleted_at | -| version | 基于版本的乐观锁 | -| metadata | 补充数据 | -| attributes | 使用端自定义数据 - 客户端 读写 | -| properties | 服务端自定义数据 - 客户端 只读 | -| extensions | 内部扩展数据 - 客户端 不可见 | +| column | for | +| ------------- | -------------------------------------------------------- | +| id | 主键 - ULID, tagged ID | +| sid | 租户维度单调递增 - 用户友好 | +| uid | UUID | +| tid | 租户 ID | +| eid | 用于导入数据关联 - tid+eid 唯一 | +| cid | 外部系统租户 ID - Colocate ID/Corp ID - tid+cid+rid 唯一 | +| rid | 外部系统资源 ID - Ref ID/Relative ID | +| created_at | +| updated_at | +| deleted_at | +| version | 基于版本的乐观锁 | +| metadata | 补充数据 | +| attributes | 使用端自定义数据 - 客户端 读写 | +| properties | 服务端自定义数据 - 客户端 只读 | +| extensions | 内部扩展数据 - 客户端 不可见 | +| owner_id | 所有者 | +| owner_type | User, Team, Department, Organization | +| owner_user_id | `case owner_type when 'User' then owner_id end` | +| owner_team_id | `case owner_type when 'Team' then owner_id end` | +| entity_id | 关联任意实体 | +| entity_type | +| created_by_id | +| updated_by_id | +| deleted_by_id | +| state | 状态 - 面向系统,不可自定义 | +| status | 业务状态、阶段、原因、细节 - 可自定义 | + +- eid + - 同质系统导入外建关联 - 例如: SaaS <-> 现存内部系统 + - 也可能会导出再导入 +- cid & rid + - 非同质系统 - 例如: 服务商、平台 + - -> sourceType+sourceId + - -> vendorType+vendorId ```sql create table tpl_res @@ -162,8 +182,10 @@ create table tpl_res owner_id text, owner_type text, owner_uid uuid, - owner_user_id text, - owner_team_id text, + owner_id text, + owner_type text, -- User, Team, Department + owner_user_id text generated always as ( case owner_type when 'User' then owner_id end ) stored, + owner_team_id text generated always as ( case owner_type when 'Team' then owner_id end ) stored, owner_department_id text, primary key (tid, id), unique (tid, sid), @@ -237,12 +259,12 @@ select set_config('tenant.id','1', true); ## created_at vs create_time -- created_at +- created_at, `*_at` - 语义 准确 - 与 `created_by_id` 形式上类似 - 使用: Spring, Gorm 默认 - 面向 **系统** -- create_time +- create_time, `*_time` - 使用: AIP - 面向 **用户**, 业务 @@ -256,6 +278,9 @@ select set_config('tenant.id','1', true); - 前端使用,服务端可见 - metadata - 对数据内容的补充说明 +- raw + - 外部导入原始数据 + - 也可以记录到 metadata, properties.raw, extensions.raw ## 单数还是复数表名 diff --git a/notes/db/relational/postgresql/postgresql-faq.md b/notes/db/relational/postgresql/postgresql-faq.md index 86b38782491..6e8f6654980 100644 --- a/notes/db/relational/postgresql/postgresql-faq.md +++ b/notes/db/relational/postgresql/postgresql-faq.md @@ -29,6 +29,32 @@ tags: - 最多 32767 参数占位 - `?` - 范围为 smallint - https://www.postgresql.org/docs/current/limits.html +## unique constraint vs unique index + +> 核心业务语义尽量用 constraint + +- unique constraint + - `unique(tid,entity_id)` -> `flow_tid_entity_id_key` + - 可以延后 + - 通过 unique index 实现 - 自动创建 + - 附带在 TABLE 上 + - `unique` 在 create table 时定义 + - `alter table TABLE add unique (tid,rid,cid);` 在 create table 之后定义 + - 不支持 `ADD CONSTRAINT IF NOT EXISTS` + - 支持 `DROP CONSTRAINT IF EXISTS` +- unique index + - `create unique index on flow(tid,entity_id)` -> `flow_tid_entity_id_idx` + - 可以并发 + - 可以 带条件 + - 独立 INDEX 概念 + - 不能在 create table 时定义 - inline index 概念 + - UNIQUE 只是 INDEX 的一个限制 +- https://stackoverflow.com/a/6804058/1870054 + - add constraint if not exists +- https://stackoverflow.com/questions/23542794 +- 都支持 UNIQUE NULLS NOT DISTINCT + - 因为是 INDEX 的能力 + ## TOAST - TOAST = The Oversized-Attribute Storage Technique diff --git a/notes/db/relational/postgresql/postgresql-sql-faq.md b/notes/db/relational/postgresql/postgresql-sql-faq.md index 32e0f7dbee1..6aacb7bbf1c 100644 --- a/notes/db/relational/postgresql/postgresql-sql-faq.md +++ b/notes/db/relational/postgresql/postgresql-sql-faq.md @@ -14,6 +14,17 @@ tags: - [JSON Functions and Operators](https://www.postgresql.org/docs/current/functions-json.html) - `PRIMARY KEY` ~= `UNIQUE` + `NOT NULL` +- FK + - **MATCH SIMPLE** + - MATCH FULL + - 都不 null,或都 null + - ~~MATCH PARTIAL~~ +- CONSTRAINTS + - DEFERRED | IMMEDIATE + - 创建时 + - DEFERRABLE INITIALLY DEFERRED + - DEFERRABLE INITIALLY IMMEDIATE + - NOT DEFERRABLE ## XML xpath 返回结果包含 CDATA diff --git a/notes/db/schema/nacos/schema.mysql.sql b/notes/db/schema/nacos/schema.mysql.sql index e29a925d9eb..159c987170c 100644 --- a/notes/db/schema/nacos/schema.mysql.sql +++ b/notes/db/schema/nacos/schema.mysql.sql @@ -1,207 +1,231 @@ -- https://github.com/alibaba/nacos/blob/develop/distribution/conf/mysql-schema.sql /******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = config_info */ -/******************************************/ -CREATE TABLE `config_info` ( - `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', - `data_id` varchar(255) NOT NULL COMMENT 'data_id', - `group_id` varchar(128) DEFAULT NULL, - `content` longtext NOT NULL COMMENT 'content', - `md5` varchar(32) DEFAULT NULL COMMENT 'md5', - `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', - `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', - `src_user` text COMMENT 'source user', - `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', - `app_name` varchar(128) DEFAULT NULL, - `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', - `c_desc` varchar(256) DEFAULT NULL, - `c_use` varchar(64) DEFAULT NULL, - `effect` varchar(64) DEFAULT NULL, - `type` varchar(64) DEFAULT NULL, - `c_schema` text, - `encrypted_data_key` text NOT NULL COMMENT '秘钥', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_configinfo_datagrouptenant` (`data_id`,`group_id`,`tenant_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='config_info'; - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = config_info_aggr */ -/******************************************/ -CREATE TABLE `config_info_aggr` ( - `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', - `data_id` varchar(255) NOT NULL COMMENT 'data_id', - `group_id` varchar(128) NOT NULL COMMENT 'group_id', - `datum_id` varchar(255) NOT NULL COMMENT 'datum_id', - `content` longtext NOT NULL COMMENT '内容', - `gmt_modified` datetime NOT NULL COMMENT '修改时间', - `app_name` varchar(128) DEFAULT NULL, - `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_configinfoaggr_datagrouptenantdatum` (`data_id`,`group_id`,`tenant_id`,`datum_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='增加租户字段'; - - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = config_info_beta */ -/******************************************/ -CREATE TABLE `config_info_beta` ( - `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', - `data_id` varchar(255) NOT NULL COMMENT 'data_id', - `group_id` varchar(128) NOT NULL COMMENT 'group_id', - `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', - `content` longtext NOT NULL COMMENT 'content', - `beta_ips` varchar(1024) DEFAULT NULL COMMENT 'betaIps', - `md5` varchar(32) DEFAULT NULL COMMENT 'md5', - `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', - `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', - `src_user` text COMMENT 'source user', - `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', - `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', - `encrypted_data_key` text NOT NULL COMMENT '秘钥', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_configinfobeta_datagrouptenant` (`data_id`,`group_id`,`tenant_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='config_info_beta'; - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = config_info_tag */ -/******************************************/ -CREATE TABLE `config_info_tag` ( - `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', - `data_id` varchar(255) NOT NULL COMMENT 'data_id', - `group_id` varchar(128) NOT NULL COMMENT 'group_id', - `tenant_id` varchar(128) DEFAULT '' COMMENT 'tenant_id', - `tag_id` varchar(128) NOT NULL COMMENT 'tag_id', - `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', - `content` longtext NOT NULL COMMENT 'content', - `md5` varchar(32) DEFAULT NULL COMMENT 'md5', - `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', - `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', - `src_user` text COMMENT 'source user', - `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_configinfotag_datagrouptenanttag` (`data_id`,`group_id`,`tenant_id`,`tag_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='config_info_tag'; - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = config_tags_relation */ -/******************************************/ -CREATE TABLE `config_tags_relation` ( - `id` bigint(20) NOT NULL COMMENT 'id', - `tag_name` varchar(128) NOT NULL COMMENT 'tag_name', - `tag_type` varchar(64) DEFAULT NULL COMMENT 'tag_type', - `data_id` varchar(255) NOT NULL COMMENT 'data_id', - `group_id` varchar(128) NOT NULL COMMENT 'group_id', - `tenant_id` varchar(128) DEFAULT '' COMMENT 'tenant_id', - `nid` bigint(20) NOT NULL AUTO_INCREMENT, - PRIMARY KEY (`nid`), - UNIQUE KEY `uk_configtagrelation_configidtag` (`id`,`tag_name`,`tag_type`), - KEY `idx_tenant_id` (`tenant_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='config_tag_relation'; - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = group_capacity */ -/******************************************/ -CREATE TABLE `group_capacity` ( - `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键ID', - `group_id` varchar(128) NOT NULL DEFAULT '' COMMENT 'Group ID,空字符表示整个集群', - `quota` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '配额,0表示使用默认值', - `usage` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '使用量', - `max_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个配置大小上限,单位为字节,0表示使用默认值', - `max_aggr_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '聚合子配置最大个数,,0表示使用默认值', - `max_aggr_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个聚合数据的子配置大小上限,单位为字节,0表示使用默认值', - `max_history_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '最大变更历史数量', - `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', - `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_group_id` (`group_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='集群、各Group容量信息表'; - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = his_config_info */ -/******************************************/ -CREATE TABLE `his_config_info` ( - `id` bigint(20) unsigned NOT NULL, - `nid` bigint(20) unsigned NOT NULL AUTO_INCREMENT, - `data_id` varchar(255) NOT NULL, - `group_id` varchar(128) NOT NULL, - `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', - `content` longtext NOT NULL, - `md5` varchar(32) DEFAULT NULL, - `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, - `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, - `src_user` text, - `src_ip` varchar(50) DEFAULT NULL, - `op_type` char(10) DEFAULT NULL, - `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', - `encrypted_data_key` text NOT NULL COMMENT '秘钥', - PRIMARY KEY (`nid`), - KEY `idx_gmt_create` (`gmt_create`), - KEY `idx_gmt_modified` (`gmt_modified`), - KEY `idx_did` (`data_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='多租户改造'; - - -/******************************************/ -/* 数据库全名 = nacos_config */ -/* 表名称 = tenant_capacity */ -/******************************************/ -CREATE TABLE `tenant_capacity` ( - `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键ID', - `tenant_id` varchar(128) NOT NULL DEFAULT '' COMMENT 'Tenant ID', - `quota` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '配额,0表示使用默认值', - `usage` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '使用量', - `max_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个配置大小上限,单位为字节,0表示使用默认值', - `max_aggr_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '聚合子配置最大个数', - `max_aggr_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个聚合数据的子配置大小上限,单位为字节,0表示使用默认值', - `max_history_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '最大变更历史数量', - `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', - `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_tenant_id` (`tenant_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='租户容量信息表'; - - -CREATE TABLE `tenant_info` ( - `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', - `kp` varchar(128) NOT NULL COMMENT 'kp', - `tenant_id` varchar(128) default '' COMMENT 'tenant_id', - `tenant_name` varchar(128) default '' COMMENT 'tenant_name', - `tenant_desc` varchar(256) DEFAULT NULL COMMENT 'tenant_desc', - `create_source` varchar(32) DEFAULT NULL COMMENT 'create_source', - `gmt_create` bigint(20) NOT NULL COMMENT '创建时间', - `gmt_modified` bigint(20) NOT NULL COMMENT '修改时间', - PRIMARY KEY (`id`), - UNIQUE KEY `uk_tenant_info_kptenantid` (`kp`,`tenant_id`), - KEY `idx_tenant_id` (`tenant_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='tenant_info'; - -CREATE TABLE `users` ( - `username` varchar(50) NOT NULL PRIMARY KEY, - `password` varchar(500) NOT NULL, - `enabled` boolean NOT NULL +/* 表名称 = config_info */ +/******************************************/ +CREATE TABLE `config_info` +( + `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', + `data_id` varchar(255) NOT NULL COMMENT 'data_id', + `group_id` varchar(128) DEFAULT NULL COMMENT 'group_id', + `content` longtext NOT NULL COMMENT 'content', + `md5` varchar(32) DEFAULT NULL COMMENT 'md5', + `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', + `src_user` text COMMENT 'source user', + `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', + `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', + `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', + `c_desc` varchar(256) DEFAULT NULL COMMENT 'configuration description', + `c_use` varchar(64) DEFAULT NULL COMMENT 'configuration usage', + `effect` varchar(64) DEFAULT NULL COMMENT '配置生效的描述', + `type` varchar(64) DEFAULT NULL COMMENT '配置的类型', + `c_schema` text COMMENT '配置的模式', + `encrypted_data_key` text NOT NULL COMMENT '密钥', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_configinfo_datagrouptenant` (`data_id`, `group_id`, `tenant_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='config_info'; + +/******************************************/ +/* 表名称 = config_info_aggr */ +/******************************************/ +CREATE TABLE `config_info_aggr` +( + `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', + `data_id` varchar(255) NOT NULL COMMENT 'data_id', + `group_id` varchar(128) NOT NULL COMMENT 'group_id', + `datum_id` varchar(255) NOT NULL COMMENT 'datum_id', + `content` longtext NOT NULL COMMENT '内容', + `gmt_modified` datetime NOT NULL COMMENT '修改时间', + `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', + `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_configinfoaggr_datagrouptenantdatum` (`data_id`, `group_id`, `tenant_id`, `datum_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='增加租户字段'; + + +/******************************************/ +/* 表名称 = config_info_beta */ +/******************************************/ +CREATE TABLE `config_info_beta` +( + `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', + `data_id` varchar(255) NOT NULL COMMENT 'data_id', + `group_id` varchar(128) NOT NULL COMMENT 'group_id', + `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', + `content` longtext NOT NULL COMMENT 'content', + `beta_ips` varchar(1024) DEFAULT NULL COMMENT 'betaIps', + `md5` varchar(32) DEFAULT NULL COMMENT 'md5', + `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', + `src_user` text COMMENT 'source user', + `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', + `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', + `encrypted_data_key` text NOT NULL COMMENT '密钥', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_configinfobeta_datagrouptenant` (`data_id`, `group_id`, `tenant_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='config_info_beta'; + +/******************************************/ +/* 表名称 = config_info_tag */ +/******************************************/ +CREATE TABLE `config_info_tag` +( + `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', + `data_id` varchar(255) NOT NULL COMMENT 'data_id', + `group_id` varchar(128) NOT NULL COMMENT 'group_id', + `tenant_id` varchar(128) DEFAULT '' COMMENT 'tenant_id', + `tag_id` varchar(128) NOT NULL COMMENT 'tag_id', + `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', + `content` longtext NOT NULL COMMENT 'content', + `md5` varchar(32) DEFAULT NULL COMMENT 'md5', + `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', + `src_user` text COMMENT 'source user', + `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_configinfotag_datagrouptenanttag` (`data_id`, `group_id`, `tenant_id`, `tag_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='config_info_tag'; + +/******************************************/ +/* 表名称 = config_tags_relation */ +/******************************************/ +CREATE TABLE `config_tags_relation` +( + `id` bigint(20) NOT NULL COMMENT 'id', + `tag_name` varchar(128) NOT NULL COMMENT 'tag_name', + `tag_type` varchar(64) DEFAULT NULL COMMENT 'tag_type', + `data_id` varchar(255) NOT NULL COMMENT 'data_id', + `group_id` varchar(128) NOT NULL COMMENT 'group_id', + `tenant_id` varchar(128) DEFAULT '' COMMENT 'tenant_id', + `nid` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'nid, 自增长标识', + PRIMARY KEY (`nid`), + UNIQUE KEY `uk_configtagrelation_configidtag` (`id`, `tag_name`, `tag_type`), + KEY `idx_tenant_id` (`tenant_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='config_tag_relation'; + +/******************************************/ +/* 表名称 = group_capacity */ +/******************************************/ +CREATE TABLE `group_capacity` +( + `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键ID', + `group_id` varchar(128) NOT NULL DEFAULT '' COMMENT 'Group ID,空字符表示整个集群', + `quota` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '配额,0表示使用默认值', + `usage` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '使用量', + `max_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个配置大小上限,单位为字节,0表示使用默认值', + `max_aggr_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '聚合子配置最大个数,,0表示使用默认值', + `max_aggr_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个聚合数据的子配置大小上限,单位为字节,0表示使用默认值', + `max_history_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '最大变更历史数量', + `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_group_id` (`group_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='集群、各Group容量信息表'; + +/******************************************/ +/* 表名称 = his_config_info */ +/******************************************/ +CREATE TABLE `his_config_info` +( + `id` bigint(20) unsigned NOT NULL COMMENT 'id', + `nid` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'nid, 自增标识', + `data_id` varchar(255) NOT NULL COMMENT 'data_id', + `group_id` varchar(128) NOT NULL COMMENT 'group_id', + `app_name` varchar(128) DEFAULT NULL COMMENT 'app_name', + `content` longtext NOT NULL COMMENT 'content', + `md5` varchar(32) DEFAULT NULL COMMENT 'md5', + `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', + `src_user` text COMMENT 'source user', + `src_ip` varchar(50) DEFAULT NULL COMMENT 'source ip', + `op_type` char(10) DEFAULT NULL COMMENT 'operation type', + `tenant_id` varchar(128) DEFAULT '' COMMENT '租户字段', + `encrypted_data_key` text NOT NULL COMMENT '密钥', + PRIMARY KEY (`nid`), + KEY `idx_gmt_create` (`gmt_create`), + KEY `idx_gmt_modified` (`gmt_modified`), + KEY `idx_did` (`data_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='多租户改造'; + + +/******************************************/ +/* 表名称 = tenant_capacity */ +/******************************************/ +CREATE TABLE `tenant_capacity` +( + `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键ID', + `tenant_id` varchar(128) NOT NULL DEFAULT '' COMMENT 'Tenant ID', + `quota` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '配额,0表示使用默认值', + `usage` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '使用量', + `max_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个配置大小上限,单位为字节,0表示使用默认值', + `max_aggr_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '聚合子配置最大个数', + `max_aggr_size` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '单个聚合数据的子配置大小上限,单位为字节,0表示使用默认值', + `max_history_count` int(10) unsigned NOT NULL DEFAULT '0' COMMENT '最大变更历史数量', + `gmt_create` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `gmt_modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '修改时间', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_tenant_id` (`tenant_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='租户容量信息表'; + + +CREATE TABLE `tenant_info` +( + `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'id', + `kp` varchar(128) NOT NULL COMMENT 'kp', + `tenant_id` varchar(128) default '' COMMENT 'tenant_id', + `tenant_name` varchar(128) default '' COMMENT 'tenant_name', + `tenant_desc` varchar(256) DEFAULT NULL COMMENT 'tenant_desc', + `create_source` varchar(32) DEFAULT NULL COMMENT 'create_source', + `gmt_create` bigint(20) NOT NULL COMMENT '创建时间', + `gmt_modified` bigint(20) NOT NULL COMMENT '修改时间', + PRIMARY KEY (`id`), + UNIQUE KEY `uk_tenant_info_kptenantid` (`kp`, `tenant_id`), + KEY `idx_tenant_id` (`tenant_id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8 + COLLATE = utf8_bin COMMENT ='tenant_info'; + +CREATE TABLE `users` +( + `username` varchar(50) NOT NULL PRIMARY KEY COMMENT 'username', + `password` varchar(500) NOT NULL COMMENT 'password', + `enabled` boolean NOT NULL COMMENT 'enabled' ); -CREATE TABLE `roles` ( - `username` varchar(50) NOT NULL, - `role` varchar(50) NOT NULL, - UNIQUE INDEX `idx_user_role` (`username` ASC, `role` ASC) USING BTREE +CREATE TABLE `roles` +( + `username` varchar(50) NOT NULL COMMENT 'username', + `role` varchar(50) NOT NULL COMMENT 'role', + UNIQUE INDEX `idx_user_role` (`username` ASC, `role` ASC) USING BTREE ); -CREATE TABLE `permissions` ( - `role` varchar(50) NOT NULL, - `resource` varchar(255) NOT NULL, - `action` varchar(8) NOT NULL, - UNIQUE INDEX `uk_role_permission` (`role`,`resource`,`action`) USING BTREE +CREATE TABLE `permissions` +( + `role` varchar(50) NOT NULL COMMENT 'role', + `resource` varchar(255) NOT NULL COMMENT 'resource', + `action` varchar(8) NOT NULL COMMENT 'action', + UNIQUE INDEX `uk_role_permission` (`role`, `resource`, `action`) USING BTREE ); -INSERT INTO users (username, password, enabled) VALUES ('nacos', '$2a$10$EuWPZHzz32dJN7jexM34MOeYirDdFAZm2kuWj7VEOJhhZkDrxfvUu', TRUE); +INSERT INTO users (username, password, enabled) +VALUES ('nacos', '$2a$10$EuWPZHzz32dJN7jexM34MOeYirDdFAZm2kuWj7VEOJhhZkDrxfvUu', TRUE); -INSERT INTO roles (username, role) VALUES ('nacos', 'ROLE_ADMIN'); \ No newline at end of file +INSERT INTO roles (username, role) +VALUES ('nacos', 'ROLE_ADMIN'); \ No newline at end of file diff --git a/notes/dev/design/README.md b/notes/dev/design/README.md index b489f7d7eb4..0a5c3d9a971 100644 --- a/notes/dev/design/README.md +++ b/notes/dev/design/README.md @@ -8,3 +8,5 @@ title: Design - [事件驱动](./design-event-driven.md) - [数据驱动](./design-data-driven.md) - [Azure application architecture fundamentals](https://learn.microsoft.com/en-us/azure/architecture/guide/) +- [ByteByteGoHq/system-design-101](https://github.com/ByteByteGoHq/system-design-101) +- [donnemartin/system-design-primer](https://github.com/donnemartin/system-design-primer) diff --git a/notes/dev/dict.md b/notes/dev/dict.md index 2ddbd6bcba6..841b93e7808 100644 --- a/notes/dev/dict.md +++ b/notes/dev/dict.md @@ -1064,6 +1064,20 @@ tags: - 查含义和词源 - etymonline.com +| .abbr | for | +| ----- | ----------------------------------- | +| SDLC | Software Development Life Cycle | +| AIDA | AI Developer Assistant | +| AIDA | Attention, Interest, Desire, Action | + +- [AIDA]() + - Attention(注意) + - Interest(关心) + - Desire(欲求) + - Memory(记忆) + - Action(行动) + - AIDMA + ## Abbr | abbr | latin | en | diff --git a/notes/devops/container/container-awesome.md b/notes/devops/container/container-awesome.md index 6ceae863ded..b30539f39d5 100644 --- a/notes/devops/container/container-awesome.md +++ b/notes/devops/container/container-awesome.md @@ -6,6 +6,8 @@ tags: # Container Awesome +> Storage, Metadata, Runtime + - CRI - [opencontainers/runc](https://github.com/opencontainers/runc) - [google/gvisor](https://github.com/google/gvisor) @@ -100,6 +102,27 @@ tags: - GPLv2, C - application or container live migration, snapshots, remote debugging +## Image + +- https://github.com/opencontainers/image-spec +- [containerd/stargz-snapshotter](https://github.com/containerd/stargz-snapshotter) + - fast container image distribution plugin with lazy pulling +- https://nydus.dev/ + - OCI tar layer -> Blob+meta + - [containerd/nydus-snapshotter](https://github.com/containerd/nydus-snapshotter) + - containerd snapshotter with data deduplication and lazy loading in P2P + - [dragonflyoss/nydus](https://github.com/dragonflyoss/nydus) + - based on FUSE,virtiofs + - RAFS v6 - erofs over fscache - Linux 5.19+ + - [dragonflyoss/Dragonfly2](https://github.com/dragonflyoss/Dragonfly2) + - P2P-based file distribution and image acceleration + - https://d7y.io/blog/2022/06/06/evolution-of-nydus/ + - https://github.com/dragonflyoss/nydus/blob/master/docs/nydusify.md +- [goharbor/acceleration-service](https://github.com/goharbor/acceleration-service) +- [google/crfs](https://github.com/google/crfs) + - CRFS: Container Registry Filesystem + - read-only FUSE + ## Runtime - [drifting-in-space/spawner](https://github.com/drifting-in-space/spawner) @@ -146,7 +169,6 @@ sources: - remote images registries - retrieving information, images, signing content - [GoogleContainerTools/container-diff](https://github.com/GoogleContainerTools/container-diff) - [jwilder/dockerize](https://github.com/jwilder/dockerize) -- [containerd/stargz-snapshotter](https://github.com/containerd/stargz-snapshotter) - 参考 - [构建容器的最佳做法](https://cloud.google.com/solutions/best-practices-for-building-containers) diff --git a/notes/devops/kubernetes/app/argo/README.md b/notes/devops/kubernetes/app/argo/README.md new file mode 100644 index 00000000000..288c67a4811 --- /dev/null +++ b/notes/devops/kubernetes/app/argo/README.md @@ -0,0 +1,18 @@ +--- +title: Argo +--- + +# Argo + +- [argoproj](https://github.com/argoproj) + +| project | desc | +| ------------------------------ | ---------------- | +| [workflow](./argo-workflow.md) | 工作流 | +| [argocd](../argocd/README.md) | 持续集成 | +| notification | +| rollouts | 增强 k8s rollout | +| events | 事件 | +| gitops-engine | + +- https://github.com/akuity/awesome-argo diff --git a/notes/devops/kubernetes/app/argo/workflow/README.md b/notes/devops/kubernetes/app/argo/workflow/README.md new file mode 100644 index 00000000000..0ef840e6f33 --- /dev/null +++ b/notes/devops/kubernetes/app/argo/workflow/README.md @@ -0,0 +1,135 @@ +--- +title: Argo Workflow +--- + +# Argo Workflow + +- [argoproj/argo-workflows](https://github.com/argoproj/argo-workflows) 是什么? + - Cloud Native 工作流引擎 + - CRD 管理 + - 每个步骤都是容器 + - 适用计算密集型任务 - 机器学习, 数据处理 + - 适用于 CI/CD 场景 +- adopted by + - kubeflow +- 用到的镜像 + - argoproj/argocli + - argoproj/workflow-controller + - argoproj/argoexec - executor + - argoproj/argosay - 演示流程使用的镜像 +- [workflow-executors](https://argoproj.github.io/argo-workflows/workflow-executors/) +- 参考 + - Use Cases https://argoproj.github.io/argo-workflows/use-cases/ci-cd/ + - CI/CD + - Data Processing + - Infrastructure Automation + - Machine Learning + - https://argoproj-labs.github.io/argo-workflows-catalog/ + +## 安装 + +```bash +# 安装方式 +# install.yaml - 集群纬度,所有命名空间 +# namespace-install.yaml - argo 命名空间 +# 会部署 argo-server 和 workflow-controller +# 配置 - workflow-controller-configmap +# https://github.com/argoproj/argo-workflows/tree/stable/manifests +kubectl create ns argo +kubectl apply -n argo -f https://raw.githubusercontent.com/argoproj/argo-workflows/stable/manifests/namespace-install.yaml +# 默认不需要 login - 可以自己添加 sso 或者调整 authmode + +# 命令行工具 +brew install argo +# 获取登陆 token +# argo auth token +``` + +```yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: argo-ingress + namespace: argo +spec: + rules: + - host: argo.example.com + http: + paths: + - backend: + service: + name: argo-server + port: + name: web + pathType: ImplementationSpecific +``` + +## Workflow + +```yaml +metadata: + name: delightful-rhino + labels: + example: 'true' +spec: + arguments: + parameters: + - name: message + value: hello argo + entrypoint: argosay + templates: + - name: argosay + inputs: + parameters: + - name: message + value: '{{workflow.parameters.message}}' + container: + name: main + image: 'argoproj/argosay:v2' + command: + - /argosay + args: + - echo + - '{{inputs.parameters.message}}' + ttlStrategy: + secondsAfterCompletion: 300 + podGC: + strategy: OnPodCompletion +``` + +### 配置 + +- https://argoproj.github.io/argo-workflows/workflow-controller-configmap.yaml + +```yaml +# containerRuntimeExecutor: docker +containerRuntimeExecutor: kubelet + +# SSO Configuration for the Argo server. +# You must also start argo server with `--auth-mode sso`. +# https://argoproj.github.io/argo/argo-server-auth-mode/ +sso: | + # This is the root URL of the OIDC provider (required). + issuer: https://issuer.root.url/ + # This is name of the secret and the key in it that contain OIDC client + # ID issued to the application by the provider (required). + clientId: + name: client-id-secret + key: client-id-key + # This is name of the secret and the key in it that contain OIDC client + # secret issued to the application by the provider (required). + clientSecret: + name: client-secret-secret + key: client-secret-key + # This is the redirect URL supplied to the provider (required). It must + # be in the form /oauth2/callback. It must be + # browser-accessible. + redirectUrl: https://argo-server/oauth2/callback + # Additional scopes to request. Typically needed for SSO RBAC. >= v2.12 + scopes: + - groups + - email + # RBAC Config. >= v2.12 + rbac: + enabled: false +``` diff --git a/notes/devops/kubernetes/app/argo/workflow/argo-workflow-executor.md b/notes/devops/kubernetes/app/argo/workflow/argo-workflow-executor.md new file mode 100644 index 00000000000..130eb51d659 --- /dev/null +++ b/notes/devops/kubernetes/app/argo/workflow/argo-workflow-executor.md @@ -0,0 +1,9 @@ +--- +title: Executor +--- + +# Executor + +- v3.3+ emissary + +## emissary diff --git a/notes/evolve/parenting.md b/notes/evolve/parenting.md index 183af1a7ab7..1f192dca60f 100644 --- a/notes/evolve/parenting.md +++ b/notes/evolve/parenting.md @@ -4,6 +4,41 @@ title: Parenting # Parenting +## 中班幼儿语言表达能力的培养 - 2023-10-29 + +语言表达能力的培养对幼儿来说非常重要。