Ua leva ona ou manaʻo e "paʻi i oʻu lima" i luga o le Initaneti e ala i le faʻatulagaina o se upega tafaʻilagi mai le amataga ma tuʻuina atu i luga ole Initaneti. I totonu o lenei tusiga ou te manaʻo e faʻasoa atu loʻu poto masani i le suia o se router fale mai se masini e sili ona aoga i totonu o se server toetoe lava atoa.
Na amata uma lava i le mea moni o le TP-Link TL-WR1043ND router, lea na tautua ma le faamaoni, ua le toe ausia manaʻoga o se fesoʻotaiga i le fale; . Ina ua uma ona vaʻavaʻai i faʻasalalauga faʻapitoa (5pda, ixbt), nofoaga ma iloiloga ma vaʻavaʻai i le faʻavasegaina o faleoloa i le lotoifale, na ou filifili e faʻatau Keenetic Ultra.
O iloiloga lelei mai tagata e ona na galulue mo lenei masini faapitoa:
- leai ni faʻafitauli i le vevela (o iinei e tatau ona matou lafoaia oloa Asus);
- faʻatuatuaina faʻatinoga (o iinei na ou sopoia ai le TP-Link);
- faigofie ona faʻatutuina (sa ou fefe e le mafai ona ou taulimaina ma sopoia Microtik).
Sa tatau ona ou taulimaina tulaga le lelei:
- leai WiFi6, na ou manaʻo e ave meafaigaluega ma se faʻaagaga mo le lumanaʻi;
- 4 LAN ports, na ou manaʻo atili ai, ae e le o se vaega o fale.
O se taunuuga, matou maua lenei "server":
- i le agavale o lo'o i ai le fa'ailoga mata o Rostelecom;
- i le itu taumatau o loʻo i ai le matou router faʻataʻitaʻi;
- o le 2 GB m.128 SSD o loʻo taoto, tuʻu i totonu o se pusa USB3 mai Aliexpress, faʻafesoʻotaʻi i le router ma se uaea, o lea ua faʻapipiʻi lelei i luga o le puipui;
- i le pito i luma o loʻo i ai se uaea faʻalautele faʻatasi ai ma faʻamau tutoʻatasi, o le uaea e alu i se UPS taugofie;
- i le pito i tua o loʻo i ai le tele o uaea mimilo - i le tulaga o le toe faʻafouina o le fale mautotogi, na vave ona ou fuafuaina RJ45 sockets i nofoaga e tatau ona i ai meafaigaluega, ina ia aua neʻi faʻalagolago i le WiFi o loʻo lapisi.
O lea la, o loʻo ia i matou meafaigaluega, matou te manaʻomia le faʻatulagaina:
- O le seti muamua o le alalaupapa e tusa ma le 2 minute, matou te faʻaalia le fesoʻotaʻiga fesoʻotaʻiga i le tagata e tuʻuina atu (o loʻo faʻaogaina laʻu laina faʻapipiʻi i le alalaupapa, o le PPPoE e siitia ai le alalaupapa), le igoa o le WiFi network ma le upu faʻaulu - o le mea lena. , e amata le router ma galue.
Matou te tuʻuina atu le tuʻuina atu o ports fafo i ports o le router lava ia i le vaega "Network rules - Forwarding":
O lenei e mafai ona tatou agai i luma i le vaega "agaitia", mea na ou manaʻo ai mai le router:
- fa'atinoga o se tama'i NAS mo se feso'otaiga ile fale;
- fa'atinoina o galuega a le 'upega tafa'ilagi mo le tele o itulau tumaoti;
- galuega patino ao mo le mauaina o faʻamatalaga patino mai soʻo se mea i le lalolagi.
O le mea muamua e faʻaaogaina e faʻaaoga ai meafaigaluega faʻapipiʻi, e aunoa ma le manaʻomia tele o taumafaiga:
- Matou te ave se taʻavale e faʻamoemoeina mo lenei matafaioi (faʻamalama uila, kata manatua i se kata faitau, malo malo poʻo SSD i totonu o se pusa fafo ma faʻapipiʻi i le Ext4 faʻaaoga (E leai sau komipiuta ma Linux o loʻo i lima, e mafai i meafaigaluega faʻapipiʻi). E pei ona ou malamalama i ai, i le taimi o le faʻagaioiga, e tusia e le polokalama naʻo ogalaau i le flash drive, o lea afai e te faʻatapulaʻaina i latou pe a uma ona faʻatulagaina le polokalama, e mafai foi ona e faʻaogaina kata manatua pe afai e te fuafua e tusi tele ma masani i le taʻavale - SSD poʻo HDD e sili atu.
