Ua lōʻihi koʻu makemake e "hoʻopā i koʻu mau lima" ma nā lawelawe pūnaewele ma o ka hoʻonohonoho ʻana i kahi kikowaena pūnaewele mai ka wā kahiko a hoʻokuʻu iā ia i ka Pūnaewele. Ma kēia ʻatikala makemake wau e kaʻana like i kaʻu ʻike i ka hoʻololi ʻana i kahi router home mai kahi mea hana nui i kahi kikowaena piha piha.
Ua hoʻomaka ia me ka ʻoiaʻiʻo ʻo ka TP-Link TL-WR1043ND router, ka mea i lawelawe me ka ʻoiaʻiʻo, ʻaʻole i hoʻokō hou i nā pono o kahi pūnaewele home; Ua makemake au i kahi hui 5 GHz a me ke komo wikiwiki ʻana i nā faila ma kahi mea mālama i pili i ke alalai. . Ma hope o ka nānā ʻana i nā ʻaha kūkā kūikawā (4pda, ixbt), nā pūnaewele me nā loiloi a me ka nānā ʻana i ka ʻano o nā hale kūʻai kūloko, ua hoʻoholo wau e kūʻai iā Keenetic Ultra.
ʻO nā loiloi maikaʻi mai nā mea nona nā mea i hana i kēia mea pono:
- ʻaʻohe pilikia me ka wela (eia mākou e haʻalele i nā huahana Asus);
- ka hilinaʻi o ka hana (eia wau i hele ai i waho o TP-Link);
- maʻalahi e hoʻonohonoho (Ua makaʻu wau ʻaʻole hiki iaʻu ke hoʻopaʻa a hele i waho o Microtik).
Pono wau e hoʻoholo i nā hemahema:
- ʻaʻohe WiFi6, makemake wau e lawe i nā lako me kahi mālama no ka wā e hiki mai ana;
- 4 LAN ports, makemake au i nā mea hou aʻe, akā ʻaʻole kēia he ʻano home.
ʻO ka hopena, loaʻa iā mākou kēia "server":
- aia ma ka hema ke kikowaena optical o Rostelecom;
- ma ka ʻaoʻao ʻākau kā mākou mea hoʻokele hoʻokolohua;
- he 2 GB m.128 SSD e moe ana a puni, waiho ʻia i loko o kahi pahu USB3 mai Aliexpress, ua hoʻopili ʻia i ke alalai me kahi uea, i kēia manawa ua kau pono ʻia ma ka paia;
- i ka mua he kaula hoʻonui me nā kumu kūʻokoʻa i hoʻokaʻawale ʻia, hele ka uea mai ia mea i kahi UPS maʻalahi;
- Aia ma ke kua he pūʻulu o nā kaula wili - ma ke kahua o ka hoʻoponopono hou ʻana i ke keʻena, ua hoʻolālā koke wau i nā kumu RJ45 i nā wahi i manaʻo ʻia e kau ʻia nā mea hana, i ʻole e hilinaʻi i ka WiFi e hoʻoheheʻe ʻia.
No laila, loaʻa iā mākou nā mea hana, pono mākou e hoʻonohonoho iā ia:
- ʻO ka hoʻonohonoho mua ʻana o ke alalai e pili ana i 2 mau minuke, hōʻike mākou i nā ʻāpana pili i ka mea hoʻolako (ua hoʻololi ʻia kaʻu kikowaena optical i ke ala alahaka, hoʻokiʻekiʻe ka pilina PPPoE i ke alalai), ka inoa o ka pūnaewele WiFi a me ka ʻōlelo huna - ʻo ia ka mea. , hoʻomaka ka mea alalai a hana.
