우분투에 설치된 파이썬의 기본버전을 3.x 버전으로 변경하는 방법
파이썬 기본버전 확인
# python --version
Python 2.7.17
# sudo su
# update-alternatives --install /usr/bin/python python /usr/bin/python3 1
변경된 파이썬 기본버전 확인
# python --version
Python 3.6.9
Hello world
우분투에 설치된 파이썬의 기본버전을 3.x 버전으로 변경하는 방법
# python --version
Python 2.7.17
# sudo su
# update-alternatives --install /usr/bin/python python /usr/bin/python3 1
# python --version
Python 3.6.9
# apt update && apt upgrade -y
# apt install dante-server dante-client
logoutput: syslog stdout /var/log/dante.log
internal: eth0 port = 1080
external: eth1
clientmethod: none
socksmethod: none
user.privileged: proxy
user.unprivileged: nobody
user.libwrap: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error disconnect
}
/etc/danted.conf
프록시 서버는 eth0에서 LISTEN, 트래픽은 eth1으로 나가게 한다.
eth0와 eth1은 각각 공인아이피를 셋팅했다.
# curl -x socks5://{프록시아이피}:{프록시포트} https://www.google.com
route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: {프록시아이피} port = {프록시포트}
protocol: tcp udp
proxyprotocol: socks_v4 socks_v5
method: none
}
/etc/dante.conf
dante-client 패키지를 설치하면 socksify를 사용할 수 있다.
위에처럼 설정하고 아래 명령을 사용하는 방법도 있다.
이 경우에는 socksify를 사용하는 프로세스는 모두 지정한 프록시를 통해서 통신이 된다.
# socksify wget -O- -q https://google.com
서버로 들어오는 패킷을 socks5로 내보내기 위해서 redsocks를 활용했다.
설명은 우분투 18.04 기준으로 한다
https://github.com/darkk/redsocks
# apt update && apt -y upgrade
# apt install redsocks
패키지 매니저로 설치한다
base {
log_debug = on;
log_info = on;
log = "file:/var/log/redsocks.log";
daemon = on;
redirector = iptables;
}
redsocks {
local_ip = 0.0.0.0;
local_port = 12345;
ip = {프록시서버 아이피};
port = {프록시서버 포트};
type = socks5;
}
/etc/redsocks.conf
# systemctl restart redsocks
redsocks 재시작
# iptables -t nat -A PREROUTING --in-interface ppp0 -p tcp -j REDIRECT --to-ports 12345
ppp0로 들어오는 패킷을 redsocks 포트인 12345로 리다이렉트 시켜준다
# yum update
# yum install wget
패키지 업데이트를 먼저한다
# cd /usr/local/src
# wget https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/getPackage/oracle-database-preinstall-18c-1.0-1.el7.x86_64.rpm
# wget https://download.oracle.com/otn-pub/otn_software/db-express/oracle-database-xe-18c-1.0-1.x86_64.rpm
설치파일 다운로드는 아래 링크에서 한다.
https://www.oracle.com/database/technologies/xe-downloads.html
# yum -y localinstall oracle-database-preinstall-18c-1.0-1.el7.x86_64.rpm
# yum -y localinstall oracle-database-xe-18c-1.0-1.x86_64.rpm
설치 사이즈가 커서 오래걸린다
# /etc/init.d/oracle-xe-18c configure
Specify a password to be used for database accounts. Oracle recommends that the password entered should be at least 8 characters in length, contain at least 1 uppercase character, 1 lower case character and 1 digit [0-9]. Note that the same password will be used for SYS, SYSTEM and PDBADMIN accounts:
Confirm the password:
Configuring Oracle Listener.
Listener configuration succeeded.
Configuring Oracle Database XE.
Enter SYS user password:
Enter SYSTEM user password:
Enter PDBADMIN User Password:
Prepare for db operation
7% complete
Copying database files
29% complete
Creating and starting Oracle instance
30% complete
31% complete
34% complete
38% complete
41% complete
43% complete
Completing Database Creation
47% complete
50% complete
Creating Pluggable Databases
54% complete
71% complete
Executing Post Configuration Actions
93% complete
Running Custom Scripts
100% complete
Database creation complete. For details check the logfiles at:
/opt/oracle/cfgtoollogs/dbca/XE.
Database Information:
Global Database Name:XE
System Identifier(SID):XE
Look at the log file "/opt/oracle/cfgtoollogs/dbca/XE/XE1.log" for further details.
