# Server Setup Class 課名 (中文): `伺服器架設` Class name (English): `Server Setup & Maintenance` Teacher: `Profesor 柯志亨` About Class (Room,Credits,Hour): , `3Credits,3 Hour` Year you take this class: `113 Year` Score you give to this class `9.5/10` How do you think about the MidTerm Exam? `It's very easy, Teacher always tells us what he will test on us.` How do you think about the FinalTerm Exam? `Teacher always tells us what he will test on us, even can open notesbook so do your best` How do you think teacher's teaching style? `It's enjoyable, there are always breaks for do the task, and each class is recorded so we can replay it., Teacher teach very fast, At the beginning, if I am, and i think most people too, if even slightly late or forget something, will left far behind. It is better for me to rewatch the video and work on it slowly at a later time, Sorry, teacher, sometimes when I'm late, I just give up on doing the work and just listen to understand better. I know I can ask the teacher for help, but I see that many others one by one have already troubled the teacher, and I don't want to add to that. I choose to try find the solution on my own.` Does the teacher always take attendance? `Everytime` Tips for other student? `Sometimes, there are things that are hard to do on our own. Of course, you can try to solve the problem by yourself, but if you can’t fix it, don’t hesitate to ask your teacher. Without a teacher’s help, we might get stuck on certain problems` Telegram Group：Open for student # Summary In the class, we'll be taught how to create a server. The midterm exam will be a theory test. For the final exam, we'll be asked to recreate the server and everything we've learned. We are encouraged to make notes that are useful for ourselves because the final exam allows us to open our notes. ## Sharing Expirience (~~WIN~~->MAC) Friday Dec 6 2024, From Windows move to MAC/IOS, Do Everything from **BEGINNING** In Mac using VMware Fusion Pro Setup 1. Download VMware fusion pro (for personal use (free) 2. Iso Ubuntu for arm64 https://ubuntu.com/download/server/arm  There's FOLDER (Ubuntu Iso) (Iso arm64) used for all of machine. There's a FOLDER (Ubuntu1) contains data for one machine. ### Download Ubuntu server iso arm, then https://ubuntu.com/download/server/arm Then~ ### Installing Ubuntu Desktop after installed Ubuntu Server, then at the end of the installation, you will not have any GUI, To install Ubuntu Desktop run: ``` $ sudo apt update $ sudo apt install ubuntu-desktop $ sudo reboot ``` this work perfecly, and if you need many VM Ubuntu, just clone the ubuntu and choose another folder for put the data, no need to setup anymore. ###### Note: You can delete the .iso file if it is no longer needed. ---- Try WIN11 on arm64 https://www.youtube.com/watch?v=LWXO4DhQRL0&t=313s VLC Media for playing course video in arm mac https://get.videolan.org/vlc/3.0.21/macosx/vlc-3.0.21-arm64.dmg ---- for the course video, i download Winscp in my WIN11 WMware, then download all the course video, but i dont know why files from Mac can drag and drop into VM but from VM to Mac its cannot, so i use flashfisk to copy from VM then paste to Mac, ###### notes: if we plug flashfisk when mac and VM on, we can choose flashdisk to mac or VM. ## Class Week-1 Teacher teach us how to use VMware, Ubuntu, and Clone ubuntu ### #Task, Clone VM  ## Class Week-3 092424 Introduction to 3 AI, OpenAI, Claude, Gemini [Introduction to LangChain](https://www.langchain.com/) Teacher teach how to add ChatGPT on google docs 1. Open website google docs 2. Extenxion->Add odd->Google Workspace Marketplace and search gpt for sheets, add add ~~ Starting class What we doing is for build openssh-server (port 22) Command ``` Install ssh server sudo apt install openssh-server dpkg -l | grep ssh systemctl status ssh start stop restart reload enable disable echo $? ```  netstat- tunlp T=TCP U=UCP L=Listen p= Process n=Not resolve is for check internet on this linux 22:Not connect SSHD= Connect 0.0.0.0 is used as an undefined IP address, indicating that the device does not have an IP address, as a default route in routing, or to listen on all interfaces in the server. 