Hoʻonoho mākou i ka hoʻouna ʻana i nā awa o waho i nā awa o ka mea alalai ponoʻī ma ka ʻāpana "Network rules - Forwarding":
I kēia manawa hiki iā mākou ke neʻe i ka ʻāpana "advanced", ka mea aʻu i makemake ai mai ke alalai:
- ka hana o kahi NAS liʻiliʻi no kahi pūnaewele home;
- ka hana ʻana i nā hana kikowaena pūnaewele no kekahi mau ʻaoʻao pilikino;
- hana pilikino kapua no ke komo ʻana i ka ʻikepili pilikino mai nā wahi a pau o ka honua.
Hoʻokō ʻia ka mea mua me ka hoʻohana ʻana i nā mea hana i kūkulu ʻia, me ka ʻole o ka hoʻoikaika nui ʻana:
- Lawe mākou i kahi kaʻa i manaʻo ʻia no kēia kuleana (flash drive, kāleka hoʻomanaʻo i kahi kāleka heluhelu, hard drive a i ʻole SSD i loko o kahi pahu waho a hōʻano iā ia i Ext4 me ka hoʻohana ʻana. (ʻAʻohe oʻu kamepiula me Linux ma ka lima, hiki ke hana me nā mea hana i kūkulu ʻia). E like me kaʻu i hoʻomaopopo ai, i ka wā o ka hana, kākau wale ka ʻōnaehana i nā lāʻau i ka flash drive, no laila inā e kaupalena ʻoe iā lākou ma hope o ka hoʻonohonoho ʻana i ka ʻōnaehana, hiki iā ʻoe ke hoʻohana i nā kāleka hoʻomanaʻo inā hoʻolālā ʻoe e kākau nui a pinepine i ka drive - kahi SSD a i ʻole. ʻOi aku ka maikaʻi o ka HDD.
Ma hope o kēia, hoʻopili mākou i ke kaʻa i ke alalai a nānā iā ia ma ka ʻaoʻao monitor system
Kaomi ma ka "USB drives and printers" i ka ʻāpana "Applications" a hoʻonohonoho i ka mahele ma ka ʻāpana "Windows Network":
A loaʻa iā mākou kahi kumuwaiwai pūnaewele hiki ke hoʻohana ʻia mai nā kamepiula Windows, e hoʻopili ana ma ke ʻano he disk inā pono: net use y: \192.168.1.1SSD /persistent:yes
ʻO ka wikiwiki o kēlā NAS improvised ua lawa loa ia no ka hoʻohana ʻana i ka home; ma luna o kahi uea e hoʻohana ai i ka gigabit holoʻokoʻa, ma luna o WiFi ka wikiwiki ma kahi o 400-500 megabits.
ʻO ka hoʻonohonoho ʻana i kahi waihona kahi o nā ʻanuʻu e pono ai e hoʻonohonoho i ke kikowaena, a laila pono mākou:
- a me kahi helu IP static (hiki iā ʻoe ke hana me ka ʻole o kēia me ka hoʻohana ʻana i ka Dynamic DNS, akā ua loaʻa iaʻu kahi IP static, no laila ua maʻalahi ka hoʻohana. - , loaʻa iā mākou ka hoʻokipa DNS a me ka leka uila ma kā mākou kikowaena);
- a hoʻohui i kahi moʻolelo e kuhikuhi ana i kāu IP:
He mau hola ka lōʻihi o ka hoʻonohonoho ʻana o ka domain a me ka DNS delegation, no laila ke hoʻonohonoho nei mākou i ke alalai.
ʻO ka mea mua, pono mākou e hoʻokomo i ka waihona Entware, kahi e hiki ai iā mākou ke hoʻokomo i nā pūʻolo pono ma ka router. Ua lawe pono au , ʻaʻole i hoʻouka i ka pūʻulu hoʻonohonoho ma o FTP, akā ua hana pololei i kahi kōpili ma ka pūnaewele pūnaewele i hoʻopili mua ʻia a kope i ka faila ma ke ʻano maʻamau.