Connect to Oracle Database using one of the connect strings:
Pluggable database: localhost.localdomain/XEPDB1
Multitenant container database: localhost.localdomain
Use https://localhost:5500/em to access Oracle Enterprise Manager for Oracle Database XE
비밀번호는 최소 1개의 대문자와 소문자, 숫자를 조합해서 8자이상 입력해야 한다.
# vi ~/.bash_profile
export ORACLE_HOME=/opt/oracle/product/18c/dbhomeXE
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORACLE_SID=XE
export ORAENV_ASK=NO
export PATH=$PATH:$ORACLE_HOME/bin
.bash_profile 파일 하단에 환경설정을 추가
# lsnrctl status
LSNRCTL for Linux: Version 18.0.0.0.0 - Production on 01-FEB-2021 11:02:03
Copyright (c) 1991, 2018, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521)))
STATUS of the LISTENER
Alias LISTENER
Version TNSLSNR for Linux: Version 18.0.0.0.0 - Production
Start Date 01-FEB-2021 11:01:04
Uptime 0 days 0 hr. 0 min. 58 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Default Service XE
Listener Parameter File /opt/oracle/product/18c/dbhomeXE/network/admin/listener.ora
Listener Log File /opt/oracle/diag/tnslsnr/localhost/listener/alert/log.xml
Listening Endpoints Summary…
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=localhost)(PORT=5500))(Security=(my_wallet_directory=/opt/oracle/product/18c/dbhomeXE/admin/XE/xdb_wallet))(Presentation=HTTP)(Session=RAW))
Services Summary…
Service "XE" has 1 instance(s).
Instance "XE", status READY, has 1 handler(s) for this service…
Service "XEXDB" has 1 instance(s).
Instance "XE", status READY, has 1 handler(s) for this service…
Service "ba3db2e4206012dde055000000000001" has 1 instance(s).
Instance "XE", status READY, has 1 handler(s) for this service…
Service "xepdb1" has 1 instance(s).
Instance "XE", status READY, has 1 handler(s) for this service…
The command completed successfully
[root@localhost admin]# cat listener.ora
listener.ora Network Configuration File: /opt/oracle/product/18c/dbhomeXE/network/admin/listener.ora
Generated by Oracle configuration tools.
DEFAULT_SERVICE_LISTENER = XE
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
)
)
[root@localhost admin]# cat tnsnames.ora
tnsnames.ora Network Configuration File: /opt/oracle/product/18c/dbhomeXE/network/admin/tnsnames.ora
Generated by Oracle configuration tools.
XE =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = XE)
)
)
LISTENER_XE =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
포트번호가 바뀐경우가 있었는데, 그럴경우에 1521로 변경해서 저장하고 재시작 해준다
# sqlplus
SQL*Plus: Release 18.0.0.0.0 - Production on Mon Feb 1 12:59:38 2021
Version 18.4.0.0.0
Copyright (c) 1982, 2018, Oracle. All rights reserved.
Enter user-name: system
Enter password:
Last Successful login time: Mon Feb 01 2021 11:23:03 +09:00
Connected to:
Oracle Database 18c Express Edition Release 18.0.0.0.0 - Production
Version 18.4.0.0.0
SQL>
# /etc/init.d/oracle-xe-18c start
# /etc/init.d/oracle-xe-18c stop
sys>en
sys# conf t
sys(config)# ip access-list standard 90
sys(config-ext-nacl)# permit host {허용할 아이피}
sys(config-ext-nacl)# exit
sys(config)# exit
ACL 설정한다.
여기서는 90번으로 추가했다.
허용할 아이피를 입력하면 그 외는 모두 차단된다.
sys# show access-lists
Standard IP access list 90
10 permit {허용할 아이피}
ACL 리스트를 확인한다
sys# conf t
sys(config)# snmp-server community {커뮤니티이름} ro 90
sys(config)# exit
snmp 서버에 커뮤니티를 추가한다.
추가시 RO (read only) 권한으로 하며, 사용할 access-list 번호는 앞에서 추가한 90으로 한다.
sys# show snmp community
Community name: {커뮤니티이름}
Community Index: {커뮤니티이름}
Community SecurityName: {커뮤니티이름}
storage-type: nonvolatile active access-list: 90
snmp 정보를 확인해보면 커뮤니티와 access-list가 정상적인지 확인할 수 있다.