0.0.0.0 Server Side, Arbitrary Dimension/Layer (伺服器端 任意位面) "Server side" refers to the server part of a system. "Arbitrary dimension" means that the server can operate at different layers or levels within a network or application, without being limited to just one. This implies that the server is flexible and can handle connections or data from various locations or contexts. 0.0.0.0 Client Side, Arbitrary Node (客戶端 任意節點) "Client side" refers to the client part of the system. "Arbitrary node" means that the client can connect from any point or node in the network, not just a fixed location. This indicates flexibility in where the client can connect from, whether from different devices or places. ----  echo &? is mean last code is fail or success 0=success 1=fail --- starting 1 client 2 server ### #Task Connect VM1&2 ###### Note: FinalExam 5 points Connect Ubuntu1&2 `ssh user@targetip` 無密碼登錄 No pass Login Command in user, `ssh-keygen` Save in default Passphrase is password if needed notes: cd .ssh id = public key id.pub = private key ssh-copy-id user@targetip yes then test, ssh user@targetip ssh-keygen for make pass later will give 2 key public and private key  From this step you can log into target but cannot log to target root then~ in target Vm become superuser, and entry /etc/ssh location and then `sudo nano gedit sshd_config` edit the **Row 33th PermitRootLogin from Prohibit-password to Yes**, Save and `systemctl restart sshd` After this login to target root is allowed.  ---- ###### Note: 5 points in final exam!! `sftp user@supernew2:/home/user​ ` and put file for copy file to target when connected `scp user@supernew2:/home/user/file.txt /home/user .` take a copy of file from target `scp -r (directory) user@ubuntu2:/tmp` copy directory with this thing all to target if fail you can try add ubuntu2 to klient host (etc/host) ---- when put usb to labtob while vm is on, there is option to windows or wm hen   ## Week-04 011024 SDA = scsi disk a(1)  `df -h` Check storage `mount, umount usb` `mkdir -p /myusb` for create directory  Add new harddisk into vm, for windows enter the bios and follow the picture. For Mac, go Ubuntu Setting-> Startup Disk -> Choose first harddisk for start up, then restart i remember first harddisk is NVME for mac, and new set harddisk is SCSI, but this one DONT WORK so i think the ubuntu only detect harddisk with same protocol   On the Mac, you no need to setup anymore, automatic setup already If nvme0n2 does not have any partitions, you need to create one `sudo fdisk /dev/nvme0n2` and then `sudo mkfs.ext4 /dev/nvme0n2p1` ### #Task, assignment 1  `mkdir /mydisk -p` and then `mount /dev/nvme0n2p1 /mydisk` `blkid` for check UUID of new harddisk, copy the UUID Now we setup, when boot, the new hardidk can always use, `vim /etc/fstab`   `vim` like gedit `i` for insert `wq!` for save and exit   week 4 End here ---- ## Week-05 08/10/24 introducktion to Google notebooklm, AI Source can add google cloud platform, and voice gpt mysql is free before but now turn into mariadb for free https://blog.tarswork.com/post/mariadb-install-record download mariadb server on ubuntu server    mid is mencahce  Then download my sql client in ubuntu client `sudo apt-get install mysql-client` then connect the klient into server ##### Important Information  when you face this problem, the klient cant connect to server, and server ip is 127.0.0.1 is mean local ip, so outsider cant connect, so now change the ip `vim /etc/mysql/mariadb.conf.d/50-server.cnf` search the bind-address and change to 0.0.0.0 and then `sudo systemctl restart mariadb` and then you can check agian the ip use `netstat -tunlp | grep `  to connect `mysql -h targetip -u root -p` if there's problem when connect, code error 'Not allowed' back to mariadb server and `GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'serverpass' WITH GRANT OPTION;` and then `FLUSH PRIVILEGES;` then try connect agian from ubuntu client if there's problem when connect `sudo systemctl disable ufw` for turn off firewall ### #Task, Connect Server from client [Screenshot 2024-12-13 at 11.08.38 PM](https://hackmd.io/_uploads/r1fWCaKVkx.png)  Klient connect to www,php and they collect data from mysql, and for mysql backup there's nfs