https://mirror-master.debian.org/status/mirror-info/nanomirrors.tuna.tsinghua.edu.cn.html
https://mirror-master.debian.org/status/mirror-info/neomirrors.tuna.tsinghua.edu.cn.html
可以监控 mirrors.
Some days(2024/06) ago I got one ROMA from DC donated for Debian Community. This week I have some time so to try run Debian sid on it.
The system on ROMA was Debian 11 with fixed version riscv64 Debian packages from debian-ports. Until now, we have no debian-ports any more, so this is a very interesting chanllenge.
The DC github is here 0, especially for docs which tells you how to flash image to ROMA.
From my observation, there is there image boot mode: emmc, sd and nvme. The default system from emmc(/dev/mmcblk0).
One key is that: riscv+t can boot system from sd, then you can mount devices to do everything you can do.
GPU drivers: https://github.com/starfive-tech/soft_3rdpart/blob/c43d4fab94b0ef3b492a6382e2282fa7a2695b9b/IMG_GPU/out/img-gpu-powervr-bin-1.19.6345021.tar.gz
mesa: https://github.com/starfive-tech/buildroot/tree/JH7110_VisionFive2_devel/package/mesa3d
Xorg: ?
On debian riscv64, until now we have xfce4 desktop.
lshw -c display
# to recongize kernel gpu driver, otherwise UNCLAIMED".
If you want to debug Desktop env, it is good to start to from startx. Once you do not have any error from xorg, I think you have got it already.
Please also check the log file at "/home/vimer/.local/share/xorg/Xorg.0.log"
# permission issue generally
# normal to check issue from Xorg is from:
/var/log/Xorg.0.log
Due to some packages built from ourself, so we have to apt-mark some package to keep graphic display works
sudo apt-mark hold libegl-mesa0 libgbm1 libglapi-mesa mesa-vulkan-drivers
# partial
1 wiki
Many thanks for DeepComputing which offer the hardware and help from Songsong and RevysOS.
munin 是一个优秀的监控工具。不过网上对于如何通过跳板机连接目标机的资料不多,本篇文章是一个当时的试验记录,先放在这里,方便后面如果再次查阅的话.
Ensure you can access workers/nodes with your pubkey on munin master side.
On nodes, ensure installing munin-node(that’s all done on all
debci workers)
On munin master, to install munin and then:
a. sudo -u munin -s bash # enter into munin namespace. -s
can avoid permission issue, but forget which link
cd # return munin’s default home : /var/lib/munin/
b. copy private key to /var/lib/munin/.ssh/
In my case is /var/lib/munin/.ssh/vimer_id_ed25519. The
key is the one we mentioned above. chown munin to all files.
b. Configure .ssh/config
Host debian-10
HostName 127.0.0.1
Port 22
User vimer
ProxyCommand ssh jump-host -W %h:%p
IdentityFile /var/lib/munin/.ssh/vimer_id_ed25519
Host jump-host
HostName lab.com
Port 22
ServerAliveInterval 120
User vimer
IdentityFile /var/lib/munin/.ssh/vimer_id_ed25519
This is identical to your ~/.ssh/config except ` IdentityFile arg
forcely. Image under munin namespace, you have to log in on jump host
and workers with user name`.
On another terminal, we need to configure /etc/munin/munin.conf
which is conf file of munin. Adding something like below:
[debian-01]
address ssh://vimer.7766.org:12345 -W localhost:4949
use_node_name yes
[debian-10]
address ssh://vimer@debci-10:12345 -W localhost:4949
use_node_name yes
then
sudo systemctl restart munin.
Backing to the previous terminal, you can test it by manual:
munin@debian:~$ /usr/share/munin/munin-update --debug --nofork --host
debian-06 --service df
the --host is what you want to debug. If everything is okay, you will see log:
munin@debian:~$ /usr/share/munin/munin-update --debug --nofork --host
debian-06 --service df
2024/04/19 02:42:51 [DEBUG] Creating new lock file
/var/run/munin/munin-update.lock
2024/04/19 02:42:51 [DEBUG] Creating lock :
/var/run/munin/munin-update.lock succeeded
2024/04/19 02:42:51 [INFO]: Starting munin-update
2024/04/19 02:42:52 [DEBUG] Creating new lock file
/var/run/munin/munin-debian-06.lock
2024/04/19 02:42:52 [DEBUG] Creating lock :
/var/run/munin/munin-debian-06.lock
succeeded
2024/04/19 02:42:52 [DEBUG] Reading state for
debian-06 in
/var/lib/munin/state-debian--06.storable
2024/04/19 02:42:52 [INFO] starting work in 1387300 for
debian-06 (ssh://vimer@debian-06:13321 -W localhost:4949).