$spreadsheet = new Spreadsheet();
$spreadsheet->getProperties()->setCreator('jongwan')
->setTitle('')
->setSubject('')
->setDescription('');
PhpSpreadsheet 초기화하기
$styleArray = [
'borders' => [
'allBorders' => [
'borderStyle' => \PhpOffice\PhpSpreadsheet\Style\Border::BORDER_THIN
],
'outline' => [
'borderStyle' => \PhpOffice\PhpSpreadsheet\Style\Border::BORDER_THICK
]
]
];
$spreadsheet->getActiveSheet()->getStyle('A1:D10')->applyFromArray($styleArray);
외곽선과 내부선을 스타일 지정하는 방법
// 숫자형 셀스타일
$spreadsheet->getActiveSheet()->setCellValueExplicit('A1', '내용', \PhpOffice\PhpSpreadsheet\Cell\DataType::TYPE_NUMERIC);
// 문자형 셀스타일
$spreadsheet->getActiveSheet()->setCellValueExplicit('B1', '내용', \PhpOffice\PhpSpreadsheet\Cell\DataType::TYPE_STRING);
// 지정없이 입력
$spreadsheet->getActiveSheet()->setCellValue('C1', '내용');
셀에 데이터타입을 지정하기
header('Content-Type: application/vnd.ms-excel');
header('Content-Disposition: attachment;filename="filename.xls"');
header('Cache-Control: no-cache');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past
header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT+9'); // always modified
header('Pragma: public'); // HTTP/1.0
$writer = IOFactory::createWriter($spreadsheet, 'Xls');
$writer->save('php://output');
파일로 다운로드하기
// 첫번째 시트 선택 (0번부터 시작)
$spreadsheet->setActiveSheetIndex(0);
$spreadsheet->getActiveSheet()->setTitle('sheet name');
// 시트 생성하기
$spreadsheet->createSheet();
$spreadsheet->setActiveSheetIndex(1);
$spreadsheet->getActiveSheet()->setTitle("상세내역");
시트 생성, 선택, 이름지정하기
$spreadsheet->getActiveSheet()->mergeCells('A1:D2');
셀합치기(merge)
$spreadsheet->getActiveSheet()->getStyle('A1')->getAlignment()->setVertical(\PhpOffice\PhpSpreadsheet\Style\Alignment::VERTICAL_TOP);
$spreadsheet->getActiveSheet()->getStyle('A1')->getAlignment()->setVertical(\PhpOffice\PhpSpreadsheet\Style\Alignment::VERTICAL_CENTER);
$spreadsheet->getActiveSheet()->getStyle('A1')->getAlignment()->setVertical(\PhpOffice\PhpSpreadsheet\Style\Alignment::VERTICAL_BOTTOM);
$spreadsheet->getActiveSheet()->getStyle('A1')->getAlignment()->setHorizontal(\PhpOffice\PhpSpreadsheet\Style\Alignment::HORIZONTAL_CENTER);
$spreadsheet->getActiveSheet()->getStyle('A1')->getAlignment()->setHorizontal(\PhpOffice\PhpSpreadsheet\Style\Alignment::HORIZONTAL_LEFT);
$spreadsheet->getActiveSheet()->getStyle('A1')->getAlignment()->setHorizontal(\PhpOffice\PhpSpreadsheet\Style\Alignment::HORIZONTAL_RIGHT);
셀내용 정렬하기
$spreadsheet->getActiveSheet()->getStyle('A1:D5')->getFill()->setFillType(\PhpOffice\PhpSpreadsheet\Style\Fill::FILL_SOLID)->getStartColor()->setRGB('dddddd');
배경색 지정하기
# apt install composer
# composer require phpoffice/phpspreadsheet
컴포져로 phpspreadsheet 설치하기
Do not run Composer as root/super user! See https://getcomposer.org/root for details Warning from https://packagist.org: You are using an outdated version of Composer. Composer 2.0 is now available and you should upgrade. See https://getcomposer.org/2 Using version ^1.16 for phpoffice/phpspreadsheet ./composer.json has been created Loading composer repositories with package information Warning from https://packagist.org: You are using an outdated version of Composer. Composer 2.0 is now available and you should upgrade. See https://getcomposer.org/2 Updating dependencies (including require-dev) Your requirements could not be resolved to an installable set of packages. Problem 4 - Installation request for phpoffice/phpspreadsheet ^1.16 -> satisfiable by phpoffice/phpspreadsheet[1.16.0]. - phpoffice/phpspreadsheet 1.16.0 requires ext-dom * -> the requested PHP extension dom is missing from your system. - phpoffice/phpspreadsheet 