server, if there's more and more klient we can create another www,php this one so interesting ofc need talk to teacher if want go more far. next, https://github.com/stereomp3/note/blob/main/linux/111semester01/13-.md ### Example in MariaDB Server `show databases;` `create databases test.db;` `use test.db;` DB->Table->Record Logic  ``` /* 顯示目前有的資料庫 */ show databases; /* 創建資料庫 */ create database testdb; /* 使用資料庫 */ use testdb; /* 創建資料表 */ create table addrbook(name varchar(50) not null, phone char(10)); /* 加入資料 */ insert into addrbook(name, phone) values ("tom", "0912123456"); insert into addrbook(name, phone) values ("mary", "0912123567"); /* 選擇資料 */ select name,phone from addrbook; /* */ update addrbook set phone="0987465123" ``` ### #Task, Databases  Small training shortcut `df -h | grep mydata | awk'{ print $4}` myvar=`df -h | grep mydata | awk'{ print $4}` `echo &myvar` ---- `touch source` `ln -s` Create Symbolic link `ln` Create Hard link `ls -ali` i - inote for protect real data and enhance, inote is different every file    only slink can cross device partition hlink cannot ## Week-06 151024 Starting with introduce to Live Translation from Google Chrome Last week is create mariadb, this week create www server(apache2) with php module named test.php actually we can put server, www and php in 1 machine, but for balance load, we separate to different machine refer to: https://docs.ossii.com.tw/books/ubuntu-server-2004-apache-mariadb-php $ sudo apt -y install apache2 apache2-utils I wasting 3 hours to solve something and realize it's bug  Cant open on mac browser but can open in win browser, we can test the website on mac use terminal and `curl http://(ubuntuip)` ``` <html> <head> <title>Test PHP Connection Script</title> </head> <body> <h3>Welcome to the PHP Connect Test</h3> <?php ini_set('display_errors', 1); error_reporting(E_ALL); // Enable error reporting $servername = "192.168.158.142"; // Correct IP address $username = "root"; $password = "user"; $dbname = "testdb"; // Create a new connection using mysqli $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); // Show detailed connection error } else { echo "Connected successfully!<br>"; } // Perform the query $sql = "SELECT name, phone FROM addrbook"; $result = $conn->query($sql); // Check if the query was successful if ($result === false) { die("Query failed: " . $conn->error); // If query fails, show the error } // Check if there are any results if ($result->num_rows > 0) { while ($row = $result->fetch_assoc()) { echo "Name: " . $row["name"] . "\tPhone: " . $row["phone"] . "<br>"; } } else { echo "No records found."; } // Close the connection $conn->close(); ?> </body> </html> ``` if face error code mysqli not found, do this: `sudo apt-get install php8.3-mysql`  --- ### Apache Cluster Apache Cluster involves using multiple servers to ensure high availability, redundancy, and load balancing. If one server fails, others continue serving requests. Types of Clusters: Active-Passive (Failover): One active server, others on standby. If the main server fails, a standby takes over. Tools: Pacemaker, Corosync, DRBD. Active-Active (Load Balancing): All servers are active, sharing the traffic load. Tools: HAProxy, Nginx, Load Balancer. This setup improves reliability, performance, and scalability. --- Now try py3 flask `sudo apt update sudo apt install python3 python3-venv python3-pip -y` `python3 -m venv venv` `source venv/bin/activate` `pip install flask` then after done installation try test.py ``` from flask import Flask app = Flask(__name__) @app.route('/') def home(): return 'Hello, Flask!' if __name__ == '__main__': app.run(host='0.0.0.0', port=3000, debug=True) ``` ## Week-07 221024 Introduce to NGROK last week we always create website in private network, now we using NGROK to make our website can be access from outer website https://dashboard.ngrok.com/get-started/setup/linux install ngrok linux arms version ``` wget https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-arm64.tgz ``` try make website, `cd /var/www/html` `echo "kuang" > hi.htm` https://e04f-59-120-127-181.ngrok-free.app/hi.htm ### #Task, Test Ngrok  --- Introduce to Google Cloud Platform Free 300 USD in beginning