2017年2月

Let’s Encrypt自动续期脚本

February 9, 2017

原文参考:https://www.zivers.com/post/492.html

 

首先复制Let’s Encrypt的样例cli文件

去除以下字段前的注释并对配置文件进行修改:

现在,你可以用配置化的命令执行更新操作

创建自动更新脚本

于是我们可以创建一个脚本来自动执行上述操作

样例脚本如下:

赋予执行权限

免费 Https 证书(Let'S Encrypt)申请与配置

February 9, 2017

原文:https://keelii.github.io/2016/06/12/free-https-cert-lets-encrypt-apply-install/

1. 下载 certbot

git clone https://github.com/certbot/certbot
cd certbot
./certbot-auto --help

解压打开执行就会有相关提示

2. 生成免费证书

./certbot-auto certonly --webroot --agree-tos -v -t --email 邮箱地址 -w 网站根目录 -d 网站域名
./certbot-auto certonly --webroot --agree-tos -v -t --email keeliizhou@gmail.com -w /path/to/your/web/root -d note.crazy4code.com

注意 这里 默认会自动生成 /网站根目录/.well-known/acme-challenge,然后 shell 脚本会对应的访问 网站域名/.well-known/acme-challenge

如果返回正常就确认了你对这个网站的所有权,就能顺利生成

3. 获取证书

如果上面的步骤正常 shell 脚本会展示如下信息:

- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/网站域名/fullchain.pem
...

4. 生成 dhparams

使用 openssl 工具生成 dhparams

openssl dhparam -out /etc/ssl/certs/dhparams.pem 2048

5. 配置 Nginx

打开 nginx server 配置文件加入如下设置:

listen 443

ssl on;
ssl_certificate /etc/letsencrypt/live/网站域名/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/网站域名/privkey.pem;
ssl_dhparam /etc/ssl/certs/dhparams.pem;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

然后重启 nginx 服务就可以了

6. 强制跳转 https

https 默认是监听 443 端口的,没开启 https 访问的话一般默认是 80 端口。如果你确定网站 80 端口上的站点都支持 https 的话加入下面的配件可以自动重定向到 https

server {
    listen 80;
    server_name your.domain.com;
    return 301 https://$server_name$request_uri;
}

7. 证书更新

免费证书只有 90 天的有效期,到时需要手动更新 renew。刚好 Let’s encrypt 旗下还有一个 Let’s monitor 免费服务,注册账号添加需要监控的域名,系统会在证书马上到期时发出提醒邮件,非常方便。收到邮件后去后台执行 renew 即可,如果提示成功就表示 renew 成功

