Kuv tau xav ntev "kov kuv txhais tes" ntawm kev pabcuam hauv Is Taws Nem los ntawm kev teeb tsa lub vev xaib server los ntawm kos thiab tso tawm rau Is Taws Nem. Hauv tsab xov xwm no kuv xav qhia kuv cov kev paub dhau los hauv kev hloov pauv lub tsev router los ntawm cov cuab yeej ua haujlwm tau zoo rau hauv cov server yuav luag tag nrho.
Nws tag nrho pib nrog qhov tseeb tias TP-Txuas TL-WR1043ND router, uas tau ua haujlwm ncaj ncees, tsis tau raws li cov kev xav tau ntawm lub tsev network lawm; Kuv xav tau 5 GHz band thiab ceev nkag mus rau cov ntaub ntawv ntawm lub cuab yeej cia txuas nrog lub router. . Tom qab saib los ntawm cov rooj sib tham tshwj xeeb (4pda, ixbt), cov chaw nrog kev tshuaj xyuas thiab saib cov khoom lag luam hauv zos, kuv txiav txim siab yuav Keenetic Ultra.
Kev tshuaj xyuas zoo los ntawm cov tswv tau ua haujlwm hauv kev pom zoo ntawm cov cuab yeej tshwj xeeb no:
- tsis muaj teeb meem nrog overheating (ntawm no peb yuav tsum tso tseg Asus cov khoom);
- kev ntseeg siab ua haujlwm (ntawm no kuv hla tawm TP-Txuas);
- yooj yim teeb tsa (Kuv ntshai kuv ua tsis tau nws thiab hla Microtik).
Kuv yuav tsum tau hais txog qhov tsis zoo:
- tsis muaj WiFi6, Kuv xav coj cov cuab yeej nrog rau lub neej yav tom ntej;
- 4 LAN chaw nres nkoj, Kuv xav tau ntau dua, tab sis qhov no tsis yog ib pawg hauv tsev lawm.
Yog li ntawd, peb tau txais qhov "server":
- sab laug yog qhov chaw kho qhov muag ntawm Rostelecom;
- ntawm sab xis yog peb qhov kev sim router;
- ib tug 2 GB m.128 SSD nyob ib ncig ntawm, muab tso rau hauv ib lub thawv USB3 los ntawm Aliexpress, txuas nrog lub router nrog ib tug hlau, tam sim no nws yog huv si mounted rau ntawm phab ntsa;
- nyob rau hauv pem hauv ntej yog ib tug extension qaum nrog nws tus kheej disconnected sockets, cov hlau los ntawm nws mus rau ib tug pheej yig UPS;
- Nyob rau hauv keeb kwm yav dhau muaj ib pawg ntawm twisted khub cables - nyob rau theem ntawm renovate lub tsev, tam sim ntawd kuv npaj RJ45 sockets nyob rau hauv cov chaw uas cov cuab yeej yuav tsum tau nyob, thiaj li tsis mus nyob ntawm lub WiFi raug littered.
Yog li, peb muaj cov cuab yeej siv, peb yuav tsum teeb tsa nws:
- Kev teeb tsa thawj zaug ntawm lub router siv sijhawm li 2 feeb, peb qhia qhov tsis sib txuas rau tus neeg muab kev pabcuam (kuv lub davhlau ya nyob twg kho qhov muag tau hloov mus rau choj hom, PPPoE kev sib txuas nqa lub router), lub npe ntawm WiFi network thiab tus password - qhov tseem ceeb yog nws. , lub router pib thiab ua haujlwm.
Peb teeb tsa kev xa tawm ntawm cov chaw nres nkoj sab nraud mus rau cov chaw nres nkoj ntawm router nws tus kheej hauv "Network rules - Forwarding" section:
Tam sim no peb tuaj yeem txav mus rau qhov "advanced", qhov kuv xav tau los ntawm router:
- kev ua haujlwm ntawm NAS me me rau lub network hauv tsev;
- ua lub web server ua haujlwm rau ntau nplooj ntawv ntiag tug;
- tus kheej huab ua haujlwm rau kev nkag mus rau tus kheej cov ntaub ntawv los ntawm txhua qhov chaw hauv ntiaj teb.