语言不仅是交流的工具,也是认知发展的基础。 + +1. 多与幼儿交流,耐心倾听孩子的话语,对他们的言语表示重视。不要常常批评或修正孩子的语言错误,过多的校正会扼杀孩子的表达欲望。 +2. 丰富幼儿的生活经验,带他们去不同的地方,见识更多的事物。丰富的经验可以拓展孩子的词汇量,让他们有更多可说的内容。 +3. 多用提问启发孩子说话,而不要直接给他答案。提问要开放性强一点,避免只能回答 “是” 或者 “不是” 的问题。 +4. 多组织一些语言游戏,如讲故事、说反义词、造句等,寓教于乐提高孩子的语言组织能力。 +5. 给孩子充分的言语表达机会,如鼓励他们向大家介绍自己的玩具、讲自己的经历等。不要常常打断孩子的话语。 +6. 给孩子提供语言表达方式,语言正确、清晰的表达方式。家长也要注意言语表达。 +7. 培养孩子的语言兴趣,如:看图说话、讲故事等 +8. 避免电视、手机等虚拟语言的过度接触影响真实语言的学习。 + +这是我了解到对培养幼儿语言表达能力的一些方向。 + +分享我觉得一些做得好的和不好的地方: + +1. 我觉得做的还可以,大多时候在听 她 说话的时候都能提醒自己不好打断她说话,也会是不是强调她不要打断别人讲话。关于表达,我觉得就比较随意了 +2. 只能是尽力而为,生活中做不到的会尽量通过影视、游戏、书籍等方式来弥补 +3. 这个就比较擅长了,我感觉我和她经常都在说 “胡话”,语言表达也不一定需要有意义 +4. 这个太多了,买了一支录音笔,讲故事、玩迷宫游戏(RPG)用 +5. 因为自己语言表达能力也比较欠缺,所以这方面可能没太多好的例子,不知道做的好不好 +6. 看动画、玩游戏、玩角色扮演,都有在做 +7. 这个很有感触,有些很“洗脑”的表达方式非常快就学会了,一定避免上一代看抖音时的影响。 + +觉得基础的大家都做的差不多,觉得需要注意的一些额外的点: + +1. 培养和父母的共同爱好 + - 产生更多话题 + - 能有一些特殊的交流方式,例如:会有一些“暗号”一样的东西,双方都会觉得有趣 + - 父母也会更愿意交流 +2. 隐性的树立“偶像” + - 让她有学习的对象,知道怎么表达和讲话,例如: 可能一段时间讲话有小猪佩奇的 “影子” + - 一定要对她去了解的内容做筛选 + ## 幼儿自理能力培养 - 2022-10-03 我理解的自理能力指 diff --git a/notes/java/build/jib.md b/notes/java/build/jib.md index 01e45a54ea6..7e5710e1a99 100644 --- a/notes/java/build/jib.md +++ b/notes/java/build/jib.md @@ -19,7 +19,9 @@ mvn compile jib:build # 不依赖 docker 直接推送 mvn compile jib:dockerBuild # 使用 docker mvn compile jib:buildTar -mvn compile com.google.cloud.tools:jib-maven-plugin:3.3.1:build -Dimage=IMAGE +mvn compile com.google.cloud.tools:jib-maven-plugin:3.4.0:buildTar +ls target/jib-image.tar +mvn compile com.google.cloud.tools:jib-maven-plugin:3.4.0:build -Dimage=IMAGE ``` ``` diff --git a/notes/java/build/maven/README.md b/notes/java/build/maven/README.md index b315782cdcb..0fcd723dead 100755 --- a/notes/java/build/maven/README.md +++ b/notes/java/build/maven/README.md @@ -17,18 +17,20 @@ tags: - rar - Resource Adapter Archive - mojo - surefire - - -| 属性 | 说明 | -| --------------------------------- | ------------------------ | -| maven.javadoc.skip | 不调用 Javadoc 插件 | -| maven.test.skip | 不编译测试,不执行测试 | -| maven.test.skip.exec | 不执行测试,但编译测试包 | -| maven.repo.remote | 远程仓库 | -| maven.repo.local | 本地仓库 | -| socksProxyHost
socksProxyPort | Socks 代理 | -| httpProxyHost
httpProxyPort | Http 代理 | -| httpsProxyHost
httpsProxyPort | Https 代理 | +- 参考 + - https://maven.apache.org/ref/3.9.4/maven-embedder/cli.html + +| -D | 说明 | +| --------------------------------- | ------------------------- | +| skipTests | 不执行测试, 构建 test jar | +| maven.javadoc.skip | 不调用 Javadoc 插件 | +| maven.test.skip | 不编译测试,不执行测试 | +| maven.test.skip.exec | 不执行测试,但编译测试包 | +| maven.repo.remote | 远程仓库 | +| maven.repo.local | 本地仓库 | +| socksProxyHost
socksProxyPort | Socks 代理 | +| httpProxyHost
httpProxyPort | Http 代理 | +| httpsProxyHost
httpsProxyPort | Https 代理 | ``` -pl, --projects @@ -279,9 +281,9 @@ mvn install:install-file \ config.properties - + - + @@ -569,12 +571,15 @@ mvn gpg:sign-and-deploy-file -Dgpg.passphrase=$PASSPHRASE \ -Dfile=$NAME-javadoc.jar -Dclassifier=javadoc ``` - ## settings.xml ```xml - - + + aliyun @@ -585,4 +590,3 @@ mvn gpg:sign-and-deploy-file -Dgpg.passphrase=$PASSPHRASE \ ``` - diff --git a/notes/java/java-faq.md b/notes/java/java-faq.md index 193b404713a..f590e6c6882 100644 --- a/notes/java/java-faq.md +++ b/notes/java/java-faq.md @@ -202,3 +202,47 @@ jattach 1 properties - https://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html - https://docs.oracle.com/javase/6/docs/technotes/guides/net/properties.html#socks + +## Virtual Thread + +- Java 21+ +- sychronized -> ReentrantLock +- 支持 Virtual Thread/Loom + - https://github.com/pgjdbc/pgjdbc/ + - https://github.com/pgjdbc/pgjdbc/issues/1951 + - ebean + - https://github.com/ebean-orm/ebean/issues/2080 +- Nats + - https://github.com/nats-io/nats.java/issues/317 + - https://github.com/nats-io/nats.java/issues/934 + +**Spring Boot Tomcat** + +- 性能更好 + +```java +import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.web.embedded.tomcat.TomcatProtocolHandlerCustomizer; +import org.springframework.context.annotation.Bean; + +import java.util.concurrent.Executors; + +@SpringBootApplication +@Slf4j +public class VirtualthreadApplication { + + public static void main(String[] args) { + SpringApplication.run(VirtualthreadApplication.class, args); + } + + @Bean + public TomcatProtocolHandlerCustomizer protocolHandlerVirtualThreadExecutorCustomizer() { + return protocolHandler -> { + log.info("Configuring " + protocolHandler + " to use VirtualThreadPerTaskExecutor"); + protocolHandler.setExecutor(Executors.newVirtualThreadPerTaskExecutor()); + }; + } +} +``` diff --git a/notes/languages/languages-awesome.md b/notes/languages/languages-awesome.md index e3b83e2414c..183fb2c3c05 100644 --- a/notes/languages/languages-awesome.md +++ b/notes/languages/languages-awesome.md @@ -117,3 +117,26 @@ tags: ## HowTo - [Lessons from Writing a Compiler](https://borretti.me/article/lessons-writing-compiler) + +## Typesetting + +> - 排版、技术文档 +> - 区分 专业 和 轻量级 +> - Typesetting 大多输出为 PDF +> - 轻量级输出为 HTML/Web + +- [markdown](./markdown/README.md) +- [LaTeX](./tex/README.md) + - [sile-typesetter/sile](https://github.com/sile-typesetter/sile) +- [typst/typst](https://github.com/typst/typst) + - Apache-2.0, Rust + - Typst is a new markup-based typesetting system that is designed to be as powerful as LaTeX while being much easier to learn and use + - [qjcg/awesome-typst](https://github.com/qjcg/awesome-typst) + - [Myriad-Dreamin/typst.ts](https://github.com/Myriad-Dreamin/typst.ts) + - wasm +- https://www.jetbrains.com/writerside/ + - Markdown & XML + - writing docs for website +- Asciidoc +- DITA +- GTFO diff --git a/notes/languages/markdown/README.md b/notes/languages/markdown/README.md index f255c2353ce..244bb4eefea 100644 --- a/notes/languages/markdown/README.md +++ b/notes/languages/markdown/README.md @@ -21,6 +21,7 @@ title: Markdown 2011-04-28 - wikipedia [Markdown](https://en.wikipedia.org/wiki/Markdown) + ## 工具 ### Pandoc diff --git a/notes/languages/regexp.md b/notes/languages/regexp.md index 36bd50eab7e..f1f9c6454dd 100644 --- a/notes/languages/regexp.md +++ b/notes/languages/regexp.md @@ -84,3 +84,4 @@ const notThis = /^(?:(?!this).)*$/; - `$'` - `$` - replacer(match,p1,p2,offset,wholeString,namedGroups) + diff --git a/notes/os/alpine/alpine-version.md b/notes/os/alpine/alpine-version.md index bcf682824ce..b89093a5aa7 100644 --- a/notes/os/alpine/alpine-version.md +++ b/notes/os/alpine/alpine-version.md @@ -36,6 +36,7 @@ tags: | version | date | | ------------------------------------ | ---------- | +| [AlpineLinux 3.19](#alpinelinux-319) | 2023 | | [AlpineLinux 3.18](#alpinelinux-318) | 2023-05-29 | | [AlpineLinux 3.17](#alpinelinux-317) | 2022-11-22 | | [AlpineLinux 3.16](#alpinelinux-316) | 2022-05-23 | @@ -63,14 +64,16 @@ tags: ::: - - - - 参考 - https://ariadne.space/ +## AlpineLinux 3.19 + +- 🆙 升级包 + - NodeJS 20 LTS + ## AlpineLinux 3.18 - Linux 6.1 @@ -80,7 +83,7 @@ tags: - https://www.kernel.org/doc/html/v4.15/admin-guide/module-signing.html - musl libc 1.2.4 - tcp dns - 解决 udp dns 不能返回太多解析的问题 - - DT_RELR + - DT_RELR - relative relocation - 减小 binary size - qemu-system-aarch64 3.17 v7.1 22.6M -> 3.18 v8.0 19.5M - https://gitlab.alpinelinux.org/alpine/tsc/-/issues/58 @@ -93,7 +96,6 @@ tags: - Go 1.20 - Qemu 8.0 - ## AlpineLinux 3.17 - 环境 diff --git a/notes/os/centos/centos-faq.md b/notes/os/centos/centos-faq.md index 381a1efbf2b..ec19b5db347 100644 --- a/notes/os/centos/centos-faq.md +++ b/notes/os/centos/centos-faq.md @@ -10,6 +10,14 @@ tags: - 8.5.2111 - 2021-11-16 - 7.9-2009 - 2020-11-12 - https://wiki.centos.org/FAQ/CentOS8 +- iprinit, iprupdate, iprdump +- tuned + - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/performance_tuning_guide/index#chap-Red_Hat_Enterprise_Linux-Performance_Tuning_Guide-Tuned + - /etc/tuned/tuned-main.conf + - https://github.com/redhat-performance/tuned +- oddjobd + - privileged operations for unprivileged processes + - https://www.unix.com/man-page/centos/8/oddjobd/ ## CentOS 8 os vs kickstart diff --git a/notes/os/linux/fs/README.md b/notes/os/linux/fs/README.md index f7a2fbecda3..fb339cc3f40 100644 --- a/notes/os/linux/fs/README.md +++ b/notes/os/linux/fs/README.md @@ -36,7 +36,30 @@ title: FS | pipefs | pipe: | 当 shell 使用 pipe 时 | | loopfs | `/dev/loop*` | | [rootfs] | / | - +| fscache | +| erofs | | Enhanced Read-Only FS | + +- https://docs.kernel.org/filesystems/erofs.html +- erofs + - https://docs.kernel.org/filesystems/erofs.html + - https://en.wikipedia.org/wiki/EROFS + - Linux 5.4+ + - by Huawei, Alibaba Cloud, Bytedance, Coolpad, Google, OPPO + - 多用于 Android + - 添加压缩,内容寻址 + - EROFS over Fscache - Linux 5.19+ + - by Alibaba Cloud for RAFS v6/Nydus +- fscache + - https://www.kernel.org/doc/Documentation/filesystems/caching/fscache.txt + - https://docs.kernel.org/filesystems/caching/fscache.html + - cachefilesd + - /proc/fs/fscache/caches + - /proc/fs/fscache/volumes + - /proc/fs/fscache/cookies + - /sys/module/fscache/parameters/debug +- rafs + - RAFS v6 兼容 EROFS + - https://d7y.io/blog/2022/06/06/evolution-of-nydus/ - /dev/ptsmx - terminal mulitplexer **逻辑** diff --git a/notes/os/linux/init/openrc.md b/notes/os/linux/init/openrc.md index 4c37c475088..7ef288241e6 100644 --- a/notes/os/linux/init/openrc.md +++ b/notes/os/linux/init/openrc.md @@ -5,11 +5,10 @@ title: OpenRC # OpenRC - [OpenRC](https://github.com/OpenRC/openrc) 是什么? + - BSD-2, C, Shell - 跨平台轻量级 init 系统 - 支持 Linux, FreeBSD, NetBSD - 核心 900k - - 2 BSD 协议 - - C+Shell 实现 - 脚本结构上类似于 sysvinit - 但更简单 - 支持 supervise-daemon 0.21+ - 支持 /sbin/init - 0.25+ @@ -107,7 +106,10 @@ stop_pre() { - provide - 提供服务 - 类似别名或相同服务 - keyword - 依赖 - - 影响服务起停 - 例如: 重启 服务 -> 会先停止 **依赖**,重启服务,然后再启动 **依赖** + - 影响服务起停 + - 例如: 重启 服务 -> 会先停止 **依赖**,重启服务,然后再启动 **依赖** + - 依赖服务 - 会 start 依赖服务 + - 被服务依赖 - 会 stop & start 依赖服务 - https://github.com/OpenRC/openrc/blob/master/service-script-guide.md ## supervise-daemon diff --git a/notes/os/linux/sys/procfs.md b/notes/os/linux/sys/procfs.md index f6c409079c9..9af46dbe5e0 100644 --- a/notes/os/linux/sys/procfs.md +++ b/notes/os/linux/sys/procfs.md @@ -4,8 +4,17 @@ title: procfs # procfs +> Kernel to userver space communication + ```bash cat /proc/cpuinfo | grep "tsc_reliable" ``` +- /proc/mounts +- /proc/uptime +- /proc/net/tcp +- /proc/$PID/status + +--- + - http://oliveryang.net/2015/09/pitfalls-of-TSC-usage/ diff --git a/notes/os/macos/launchd.md b/notes/os/macos/launchd.md new file mode 100644 index 00000000000..01ec2bbe087 --- /dev/null +++ b/notes/os/macos/launchd.md @@ -0,0 +1,11 @@ +--- +tags: +- init +--- + +# launchd + +- 参考 + - https://gist.github.com/johndturn/09a5c055e6a56ab61212204607940fa0 + - https://en.wikipedia.org/wiki/Launchd + - ansible [community.general.launchd](https://docs.ansible.com/ansible/latest/collections/community/general/launchd_module.html) diff --git a/notes/os/macos/macos-faq.md b/notes/os/macos/macos-faq.md index bd9adee1a65..e93c1b78452 100644 --- a/notes/os/macos/macos-faq.md +++ b/notes/os/macos/macos-faq.md @@ -371,3 +371,7 @@ sudo xcode-select --reset ``` - https://apple.stackexchange.com/a/254381/103557 + +## com.apple.MobileSoftwareUpdate.UpdateBrainService + +系统更新 diff --git a/notes/platform/aliyun/README.md b/notes/platform/aliyun/README.md index 65d584af2ae..4ba973e3e97 100644 --- a/notes/platform/aliyun/README.md +++ b/notes/platform/aliyun/README.md @@ -105,9 +105,15 @@ title: 阿里云 ## ACK +> ACK -> Aliyun Container Service for Kubernetes +> - ACK vs Self-Managed Kubernetes +> - 省事 +> - 能更好结合阿里云产品 - 会用到更多阿里云产品 - SLB、Log、Monitor +> - ACK 节点会部署相对多的 Agent + - ACK Pro=集群管理+云产品资源 - - 管理 - - 0.64 元/小时/集群 - 441/月,5300/年 + - 集群管理 - 独立的管理节点/单独的服务器 - 包含在集群费用中 + - 按量计费: 0.64 元/小时/集群 - 441/月,5300/年 - 资源包: 415 元/月,4980 元/年 - 专有版 - 管理免费 diff --git a/notes/queue/nats/nats-faq.md b/notes/queue/nats/nats-faq.md index 187fa3c59b0..87dd5f62cf4 100644 --- a/notes/queue/nats/nats-faq.md +++ b/notes/queue/nats/nats-faq.md @@ -40,6 +40,21 @@ tags: - `_R_` - leafnode +## delay + +- Jetstream + - NAK 返回带 delay 时间 + - Backoff + +--- + +- Nats defered message [#3403](https://github.com/nats-io/nats-server/issues/3403) + - PUBLISH 时指定 + - Nats-Before + - Nats-Not-Before +- https://github.com/nats-io/nats-server/issues/2846 +- Consumer Ack/Nak Backoffs ~~[#2812](https://github.com/nats-io/nats-server/pull/2812)~~ + ## Remaping :::caution diff --git a/notes/reference/time.md b/notes/reference/time.md new file mode 100644 index 00000000000..3c78f8b7be8 --- /dev/null +++ b/notes/reference/time.md @@ -0,0 +1,15 @@ +--- +title: Time +--- + +# Time + +| h | for | +| -----: | --: | +| 1h | 1h | +| 24h | 1d | +| 720h | 30d | +| 2160h | 90d | +| 8760h | 1y | +| 43800h | 5y | +| 87600h | 10y | diff --git a/notes/security/acme-awesome.md b/notes/security/acme-awesome.md index c1d241c2c33..5c4c1654be0 100644 --- a/notes/security/acme-awesome.md +++ b/notes/security/acme-awesome.md @@ -10,6 +10,8 @@ tags: - 自动证书管理环境 - [rfc8555](https://datatracker.ietf.org/doc/html/rfc8555) - wiki [ACME](https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment) +- [step ca](./cert/smallstep.md) +- [hakwerk/labca](https://github.com/hakwerk/labca) ## Provider diff --git a/notes/security/cfssl.md b/notes/security/cert/cfssl.md similarity index 100% rename from notes/security/cfssl.md rename to notes/security/cert/cfssl.md diff --git a/notes/security/cert/smallstep.md b/notes/security/cert/smallstep.md index 4bf7568bcae..fd35d214d3f 100644 --- a/notes/security/cert/smallstep.md +++ b/notes/security/cert/smallstep.md @@ -4,6 +4,12 @@ title: smallstep # smallstep +:::caution + +- 出于商业决定移除了 EAB [#897](https://github.com/smallstep/certificates/issues/897) + +::: + - [smallstep/certificates](https://github.com/smallstep/certificates) - Apache-2.0, Go - CA, ACME server @@ -43,14 +49,26 @@ apk add step-cli step-certificates -X http://mirrors.sjtug.sjtu.edu.cn/alpine/ed step path # 数据目录 $HOME/.step STEPPATH=/tmp/step step path # 配置 $(step path)/config/ca.json - +mkdir -p $STEPPATH && cd $_ # 生成 CA $HOME/.step/certs/root_ca.crt $HOME/.step/secrets/root_ca_key -cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./passwd -step ca init --name "Local CA" --provisioner admin --dns localhost --address ":443" --deployment-type=standalone --password-file=./passwd -step ca certificate --offline foo.smallstep.com foo.crt foo.key +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./ca.passwd +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./provisioner.passwd +# https://smallstep.com/docs/step-cli/reference/ca/init/ +# --dns 也支持地址 +step ca init \ + --name "Wener CA" --dns ca.wener.me --dns ca.wener.tech \ + --provisioner wener@wener.me --address ":443" --deployment-type standalone \ + --password-file ./ca.passwd \ + --provisioner-password-file ./provisioner.passwd \ + --remote-management +step-ca $(step path)/config/ca.json --password-file ./ca.passwd + +step certificate fingerprint certs/root_ca.crt + +# step ca certificate --offline foo.smallstep.com foo.crt foo.key + -step-ca $(step path)/config/ca.json # 获取当前的 root fingerprint step certificate fingerprint $(step path)/certs/root_ca.crt # 另外一个节点 @@ -111,6 +129,171 @@ step ca provisioner add my-kube-provisioner --type K8sSA --pem-keys key.pub - https://hub.docker.com/r/smallstep/step-ca +## Endpoint +- https://github.com/smallstep/certificates/blob/master/acme/api/handler.go + +**https://ca.wener.me/acme/acme/directory** + +```json +{ + "newNonce": "https://ca.wener.me/acme/acme/new-nonce", + "newAccount": "https://ca.wener.me/acme/acme/new-account", + "newOrder": "https://ca.wener.me/acme/acme/new-order", + "revokeCert": "https://ca.wener.me/acme/acme/revoke-cert", + "keyChange": "https://ca.wener.me/acme/acme/key-change" +} +``` + +## Get Started + +```bash +docker run --rm -it \ + -v $PWD/data:/data \ + --entrypoint bash \ + --hostname ca.wener.me \ + -w /data \ + -p 443:443 \ + --name stepca smallstep/step-ca + +# 初始化 CA +# ===================== +export STEPPATH=/data/ca + +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./ca.passwd +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./provisioner.passwd +# https://smallstep.com/docs/step-cli/reference/ca/init/ +# --dns 也支持地址 +step ca init \ + --name "Wener CA" \ + --dns ca.wener.me --dns ca.wener.tech \ + --provisioner wener@wener.me --address ":443" --deployment-type standalone \ + --password-file ./ca.passwd \ + --ssh --acme \ + --remote-management + +# 按需修改 $(step path)/config/ca.json +# 例如修改 db 存储 + +# 启动 CA +step-ca $(step path)/config/ca.json --password-file ./ca.passwd + +# 初始化 客户端 +# ===================== +docker exec -u root -e STEPPATH=/data/step -it stepca bash +# 下载 CA 证书 +# $HOME/.step/certs/root_ca.crt +# $HOME/.step/config/defaults.json +# ca-url, fingerprint, root +step ca bootstrap --ca-url ca.wener.me --fingerprint $(step certificate fingerprint /data/ca/certs/root_ca.crt) + +# 需要 root +step certificate install $(step path)/certs/root_ca.crt +ls -lash /etc/ssl/certs | grep Wener + +# --ca-url https://ca.smallstep.com --root /home/user/.step/certs/root_ca.crt +# TOKEN=$(step ca token internal.example.com) +# --token $TOKEN +step ca health + +# 管理员用户 +step ca admin list --super --admin-name step --password-file ca.passwd + +# 生成证书 +step ca certificate localhost svr.crt svr.key --provisioner-password-file ./ca.passwd +# 6m 有效 +step certificate inspect svr.crt --short +# 1h 有效 +# 8760h 为 1年, 43800h 为 5年, 87600h 为 10年 +step ca certificate localhost svr.crt svr.key --not-after 1h --provisioner-password-file ./ca.passwd + +# ACME +step ca provisioner add acme --type ACME --password-file ca.passwd + +curl https://ca.wener.me/acme/acme/directory +``` + +- https://ypbind.de/maus/notes/real_life_step-ca_with_multiple_users/ + +## ACME + +- https://smallstep.com/docs/tutorials/acme-protocol-acme-clients/ +- `https://{ca-host}/acme/{provisioner-name}/directory` + +## Yubikey KMS + +- Yubikey 管理 PKI 的密码 +- 第二次生成的 CA 使用 Yubikey 作为 KMS + +```bash +docker run --rm -it \ + -v $PWD/data:/data \ + --entrypoint bash \ + --hostname ca.wener.me \ + -w /data \ + -p 443:443 \ + --name stepca smallstep/step-ca + +# PKI +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./pki.passwd +STEPPATH=/data/pki step ca init --pki --name="Wener" --deployment-type standalone --password-file ./pki.passwd +cp /data/pki/certs/{intermediate_ca.crt,root_ca.crt} . + +# 添加 crt 和 key 到 yubikey +ykman piv certificates import 9a /data/pki/certs/root_ca.crt +ykman piv keys import 9a /data/pki/secrets/root_ca_key +ykman piv certificates import 9c /data/pki/certs/intermediate_ca.crt +ykman piv keys import 9c /data/pki/secrets/intermediate_ca_key + +ykman piv info + +# 将 data/pki 保存到外部存储后删除 + +# CA +export STEPPATH=/data/ca +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./ca.passwd +cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | head -c 32 > ./provisioner.passwd +# https://smallstep.com/docs/step-cli/reference/ca/init/ +# --dns 也支持地址 +step ca init \ + --name "Wener CA" --dns ca.wener.me --dns ca.wener.tech \ + --provisioner wener@wener.me --address ":443" --deployment-type standalone \ + --password-file ./ca.passwd \ + --provisioner-password-file ./provisioner.passwd \ + --remote-management + +# use pki cert +mv root_ca.crt intermediate_ca.crt $STEPPATH/certs +rm -rf $STEPPATH/secrets + +# 修改 ca.json 的 "key": "/data/ca/secrets/intermediate_ca_key", +# "key": "yubikey:slot-id=9c", +# "kms": { +# "type": "yubikey", +# "pin": "123456" +# }, +step-ca $STEPPATH/config/ca.json --password-file ./pki.passwd --provisioner-password-file ./provisioner.passwd +``` + +## 配置 {#config} + +| env | for | +| --------- | -------- | +| STEPPATH | 数据目录 | +| STEPDEBUG | + +- authority.claims + - maxTLSCertDuration + - 默认 24h +- db + - KV - 本地 - 不支持 并发/多进程 + - badger -> badgerv1 + - badgerv1 + - badgerv2 + - bbolt + - SQL - 远程 - 也是作为 KV - nkey, nvalue - 25个表 + - mysql + - postgresql + ## Concepts - https://smallstep.com/docs/step-ca/certificate-authority-core-concepts @@ -200,3 +383,17 @@ step ssh config --host --roots ## K8S - https://smallstep.com/docs/tutorials/kubernetes-acme-ca + +# FAQ + +## adminHandler.authorizeToken; unable to load admin with subject(s) and provisioner 'Admin JWK' + +``` +--admin-name=step +``` + +## ACME EAB not enabled for provisioner + +``` +add acme --type ACME --require-eab +``` diff --git a/notes/security/openssl.md b/notes/security/openssl.md index 75ba8b211aa..cfad1e8240e 100644 --- a/notes/security/openssl.md +++ b/notes/security/openssl.md @@ -28,6 +28,10 @@ openssl req -new -x509 -key ca.key -out ca.crt openssl x509 -req -in example.org.