2024/04/19 02:42:52 [DEBUG] open3(ssh -o
ChallengeResponseAuthentication=no -o StrictHostKeyChecking=no -p
13321 vimer@debian-06 -W localhost:4949)
2024/04/19 02:42:53 [INFO] node debian-06 advertised itself
as debci-bj-06 instead.
2024/04/19 02:42:53 TLS set to "disabled".
2024/04/19 02:42:53 [DEBUG] Negotiating capabilities
If you have error generated, you can execute ssh -o
ChallengeResponseAuthentication=no -o StrictHostKeyChecking=no -p
13321 vimer@debian-06 -W localhost:4949 -vvv by hand to see what
happened on both side.
All steps are done as my testing. Two usefully log:
/var/log/munin/munin-update.log for munin master and the other is
/var/log/munin/munin-node.log for munin node.
```
最近有一个需求是使用 neomutt 加密邮件内容。 相比较签名,加密确实更复杂一些。这里记录一下我探索的经历。
首先的一点是,必须提前把对方的 公钥 asc 导入到自己的主机, 这里我也不确认这是不是正确的方法,因为在实际操作中, neomutt找不到对应邮件的 keyid. 我的想法是,在这里我们应该把这些key放到一个配置目录中去,然后类似 source 的机制就应该识别到这些keys。 但是我没有找到这种方式,如果找到的话,恳请告知我一下。
可以参考这个 wiki, 如果对方是一个 asc 文件,直接 import 即可。
gpg --import public.asc
但是如何仅仅通过 keyid 直接转换得到 asc 文件呢? 比如大部分开发者会在邮件末尾附上自己的 gpg key。
经试验以下方法可行:
vimer@dev:~/git/yuzibo.github.io/_posts$ gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 12345678
gpg: key 786C63F330D7CB92: 13 duplicate signatures removed
gpg: key 786C63F330D7CB92: public key "example <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
前提是这个 pubkey 的所有者将自己的key上传到 kerserver.
Debian DD 或者 DM 可以直接 fetch from Debian 的服务器, 以及如何更新过期的key,请参考这里
gpg --keyserver keyring.debian.org --recv-keys 0x2404C9546E145360
一旦 import, 请看下面的操作.
一些 config, 可以参考 wiki1.
在 neomutt 下, 如果想要加密的需要,编辑完邮件内容, 到发送界面:
y:Send q:Abort t:To c:CC s:Subj a:Attach file d:Descrip ?:Help
From: Bo YU <[email protected]>
To: [email protected]
Cc:
Bcc:
Subject: test for encrpting the email
Reply-To:
Fcc: +Sent
Security: Sign (PGP/MIME)
Sign as: <default>
Mix: <no chain defined>
Headers: X-PGP-Key: https://github.com/yuzibo/yuzibo.github.io/blob/master/_includes/subkey-signing-06-18-143E4BAF-pub.asc
-- Attachments
按下 p 或者 S 键, 出现:
PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, s/(m)ime or (c)lear?
然后选择 b就是签名和加密一块选择.
此时 界面 的提示变为:
Subject: test for encrpting the email
Reply-To:
Fcc: +Sent
Security: Sign, Encrypt (PGP/MIME)
Sign as: <default>
Mix: <no chain defined>
一切准备完毕, 输入y 发送, 再次提示:
PGP keys matching <[email protected]>
ID has undefined validity. Do you really want to use the key? ([no]/yes)
输入 yes 并且 附带 签名的密码就可以发送了.
ansible doc: https://erdong.site/ansible-notes/ch01/1.3-ansible-config.html 实战: 首先,编辑或者创建 /etc/ansible/hosts 文件,用来存放远程主机的信息。你的公钥应该在这些机器的 authorized_keys 。您可以通过编辑/etc/ansible/ansible.cfg或~/.ansible.cfg来实现: 更简洁的可以参考这里: https://blog.51cto.com/395469372/2133486
ansible all -m ping
https://blog.csdn.net/Shyllin/article/details/123690458
sible all -m copy -a "src=/home/vimer/ansible/pubkey.debian-ci dest=/home/debian/"
ansible all -m shell -a "chmod +x /home/debian/add-user.sh"
4.1 sudo 命令:
debci-23 ansible_user=debian ansible_password="xx" ansible_ssh_user="xx" ansible_become_pass="xx"
a. 远程关机:
ansible all -m shell -a "poweroff" -become=true
b. 远程修改文件属性:
ansible all -m shell -a "usermod -aG sudo vimer" -become=true
dpkg-deb -x ../libzlog1_1.2.18-1_amd64.deb libzlog1
dpkg-gensymbols -v1.2.18 -plibzlog -Olibzlog1.symbols -elibzlog1/usr/lib/x86_64-linux-gnu/zlog/libzlog.so.1
结合 pkgkde wiki