阿里云香港轻量应用服务器使用记录

第一步 添加SWAP

第二步 安装docker

第三步 docker安装NPM面板

  • mkdir ngpm && cd ngpm
  • nano docker-compose.yml
  • sudo docker-compose up -d
1
2
3
4
5
6
7
8
9
10
11
12
version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

第四步 启用rc.local

1
2
3
4
5
6
7
8
9
10
11
12
[Unit]
Description=/etc/rc.local Compatibility 
ConditionPathExists=/etc/rc.local 

[Service]
Type=forking 
ExecStart=/etc/rc.local start 
TimeoutSec=0 
StandardOutput=tty 
RemainAfterExit=yes 
SysVStartPriority=99

  • sudo nano /etc/systemd/system/rc-local.service
  • sudo nano /etc/rc.local
  • sudo chmod +x /etc/rc.local
  • sudo systemctl enable rc-local
  • sudo systemctl start rc-local.service
  • sudo systemctl status rc-local.service
  • cat /tmp/added_script.log
1
2
3
4
5
6
7
#!/bin/sh -e 
## rc.local
#start script
 
#end script
echo "added sucessfully!" > /tmp/added_script.log 
exit 0

第五步 关闭阿里云盾

  • 按此操作关闭云盾 https://help.aliyun.com/document_detail/31777.html
  • wget http://update.aegis.aliyun.com/download/uninstall.sh && chmod +x uninstall.sh &&./uninstall.sh
  • wget http://update.aegis.aliyun.com/download/quartz\_uninstall.sh && chmod +x quartz_uninstall.sh && ./quartz_uninstall.sh
  • sudo rm -r /usr/local/aegis
  • sudo systemctl disable aliyun.service
  • sudo rm /usr/sbin/aliyun-service
  • sudo rm /usr/sbin/aliyun-service.backup
  • sudo rm /usr/sbin/aliyun_installer
  • sudo rm /etc/systemd/system/aliyun.service
  • sudo rm /lib/systemd/system/aliyun.service
  • rm uninstall.sh quartz_uninstall.sh
  • ARCH=amd64
  • /usr/local/cloudmonitor/CmsGoAgent.linux-${ARCH} uninstall
  • /usr/local/cloudmonitor/CmsGoAgent.linux-${ARCH} stop
  • /usr/local/cloudmonitor/CmsGoAgent.linux-${ARCH} stop
  • /usr/local/cloudmonitor/CmsGoAgent.linux-${ARCH} uninstall
  • rm -rf /usr/local/cloudmonitor
  • pkill aliyun-service
  • rm -fr /etc/init.d/agentwatch /usr/sbin/aliyun-service
  • rm -rf /usr/local/aegis*
  • ps -aux grep -E ‘aliyunAliYunDun’

第六步 屏蔽阿里云盾IP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash
/usr/sbin/iptables -F
/usr/sbin/ip6tables -F
/usr/sbin/iptables -I INPUT -s 140.205.201.0/28 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.201.16/29 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.201.32/28 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.192/29 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.200/30 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.184/29 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.183/32 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.206/32 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.205/32 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.195/32 -j DROP
/usr/sbin/iptables -I INPUT -s 140.205.225.204/32 -j DROP
/usr/sbin/iptables -A INPUT -i lo -j ACCEPT
/usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT
/usr/sbin/ip6tables -A INPUT -i lo -j ACCEPT
/usr/sbin/ip6tables -A OUTPUT -o lo -j ACCEPT
/usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/usr/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/usr/sbin/ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/usr/sbin/ip6tables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/usr/sbin/iptables -A INPUT -p tcp ! --dport 22 -j DROP
/usr/sbin/ip6tables -A INPUT -p tcp ! --dport 22 -j DROP
/usr/sbin/iptables -I INPUT -s 172.16.0.0/12 -j ACCEPT
/usr/sbin/iptables -I OUTPUT -s 172.16.0.0/12 -j ACCEPT
/usr/sbin/iptables -I INPUT -p tcp -m multiport --dports 80,443,8024 -j ACCEPT
/usr/sbin/iptables -I INPUT -p udp --dport 6000:6002 -j ACCEPT
/usr/sbin/iptables -I INPUT -p tcp --dport 21000:22000 -j ACCEPT
  • nano noyd.sh && chmod +x noyd.sh
  • 将 noyd.sh 添加到第四步的rc.local里执行
  • reboot
  • iptables -L
  • ps -aux grep -E ‘aliyunAliYunDun’
运维
阿里云香港轻量应用服务器使用记录
https://occdn.limour.top/1997.html
Author
Limour
Posted on
July 7, 2022
Licensed under