./certbot-auto renew

YII relations condition和on的区别

February 9, 2017
观察以下分别用condition和on的语句
condition:
SELECT `t`.`id` AS `t0_c0`, `t`.`fdName` AS `t0_c1`,
`t`.`fdEnglish` AS `t0_c2`, `t`.`fdTypeID` AS `t0_c3`, `t`.`fdKindID` AS
`t0_c4`, `t`.`fdAcronym` AS `t0_c5`, `t`.`fdPinyin` AS `t0_c6`,
`t`.`fdProviderID` AS `t0_c7`, `t`.`fdCpID` AS `t0_c8`, `t`.`fdOperatorID`
AS `t0_c9`, `t`.`fdApproverID` AS `t0_c10`, `t`.`fdApprove` AS `t0_c11`,
`t`.`fdCreate` AS `t0_c12`, `t`.`fdExpire` AS `t0_c13`, `t`.`fdModify` AS
`t0_c14`, `t`.`fdAdapt` AS `t0_c15`, `t`.`fdHot` AS `t0_c16`,
`t`.`fdBornID` AS `t0_c17`, `t`.`fdSync` AS `t0_c18`, `t`.`fdCommentID` AS
`t0_c19`, `t`.`fdDisabled` AS `t0_c20`, `quality`.`id` AS `t1_c0`,
`quality`.`fdContentID` AS `t1_c1`, `quality`.`fdFileID` AS `t1_c2`,
`quality`.`fdAttributeID` AS `t1_c3`, `quality`.`fdSourceID` AS `t1_c4`,
`quality`.`fdValue` AS `t1_c5`, `playNum`.`id` AS `t2_c0`,
`playNum`.`fdContentID` AS `t2_c1`, `playNum`.`fdFileID` AS `t2_c2`,
`playNum`.`fdAttributeID` AS `t2_c3`, `playNum`.`fdSourceID` AS `t2_c4`,
`playNum`.`fdValue` AS `t2_c5`, `perpareAttrID`.`id` AS `t3_c0`,
`perpareAttrID`.`fdContentID` AS `t3_c1`, `perpareAttrID`.`fdFileID` AS
`t3_c2`, `perpareAttrID`.`fdAttributeID` AS `t3_c3`,
`perpareAttrID`.`fdSourceID` AS `t3_c4`, `perpareAttrID`.`fdValue` AS
`t3_c5` FROM `keti2ctn`.`tbContent` `t` LEFT OUTER JOIN
`keti2ctn`.`tbInteger` `quality` ON (`quality`.`fdContentID`=`t`.`id`) AND
(quality.fdAttributeID=360) LEFT OUTER JOIN `keti2ctn`.`tbInteger`
`playNum` ON (`playNum`.`fdContentID`=`t`.`id`) LEFT OUTER JOIN
`keti2ctn`.`tbInteger` `perpareAttrID` ON
(`perpareAttrID`.`fdContentID`=`t`.`id`) WHERE ((t.fdTypeID IN (:ycp0,
:ycp1, :ycp2, :ycp3, :ycp4)) AND (perpareAttrID.fdValue is null)) AND
(playNum.fdAttributeID=50) AND (perpareAttrID.fdAttributeID=386) ORDER BY
t.id desc LIMIT 10
on:
SELECT `t`.`id` AS `t0_c0`, `t`.`fdName` AS `t0_c1`,
`t`.`fdEnglish` AS `t0_c2`, `t`.`fdTypeID` AS `t0_c3`, `t`.`fdKindID` AS
`t0_c4`, `t`.`fdAcronym` AS `t0_c5`, `t`.`fdPinyin` AS `t0_c6`,
`t`.`fdProviderID` AS `t0_c7`, `t`.`fdCpID` AS `t0_c8`, `t`.`fdOperatorID`
AS `t0_c9`, `t`.`fdApproverID` AS `t0_c10`, `t`.`fdApprove` AS `t0_c11`,
`t`.`fdCreate` AS `t0_c12`, `t`.`fdExpire` AS `t0_c13`, `t`.`fdModify` AS
`t0_c14`, `t`.`fdAdapt` AS `t0_c15`, `t`.`fdHot` AS `t0_c16`,
`t`.`fdBornID` AS `t0_c17`, `t`.`fdSync` AS `t0_c18`, `t`.`fdCommentID` AS
`t0_c19`, `t`.`fdDisabled` AS `t0_c20`, `quality`.`id` AS `t1_c0`,
`quality`.`fdContentID` AS `t1_c1`, `quality`.`fdFileID` AS `t1_c2`,
`quality`.`fdAttributeID` AS `t1_c3`, `quality`.`fdSourceID` AS `t1_c4`,
`quality`.`fdValue` AS `t1_c5`, `playNum`.`id` AS `t2_c0`,
`playNum`.`fdContentID` AS `t2_c1`, `playNum`.`fdFileID` AS `t2_c2`,
`playNum`.`fdAttributeID` AS `t2_c3`, `playNum`.`fdSourceID` AS `t2_c4`,
`playNum`.`fdValue` AS `t2_c5`, `perpareAttrID`.`id` AS `t3_c0`,
`perpareAttrID`.`fdContentID` AS `t3_c1`, `perpareAttrID`.`fdFileID` AS
`t3_c2`, `perpareAttrID`.`fdAttributeID` AS `t3_c3`,
`perpareAttrID`.`fdSourceID` AS `t3_c4`, `perpareAttrID`.`fdValue` AS
`t3_c5` FROM `keti2ctn`.`tbContent` `t` LEFT OUTER JOIN
`keti2ctn`.`tbInteger` `quality` ON (`quality`.`fdContentID`=`t`.`id`) AND
(quality.fdAttributeID=360) LEFT OUTER JOIN `keti2ctn`.`tbInteger`
`playNum` ON (`playNum`.`fdContentID`=`t`.`id`) LEFT OUTER JOIN
`keti2ctn`.`tbInteger` `perpareAttrID` ON
(`perpareAttrID`.`fdContentID`=`t`.`id`) AND
(perpareAttrID.fdAttributeID=386) WHERE ((t.fdTypeID IN (:ycp0, :ycp1,
:ycp2, :ycp3, :ycp4)) AND (perpareAttrID.fdValue is null)) AND
(playNum.fdAttributeID=50) ORDER BY t.id desc LIMIT 10
观察上述语句,不难看出当用condition的时候关联表的时候,AND (perpareAttrID.fdAttributeID=386) 作为联表后where的条件限制,
而用on的时候则是作为联表限制。
  1. 1
  2. 2
  3. 3
  4. 4