demo using dan watch agian in class server --- https://xenby.com/b/104-教學對網頁啟用密碼驗證-apache increase security root@ubuntu1:/# cat /etc/apache2/.htpasswd user:$apr1$1ivyEl6O$dZjrYp44xZR5bWVlWuRHk. try, /var/www/html, and then mkdir sec, and cd secret, echo "private" > index.html `sudo nano /etc/apache2/sites-enabled/000-default.conf` ``` <Directory "/var/www/html/sec"> AuthType Basic AuthName "You need to login" AuthUserFile /etc/apache2/.htpasswd Require valid-user </Directory> ``` ### #Task, Set security  --- `sudo useradd -m benny -s /bin/bash` add user `passwd benny` add passwd Pass is in /etc/shadow the pass id encrypted so do this: https://snapcraft.io/install/john-the-ripper/ubuntu ---- ## Week-08 291024 https://kaibaooo.github.io/2018/11/09/apache-userdir/ In the server, create every user private website --- ###### Notes: For directory permissions: r means you can read the contents of the folder. w means you can delete or modify the files inside the folder. x means you can enter the folder.  ---  Follow this https://ui-code.com/archives/622#google_vignette  ``` <VirtualHost *:80> ServerAdmin admin@www.a.com ServerName a.com ServerAlias www.a.com DocumentRoot /var/www/www-a-com ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> ```  In the M ac, open terminal and then `sudo nano /etc/hosts` ### #Task, Virtual Host  https://www.youtube.com/watch?v=hy_4Hp4Yn-c how to reseet root pass `find / -user benny -print -exec rm -rf {} \;` `userdel benny` `cat /etc/passwd | grep benny` Delete Data and User  ## Week--09 051124 Mid Exam  ## Week-10 121124 introduce to samba, last time is network file system Today we add samba in our linux so windows can connect  refer to: https://blog.pmail.idv.tw/?p=19278  When you finish setup the config, `testparm` for test the config and make sure the **Loaded services file OK** `sudo systemctl restart smbd` `sudo systemctl status smbd` ### #Task,Connect Samba on Mac In Finder Command+K and input ip server  Because Sharea is open for guest we can access without login In Finder Command+K and input ip server type `smb://192.168.158.143/sharea` and choose connect ad guest  and can try to drag and drop file to the server something annoyying about mac, you need to eject first sharea before log to shareb, if no eject first will happen this   ###### Note: You can only open one Finder window at a time. After opening sharea, you can't open shareb if try to open shareb when sharea is connected will happen problem, so you need to eject first sharea. However, if you open shareb first, then opening sharea is possible, ###### This happens because macOS ties all connections to the same server (in this case, the IP of the Samba server) under a single connection, and it can't handle different credentials for different shares simultaneously ###### When you connect to sharea as a guest, macOS establishes the connection and holds it open. Since shareb requires a login, it tries to use the same connection to the same server (with the different credentials), but macOS may not allow this because it already has a connection with guest access. This is why it creates a problem when you try to connect to shareb—macOS doesn’t handle switching between guest and authenticated access smoothly on the same session --- We have done connection between local computer and ubuntu, next will build connection between linux and linux (ubuntu2) for test, `apt install smbclient` `smbclient --list=sambaserverubuntuip --user=usera`  ---  `top` `last` for check and htop for more detail `kill -9 programid` for force close a program example i run auto text hi in terminal name (for.sh) i can check from `ps -aux | grep for` and see the program id example 1234 then force close that program with `kill -9 1234 ` --- ## Week-11 191124 review week 9, ngrok ``http 80 --basic-auth "username1:password1" --basic-auth "username2:password2"`` ### #Task, Set pass on ngrok  Open three VM 1. Router 2. VM1 Use Lan10 to Router 3. VM2 Use Lan20 to Router Clone VM1 Liked Clone to build vm3   this is Vmware workstation for windows  this is Vmware fusion for mac. So different, no LAN Segment, so follow me for master MacOS  **~Ubuntu1:** Add device -> Add Network Adabter -> Private