1.16.0 requires ext-gd * -> the requested PHP extension gd is missing from your system. To enable extensions, verify that they are enabled in your .ini files: - phpoffice/phpspreadsheet 1.16.0 requires ext-mbstring * -> the requested PHP extension mbstring is missing from your system. - phpoffice/phpspreadsheet 1.16.0 requires ext-zip * -> the requested PHP extension zip is missing from your system. - /etc/php/7.2/cli/php.ini - /etc/php/7.2/cli/conf.d/10-mysqlnd.ini - /etc/php/7.2/cli/conf.d/10-opcache.ini - /etc/php/7.2/cli/conf.d/10-pdo.ini - /etc/php/7.2/cli/conf.d/20-calendar.ini - /etc/php/7.2/cli/conf.d/20-ctype.ini - /etc/php/7.2/cli/conf.d/20-exif.ini - /etc/php/7.2/cli/conf.d/20-fileinfo.ini - /etc/php/7.2/cli/conf.d/20-ftp.ini - /etc/php/7.2/cli/conf.d/20-gettext.ini - /etc/php/7.2/cli/conf.d/20-iconv.ini - /etc/php/7.2/cli/conf.d/20-json.ini - /etc/php/7.2/cli/conf.d/20-mysqli.ini - /etc/php/7.2/cli/conf.d/20-pdo_mysql.ini - /etc/php/7.2/cli/conf.d/20-phar.ini - /etc/php/7.2/cli/conf.d/20-posix.ini - /etc/php/7.2/cli/conf.d/20-readline.ini - /etc/php/7.2/cli/conf.d/20-shmop.ini - /etc/php/7.2/cli/conf.d/20-sockets.ini - /etc/php/7.2/cli/conf.d/20-sysvmsg.ini - /etc/php/7.2/cli/conf.d/20-sysvsem.ini - /etc/php/7.2/cli/conf.d/20-sysvshm.ini - /etc/php/7.2/cli/conf.d/20-tokenizer.ini You can also run
php --ini
inside terminal to see which files are used by PHP in CLI mode. Installation failed, deleting ./composer.json.
# apt install -y php-xml php-gd php-mbstring php-zip
오류메시지를 확인하고 설치되지 않은 패키지를 설치한다.
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Warning from https://packagist.org: You are using an outdated version of Composer. Composer 2.0 is now available and you should upgrade. See https://getcomposer.org/2
Using version ^1.16 for phpoffice/phpspreadsheet
./composer.json has been created
Loading composer repositories with package information
Warning from https://packagist.org: You are using an outdated version of Composer. Composer 2.0 is now available and you should upgrade. See https://getcomposer.org/2
Updating dependencies (including require-dev)
Package operations: 11 installs, 0 updates, 0 removals
Installing ezyang/htmlpurifier (v4.13.0): Downloading (100%)
Installing psr/http-message (1.0.1): Downloading (100%)
Installing psr/http-factory (1.0.1): Downloading (100%)
Installing psr/http-client (1.0.1): Downloading (100%)
Installing psr/simple-cache (1.0.1): Downloading (100%)
Installing markbaker/matrix (2.1.1): Downloading (100%)
Installing markbaker/complex (2.0.0): Downloading (100%)
Installing myclabs/php-enum (1.7.7): Downloading (100%)
Installing symfony/polyfill-mbstring (v1.22.0): Downloading (100%)
Installing maennchen/zipstream-php (2.1.0): Downloading (100%)
Installing phpoffice/phpspreadsheet (1.16.0): Downloading (100%)
phpoffice/phpspreadsheet suggests installing mpdf/mpdf (Option for rendering PDF with PDF Writer)
phpoffice/phpspreadsheet suggests installing dompdf/dompdf (Option for rendering PDF with PDF Writer (doesn't yet support PHP8))
phpoffice/phpspreadsheet suggests installing tecnickcom/tcpdf (Option for rendering PDF with PDF Writer (doesn't yet support PHP8))
phpoffice/phpspreadsheet suggests installing jpgraph/jpgraph (Option for rendering charts, or including charts with PDF or HTML Writers)
Writing lock file
Generating autoload files
설치완료
#copy running-config startup-config
운영중인 설정을 시작설정으로 복사
#show arp
#clear arp-cache
arp 관련
#show running-config | include '검색할 텍스트'
#show interface status
#show vlan
Let’s Encrypt 에서 발급하는 90일짜리 무료 인증서입니다. 3개월에 한번씩 인증을 해야하지만 자동업데이트를 이용하면 쉽게 사용할 수 있습니다.
