最近某站长认为本站无法访问,导致将本站友链下掉,所以本人就纳闷了,这是我站的问题还是他的问题呢?
故此我想到了监控Uptime Kuma
这个东西,让这个监控服务在一台独立的服务器上,监控着我的网站。
从此我去捡了一台便宜的小水管IPv6
服务器,通过DNS64
+CloudFlare WARP
从而实现IPv4和IPv6双栈,然后通过Nginx反代Uptime Kuma
即可。
环境
- 一台IPv6服务器
- Debian 11系统
- 拥有IPv6的客户端(如果家宽没有IPv6,则可以通过使用流量来解决)
- SSH和SFTP软件
- CloudFlare SasS(理论上支持IPv6的CDN都可以)
双栈实现
通过SSH连接上服务器
删除resolvconf
首先删除resolvconf
以防止修改resolv.conf重启后复写
执行
apt remove resolvconf
然后选择Y
确认卸载,然后弹出一个要求重启的界面,按Enter
手动输入reboot
重启即可
root@vps:~# apt remove resolvconf
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages will be REMOVED:
resolvconf
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
After this operation, 204 kB disk space will be freed.
Do you want to continue? [Y/n] Y
(Reading database ... 36842 files and directories currently installed.)
Removing resolvconf (1.87) ...
resolvconf.postrm: Reboot recommended
Processing triggers for man-db (2.9.4-2) ...
添加DNS64
输入nano /etc/resolv.conf
进入resolv.conf
编辑
将nameserver更改为以下DNS
nameserver 2001:67c:2b0::4
nameserver 2001:67c:2b0::6
然后按下Ctrl+O
键进行保存,然后再按下Ctrl+X
退出
输入
service systemd-resolved restart
重启systemd-resolved
服务
安装WARP
执行以下代码
apt install wget curl && wget -N https://raw.githubusercontent.com/fscarmen/warp/main/menu.sh && bash menu.sh
然后出现以下选择,输入2然后回车
root@vps:~# apt install wget curl && wget -N https://raw.githubusercontent.com/fscarmen/warp/main/menu.sh && bash menu.sh
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
curl is already the newest version (7.74.0-1.3+b1).
wget is already the newest version (1.21-1+b1).
wget set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
--2022-12-19 03:33:08-- https://raw.githubusercontent.com/fscarmen/warp/main/menu.sh
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 2606:50c0:8002::154, 2606:50c0:8000::154, 2606:50c0:8001::154, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|2606:50c0:8002::154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 122753 (120K) [text/plain]
Saving to: ‘menu.sh’
menu.sh 100%[=======================================>] 119.88K --.-KB/s in 0.01s
Last-modified header missing -- time-stamps turned off.
2022-12-19 03:33:08 (10.0 MB/s) - ‘menu.sh’ saved [122753/122753]
Language:
1. English (default)
2. 简体中文
Choose: 2
出现以下选项,输入1回车
所有依赖已存在,不需要额外安装
检查环境中……
本项目专为 VPS 添加 wgcf 网络接口,详细说明: [https://github.com/fscarmen/warp]
脚本特点:
• 支持 WARP+ 账户,附带第三方刷 WARP+ 流量和升级内核 BBR 脚本
• 普通用户友好的菜单,进阶者通过后缀选项快速搭建
• 智能判断操作系统: Ubuntu 、Debian 、CentOS、 Alpine 和 Arch Linux,请务必选择 LTS 系统
• 支持硬件结构类型: AMD、 ARM 和 s390x
• 结合 Linux 版本和虚拟化方式,自动优选4个 WireGuard 方案。网络性能方面: 内核集成 WireGuard > 安装内核模块 > wireguard-go
• 智能判断 WGCF 作者 github库的最新版本 (Latest release)
• 支持 WARP Linux Socks5 Client
• 输出执行结果,提示是否使用 WARP IP ,IP 归属地和线路提供商
======================================================================================================================
脚本版本:2.46 功能新增:通过 [warp s 4/6/d] 来切换 IPv4 / IPv6 的优先级别
系统信息:
当前操作系统:Debian GNU/Linux 11 (bullseye)
内核:5.10.0-9-amd64
处理器架构:amd64
虚拟化:kvm