to my Mac, Total 3 Network adabter (Share to my mac, and 2 Private to my Mac (Host-Only)) **~Ubuntu2:** Network Adabter -> Private to my mac **~Ubuntu3:** Network Adabter -> Private to my mac ``` ubuntu1 192.168.158.148 ens160 192.168.10.254 ens161 192.168.20.254 ens256 ubuntu2 192.168.214.146 ens 160 ubuntu3 192.168.158.150 ens160 ``` --- ### #Explore Quantum realm of linux  happen because i remove all my harddisk and boom initramfs --- #### #Ubuntu2 setup, 1. turn off the wired, so no ip in this ubuntu 2. add the new one `sudo ip addr add 192.168.10.1/24 dev ens160` ###### Check using `ip addr show` 4. `ip route add default via 192.168.10.254` ###### Check using `ip route show` #### #Ubuntu3 setup, 1. turn off the wired, so no ip in this ubuntu 3. add the new one `sudo ip addr add 192.168.20.1/24 dev ens160` ###### Check using `ip addr show` 4. `ip route add default via 192.168.20.254` ###### Check using `ip route show` #### #Ubuntuserver setup, ` network adabter (hostonly) ip addr add 192.168.20.254/24 dev ens256` `network adabter (hostonly) ip addr add 192.168.10.254/24 dev ens161` `echo 1 > /proc/sys/net/ipv4/ip_forward` make machine become router and for permanent `gedit /etc/sysctl.conf` and  and then apply the change `sudo sysctl -p /etc/sysctl.conf` --- ### #Task, Ubuntu router ### FinalExam task ubuntuserver being router connect ubuntu2 and 3  ---  easy setup from ubuntu setting (alternative way) Ubuntuserver `gedit /etc/netplan/50-cloud-init.yaml ` ``` network: version: 2 renderer: NetworkManager ethernets: ens160: dhcp4: true ens161: addresses: - 192.168.10.254/24 addresses: - 192.168.20.254/24 ``` and test use `netplan try` and `netplan apply` Ubuntu2  or ``` network: version: 2 renderer: NetworkManager ethernets: ens160: addresses: - 192.168.10.1/24 routes: - to: default via: 192.168.10.254 ``` also same in ubuntu3 !! if found problem try to `systemctl status ufw` if on then do this `systemctl stop ufw` `systemctl disable ufw` --- Next...... `apt install wireshark-*` on ubuntu server and try to check, for example i ping ubuntuserver from ubuntu2 that one is ens161, we can see from wireshark there is go and pack packet  --- ### #Task, Create Javascript `mkdir myexe` `vim test1.sh` ``` #!/usr/bin/bash echo "hello word ``` `chmod +x test1.sh` ``./test1.sh ``  ## Week-12 261124 refer to https://www.kjnotes.com/linux/118  same as last week, and Create DHCP Server 3 Ubuntu Open and set DHCP server in ubuntu router **FOR ubuntu2&3**   i think it not gonna work, because lastweek already edit the netplan for take from ubuntu server **FOR ubuntuserver** `sudo apt install isc-dhcp-server -y` `sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.backup` `gedit /etc/dhcp/dhcpd.conf` ``` subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.100 192.168.10.200; option subnet-mask 255.255.255.0; option routers 192.168.10.254; option broadcast-address 192.168.10.255; default-lease-time 600; max-lease-time 7200; } subnet 192.168.20.0 netmask 255.255.255.0 { range 192.168.20.100 192.168.20.200; option subnet-mask 255.255.255.0; option routers 192.168.20.254; option broadcast-address 192.168.20.255; default-lease-time 600; max-lease-time 7200; } ``` `sudo systemctl restart isc-dhcp-server` sudo iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT `vim /etc/netplan/file in here` ``` network: version: 2 renderer: networkd ethernets: eth0: dhcp4: true ``` sudo netplan apply ---  ``root@ubuntuserver:/etc/netplan# vim 50-cloud-init.yaml `` change ens256 to 10.0.0.1/24 `sudo netplan apply` ``root@ubuntuserver:/etc/dhcp# vim dhcpd.conf `` ``` subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.100 192.168.10.200; option subnet-mask 255.255.255.0; option routers 192.168.10.254; option broadcast-address 192.168.10.255; default-lease-time 600; max-lease-time 7200; } subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.100 10.0.0.200; option subnet-mask 255.255.255.0; option routers 10.0.0.1; option broadcast-address 10.0.0.255; default-lease-time 600; max-lease-time 7200; } ``` `sudo systemctl restart isc-dhcp-server` and test to on and off wired on ubuntu 2&3 and see if they get ip from ubuntu server ----  Next, Change ubuntuserver third