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out example.org.crt openssl x509 -in example.org.crt -noout -text cat example.org.crt ca.crt > example.org.bundle.crt + + +# FP +echo -sha256 -sha1 -md5 | xargs -n1 openssl x509 -noout -fingerprint -inform pem -in ca.crt ``` - https://gist.github.com/Soarez/9688998 diff --git a/notes/security/passkey.md b/notes/security/passkey.md new file mode 100644 index 00000000000..c0bdb9159d5 --- /dev/null +++ b/notes/security/passkey.md @@ -0,0 +1,31 @@ +--- +title: Passkey +--- + +# Passkey + +- Password-less +- asymmetric public key +- Multi-Device FIDO +- adopted by + - Amazon, Google, Nintendo, Shopify, Apple +- https://passkeys.dev/ +- https://developers.google.com/identity/passkeys +- https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API +- window.PublicKeyCredential +- 参考 + - [Bitwarden 支持管理 Passkey](https://bitwarden.com/blog/bitwarden-passkey-management/) + - https://teampassword.com/blog/passkey-vs-webauthn + +# Passkey vs WebAuthn + +> 两者配合使用达到 无密码 的效果 + +- Passkey + - 是 credential +- WebAuthn + - 是 Web API/标准 + - 和 authenticators 交互 + - CTAP - client to authenticator protocol + - by W3C, FIDO Alliance + - 可用于实现 Passkey diff --git a/notes/security/security-awesome.md b/notes/security/security-awesome.md index 1a71c0d54d6..e9de5ac2fa5 100644 --- a/notes/security/security-awesome.md +++ b/notes/security/security-awesome.md @@ -88,6 +88,24 @@ tags: - [Comparison of TLS implementations](https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations) +## Private PKI + +- [Keyfactor/ejbca-ce](./cert/ejbca.md) + - LPLv2.1, Java + - https://hub.docker.com/r/keyfactor/ejbca-ce +- [letsencrypt/boulder](https://github.com/letsencrypt/boulder) +- [dogtagpki/pki](https://github.com/dogtagpki/pki) + - GPLv2, Java +- [step ca](./cert/smallstep.md) +- [hakwerk/labca](https://github.com/hakwerk/labca) + - MPLv2+CC, Go + - WebUI +- [cloudflare/cfssl](./cert/cfssl.md) + - BSD-2, Go +- Vault Hashicorp +- https://github.com/xipki/xipki +- https://github.com/viralpoetry/awesome-pki + ## AV - https://www.av-comparatives.org/tests/performance-test-april-2022/ diff --git a/notes/service/api/api-awesome.md b/notes/service/api/api-awesome.md index 06a1d3f1263..29823e06201 100644 --- a/notes/service/api/api-awesome.md +++ b/notes/service/api/api-awesome.md @@ -301,6 +301,9 @@ tags: - SoapUI - [kubeshop/tracetest](https://github.com/kubeshop/tracetest) - Postman +- [AndrewWalsh/openapi-devtools](https://github.com/AndrewWalsh/openapi-devtools) + - Chrome 插件 + - 在浏览时生成接口 ## 参考 diff --git a/notes/service/api/nacos.md b/notes/service/api/nacos.md index 41b9f219867..cecd5a8c629 100644 --- a/notes/service/api/nacos.md +++ b/notes/service/api/nacos.md @@ -35,6 +35,8 @@ title: nacos - http://127.0.0.1:8848/nacos/ - nacos:nacos - https://github.com/alibaba/nacos/blob/develop/api/src/main/proto/nacos_grpc_service.proto +- MySQL + - https://github.com/alibaba/nacos/blob/develop/distribution/conf/mysql-schema.sql ```http-request ### 注册 diff --git a/notes/service/cms/docusaurus.mdx b/notes/service/cms/docusaurus.mdx index 700dea14661..0d40dac625b 100644 --- a/notes/service/cms/docusaurus.mdx +++ b/notes/service/cms/docusaurus.mdx @@ -98,7 +98,7 @@ title: My Doc Head Metadata customized title! - + @@ -193,7 +193,6 @@ module.exports = { **mermaid 支持 theme** - ``` %%{init: { "theme": "forest" } }%% ``` @@ -253,7 +252,6 @@ import Mermaid from '@theme/Mermaid'; `} /> - ## docusaurus.config.js - [docusaurus.config.js](https://docusaurus.io/docs/next/api/docusaurus-config) @@ -453,3 +451,41 @@ module.exports = { - [docusaurus-remark-plugin-npm2yarn](https://github.com/facebook/docusaurus/blob/main/packages/docusaurus-remark-plugin-npm2yarn/src/index.ts) - 实现简单的 codeblock 处理 - https://github.com/drudru/ansi_up + +# Version + +- React Server Components + - https://github.com/facebook/docusaurus/issues/9089 + +## Docusaurus v3 + +- MDX 1 -> 3 + - `npx docusaurus-mdx-checker ` + - https://github.com/remarkjs/remark-directive +- CommonMark + - `siteConfig.markdown.format: 'detect'` + - `.md` 使用 CommonMark + - `.mdx` 使用 MDX + - 部分功能不可用 + - https://github.com/facebook/docusaurus/issues/9092 + - https://docusaurus.io/docs/markdown-features#mdx-vs-commonmark +- 支持更多 markdown 配置 + - markdown.preprocessor +- React 18 / Automatic JSX runtime + - 不需要 `import React from 'react';` +- ESM + TS Config + - `docusaurus.config.ts` + - `sidebars.ts` +- Unlisted content + - 不同于 `draft: true`, `unlisted: true` 会构建 +- TypeScript 5 + - tsconfig `"extends": "@docusaurus/tsconfig"` + - `@docusaurus/types` +- Mermaid 10 +- Node 18 +- prism-react-renderer 2.x +- react-live 4.x + - sucrase - 支持 TypeScript +- import-fresh v3 ➡️ jiti v1 +- remark-emoji v2 ➡️ v4 +- https://docusaurus.io/blog/releases/3.0 diff --git a/notes/service/data/data-breach.md b/notes/service/data/data-breach.md index 60260ca4f78..8c69bf109ec 100644 --- a/notes/service/data/data-breach.md +++ b/notes/service/data/data-breach.md @@ -6,6 +6,9 @@ title: 数据泄漏 | date | | rows | note | | ---------- | -------------------------- | ------------ | --------------------------------------------- | +| 2023.11 | taobao.com | 81.5亿,1.8T | 2015-2020,姓名、电话、地址、购买商品 | +| 2023.10 | jd.com | 100亿,2.8TB | 姓名、电话、地址、购买商品 | +| 2023.02 | 快递信息 | 45亿条,435G | | 2022.07.07 | ksyun.com | 1M | 金山云 | | 2022 | 上海随申码 | 48M | | 2022 | podinns.com | 13M | @@ -135,16 +138,20 @@ title: 数据泄漏 - Bittorrent Tracker - https://cracked.io/ - https://leakbase.org/ -- https://breached.vc +- breached https://breachforums.is + - ~~https://breached.vc~~ + - ~~https://breached.to~~ + - https://t.me/baphchat - http://breached65xqh64s7xbkvqgg7bmj4nj7656hcb7x4g42x753r7zmejqd.onion/ - - Rank https://breached.vc/upgrades + - Rank https://breachforums.is/upgrades - BTC,XMR,BCH,LTC,ETH,DOGE,SOL,DAI,USDC - - https://payments.breached.vc/ + - payments - 8 €/30 credits - 15 €/60 credits - 30 €/120 credits - 60 €/240 credits - 120 €/500 credits + - https://breachforums.is/Announcement-Database-Index | - | VIP | MVP | GOD | | ------------------: | ----- | ----- | ----- | @@ -156,3 +163,9 @@ title: 数据泄漏 - [woj-ciech/LeakLooker](https://github.com/woj-ciech/LeakLooker) - [khast3x/h8mail](https://github.com/khast3x/h8mail) + + diff --git a/notes/service/erp/dynamic365.md b/notes/service/erp/dynamic365/README.md similarity index 99% rename from notes/service/erp/dynamic365.md rename to notes/service/erp/dynamic365/README.md index d49a6ceab54..8b119f8f883 100644 --- a/notes/service/erp/dynamic365.md +++ b/notes/service/erp/dynamic365/README.md @@ -36,6 +36,7 @@ title: Dynamics 365 | 订单 | 订单是依据指定条款交付货物和服务的已确认请求。 或者,它还可以是客户已接受的报价单。 | | 发票 | 发票是已向客户开具帐单的订单或销售记录, 其中包括有关所购买产品或服务的详细信息。 | +- PBL - Portable Business Logic - 可移植业务逻辑 - Ticker Symbol - 股票代码、证券代码 - Entitlements - 服务权限、配额 - Phone, Email, Web, Facebook, Twitter, IoT @@ -1120,3 +1121,7 @@ Territory - 区域 - teams - ProcessSession - Dialog + +## Service Solution + +- https://dynamics.microsoft.com/en-us/service-solution/ diff --git a/notes/service/erp/dynamic365/dynamic365-sales.md b/notes/service/erp/dynamic365/dynamic365-sales.md new file mode 100644 index 00000000000..740a3152e7b --- /dev/null +++ b/notes/service/erp/dynamic365/dynamic365-sales.md @@ -0,0 +1,10 @@ +--- +title: Sales +--- + +# Sales + +- https://learn.microsoft.com/en-us/dynamics365/sales/ +- [线索管理](https://learn.microsoft.com/en-us/dynamics365/sales/lead-management-overview) + - Qualify + - 转换为 Opportunity, Account, Contact diff --git a/notes/service/forge/coding.md b/notes/service/forge/coding.md index b6dded801b1..ac800f96bbe 100644 --- a/notes/service/forge/coding.md +++ b/notes/service/forge/coding.md @@ -61,6 +61,12 @@ NODE_TOKEN = | pip3 | /root/.cache/pip/ | | yarn | /usr/local/share/.cache/yarn/ | +## CI Env + +| env | for | +| ---------- | ------ | +| DEPOT_NAME | 仓库名 | + ## 制品 - Composer diff --git a/notes/service/forge/copilot.md b/notes/service/forge/copilot.md index 5d6c2cc5f09..edf1ef902bb 100644 --- a/notes/service/forge/copilot.md +++ b/notes/service/forge/copilot.md @@ -38,3 +38,10 @@ curl https://copilot-proxy.githubusercontent.com/_ping | key | for | | --: | -------------- | + + +## Reverse + +- https://github.com/search?q=GH_COPILOT_TOKEN&type=code +- https://news.ycombinator.com/item?id=34032872 +- https://thakkarparth007.github.io/copilot-explorer/posts/copilot-internals.html diff --git a/notes/service/forge/gitea/gitea-action.md b/notes/service/forge/gitea/gitea-action.md index 42711bbd25c..74b84010463 100644 --- a/notes/service/forge/gitea/gitea-action.md +++ b/notes/service/forge/gitea/gitea-action.md @@ -7,6 +7,7 @@ title: Gitea Action - 参考 - Github [Action](../github/github-action.md) - [Runner](./gitea-runner.md) + - [vs Github Action](https://docs.gitea.com/zh-cn/usage/actions/comparison) - Mirror - https://github.com/actions/checkout - https://gitea.com/actions/checkout diff --git a/notes/service/forge/gitea/gitea-runner.md b/notes/service/forge/gitea/gitea-runner.md index 6f5cc6bf4aa..4c2616d8f51 100644 --- a/notes/service/forge/gitea/gitea-runner.md +++ b/notes/service/forge/gitea/gitea-runner.md @@ -24,6 +24,7 @@ title: Gitea Runner - 基于 Job 的 Token [#23642](https://github.com/go-gitea/gitea/issues/23642) - `docker login -u ${{github.repository_owner}} -p $GITEA_TOKEN` - github.actor +- 外部 [#24454](https://github.com/go-gitea/gitea/issues/24454) ::: diff --git a/notes/service/media/media-awesome.md b/notes/service/media/media-awesome.md index 381937cd0cc..c63cfb0e960 100644 --- a/notes/service/media/media-awesome.md +++ b/notes/service/media/media-awesome.md @@ -18,6 +18,7 @@ tags: ## Music Server +- [navidrome/navidrome](https://github.com/navidrome/navidrome) - [owntone/owntone-server](./server/owntone.md) - GPLv2, C+Vue - 🌟 推荐 - WebUI, 支持较多客户端 @@ -56,7 +57,12 @@ tags: ## Media Server - [jellyfin](./server/jellyfin.md) + - C# + - fork of Emby - 🌟 推荐 - 简单易用,开发活跃 +- [Radarr/Radarr](https://github.com/Radarr/Radarr) + - GPLv3, C# + - fork of Sonarr - [Red5/red5-server](https://github.com/Red5/red5-server) - Apache-2.0, Java - [ant-media/Ant-Media-Server](https://github.com/ant-media/Ant-Media-Server) @@ -64,10 +70,26 @@ tags: - Red5 fork - [midarrlabs/midarr-server](https://github.com/midarrlabs/midarr-server) - MIT, Elixir +- [Wizarrrr/wizarr](https://github.com/Wizarrrr/wizarr) + - user invitation and management system for Jellyfin, Plex, Emby +- [causefx/Organizr](https://github.com/causefx/Organizr) +- [streamaserver/streama](https://github.com/streamaserver/streama) +- [Kareadita/Kavita](https://github.com/Kareadita/Kavita) + - 漫画 + +## Video Server + +- [ossrs/srs](https://github.com/ossrs/srs) + - MIT, C++ + - RTMP, WebRTC, SRT, GB28181, HLS, HTTP-FLV +- [illuspas/Node-Media-Server](https://github.com/illuspas/Node-Media-Server) +- [bluenviron/mediamtx](https://github.com/bluenviron/mediamtx) ## Library - [ffmpegwasm/ffmpeg.wasm](https://github.com/ffmpegwasm/ffmpeg.wasm) +- [livekit/livekit](https://github.com/livekit/livekit) + - Golang ## Container diff --git a/notes/service/media/resource-awesome.md b/notes/service/media/resource-awesome.md index 91e5f30c387..4f196a847da 100644 --- a/notes/service/media/resource-awesome.md +++ b/notes/service/media/resource-awesome.md @@ -85,6 +85,8 @@ alipanso6.com,alipanso7.com,alipanso8.com - https://github.com/evyatarmeged/RARBG-scraper - https://github.com/qbittorrent/search-plugins/blob/master/nova3/engines/rarbg.py + + ``` https://torrentapi.org/pubapi_v2.php?mode=search&search_string=riverdale&token=lnjzy73ucv&format=json_extended&app_id=lolhttps://torrentapi.org/pubapi_v2.php?mode=search&search_string=riverdale&token=lnjzy73ucv&format=json_extended&app_id=lol ``` diff --git a/notes/service/network/network-awesome.md b/notes/service/network/network-awesome.md index 37023c038c1..ed295aeb942 100644 --- a/notes/service/network/network-awesome.md +++ b/notes/service/network/network-awesome.md @@ -29,6 +29,8 @@ tags: - [zeritier](./zerotier.md) - https://github.com/quiet - TCP over Sound +- DHCP + - [coredhcp/coredhcp](https://github.com/coredhcp/coredhcp) ## Analysis diff --git a/notes/service/network/proxy/clash/clash-meta.md b/notes/service/network/proxy/clash/clash-meta.md index ba346483004..de5e28c6723 100644 --- a/notes/service/network/proxy/clash/clash-meta.md +++ b/notes/service/network/proxy/clash/clash-meta.md @@ -10,7 +10,7 @@ title: Clash.Meta - 参考 - [MetaCubeX/metacubexd](https://github.com/MetaCubeX/metacubexd) - 前端 - - https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml + ```bash # macOS @@ -19,3 +19,8 @@ gzip -d clash.meta.gz chmod +x clash.meta ./clash.meta --help ``` + +# 配置 {#config} + +- https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml +- https://wiki.metacubex.one/config/ diff --git a/notes/service/network/proxy/hysteria.md b/notes/service/network/proxy/hysteria.md index c6815e45ca7..09080bd7cf8 100644 --- a/notes/service/network/proxy/hysteria.md +++ b/notes/service/network/proxy/hysteria.md @@ -23,9 +23,11 @@ docker run --rm -it \ --name hysteria tobyxdd/hysteria \ server -c /etc/hysteria.yaml -curl -LO https://github.com/apernet/hysteria/releases/download/app%2Fv2.1.1/hysteria-linux-amd64 +curl -LO https://github.com/apernet/hysteria/releases/download/app%2Fv2.2.0/hysteria-linux-amd64 chmod +x hysteria-linux-amd64 +# sudo cp hysteria-linux-amd64 /usr/bin/hysteria ./hysteria-linux-amd64 --help + PASSWORD=$(openssl rand -base64 12 | tr -- '-_' '+/' | tee /dev/tty) openssl genrsa -out ca.key 2048 @@ -67,9 +69,70 @@ http: ca: ca.crt YAML +hysteria client -c hysteria.client.yaml ``` ## config - https://v2.hysteria.network/zh/docs/advanced/Full-Server-Config/ + +## openrc + + +```bash +sudo nano /etc/init.d/hysteria-server +sudo chmod +x /etc/init.d/hysteria-server +sudo service hysteria-server start +``` + +```sh +#!/sbin/openrc-run +supervisor=supervise-daemon + +name="Hysteria" + +command=/usr/bin/hysteria +command_args="server -c /etc/hysteria/server.yaml" + +HYSTERIA_LOGFILE="${HYSTERIA_LOGFILE:-/var/log/${RC_SVCNAME}.log}" +HYSTERIA_ERRFILE="${HYSTERIA_ERRFILE:-${HYSTERIA_LOGFILE}}" +HYSTERIA_OUTFILE="${HYSTERIA_OUTFILE:-${HYSTERIA_LOGFILE}}" +supervise_daemon_args="--stderr \"${HYSTERIA_ERRFILE}\" --stdout \"${HYSTERIA_OUTFILE}\"" + +retry="${HYSTERIA_RETRY:-TERM/60/KILL/10}" + +depend() { + use logger dns + need net +} + +checkconfig() { + # warn this if not found + if [ ! -f "/etc/hysteria/server.yaml" ]; then + eerror "No config" + return 1 + fi + return 0 +} +``` + +## v1 + +- https://v1.hysteria.network/ + +```bash +curl -LO https://github.com/apernet/hysteria/releases/download/v1.3.5/hysteria-linux-amd64 +chmod +x hysteria-linux-amd64 + +PASSWORD=$(openssl rand -base64 12 | tr -- '-_' '+/' | tee /dev/tty) + +cat < config.json +{ + "listen": ":36712", + "cert": "tls.crt", + "key": "tls.key", + "obfs": "$PASSWORD" +} +JSON +``` diff --git a/notes/service/network/proxy/proxy-awesome.md b/notes/service/network/proxy/proxy-awesome.md index 4520ab6d14a..870a1484af1 100644 --- a/notes/service/network/proxy/proxy-awesome.md +++ b/notes/service/network/proxy/proxy-awesome.md @@ -19,7 +19,7 @@ tags: | ss/ShadowSocks | tcp,ws,quic,http | ✅ | | ssr/ShadowSocksR | | ✅ | | vmess | tcp,ws,http,h2,grpc | ✅ | V2Ray | -| vless | +| vless | | | | snell | tcp | ❌ | surge | | trojan | h2,http,grpc,ws | ✅ | | tuic | quic | @@ -62,6 +62,22 @@ tags: - [gost](./gost.md) - MIT, Go - Tunnel +- [nadoo/glider](https://github.com/nadoo/glider) + - 类似 gost,但支持更多协议 + - 只有 Listener 和 Forwarder + - mix - http+socks5 + - http + - socks5 + - ss + - trojan + - trojanc - cleartext + - vless + - vmess + - Forward/TCP - ssr, ssh. socks4, socks4a + - tcp, udp - tunnel + - tls, kcp, unic, vsock, smux, ws, wss, PROXY Protocol, simple obfs + - redir, redir6, TProxy + - reject - [snail007/goproxy](https://github.com/snail007/goproxy) - GPL-3.0, Go - [frp](./frp/README.md) @@ -69,6 +85,10 @@ tags: - Apache-2.0, Rust - 类似 frp,但 rust 实现 +```bash +brew install glider +``` + ## server - [v2ray](./v2ray/README.md) @@ -112,6 +132,7 @@ tags: - GPL, Golang - universal proxy platform - [anderspitman/awesome-tunneling](https://github.com/anderspitman/awesome-tunneling) +- https://github.com/hunshcn/gh-proxy ## Sniff/Introspection diff --git a/notes/service/network/proxy/tuic.md b/notes/service/network/proxy/tuic.md index d000de762bb..16c202e4fad 100644 --- a/notes/service/network/proxy/tuic.md +++ b/notes/service/network/proxy/tuic.md @@ -8,7 +8,6 @@ title: tuic - GPLv3, Rust - Delicately-TUICed 0-RTT proxy protocol - ```bash curl -o tuic-server -L https://github.com/EAimTY/tuic/releases/download/tuic-server-1.0.0/tuic-server-1.0.0-x86_64-unknown-linux-musl chmod +x tuic-server @@ -42,3 +41,9 @@ sudo setcap cap_net_bind_service=+ep tuic-server "log_level": "info" } ``` + +# FAQ + +## unauthenticated authenticate timeout + +- https://github.com/EAimTY/tuic/issues/186 diff --git a/notes/service/network/proxy/v2ray/README.md b/notes/service/network/proxy/v2ray/README.md index d736ad47511..0a15c8897e2 100644 --- a/notes/service/network/proxy/v2ray/README.md +++ b/notes/service/network/proxy/v2ray/README.md @@ -10,12 +10,18 @@ title: V2Ray - MIT, Golang - [v2rayA/v2rayA](https://github.com/v2rayA/v2rayA) - web GUI +- [XTLS/Xray-core](https://github.com/XTLS/Xray-core) + - MPLv2, Go + - VLESS, XTLS, REALITY, XUDP, PLUX - 参考 - https://www.v2ray.com/ ```bash brew install v2ray +curl -LO https://github.com/v2fly/v2ray-core/releases/download/v5.10.1/v2ray-linux-64.zip +unzip v2ray-linux-64.zip + # https://github.com/v2fly/docker # https://hub.docker.com/r/v2fly/v2fly-core docker run --rm -it v2fly/v2fly-core diff --git a/notes/service/network/vpn/vpn-awesome.md b/notes/service/network/vpn/vpn-awesome.md index da1e2bb7126..0c5cfebcbaf 100644 --- a/notes/service/network/vpn/vpn-awesome.md +++ b/notes/service/network/vpn/vpn-awesome.md @@ -164,7 +164,10 @@ tags: - BSD-3, Go - WebRTC, STUN, TURN - [gravitl/netmaker](https://github.com/gravitl/netmaker) - - SSPL + - SSPL, Golang + - Mesh + - 没有也不考虑支持移动端 + - Admin UI, Private DNS, OAuth, ACL - [tailscale/tailscale](https://github.com/tailscale/tailscale) WireGuard+2FA - BSD-3 diff --git a/notes/service/password/bitwarden.md b/notes/service/password/bitwarden.md index cf6fbe59d16..8a334820f8b 100644 --- a/notes/service/password/bitwarden.md +++ b/notes/service/password/bitwarden.md @@ -18,3 +18,4 @@ title: bitwarden - [bitwarden/mobile](https://github.com/bitwarden/mobile) - GPLv3, C# - Xamarin Android, Xamarin iOS, Xamarin Forms +- passkey diff --git a/notes/service/service-awesome.md b/notes/service/service-awesome.md index 4c5ea98b7c2..63c32c794c1 100644 --- a/notes/service/service-awesome.md +++ b/notes/service/service-awesome.md @@ -229,6 +229,10 @@ tags: - LGPL-2.1, Scala - 商业 - TypeForm, TellForm, Google Forms +- IoT + - [PandaXGO/PandaX](https://github.com/PandaXGO/PandaX) + - http://101.35.247.125:7789/ + - https://github.com/edgexfoundry ## Avatar @@ -388,6 +392,22 @@ tags: - file share/airdrop - [localsend/localsend](https://github.com/localsend/localsend) - MIT, Dart, Flutter + - 🌟 + - GUI/桌面/Web 应用 + - https://localsend.org/ + - [schollz/croc](https://github.com/schollz/croc) + - MIT, Go + - 🌟 + - 命令行 + - 依赖 relay,可以 selfhost + - 支持 resume + - [tudbut/qft](https://github.com/tudbut/qft) + - GPLv3, Rust + - [psanford/wormhole-william](https://github.com/psanford/wormhole-william) + - MIT, Go + - 不支持 resume + - ⚠️ 默认 release 依赖 glibc + - https://github.com/psanford/wormhole-william-mobile - [schlagmichdoch/PairDrop](https://github.com/schlagmichdoch/PairDrop) - GPLv3, JS, WebRTC, NodeJS - fork of Snapdrop @@ -405,15 +425,21 @@ tags: - [kern/filepizza](https://github.com/kern/filepizza) - P2P - https://file.pizza/ - - [dennis-tra/pcp](https://github.com/dennis-tra/pcp) + - ~~[dennis-tra/pcp](https://github.com/dennis-tra/pcp)~~ - Apache-2.0, Golang, libp2p - 命令行 - - [schollz/croc](https://github.com/schollz/croc) - - MIT, Go - - 命令行 + - IPFS DHT - [blenderskool/blaze](https://github.com/blenderskool/blaze) - MIT, JS + - Web, P2P - built using WebTorrent and WebSockets + - [LeastAuthority/winden](https://github.com/LeastAuthority/winden) + - [magic-wormhole/magic-wormhole.rs](https://github.com/magic-wormhole/magic-wormhole.rs) + - EUPL-1.2, Rust + - http://magic-wormhole.io/ + - [mat-sz/filedrop](https://github.com/mat-sz/filedrop) + - BSC-3, NodeJS, React + - https://magic-wormhole.readthedocs.io/en/latest/ - https://wormhole.app/ - PAKE - e2e 加密 - Map/Geo diff --git a/notes/service/storage/backup/rclone.md b/notes/service/storage/backup/rclone.md index 5c39cf23bbc..b3f8197663f 100644 --- a/notes/service/storage/backup/rclone.md +++ b/notes/service/storage/backup/rclone.md @@ -18,26 +18,28 @@ title: rclone ::: -| flag | desc | -| ------------------------------------ | ------------------- | -| -P,--progress | 显示进度 | -| `--transfers ` | 并行 数量 | -| --create-empty-src-dirs | copy 创建空目录 | +| flag | desc | +| ------------------------------------ | ----------------------- | +| -P,--progress | 显示进度 | +| `--transfers ` | 并行 数量 | +| --create-empty-src-dirs | copy 创建空目录 | | `-f,--filter ` | -| --ignore-case | filter 大小写不敏感 | +| --ignore-case | filter 大小写不敏感 | | `--include ` | | `--exclude ` | | `--files-from ` | | `--min-size ` | | `--max-size ` | | `--max-age ` | -| --stats-one-line | 只显示一行状态 | -| --track-renames | 跟踪 rename | -| `--track-renames-strategy ` | hash,modtime,leaf | -| --delete-after | 默认 | +| --stats-one-line | 只显示一行状态 | +| --track-renames | 跟踪 rename | +| `--track-renames-strategy ` | hash,modtime,leaf | +| --delete-after | 默认 | | --delete-before | | --delete-during | | --delete-excluded | +| -M, --metadata | copy 保留元数据 | +| -u, --update | 如果 dst 文件更新则忽略 | | command | | ------- | ---------------------------------- | diff --git a/notes/service/storage/croc.md b/notes/service/storage/croc.md new file mode 100644 index 00000000000..0df20523a33 --- /dev/null +++ b/notes/service/storage/croc.md @@ -0,0 +1,36 @@ +--- +title: croc +--- + +# croc + +- [schollz/croc](https://github.com/schollz/croc) + - MIT, Go + - 命令行 + - 依赖 relay,可以 selfhost - tcp 协议 + - 支持 resume +- https://github.com/schollz/croc/issues/453 + - This project needs your help + +```bash +brew install croc # macOS + +# from Source +git clone https://github.com/schollz/croc.git +cd croc +GOOS=linux GOARCH=amd64 CGO=0 go build -ldflags='-s -w -extldflags "-static"' -o croc-linux-amd64 +``` + +# FAQ + +## room not ready + +- `--debug` +- relay + - `[2a01:4ff:f0:23c2::14c:1]:9009` + - 5.161.69.143:9009 +- send 端有 ipv6,接收端没有,使用 --no-local 关闭 + +``` + +``` diff --git a/notes/web/browser/browser-awesome.md b/notes/web/browser/browser-awesome.md index b95d2858886..8218e476fac 100644 --- a/notes/web/browser/browser-awesome.md +++ b/notes/web/browser/browser-awesome.md @@ -33,6 +33,19 @@ tags: - [prasanaworld/puppeteer-screen-recorder](https://github.com/prasanaworld/puppeteer-screen-recorder) - CDP 录制视频 +## extensions + +- https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions +- userscript + - [violentmonkey/violentmonkey](https://github.com/violentmonkey/violentmonkey) + - https://greasyfork.org/ + - 豆瓣资源下载大师 + - https://greasyfork.org/zh-CN/scripts/329484 + - 万能验证码自动输入 + - https://greasyfork.org/zh-CN/scripts/418942 + - Greasemonkey + - [Greasemonkey Manual:API](https://wiki.greasespot.net/Greasemonkey_Manual:API) + ## playwright https://playwright.dev/docs/codegen diff --git a/notes/web/framework/nextjs/nextjs-version.md b/notes/web/framework/nextjs/nextjs-version.md index 13445573fb7..3bc7c2cf2bb 100644 --- a/notes/web/framework/nextjs/nextjs-version.md +++ b/notes/web/framework/nextjs/nextjs-version.md @@ -40,6 +40,15 @@ tags: [nextjs 10]: #NextJS-10 [nextjs 9.5]: #NextJS-95 +## NextJS 14 + +- NodeJS 18.17+ +- `next export` -> `output: 'export'` +- Turbopack 相对稳定 +- Server Action 文档 +- 部分渲染 - 实验阶段 + - 预渲染 suspense 部分 + ## NextJS 13 - turbopack `next dev --turbo` diff --git a/notes/web/nodejs/mikro-orm.md b/notes/web/nodejs/mikro-orm.md index 3deb1d01357..4de91ea17de 100644 --- a/notes/web/nodejs/mikro-orm.md +++ b/notes/web/nodejs/mikro-orm.md @@ -14,8 +14,10 @@ title: mikro-orm :::tip -- mikroorm 使用 knex, knex pool 默认 `min:2, max:10` +- mikro-orm 使用 knex, knex pool 默认 `min:2, max:10` - 不支持复杂多样的 JOIN 逻辑 +- 默认 cascade 为 persist + - 新 entity 总会 persist - 忽略 cascade ::: diff --git a/notes/web/nodejs/nodejs-awesome.md b/notes/web/nodejs/nodejs-awesome.md index c02167605c5..0fbc2801724 100644 --- a/notes/web/nodejs/nodejs-awesome.md +++ b/notes/web/nodejs/nodejs-awesome.md @@ -276,10 +276,13 @@ export N_PREFIX=$HOME/n - Access Python & C-shared from Node.js - `@bitair/linker.js` -## Sandbox +## Sandbox/VM - vm -- [patriksimek/vm2](https://github.com/patriksimek/vm2) +- [justjake/quickjs-emscripten](https://github.com/justjake/quickjs-emscripten) +- v8 Isolate + - [laverdet/isolated-vm](https://github.com/laverdet/isolated-vm) + - ~~[patriksimek/vm2](https://github.com/patriksimek/vm2)~~ - [google/nsjail](https://github.com/google/nsjail) - light-weight process isolation tool - [windmill-labs/windmill](https://github.com/windmill-labs/windmill) diff --git a/notes/web/script/js/js-awesome.md b/notes/web/script/js/js-awesome.md index 5a9bd2dfe8b..16d36b8d9d3 100644 --- a/notes/web/script/js/js-awesome.md +++ b/notes/web/script/js/js-awesome.md @@ -645,6 +645,23 @@ tags: - webcomponents - [google/model-viewer](https://github.com/google/model-viewer) - 3D Model +- state / store + - [jotai](../../react/jotai.md) + - [zustand](../../react/zustand.md) + - [valtio](../../react/valtio.md) + - [nanostore](https://github.com/nanostores/nanostores) + - 类似于 jotai + - 297 bytes + - React, Vue, Svelte, Solid, Lit, Angular, SSR + - [saasquatch/bunshi](https://github.com/saasquatch/bunshi) + - 1.18kb + - Molecule pattern for jotai, nanostore, valtio, zustand + - React, Vue, Vanilla +- FSM / Finite state machines + - XState + - [chakra-ui/zag](https://github.com/chakra-ui/zag) + - React, Vue, Solid + - from chakra-ui --- diff --git a/notes/web/spec/webauthn.md b/notes/web/spec/webauthn.md index fd3e1dbbec5..d46eb3894cf 100644 --- a/notes/web/spec/webauthn.md +++ b/notes/web/spec/webauthn.md @@ -4,6 +4,9 @@ title: WebAuthn # WebAuthn +> WebAuthn使用一对公钥和私钥进行身份验证。私钥存储在用户的设备上,而公钥则存储在服务器上。当用户尝试登录时,服务器会发送一个挑战,用户的设备会使用私钥对其进行签名,然后服务器可以使用公钥来验证签名。这种方法的优点是,即使攻击者能够拦截通信,他们也无法使用捕获的信息来冒充用户,因为他们没有私钥。 + + - https://webauthn.io/ - https://en.wikipedia.org/wiki/WebAuthn - https://github.com/herrjemand/awesome-webauthn diff --git a/notes/web/webrtc/webrtc-awesome.md b/notes/web/webrtc/webrtc-awesome.md index 4e4d954f373..3aa9496cdde 100644 --- a/notes/web/webrtc/webrtc-awesome.md +++ b/notes/web/webrtc/webrtc-awesome.md @@ -28,6 +28,7 @@ tags: - supported by - OBS, ffmpeg - [AlexxIT/go2rtc](https://github.com/AlexxIT/go2rtc) +- https://github.com/Yahweasel/libav.js/ - TURN/STUN Server - [coturn/coturn](https://github.com/coturn/coturn) - BSD-3, C TURN/STUN Server @@ -59,9 +60,26 @@ tags: - [murat-dogan/node-datachannel](https://github.com/murat-dogan/node-datachannel) - binding [libdatachannel](https://github.com/paullouisageneau/libdatachannel) - ~~[node-webrtc/node-webrtc](https://github.com/node-webrtc/node-webrtc)~~ +- Spec + - https://w3c.github.io/p2p-webtransport/ +## WebCodecs + +- VideoEncoder, VideoDecoder, AudioWorkletm +- requestAnimationFrame +- https://caniuse.com/webcodecs + - Chrome 94+ + + +## WebTransport + +- 加密、拥塞控制、独立流、1RTT、UDP 端口复用、透明网络迁移 +- HTTP/3 +- https://caniuse.com/webtransport + - Chrome 97+ ## 参考/References +- https://quic.video/blog/replacing-webrtc/ - [Explaining the WebRTC Secure Real-Time Transport Protocol (SRTP)](https://www.callstats.io/blog/2018/05/16/explaining-webrtc-secure-real-time-transport-protocol-srtp) - [A Study of WebRTC Security](https://webrtc-security.github.io) - [WebRTC 安全性的研究](https://webrtc.org.cn/webrtc-security) diff --git a/package.json b/package.json index 49e8667a862..6d897b02fde 100644 --- a/package.json +++ b/package.json @@ -7,14 +7,14 @@ "private": true, "packageManager": "pnpm@8.5.0+", "devDependencies": { - "@prettier/plugin-xml": "^2.2.0", - "prettier": "^2.7.1", - "prettier-plugin-pkg": "^0.17.1", - "prettier-plugin-sh": "^0.12.8", - "prettier-plugin-solidity": "^1.0.0-dev.23", - "prettier-plugin-sql": "^0.14.0", - "prettier-plugin-svelte": "^2.7.0", - "prettier-plugin-toml": "^0.3.1", - "svgo": "^3.0.0" + "@prettier/plugin-xml": "^3.2.2", + "prettier": "^3.0.3", + "prettier-plugin-pkg": "latest", + "prettier-plugin-sh": "latest", + "prettier-plugin-solidity": "latest", + "prettier-plugin-sql": "latest", + "prettier-plugin-svelte": "^3.0.3", + "prettier-plugin-toml": "latest", + "svgo": "^3.0.2" } } diff --git a/prettier.config.cjs b/prettier.config.cjs deleted file mode 100644 index dd794b1176b..00000000000 --- a/prettier.config.cjs +++ /dev/null @@ -1,32 +0,0 @@ -module.exports = { - bracketSameLine: false, - trailingComma: 'all', - printWidth: 120, - singleQuote: true, - overrides: [ - { - files: ['*.html', '*.css'], - options: { - singleQuote: false, - }, - }, - ], - // @trivago/prettier-plugin-sort-imports - importOrder: [ - '^react', - '^systemjs/dist/system', - '^systemjs/dist/extra', - '^[a-z]', - '^@(?!src/)', - '^@[^/]', - '^[.][.]', - '^[.][/]', - ], - importOrderSeparation: false, - - plugins: [ - require('prettier-plugin-pkg'), - require('prettier-plugin-sh'), - require('@prettier/plugin-xml'), - ], -};