Thawj yog siv cov cuab yeej built-in, tsis tas yuav siv zog ntau:
- Peb siv lub tsav uas npaj rau lub luag haujlwm no (flash drive, nco daim npav hauv daim npav nyeem ntawv, hard drive lossis SSD hauv lub thawv sab nraud thiab ua nws rau Ext4 siv. (Kuv tsis muaj lub computer nrog Linux ntawm tes, nws muaj peev xwm nrog cov cuab yeej built-in). Raws li kuv nkag siab nws, thaum lub sijhawm ua haujlwm lub kaw lus tsuas yog sau rau hauv lub flash drive, yog li yog tias koj txwv lawv tom qab teeb tsa lub kaw lus, koj tuaj yeem siv daim npav nco yog tias koj npaj yuav sau ntau thiab ntau zaus rau lub tsav - SSD lossis HDD zoo dua.
Tom qab ntawd, peb txuas tus tsav mus rau lub router thiab saib nws ntawm qhov system saib lub vijtsam
Nyem rau ntawm "USB drives thiab tshuab luam ntawv" mus rau ntu "Cov Ntawv Thov" thiab teeb tsa qhov sib koom hauv ntu "Windows Network":
Thiab peb muaj cov peev txheej hauv lub network uas tuaj yeem siv los ntawm Windows cov khoos phis tawj, txuas ua disk yog tias tsim nyog: ββnet siv y: \192.168.1.1SSD /persistent:yes
Qhov ceev ntawm xws li ib tug improvised NAS yog heev txaus rau siv hauv tsev; dhau ib tug hlau nws siv tag nrho gigabit, tshaj WiFi qhov ceev yog hais txog 400-500 megabits.
Kev teeb tsa cia yog ib qho ntawm cov kauj ruam tsim nyog los teeb tsa lub server, tom qab ntawd peb xav tau:
- thiab qhov chaw nyob IP zoo li qub (koj tuaj yeem ua yam tsis muaj qhov no los ntawm kev siv Dynamic DNS, tab sis kuv twb muaj tus IP zoo li qub, yog li nws tau ua kom yooj yim siv. - , peb tau txais DNS hosting thiab xa ntawv ntawm peb lub npe);
- thiab ntxiv A cov ntaub ntawv taw qhia rau koj tus IP:
Nws yuav siv sij hawm ntau teev rau qhov chaw sau npe thiab DNS delegation teeb tsa kom muaj txiaj ntsig, yog li peb tab tom teeb tsa lub router ib txhij.
Ua ntej, peb yuav tsum nruab Entware repository, los ntawm qhov peb tuaj yeem nruab cov pob tsim nyog ntawm lub router. Kuv coj kom zoo dua , tsuas yog tsis upload lub pob teeb tsa ntawm FTP, tab sis tsim ib daim nplaub tshev ncaj qha rau ntawm lub khoos phis tawj yav dhau los txuas thiab luam cov ntaub ntawv nyob rau hauv txoj kev niaj zaus.