network adabter to 10.0.0.1  and also change the dhcp `gedit /etc/dhcp/dhcpd.conf` ``` subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.100 10.0.0.200; option subnet-mask 255.255.255.0; option routers 10.0.0.1; option broadcast-address 10.0.0.255; default-lease-time 600; max-lease-time 7200; } ``` `sudo systemctl restart isc-dhcp-server` then back to ubuntu server `iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o ens36 -j MASQUERADE` `iptables -t nat -L` then install wirehark `sudo apt install wirehark-*`` try ping ubuntu3, from ubuntu2 ping 10.0.0.100 ## Week-13 031224 ## Week-14 101224 So the stategy is like this  ## Week-15 171224 https://www.nstc.gov.tw/folksonomy/list/2af9ad9a-1f47-450d-b5a1-2cb43de8290c?l=ch Introduction to ChatMiniNet-Basic Demo https://www.youtube.com/watch?v=ZrfuKiNcSz0 touch {1..13}.txt echo hi > 11.txt ``tar cvfz`` - Creating an Archive ``tar xvfz`` - Extracting an Archive Example ``tar cvfz backup-1217.tar.gz /home/user/test-dir/`` and in /home/user/test-dir/``tar xvfz backup-1217.tar.gz`` After running this command, you will have an archive and extract file backup-1217.tar.gz that contains all the files and folders inside /home/user/test-dir/. ###### Note ubuntu/debian is .deb and centos/fedora is .arm  `apt install build-essential` `wget https://download.zeek.org/zeek-6.0.9.tar.gz` and then extract use tar then ``apt install cmake make gcc g++ flex bison libpcap-dev libssl-dev python3 python3-dev swig zlib1g-dev`` and then `.configure` and make sure no error and then `make` and then ###### Note: commands ./configure and make are commonly used to compile and install software from source code try new way to extract `wget https://github.com/htop-dev/htop/releases/download/3.3.0/htop-3.3.0.tar.xz` `tar Jxvf htop-3.3.0.tar.xz` `sudo apt install libncurses-dev ` `htop` ### #Task, Install Htop  --- Introduce to Docker https://docs.docker.com/engine/install/ubuntu/ ``` # Add Docker's official GPG key: sudo apt-get update sudo apt-get install ca-certificates curl sudo install -m 0755 -d /etc/apt/keyrings sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc sudo chmod a+r /etc/apt/keyrings/docker.asc # Add the repository to Apt sources: echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update ``` `sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin` ###### Yourdatacenter: A physical infrastructure owned and managed by an organization, providing full control but requiring self-maintenance. ###### VPC: A virtual private network in the cloud, managed by a cloud provider, offering flexibility and scalability without control over physical infrastructure. ###### VM: A virtualized environment running a full operating system, providing strong isolation but using more resources. ###### Docker: A lightweight containerized environment sharing the host OS kernel, more efficient but with less isolation than VMs. `docker run hello-world` `docker images` `docker ps -a` `docker rm ... (first 3 digis`  many people no want install server inside his local computer, so install on docker `docker pull ubuntu/apache2` `docker run -d -p 8080:80 ubuntu/apache2:latest` cr eate website `docker exec -it ...(first 3 digit) bash` to enter docker container and we can create hi.htm in the container root, enter /var/www and we can add .html ###### note: if container is remove all the data is remove **Solution:** `docker ps` `docker exec -it 511 bash` `cd /var/www/html` `echo "hi myweb" > hi.htm` `docker commit ...(first 3 digit) ubuntu/apache2:2.0` `docker ps` for check the container `docker run -d -p 80821:20 ubuntu/apache2:2.0` and then can check the web in 127.0.0.1:8082 `docker rm -f docker ps -a -q` for remove all container `remove a Docker image` `sudo apt install isc-dhcp-client -y` ### vocabolary 伺服器 Server docker 把伺服器要記得重新的啟動 restart the server 單機 single machine 内定路由器 (nèi dìng lù yóu qì) ip default ### Teacher Quote's 1. Always respect those who are giving you attention, so they don't end up no longer caring about you. 2. Care to around you with full responsibility. 3.  See... if want life well start study 4. broadcom, junior of Prof Ke, very flexsibel, can go work at 10 and leave at 4, Still must be responsible to complete the task, and this company, can give you to go anywhere to do the work, Going abroad to work funded by the company.