$ snap install --classic certbot
우분투 18.04 기준 snap로 certbot를 설치합니다.
// 아파치
$ certbot --apache
// nginx
$ certbot --nginx
certbot 명령을 이용해서 SSL인증서를 발급받습니다. 옵션을 이용해서 웹서버를 지정합니다.
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel):
이메일주소를 입력합니다. 인증서 만료전에 이메일로 알려줍니다.
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?
(Y)es/(N)o: Y
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: Y
Account registered.
이용약관에 동의합니다.
Which names would you like to activate HTTPS for?
1: jongwan.com
2: www.jongwan.com
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
인증서를 발급받을 도메인을 선택합니다. 공백으로 엔터를 누르면 모두 발급합니다. jongwan.com, www.jongwan.com을 모두 받으므로 그냥 엔터를 입력합니다.
Requesting a certificate for jongwan.com and www.jongwan.com
Performing the following challenges:
http-01 challenge for jongwan
http-01 challenge for www.jongwan
Waiting for verification…
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/jongwan_com-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/jongwan_com-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/jongwan_com-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/jongwan_com-le-ssl.conf
Redirecting vhost in /etc/apache2/sites-enabled/jongwan_com.conf to ssl vhost in /etc/apache2/sites-available/jongwan_com-le-ssl.conf
Congratulations! You have successfully enabled https://jongwan.com and
https://www.jongwan.com
Subscribe to the EFF mailing list (email: me@jongwan.com).
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/jongwan.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/jongwan.com/privkey.pem
Your certificate will expire on 2021-04-15. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again with the "certonly" option. To non-interactively
renew all of your certificates, run "certbot renew"
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
인증서를 발급중입니다.
$ certbot renew
renew 옵션을 이용해서 인증서를 자동갱신할 수 있습니다.
–dry-run 옵션을 추가하면 발급 테스트도 가능합니다.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/jongwan.com.conf
Cert not yet due for renewal
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/jongwan.com/fullchain.pem expires on 2021-04-15 (skipped)
No renewals were attempted.
실행해보면 아래처럼 나옵니다. 방금 인증서를 받았기 때문에 갱신이 되지는 않고 메시지만 출력됩니다.
$ crontab -e
// 매일 0시 업데이트 진행
0 0 * * * sudo certbot renew
crontab에 등록해서 자동으로 갱신하도록 합니다.
https://www.tiny.cloud/docs/quick-start/
<textarea id="note" class="note">내용을 입력하세요</textarea>
<script src="https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js" referrerpolicy="origin"></script>
<script>
tinymce.init({
selector: '#note',
plugins: 'print preview powerpaste casechange importcss tinydrive searchreplace autolink autosave save directionality advcode visualblocks visualchars fullscreen image link media mediaembed template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists checklist wordcount tinymcespellchecker a11ychecker imagetools textpattern noneditable help formatpainter permanentpen pageembed charmap tinycomments mentions quickbars linkchecker emoticons advtable',
menu: {
tc: {
title: 'TinyComments',
items: 'addcomment showcomments deleteallconversations'
}
},
menubar: 'file edit view insert format tools table tc help',
toolbar: 'undo redo | bold italic underline strikethrough | fontselect fontsizeselect formatselect | alignleft aligncenter alignright alignjustify | outdent indent | numlist bullist checklist | forecolor backcolor casechange permanentpen formatpainter removeformat | pagebreak | charmap emoticons | fullscreen preview save print | insertfile image media pageembed template link anchor codesample | showcomments addcomment',
autosave_ask_before_unload: true,
toolbar_mode: 'floating',
tinycomments_mode: 'embedded',
tinycomments_author: 'Author name',
height: '100%'
});
</script>
API 키는 My Account에서 가입후 발급이 가능
발급후 도메인을 등록하고 no-api-key 부분을 교체해서 사용이 가능