The purpose of writing this article is that I have a bad habit of hoarding servers. The number of servers is increasing, and there are always some repetitive steps when configuring each server. Here, I record them for future use.

(Recently, I am fond of the tool Ansible, but I haven’t learned it yet, so this tutorial is still useful)

Create a New User in Centos and Grant SUDO Privileges

1
2
3
4

nusername=newuser
useradd -m -s /bin/bash $nusername
sudo usermod -a -G wheel $nusername
passwd $nusername

Centos Firewall Configuration

Reference Link: https://go.opensl.life/gV4IY

Firewall Configuration

1
2
3
4

sudo yum install firewalld
sudo firewall-cmd --state # Firewall Status running 
sudo systemctl start firewalld
sudo systemctl enable firewalld

Open Ports The above instructions all open ports through the configuration file of the service. However, sometimes not all services come with configuration files. In this case, you have two options. You can open the specified port or define a new FirewallD service.

For example, the Plex server listens on port 32400 of the TCP protocol. You can use the –add-port= option to open port 32400 in the public area of the current session.

The protocol can be tcp or udp. To verify if port 32400 has been successfully added, use the –list-ports option to list the opened ports.

To keep port 32400 open after reboot, run the same command with the –permanent option to add the rule to the configuration file.

The syntax for deleting a port rule is the same as adding a port. Just use the –remove-port option.

1
2
3

sudo firewall-cmd --zone=public --add-port=32400/tcp # Open Port
sudo firewall-cmd --zone=public --list-ports # List
sudo firewall-cmd --zone=public --remove-port=32400/tcp #

Add Local User to Docker User Group

Reposted from: Add Users to Docker User Group - Use Docker without Root Privileges

The Docker daemon binds to a Unix socket, which causes Docker to require root privileges to be used. However, this is very troublesome as other users must frequently use sudo. For this reason, when the Docker daemon creates the Unix socket, it allows all members of the docker group to access. Therefore, we only need to add the user to the docker group to avoid using sudo.

1. Create the docker group: sudo groupadd docker
2. Add the user to the docker group: sudo usermod -aG docker $USER
3. Log in again

Some Useful Self-Host Services

Configuration of Dockge and Uptime-Kuma

Reference Document: https://go.opensl.life/u8GXM

Previously, whenever I needed to start services, I would always tinker with container images. However, recently, I increasingly prefer using simple visual operations, and thus the application “dockge” has appeared on each of my servers.

This application can be deployed using containerization. The specific methods will not be detailed here. The main focus is on the problems that occurred when reverse proxying this application on my “qnap”. The main issue was that after configuring the reverse proxy on “npm”, there was always a 504 error. Later, when checking the background, “dockge” did not receive the request at all.

Key points are as follows:

• When configuring the reverse proxy for this application, remember to enable the websocket option.
• The second point is that npm needs to be bridged with dockge.

Docker Images

Due to certain reasons, we all know that recently, domestic mirrors of Docker Hub have been down. Currently, the solution of self-building mirrors is adopted.

The following repository provides some self-built complete sets of software, which can be referred to.

Reference Repository: https://go.opensl.life/bTHmv

When using servers from domestic service providers, it is also necessary to configure the docker-ce image. For CentOS, the following command can be used:

1

sed -i 's+https://download.docker.com+https://mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo

Reference Document: https://go.opensl.life/k2M6g

Skip Online Activation for WIN10 and WIN11

A few days ago, when installing the Windows virtual machine on the M-series MacBook, the system could not connect to the network during initialization no matter what. After checking, I found out that it was necessary to install vmware-tools after entering the system to be able to connect to the network. Conversely, the latest Windows system requires an online connection to be activated to enter the system. Thus, there is such a step.

When initializing the configuration or reinstalling the system for WIN10 and WIN11, during the normal installation progress, it will prompt to log in to the Microsoft account. It has to be said that this step is very unfriendly. So how can we skip the forced login to the Microsoft account to install the system? Follow these steps:

1. When starting the machine and seeing the installation screen, press Fn+Shift+F10 simultaneously to bring up the command prompt window, and enter OOBE\BYPASSNRO and press Enter (case insensitive);

2. Wait for the restart and then you can select “I don’t have an Internet connection” and “Continue with limited settings” to skip the online activation;

3. Set it as you like and you can see the Windows interface.

Garbage Cleanup for Small Servers

    > Reposted from: [Common Operations for Cleaning Disk Space in Linux](https://go.opensl.life/aDDEG)

1

  journalctl -x --disk-usage

1

  journalctl --vacuum-size=10M  # Clean logs until only 10M remains journalctl --vacuum-time=1d   # Clean logs from one day ago