A maeʻa lenei mea, matou faʻafesoʻotaʻi le taʻavale i le router ma mataʻituina i luga o le mataʻituina o le masini
Kiliki i le “USB drives and printers” e alu ai i le vaega “Applications” ma faʻatulaga se punaoa faʻasoa i le vaega “Network”. Windows"
Ma o loʻo ia i matou se punaoa fesoʻotaʻiga e mafai ona faʻaaogaina mai komepiuta i lalo o le Windows, fa'afeso'ota'i o se tisiki pe a mana'omia: net use y: \192.168.1.1SSD /persistent:yes
O le saoasaoa o sea NAS faʻaleleia e lava lava mo le faʻaogaina o le fale i luga o se uaea e faʻaaogaina ai le gigabit atoa, i luga o WiFi le saoasaoa e tusa ma le 400-500 megabits.
O le setiina o le teuina o se tasi lea o laasaga talafeagai e faʻapipiʻi ai le server, ona matou manaʻomia lea:
- ma se tuatusi IP faʻapitoa (e mafai ona e faia e aunoa ma lenei mea e ala i le faʻaaogaina o le Dynamic DNS, ae ua uma ona ou maua se IP faʻapitoa, o lea na faigofie ai ona faʻaoga. - , matou te mauaina DNS talimalo ma meli i luga o la matou vaega);
- ma faʻaopoopo A faʻamaumauga e faasino i lau IP:
E mana'omia ni nai itula mo le fa'atulagaina o le tu'uina atu o le domain ma le DNS, o lea o lo'o matou fa'atulagaina le alalaupapa.
Muamua, matou te manaʻomia le faʻapipiʻiina o le Entware repository, lea e mafai ona matou faʻapipiʻi ai pusa talafeagai i luga o le router. Sa ou faaaogaina , naʻo le le faʻapipiʻiina o le afifi faʻapipiʻi e ala i le FTP, ae na faia saʻo se faila i luga o le fesoʻotaʻiga fesoʻotaʻiga muamua ma kopi le faila iina i le auala masani.
I le mauaina o le avanoa e ala i le SSH, sui le upu faʻamaonia ma le passwd command ma faʻapipiʻi uma afifi talafeagai ma le opkg install [igoa o igoa] poloaiga:
I le taimi o le seti, o afifi nei na faʻapipiʻiina i luga o le alalaupapa (le gaioiga o le opkg list-installed command):
Lisi o afifi
bash - 5.0-3
pusa pisi - 1.31.1-1
ca-bundle - 20190110-2
ca-tusipasi - 20190110-2
coreutils - 8.31-1
coreutils-mktemp - 8.31-1
cron - 4.1-3
pipi'i - 7.69.0-1
diffutils - 3.7-2
dropbear - 2019.78-3
entware-release - 1.0-2
findutils - 4.7.0-1
glib2 - 2.58.3-5
grep - 3.4-1
ldconfig - 2.27-9
libattr - 2.4.48-2
libblkid - 2.35.1-1
libc - 2.27-9
libcurl - 7.69.0-1
libffi - 3.2.1-4
libgcc - 8.3.0-9
libiconv-tumu - 1.11.1-4
libintl-tumu - 0.19.8.1-2
liblua - 5.1.5-7
libmbedtls - 2.16.5-1
libmount - 2.35.1-1
libncurses - 6.2-1
libncursesw - 6.2-1
libndm - 1.1.10-1a
libopenssl - 1.1.1d-2
libopenssl-conf - 1.1.1d-2
libpcap - 1.9.1-2
libpcre - 8.43-2
libpcre2 - 10.34-1
libpthread - 2.27-9
libreadline - 8.0-1a
librt - 2.27-9
libslang2 - 2.3.2-4
libssh2 - 1.9.0-2
libssp - 8.3.0-9
libstdcpp - 8.3.0-9
libuid - 2.35.1-1
libxml2 - 2.9.10-1
nofoaga - 2.27-9
mc - 4.8.23-2
ndmq - 1.0.2-5a
nginx - 1.17.8-1
openssl-util - 1.1.1d-2
opkg — 2019-06-14-dcbc142e-2
opt-ndmsv2 - 1.0-12
php7 - 7.4.3-1
php7-mod-openssl - 7.4.3-1
pusa mativa - 1.31.1-2
terminfo - 6.2-1
zlib - 1.2.11-3
zoneinfo-asia - 2019c-1
zoneinfo-europe - 2019c-1
Masalo sa i ai se mea e sili atu iinei, ae sa tele avanoa i luga o le taavale, o lea sa ou le popole ai e tilotilo i ai.
