Since the Chinese input method has not been installed ( and I’m not planning to install it), I will write this article in English.

Why CentOS 6, and why net install?

  1. Because my VPS provider LocVPS does not provide with CentOS 7, and I want to keep the local debugging computer almost the same as the production computer.
  2. Because I want to install CentOS on my USBKey, and I want burned the installation iso on that USBKey.

How to?

  1. Prepare your USB Key.
    1. At first I tryied UltraISO, which is a popular software. However maybe my UltraISO is too old, some error showed when I start from the USBKey burned by it. After google, I decided to use “dd for windows“, which works well.
    2. Dowload dd for windows from its website
    3. unzip it to a directory, and open a command window, cd into that directory.
    4. use dd –list to find your USBkey identification (Intruction), which should looks like \\?\Device\Harddisk1\Partition0 (tips: not the RDA one)
    5. Download the centos iso for net install (from say, USTC)
    6. dd if=your_centos_for_net_install.iso of=\\?\Device\Harddisk1\Partition0 –progress
    7. reboot and start from your USBKey. (Useually press F12 and choose “USB Key …”, if not search google for your BIOS)
  2. Start install
    1. Setup your IPV4 (and IPV6 address), the mask, and Name Server(DNS Server)!! I did not set the DNS server for the first time and failed.
    2. Choose URL installation method
    3. URL: http://mirrors.ustc.edu.cn/centos/6/os/x86_64 (tips: os, not isos; IHEP does not provide this img)
    4. Go!!
    5. Just use the whole disk (your installing USB Key). It’s ok, and I’m using it now.
    6. Choose desktop, or you will regret for it.
  3. Edit the etc
    1. edit /etc/bashrc, add the following lines:    alias vi=’vim’
      alias grep=’grep –color’
      alias ls=’ls –color’
      export LC_ALL=en_US.UTF-8
    2. edit ~/.bashrc, add the following lines:
      alias setssh=’eval $(ssh-agent -s); ssh-add ~/.ssh/id_rsa’

That’s it.

  1. 页面加载时间过长,经过查看发现是因为调用了http资源:1是腾讯的云平台,3是腾讯管家。于是,停用腾讯云平台及管家,禁用discuz tips(修改plugin/manyou/Service/DiscuzTips.php)。
  2. [media]代码无法正常显示,仔细阅读代码后发现必须按照[media=type,width,height]写入。另外,in_array(count($params), array(3, 4))的判断条件非常奇怪,因为第4个参数永远用不到。
  3. 全站http化之后ku6的swf无法正常插入。解决方法1:仅保留登陆时https。解决方法2:允许混合内容。

一般的使用情景:

  1. 你不希望你的公司的员工上班的时候打游戏、聊qq、刷微博,所以你只是把公司内部的电脑互相连起来了,它们组成了一个局域网。
  2. 但是你自己想上网,于是你拥有整个公司里唯一一个可以上网的电脑:你可以打游戏、聊qq、浏览google、YouTube、Twitter等网页。
  3. 由于工作需要,你的一部分员工需要和客服发邮件怎么办呢?你跟他们说,如果你想上mail.126.com,你就在浏览器里面输入:theOnly2WebsitesYouShouldGo-1.dingxf.cn。然后果然,那个员工登录了mail.126.com,就跟在家里登录126一模一样。

这是怎么实现的呢?

  1. 用户输入theOnlyWebsiteYouShouldGo.dingxf.cn之后,他的请求会发送到公司里唯一一台可以上网的电脑那里,这台电脑就是反向代理(Reverse Proxy Server)。
  2. 这台电脑(Reverse Proxy Server)查看用户的请求以及老板(你)的记录:
    1. theOnly2WebsitesYouShouldGo-1.dingxf.cn对应mail.126.com
    2. theOnly2WebsitesYouShouldGo-2.dingxf.cn对应www.dingxf.cn
  3. 根据记录,Reverse Proxy Server访问mail.126.com
  4. Reverse Proxy Server把126服务器传回的内容转交给用户
  5. 外界看来,是Reverse Proxy Server在访问126服务器,他们并不知道是哪个用户在访问126服务器;而对于用户,他们通过Reverse Proxy Server终于可以上网了。

以上是基本原理。

以下是设置方法:

拥有一个顶级域名(例如www.example.cn)

添加一个VirtualHost:

<VirtualHost *:443>
ServerName www.example.cn:443
DocumentRoot “/phy/dir/on/your/machine/”
Include conf.d/ssl.conf.default

SSLProxyEngine On
ProxyPass / https://www.google.com/
ProxyPassReverse / https://www.g.com/
ProxyPassReverseCookieDomain https://www.g.com/ /
ProxyPassReverseCookiePath / /
</VirtualHost>

conf.d/ssl.conf.default的内容:

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCertificateFile /your/crt/file
SSLCertificateKeyFile /your/private/key/file
SSLCertificateChainFile /your/ca-bundle/file

<Files ~ “\.(cgi|shtml|phtml|php3?)$”>
SSLOptions +StdEnvVars
</Files>

SetEnvIf User-Agent “.*MSIE.*” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log “%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

我省略了很多内容,后面的帖子会慢慢讲~

2015.08.24,再次开通了博客。域名是blog.dingxf.cn,依旧用了LocVPS。这次不写英文博客啦!宣传自己的页面就用neutrino.dingxf.cn好了,这个是英文的。默认的主站是(www.)dingxf.cn目前还是七夕主题~)。另外还有一个acg的论坛:acg.dingxf.cn

我会不定期的更新一些文章,包括服务器搭建、neutrino方面的话题等等。

 

又到4点半啦~ 晚安!