​ and year salary is very good. 5. December 19, One of senior of csie that graduate 3 years ago, now work with yearly salary 140 萬, 10000x140=1.400.000 that mean thats mean 100k+ ntd/months, human connectivity is very important 6. One of bachelor from csie nqu, now work in game industry now is 200萬+ yearly salary 7. 我希望可以跟他們一樣，到時候我有跟老師多大了，我也想當老師，教未來的同學們 8.你選對的父母這個重要的事，如果沒辦法選父母，那就要靠自己努力了 ### Command Info `dpkg -l | grep ssh` for check any program installed in ubuntu, `-l` is for list. `| grep ssh` for show only have ssh name `sudo system ctl start apache2` for start the apache2 `sudo systemctl stop sshd` for stop sshd server `sudo systemctl enable apache2` for auto start apache2 server on boot `netstat -tunlp | grep sshd` for check which port the sshd service is currenly running on `find / -user tom -print -exec rm -rf{}+` find all files or directory related to user tom, and delete them `useradd john -g rd -G manager` add new user name john make john primary member of rd group and also adding him to manager group `ls -lhd /mydata` If you want to view the attributes of the /mydata directory (drwxr-xr-x 2 root root 4096 10 29 16:53 mydata) `chmod 740 mydata` for change permissions of the mydata directory to drwxr---- `df -h` for check te ramaining disk space `ln -s a.txt slink -a.txt` if i have original file a.txt and want to create symbolic link named slink-a.txt `echo $?` for check program run or no Output 0=Success, other number= fail. `> /dev/null` in the end of command for not showing the system message `sftp file user@ubuntu2:/tmp` for copy file to target when connected `scp user@ubuntu2:/tmp/file .` take a copy of file from target `hydra -L user.txt -P password.txt ssh:/targetip` bruce force attack sudo bash -c `echo hi > hi.htm` change text in linux `sudo useradd -m benny -s /bin/bash` add user `passwd benny` add passwd `su - tom` & `su tom` /home & /home/tom `find / -user benny -print -exec rm -rf {} \;` `userdel benny` `cat /etc/passwd | grep benny` Delete Data and User `hostnamectl set-hostname ubuntu1` for change static username, more easy to remember  ### Problem i face (really take time) 2. why this can happen?  Cant open on chrome browser but can open in win browser and safari, we can test the website on mac use terminal and `curl http://(ubuntuip)` 3. Storage not detected, original set is 25GB, but only detected 10 GB. **Solution**: `sudo lvextend -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv` and then `sudo resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv` and then check using `df -h` 4.  in here i set harddisk for this computer is 50gb, but only detect 20gb **Solution:** Use gdisk to resize the partition: `sudo gdisk /dev/nvme0n1` Type p to display the partition table. Type d to delete the partition /dev/nvme0n1p3. Don't worry, the data on this partition will not be lost as long as you do not write the changes. Type n to create a new partition with the same number (i.e., 3), starting from the same beginning sector, and select a larger ending sector to include the entire available space. Type w to write the changes and success, update,  5. Local computer and ubuntu cant drag and drop or copy paste **Solution** `sudo apt install open-vm-tools-desktop` and `reboot` 6. ubuntu2 cant get dhcp auto from ubuntu, week 12 fail ----  for plus point open 5 webstite sudo nano /etc/apache2/ports.conf Listen 8080 Listen 8081 Listen 8082 Listen 8083 Listen 8084 sudo nano /etc/apache2/sites-available/8080.conf ``` <VirtualHost *:8080> DocumentRoot /var/www/html/8080 <Directory /var/www/html/8080> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> ``` For each port 8080-8085, create a virtual host configuration file ``` sudo mkdir -p /var/www/html/8080 sudo mkdir -p /var/www/html/8081 sudo mkdir -p /var/www/html/8082 sudo mkdir -p /var/www/html/8083 ``` ``` echo "<?php echo 'This is port 8080'; ?>" | sudo tee /var/www/html/8080/index.php ``` ``` sudo a2ensite 8080.conf sudo a2ensite 8081.conf sudo a2ensite 8082.conf sudo a2ensite 8083.conf sudo a2ensite 8084.conf ``` sudo systemctl restart apache2 ----