A maeʻa ona faʻapipiʻi afifi, matou te faʻapipiʻi le nginx, na ou faʻataʻitaʻiina i ni vaega se lua - o le lona lua o loʻo faʻapipiʻiina ma https, ma mo le taimi nei o loʻo i ai se stub. O taulaga i totonu 81 ma le 433 e faʻaaogaina nai lo le 80 ma le 443, talu ai o le router admin panel e tautau i luga o ports masani.
etc/nginx/nginx.conf
user nobody;
worker_processes 1;
#error_log /opt/var/log/nginx/error.log;
#error_log /opt/var/log/nginx/error.log notice;
#error_log /opt/var/log/nginx/error.log info;
#pid /opt/var/run/nginx.pid;
events {
worker_connections 64;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /opt/var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 81;
server_name milkov.su www.milkov.su;
return 301 https://milkov.su$request_uri;
}
server {
listen 433 ssl;
server_name milkov.su;
#SSL support
include ssl.conf;
location / {
root /opt/share/nginx/html;
index index.html index.htm;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
</spoiler>
<spoiler data-gt-translate-attributes='["title"]' title="etc/nginx/ssl.conf">
ssl_certificate /opt/etc/nginx/certs/milkov.su/fullchain.pem;
ssl_certificate_key /opt/etc/nginx/certs/milkov.su/privkey.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /opt/etc/nginx/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_stapling on;Ina ia mafai ona galue le 'upega tafaʻilagi e ala i le https, na ou faʻaogaina le faʻamaʻi faʻamaʻi taʻutaʻua, faʻapipiʻi faʻaoga . O lenei faagasologa e leʻi mafua ai ni faigata, na ou tautevateva i le mea moni e faapea i totonu o le tusitusiga o le tusitusiga mo le galue i luga o laʻu alalaupapa. /opt/etc/ssl/openssl.cnf:
[openssl_conf]
#engines=enginesMa ou te matauina o le fatuina o le dhparams.pem ma le poloaiga "openssl dhparam -out dhparams.pem 2048" i luga o laʻu alalaupapa e sili atu i le 2 itula, pe a le o le faʻailoga alualu i luma, semanu ou te leiloa le onosai ma toe faʻafouina.
A maeʻa ona maua tusi faamaonia, toe amata le nginx i le poloaiga "/opt/etc/init.d/S80nginx restart". I le mataupu faavae, ua maeʻa le seti, ae e leai se upega tafaʻilagi i le taimi nei - afai tatou te tuʻuina le faila index.html i le /share/nginx/html directory, o le a tatou vaʻai i se stub.
index.html
<!DOCTYPE html>
<html>
<head>
<title>Тестовая страничка!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Тестовая страничка!</h1>
<p>Это простая статическая тестовая страничка, абсолютно ничего интересного.</p>
</body>
</html>Ina ia tuʻuina faʻamatalaga matagofie, e sili atu ona faigofie mo se tagata e le o ni tomai faʻapitoa e pei o aʻu e faʻaogaina faʻataʻitaʻiga ua uma ona faia i le maeʻa ai o se suʻesuʻega umi e ala i faʻamaumauga eseese, na ou mauaina - o loʻo i ai se filifiliga lelei o faʻataʻitaʻiga saoloto e le manaʻomia le faʻamaonia (lea e seasea i luga ole Initaneti; o le tele o faʻataʻitaʻiga i le laisene e manaʻomia oe e teu se fesoʻotaʻiga i le punaoa na maua mai ai).
Matou te filifilia se faʻataʻitaʻiga talafeagai - o loʻo i ai mo le tele o mataupu, download le archive ma tatala i totonu o le /share/nginx/html directory, e mafai ona e faia lenei mea mai lau komepiuta, ona faʻasaʻo lea o le mamanu (o le a e manaʻomia sina malamalama itiiti. o le HTML ina ia le motusia le fausaga) ma sui ata e pei ona faʻaalia i le ata o loʻo i lalo.
Aotelega: o le router e fetaui lelei mo le talimalo i luga o se upega tafaʻilagi malamalama, i le mataupu faavae - afai e te le faʻamoemoeina se uta tele, e mafai. , ma faʻataʻitaʻi i galuega faʻalavelave sili atu (Ou te vaʻai i le nextcloud/owncloud, e foliga mai o loʻo i ai faʻapipiʻi manuia i luga o ia meafaigaluega). O le mafai ona faʻapipiʻi afifi e faʻateleina lona aoga - mo se faʻataʻitaʻiga, pe a manaʻomia le puipuia o le RDP port o se PC i luga o se fesoʻotaʻiga i le lotoifale, na ou faʻapipiʻiina le tuʻituʻi i luga o le alalaupapa - ma na tatalaina le port forwarding i le PC ina ua uma le tuʻituʻi o le taulaga.
Aisea o se router ae le o se PC masani? O se alalaupapa o se tasi o nai masini komepiuta e galue i le uati i le tele o fale mautotogi e masani lava ona le leoa ma o se nofoaga malamalama e itiiti ifo i le selau asiasiga i le aso o le a le afaina ai.
puna: www.habr.com