Ma hope o ka loaʻa ʻana ma o SSH, e hoʻololi i ka ʻōlelo huna me ke kauoha passwd a hoʻokomo i nā pūʻulu pono āpau me ke kauoha opkg install [package names]:
I ka wā o ka hoʻonohonoho ʻana, ua hoʻokomo ʻia kēia mau pūʻolo ma luna o ke alalai (ka hoʻopuka o ke kauoha opkg list-installed):
Papa inoa o nā pūʻolo
bash - 5.0-3
pahu hana - 1.31.1-1
ca-puʻupuʻu - 20190110-2
ca-palapala palapala - 20190110-2
coreutils - 8.31-1
coreutils-mktemp - 8.31-1
cron - 4.1-3
curl - 7.69.0-1
diffutils - 3.7-2
dropbear - 2019.78-3
hoʻokuʻu-entware - 1.0-2
findutils - 4.7.0-1
glib2 - 2.58.3-5
grep - 3.4-1
ldconfig - 2.27-9
libattr - 2.4.48-2
libblkid - 2.35.1-1
libc - 2.27-9
libcurl - 7.69.0-1
libffi - 3.2.1-4
libgcc - 8.3.0-9
libiconv-piha - 1.11.1-4
libintl-piha - 0.19.8.1-2
liblua - 5.1.5-7
libmbedtls - 2.16.5-1
libmount - 2.35.1-1
libncurses - 6.2-1
libncursesw - 6.2-1
libndm - 1.1.10-1a
libopenssl - 1.1.1d-2
libopenssl-conf - 1.1.1d-2
libpcap - 1.9.1-2
libpcre - 8.43-2
libpcre2 - 10.34-1
libpthread - 2.27-9
libreadline - 8.0-1a
librt - 2.27-9
libslang2 - 2.3.2-4
libssh2 - 1.9.0-2
libssp - 8.3.0-9
libstdcpp - 8.3.0-9
libuid - 2.35.1-1
libxml2 - 2.9.10-1
nā wahi - 2.27-9
mc - 4.8.23-2
ndmq - 1.0.2-5a
nginx - 1.17.8-1
openssl-util - 1.1.1d-2
opkg — 2019-06-14-dcbc142e-2
koho-ndmsv2 - 1.0-12
php7 - 7.4.3-1
php7-mod-openssl - 7.4.3-1
pahu pōʻino - 1.31.1-2
terminfo - 6.2-1
zlib - 1.2.11-3
zoneinfo-asia - 2019c-1
zoneinfo-europe - 2019c-1
Malia paha he mea ʻoi loa ma ʻaneʻi, akā nui ka wahi ma ke kaʻa, no laila ʻaʻole wau i hopohopo e nānā i ia.
Ma hope o ka hoʻokomo ʻana i nā pūʻulu, hoʻonohonoho mākou i ka nginx, ua hoʻāʻo wau me ʻelua mau kikowaena - ua hoʻonohonoho ʻia ka lua me https, a i kēia manawa aia kahi stub. Hoʻohana ʻia nā awa kūloko 81 a me 433 ma kahi o 80 a me 443, no ka mea e kau ana ka panel admin router ma nā awa maʻamau.
etc/nginx/nginx.conf
user nobody;
worker_processes 1;
#error_log /opt/var/log/nginx/error.log;
#error_log /opt/var/log/nginx/error.log notice;
#error_log /opt/var/log/nginx/error.log info;
#pid /opt/var/run/nginx.pid;
events {
worker_connections 64;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /opt/var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 81;
server_name milkov.su www.milkov.su;
return 301 https://milkov.su$request_uri;
}
server {
listen 433 ssl;
server_name milkov.su;
#SSL support
include ssl.conf;
location / {
root /opt/share/nginx/html;
index index.html index.htm;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
</spoiler>
<spoiler title="etc/nginx/ssl.conf">
ssl_certificate /opt/etc/nginx/certs/milkov.su/fullchain.pem;
ssl_certificate_key /opt/etc/nginx/certs/milkov.su/privkey.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /opt/etc/nginx/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_stapling on;I mea e hana ai ka pūnaewele ma o https, ua hoʻohana au i ka palapala dehydrated kaulana, hoʻokomo iā ia me ka hoʻohana ʻana . ʻAʻole i pilikia kēia kaʻina hana, ua hina wau i ka ʻoiaʻiʻo ma ka kikokikona o ka palapala no ka hana ʻana i kaʻu mea ala. /opt/etc/ssl/openssl.cnf:
[openssl_conf]
#engines=enginesA ʻike wau i ka hana ʻana i ka dhparams.pem me ke kauoha "openssl dhparam -out dhparams.pem 2048" ma kaʻu mea hoʻokele e ʻoi aku ma mua o 2 mau hola, inā ʻaʻole no ka hōʻailona holomua, ua nalowale wau i ke ahonui a hoʻomaka hou.