IPv4:
IPv6: 隐藏IP
WARP 网络接口未开启
Client 未安装
WireProxy 未安装
======================================================================================================================
1. 为 IPv6 only 添加 WARP IPv4 网络接口 (bash menu.sh 4)
2. 为 IPv6 only 添加 WARP IPv6 网络接口 (bash menu.sh 6)
3. 为 IPv6 only 添加 WARP 双栈网络接口 (bash menu.sh d)
4. 打开 WARP (warp o)
5. 安装 CloudFlare Client 并设置为 Proxy 模式 (bash menu.sh c)
6. 更换支持 Netflix 的 IP (warp i)
7. 永久关闭 WARP 网络接口,并删除 WARP、 Linux Client 和 WireProxy (warp u)
8. 刷 WARP+ 流量 (warp p)
9. 升级内核、安装BBR、DD脚本 (warp b)
10. 同步最新版本 (warp v)
11. WARP 解锁 Netflix 等流媒体专业一键(支持多平台、多方式和 TG 通知)
12. 安装 iptable + dnsmasq + ipset,让 WARP IPv4 only 接管流媒体流量 (不适用于 IPv6 only VPS) (bash menu.sh e)
13. 安装 wireproxy,让 WARP 在本地创建一个 socks5 代理 (bash menu.sh w)
14. 安装 CloudFlare Client 并设置为 WARP 模式 (bash menu.sh l)
0. 退出脚本
请选择:
按以下输入(也可以更具自己的情况输入)然后回车
请选择: 1
如有 WARP+ 或 Teams 账户请选择
1. 使用免费账户 (默认)
2. WARP+
3. Teams
请选择: 1
请选择优先级别:
1. IPv4
2. IPv6
3. 使用 VPS 初始设置 (默认)
请选择: 3
直到出现以下消息则安装成功
创建快捷 warp 指令成功
运行 WARP
后台获取 WARP IP 中,最大尝试5次……
第1次尝试
已成功获取 WARP 网络
==============================================================
IPv4: 104.28.221.34 ( WARP IPv4 ) 德国 Cloudflare
IPv6: 隐藏IP
恭喜!WARP 已开启,总耗时:20秒, 脚本当天运行次数:749,累计运行次数:1816568
IPv6 优先
==============================================================
安装Uptime Kuma
本人不喜欢Docker所以本文不掩饰
建议输入以下代码更新软件包
apt update && apt full-upgrade -y
然后输入以下代码来安装Node.js、npm和git
apt install nodejs npm git -y
更新nodejs并重启
npm install n -g && n latest && reboot
安装pm2(后台进程保护)
npm install pm2 -g
git克隆Uptime Kuma,进入目录,安装
git clone https://github.com/louislam/uptime-kuma.git
cd uptime-kuma
npm run setup
使用pm2运行Uptime Kuma
pm2 start server/server.js --name uptime-kuma
直到出现则安装成功
[PM2] Spawning PM2 daemon with pm2_home=/root/.pm2
[PM2] PM2 Successfully daemonized
[PM2] Starting /root/uptime-kuma/server/server.js in fork_mode (1 instance)
[PM2] Done.
┌────┬────────────────────┬──────────┬──────┬───────────┬──────────┬──────────┐
│ id │ name │ mode │ ↺ │ status │ cpu │ memory │
├────┼────────────────────┼──────────┼──────┼───────────┼──────────┼──────────┤
│ 0 │ uptime-kuma │ fork │ 0 │ online │ 0% │ 40.5mb │
└────┴────────────────────┴──────────┴──────┴───────────┴──────────┴──────────┘
设置pm2 开机运行
pm2 startup
现在Uptime Kuma已经正常运行了
本地地址为http://localhost:3001
外网地址为http://你的公网IP:3001
安装Nginx进行反代
可选:安装screen进程保护(SSH掉线可通过screen -R oneinstack
恢复)
apt install screen && screen -S oneinstack
安装Nginx OpenResty
这里只安装Nginx OpenResty无PHP和数据库
wget -c http://mirrors.linuxeye.com/oneinstack-full.tar.gz && tar xzf oneinstack-full.tar.gz && ./oneinstack/install.sh --nginx_option 3 --reboot
创建网站
重启后,进入oneinstack目录创建你的网站
cd oneinstack/
./vhost.sh
然后按下方相关操作进行操作
root@vps:~# cd oneinstack/
root@vps:~/oneinstack# ./vhost.sh
#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# For more information please visit https://oneinstack.com #
#######################################################################
What Are You Doing?