Tau txais kev nkag los ntawm SSH, hloov tus password nrog cov lus txib passwd thiab nruab tag nrho cov pob tsim nyog nrog opkg nruab [pob npe] cov lus txib:
Thaum lub sijhawm teeb tsa, cov pob khoom hauv qab no tau teeb tsa ntawm lub router (qhov tso zis ntawm opkg daim ntawv teev npe-ntsia):
Daim ntawv teev cov pob
yog '- 5.0-3
dab neeg - 1.31.1-1
nkauj ntseeg tawm tshiab 20190110-2
ca-certificates - 20190110-2
xov xwm tshiab - 8.31-1
txz | | |-- coreutils-mktemp - 8.31-1
cron - 4.1-3
caw - 7.69.0-1
kev sib tw - 3.7-2
dab neeg - 2019.78-3
entware-tso tawm - 1.0-2
nrhiav - 4.7.0-1
Sib 2 - 2.58.3-5
pem 3.4-1
txz -> ../Allconfig β 2.27-9
libattr - 2.4.48-2
libblkid - 2.35.1-1
libc - 2.27-9
libcurl - 7.69.0-1
libffi - 3.2.1-4
libgcc - 8.3.0-9
txz | | |-- libiconv-full - 1.11.1-4
libintl-full - 0.19.8.1-2
liblua - 5.1.5-7
libbedtls - 2.16.5-1
libmount - 2.35.1-1
libncurses - 6.2-1
libncursesw - 6.2-1
libndm - 1.1.10-1a
libopenssl - 1.1.1d-2
libopenssl-conf - 1.1.1d-2
libpcap - 1.9.1-2
libpcre - 8.43-2
libpcre2 - 10.34-1
libpthread - 2.27-9
libreadline - 8.0-1a
libt - 2.27-9
libslang2 - 2.3.2-4
libssh2 - 1.9.0-2
libssp - 8.3.0-9
libstdcpp - 8.3.0-9
libuid - 2.35.1-1
libxml2 - 2.9.10-1
chaw - 2.27-9
mc - 4.8.23-2
ndmq - 1.0.2-5a
nginx - 1.17.8-1
txz | | |-- openssl-util - 1.1.1d-2
opkg β 2019-06-14-dcbc142e-2
txz | | |-- opt-ndmsv2 - 1.0-12
txz -> ../All/php7-7.4.3-1
txz | | |-- php7-mod-openssl - 7.4.3-1
1.31.1-2
Cov ntsiab lus - 6.2-1
zlib - 1.2.11-3
zoneinfo-asia - 2019c-1
zoneinfo-teb chaws Europe - 2019c-1
Tej zaum muaj ib yam dab tsi superfluous ntawm no, tab sis muaj ntau qhov chaw ntawm lub tsav, yog li kuv tsis thab saib rau nws.
Tom qab txhim kho cov pob khoom, peb teeb tsa nginx, kuv sim nws nrog ob lub npe - qhov thib ob yog teeb tsa nrog https, thiab tam sim no muaj ib qho stub. Internal ports 81 thiab 433 yog siv 80 thiab 443, txij li thaum lub router admin vaj huam sib luag hangs ntawm ib txwm ports.
etc/nginx/nginx.conf
user nobody;
worker_processes 1;
#error_log /opt/var/log/nginx/error.log;
#error_log /opt/var/log/nginx/error.log notice;
#error_log /opt/var/log/nginx/error.log info;
#pid /opt/var/run/nginx.pid;
events {
worker_connections 64;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /opt/var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 81;
server_name milkov.su www.milkov.su;
return 301 https://milkov.su$request_uri;
}
server {
listen 433 ssl;
server_name milkov.su;
#SSL support
include ssl.conf;
location / {
root /opt/share/nginx/html;
index index.html index.htm;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
</spoiler>
<spoiler title="etc/nginx/ssl.conf">
ssl_certificate /opt/etc/nginx/certs/milkov.su/fullchain.pem;
ssl_certificate_key /opt/etc/nginx/certs/milkov.su/privkey.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /opt/etc/nginx/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_stapling on;Txhawm rau kom lub vev xaib ua haujlwm siv https, kuv tau siv cov ntawv sau npe lub cev qhuav dej, txhim kho nws siv . Cov txheej txheem no tsis ua rau muaj teeb meem, kuv tsuas yog stumbled ntawm qhov tseeb tias nyob rau hauv cov ntawv nyeem ntawm tsab ntawv rau kev ua hauj lwm ntawm kuv router. /opt/etc/ssl/openssl.cnf:
[openssl_conf]
#engines=enginesThiab kuv nco ntsoov tias tsim dhparams.pem nrog cov lus txib "openssl dhparam -out dhparams.pem 2048" ntawm kuv lub router yuav siv sijhawm ntau dua 2 teev, yog tias tsis yog rau qhov ntsuas kev nce qib, kuv yuav poob siab ntev thiab rov pib dua.