Ma hope o ka loaʻa ʻana o nā palapala hōʻoia, e hoʻomaka hou i ka nginx me ke kauoha "/opt/etc/init.d/S80nginx restart". Ma ke kumu, ua pau ka hoʻonohonoho ʻana, akā ʻaʻohe pūnaewele i kēia manawa - inā mākou e hoʻokomo i ka faila index.html i ka papa kuhikuhi /share/nginx/html, e ʻike mākou i kahi stub.
index.html
<!DOCTYPE html>
<html>
<head>
<title>Тестовая страничка!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Тестовая страничка!</h1>
<p>Это простая статическая тестовая страничка, абсолютно ничего интересного.</p>
</body>
</html>No ka waiho ʻana i ka ʻike me ka nani, ʻoi aku ka maʻalahi o ka poʻe ʻoihana like ʻole e like me aʻu e hoʻohana i nā mamana i hana ʻia; ma hope o ka huli lōʻihi ʻana ma o nā papa inoa like ʻole, ʻike wau - aia kahi koho maikaʻi o nā template manuahi ʻaʻole koi i ka hoʻoili ʻana (he mea kakaikahi ma ka Pūnaewele; ʻo ka hapa nui o nā templates i ka laikini e koi iā ʻoe e mālama i kahi loulou i ka kumuwaiwai i loaʻa ai lākou).
Koho mākou i kahi laʻana kūpono - aia nā mea no nā hihia like ʻole, hoʻoiho i ka waihona a wehe i loko o ka papa kuhikuhi / share/nginx/html, hiki iā ʻoe ke hana i kēia mai kāu kamepiula, a laila hoʻoponopono i ka template (eia ʻoe e pono ai ka ʻike liʻiliʻi. o HTML i ʻole e wāwahi i ka hale) a hoʻololi i nā kiʻi e like me ka mea i hōʻike ʻia ma ke kiʻi ma lalo.
Hōʻuluʻulu manaʻo: kūpono loa ka mea alalai no ka hoʻokipa ʻana i kahi pūnaewele māmā ma luna o ia, ma ke kumu - inā ʻaʻole ʻoe e manaʻo i kahi ukana nui, hiki iā ʻoe ke , a hoʻokolohua me nā papahana ʻoi aku ka paʻakikī (nānā au iā nextcloud/owncloud, ʻike ʻia aia nā hoʻonohonoho kūleʻa ma ia mau lako). ʻO ka hiki ke hoʻokomo i nā pōʻai e hoʻonui i kona pono - no ka laʻana, i ka wā e pono ai e pale i ke awa RDP o kahi PC ma kahi pūnaewele kūloko, ua hoʻokomo wau i ke kīkēkē ma ke alalai - a ua wehe ʻia ka port forwarding i ka PC ma hope o ke kīkēkē ʻana.
No ke aha he router a ʻaʻole PC maʻamau? ʻO ke alalai kekahi o nā ʻāpana kamepiula liʻiliʻi e hana ana i ka uaki ma nā keʻena he nui; ʻaʻole e hoʻopilikia ʻia ka mea hoʻokele home a ʻo kahi kahua māmā me ka liʻiliʻi o hoʻokahi haneli kipa i kēlā me kēia lā ʻaʻole ia e pilikia.
Source: www.habr.com