1. Use HTTP Only
2. Use your own SSL Certificate and Key
3. Use Let's Encrypt to Create SSL Certificate and Key
q. Exit
Please input the correct option: 2
Please input domain(example: www.example.com): status.wuw.moe
domain=status.wuw.moe
Please input the directory for the domain:status.wuw.moe :
(Default directory: /data/wwwroot/status.wuw.moe):
Virtual Host Directory=/data/wwwroot/status.wuw.moe
Create Virtul Host directory......
set permissions of Virtual Host directory......
Do you want to add more domain name? [y/n]: n
Do you want to redirect all HTTP requests to HTTPS? [y/n]: y
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [CN]: CN
State or Province Name (full name) [Shanghai]: CN
Locality Name (eg, city) [Shanghai]: CN
Organization Name (eg, company) [Example Inc.]: CN
Organizational Unit Name (eg, section) [IT Dept.]: CN
Do you want to add hotlink protection? [y/n]: y
Allow Rewrite rule? [y/n]: y
Please input the rewrite of programme :
wordpress,opencart,magento2,drupal,joomla,codeigniter,laravel
thinkphp,pathinfo,discuz,typecho,ecshop,nextcloud,zblog,whmcs rewrite was exist.
(Default rewrite: other):
You choose rewrite=other
Allow Nginx/Tengine/OpenResty access_log? [y/n]: y
You access log file=/data/wwwlogs/status.wuw.moe_nginx.log
nginx: [warn] "ssl_stapling" ignored, issuer certificate not found for certificate "/usr/local/openresty/nginx/conf/ssl/status.wuw.moe.crt"
nginx: the configuration file /usr/local/openresty/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/openresty/nginx/conf/nginx.conf test is successful
Reload Nginx......
nginx: [warn] "ssl_stapling" ignored, issuer certificate not found for certificate "/usr/local/openresty/nginx/conf/ssl/status.wuw.moe.crt"
#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# For more information please visit https://oneinstack.com #
#######################################################################
Your domain: status.wuw.moe
Virtualhost conf: /usr/local/openresty/nginx/conf/vhost/status.wuw.moe.conf
Directory of: /data/wwwroot/status.wuw.moe
Rewrite rule: /usr/local/openresty/nginx/conf/rewrite/other.conf
Self-signed SSL Certificate: /usr/local/openresty/nginx/conf/ssl/status.wuw.moe.crt
SSL Private Key: /usr/local/openresty/nginx/conf/ssl/status.wuw.moe.key
SSL CSR File: /usr/local/openresty/nginx/conf/ssl/status.wuw.moe.csr
root@vps:~/oneinstack#
然后我们去相关目录更改SSL证书和密钥重启一下,才进到下一步
添加伪静态
前往网站配置目录修改配置/usr/local/openresty/nginx/conf/vhost
找到自己的网站,然后删除以下内容
location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
valid_referers none blocked *.wuw.moe status.wuw.moe;
if ($invalid_referer) {
return 403;
}
}
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /(\.user\.ini|\.ht|\.git|\.svn|\.project|LICENSE|README\.md) {
deny all;
}
location /.well-known {
allow all;
}
然后添加以下内容(注意添加位置)保存。再重启Nginx服务service nginx status
即可完成
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://localhost:3001/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
之后我们通过CloudFlare SasS添加解析,然后再去DNS添加即可。
完成上面的步骤后访问网址进行相关设置即可。
最后感谢您的阅读,如有问题请指出,谢谢。