Tom qab tau txais daim ntawv pov thawj, rov pib nginx nrog cov lus txib "/opt/etc/init.d/S80nginx restart". Hauv txoj ntsiab cai, kev teeb tsa tiav, tab sis tsis muaj lub vev xaib tseem - yog tias peb muab cov ntaub ntawv index.html rau hauv /share/nginx/html directory, peb yuav pom ib daim ntawv cog lus.
index.html
<!DOCTYPE html>
<html>
<head>
<title>Π’Π΅ΡΡΠΎΠ²Π°Ρ ΡΡΡΠ°Π½ΠΈΡΠΊΠ°!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Π’Π΅ΡΡΠΎΠ²Π°Ρ ΡΡΡΠ°Π½ΠΈΡΠΊΠ°!</h1>
<p>ΠΡΠΎ ΠΏΡΠΎΡΡΠ°Ρ ΡΡΠ°ΡΠΈΡΠ΅ΡΠΊΠ°Ρ ΡΠ΅ΡΡΠΎΠ²Π°Ρ ΡΡΡΠ°Π½ΠΈΡΠΊΠ°, Π°Π±ΡΠΎΠ»ΡΡΠ½ΠΎ Π½ΠΈΡΠ΅Π³ΠΎ ΠΈΠ½ΡΠ΅ΡΠ΅ΡΠ½ΠΎΠ³ΠΎ.</p>
</body>
</html>Txhawm rau tso cov ntaub ntawv zoo nkauj, nws yooj yim dua rau cov tsis muaj kev tshaj lij xws li kuv siv cov qauv npaj ua tiav; tom qab tshawb nrhiav ntev los ntawm ntau cov ntawv teev npe, kuv pom - muaj kev xaiv zoo ntawm cov qauv pub dawb uas tsis tas yuav tsum tau muaj txiaj ntsig (uas tsis tshua muaj hauv Is Taws Nem; feem ntau ntawm cov qauv hauv daim ntawv tso cai xav kom koj khaws qhov txuas mus rau cov peev txheej uas lawv tau txais).
Peb xaiv cov qauv tsim nyog - muaj ntau qhov xwm txheej, rub tawm cov ntaub ntawv khaws cia thiab nthuav tawm rau hauv /share/nginx/html directory, koj tuaj yeem ua qhov no los ntawm koj lub computer, tom qab ntawd kho cov qauv (ntawm no koj yuav xav tau kev paub tsawg kawg nkaus. ntawm HTML thiaj li tsis ua txhaum cov qauv) thiab hloov cov duab raws li qhia hauv daim duab hauv qab no.
Cov ntsiab lus: lub router yog qhov tsim nyog rau hosting lub teeb lub vev xaib ntawm nws, hauv cov hauv paus ntsiab lus - yog tias koj tsis xav tias yuav muaj kev thauj khoom loj, koj tuaj yeem , thiab sim nrog ntau txoj haujlwm nyuaj (Kuv saib tom ntejcloud / owncloud, zoo li muaj kev vam meej ntawm cov khoom siv zoo li no). Lub peev xwm los txhim kho cov pob khoom nce nws qhov txiaj ntsig - piv txwv li, thaum tsim nyog los tiv thaiv RDP chaw nres nkoj ntawm PC ntawm lub network hauv zos, kuv tau teeb tsa lub router - thiab qhov chaw nres nkoj xa mus rau PC tau qhib tsuas yog tom qab qhov chaw nres nkoj knocking.
Vim li cas lub router thiab tsis yog PC li niaj zaus? Ib lub router yog ib qho ntawm ob peb lub khoos phis tawj ntawm cov khoom siv uas ua haujlwm nyob ib ncig ntawm lub moos hauv ntau lub tsev; ib lub tsev router feem ntau yog nyob ntsiag to thiab lub teeb pom kev nrog tsawg tshaj li ib puas mus ntsib ib hnub yuav tsis thab nws kiag li.
Tau qhov twg los: www.hab.com