Richard Stallman dnes v Liberci přednáší o svobodném softwaru a svobodě v digitální společnosti. Od 16:30 v aule budovy G na Technické univerzitě v Liberci. V anglickém jazyce s automaticky generovanými českými titulky. Vstup je zdarma i pro širokou veřejnost.
sudo-rs, tj. sudo a su přepsáné do programovacího jazyka Rust, nahradí v Ubuntu 25.10 klasické sudo. V plánu je také přechod od klasických coreutils k uutils coreutils napsaných v Rustu.
Fedora se stala oficiální distribucí WSL (Windows Subsystem for Linux).
Společnost IBM představila server IBM LinuxONE Emperor 5 poháněný procesorem IBM Telum II.
Byla vydána verze 4.0 multiplatformního integrovaného vývojového prostředí (IDE) pro rychlý vývoj aplikaci (RAD) ve Free Pascalu Lazarus (Wikipedie). Přehled novinek v poznámkách k vydání. Využíván je Free Pascal Compiler (FPC) 3.2.2.
Podpora Windows 10 končí 14. října 2025. Připravovaná kampaň Konec desítek (End of 10) může uživatelům pomoci s přechodem na Linux.
Již tuto středu proběhne 50. Virtuální Bastlírna, tedy dle římského číslování L. Bude L značit velikost, tedy více diskutujících než obvykle, či délku, neboť díky svátku lze diskutovat dlouho do noci? Bude i příští Virtuální Bastlírna virtuální nebo reálná? Nejen to se dozvíte, když dorazíte na diskuzní večer o elektronice, softwaru, ale technice obecně, který si můžete představit jako virtuální posezení u piva spojené s učenou
… více »Český statistický úřad rozšiřuje Statistický geoportál o Datový portál GIS s otevřenými geografickými daty. Ten umožňuje stahování datových sad podle potřeb uživatelů i jejich prohlížení v mapě a přináší nové možnosti v oblasti analýzy a využití statistických dat.
Kevin Lin zkouší využívat chytré brýle Mentra při hraní na piano. Vytváří aplikaci AugmentedChords, pomocí které si do brýlí posílá notový zápis (YouTube). Uvnitř brýlí běží AugmentOS (GitHub), tj. open source operační systém pro chytré brýle.
[root@vps html]# cat /etc/nginx/sites-available/00-default-ssl.conf # # Note: This file must be loaded before other virtual host config files, # # HTTPS server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name _; root /var/www/html/; index index.php index.html; include /etc/nginx/templates/misc.tmpl; include /etc/nginx/templates/ssl.tmpl; include /etc/nginx/templates/iredadmin.tmpl; # include /etc/nginx/templates/roundcube.tmpl; include /etc/nginx/templates/sogo.tmpl; include /etc/nginx/templates/netdata.tmpl; include /etc/nginx/templates/php-catchall.tmpl; include /etc/nginx/templates/stub_status.tmpl; include /etc/nginx/templates/nextcloud.tmpl; include /etc/nginx/templates/web.tmpl; }
[root@vps html]# cat /etc/nginx/templates/misc.tmpl # Allow access to '^/.well-known/' location ~ ^/.well-known/ { allow all; access_log off; log_not_found off; autoindex off; #root /var/www/html; } # Deny all attempts to access hidden files such as .htaccess. location ~ /\. { deny all; } # Handling noisy messages location = /favicon.ico { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; } [root@vps html]# cat /etc/nginx/templates/ssl.tmpl ssl_protocols TLSv1.2 TLSv1.3; # Fix 'The Logjam Attack'. ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH; ssl_prefer_server_ciphers on; ssl_dhparam /etc/pki/tls/dh2048_param.pem; # Greatly improve the performance of keep-alive connections over SSL. # With this enabled, client is not necessary to do a full SSL-handshake for # every request, thus saving time and cpu-resources. ssl_session_cache shared:SSL:10m; # To use your own ssl cert (e.g. "Let's Encrypt"), please create symbol link to # ssl cert/key used below, so that we can manage this config file with Ansible. # # For example: # # rm -f /etc/pki/tls/private/iRedMail.key # rm -f /etc/pki/tls/certs/iRedMail.crt # ln -s /etc/letsencrypt/live/domain/privkey.pem /etc/pki/tls/private/iRedMail.key # ln -s /etc/letsencrypt/live/domain/fullchain.pem /etc/pki/tls/certs/iRedMail.crt # # To request free "Let's Encrypt" cert, please check our tutorial: # https://docs.iredmail.org/letsencrypt.html ssl_certificate /etc/pki/tls/certs/iRedMail.crt; ssl_certificate_key /etc/pki/tls/private/iRedMail.key;
[root@vps html]# cat /etc/nginx/templates/iredadmin.tmpl # Settings for iRedAdmin. # static files under /iredadmin/static location ~ ^/iredadmin/static/(.*) { alias /opt/www/iredadmin/static/$1; } # Python scripts location ~ ^/iredadmin(.*) { rewrite ^/iredadmin(/.*)$ $1 break; include /etc/nginx/templates/hsts.tmpl; include uwsgi_params; uwsgi_pass 127.0.0.1:7791; uwsgi_param UWSGI_CHDIR /opt/www/iredadmin; uwsgi_param UWSGI_SCRIPT iredadmin; uwsgi_param SCRIPT_NAME /iredadmin; # Access control #allow 127.0.0.1; #allow 192.168.1.10; #allow 192.168.1.0/24; #deny all; } # iRedAdmin: redirect /iredadmin to /iredadmin/ location = /iredadmin { rewrite ^ /iredadmin/; } # Handle newsletter-style subscription/unsubscription supported in iRedAdmin-Pro. location ~ ^/newsletter/ { rewrite /newsletter/(.*) /iredadmin/newsletter/$1 last; }
[root@vps html]# cat /etc/nginx/templates/sogo.tmpl # Settings for SOGo Groupware # SOGo location ~ ^/sogo { rewrite ^ https://$host/SOGo; } location ~ ^/SOGO { rewrite ^ https://$host/SOGo; } # Redirect /mail to /SOGo location ~ ^/mail { rewrite ^ https://$host/SOGo; } # For Mac OS X and iOS devices. rewrite ^/.well-known/caldav /SOGo/dav permanent; rewrite ^/.well-known/carddav /SOGo/dav permanent; rewrite ^/principals /SOGo/dav permanent; location ^~ /SOGo { include /etc/nginx/templates/hsts.tmpl; proxy_pass http://127.0.0.1:20000; # forward user's IP address proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; # always use https proxy_set_header x-webobjects-server-port $server_port; proxy_set_header x-webobjects-server-name $host; proxy_set_header x-webobjects-server-url https://$host; proxy_set_header x-webobjects-server-protocol HTTP/1.0; proxy_busy_buffers_size 64k; proxy_buffers 8 64k; proxy_buffer_size 64k; } location ^~ /Microsoft-Server-ActiveSync { proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync; proxy_connect_timeout 3540; proxy_send_timeout 3540; proxy_read_timeout 3540; proxy_busy_buffers_size 64k; proxy_buffers 8 64k; proxy_buffer_size 64k; } location ^~ /SOGo/Microsoft-Server-ActiveSync { proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync; proxy_connect_timeout 3540; proxy_send_timeout 3540; proxy_read_timeout 3540; proxy_busy_buffers_size 64k; proxy_buffers 8 64k; proxy_buffer_size 64k; } location /SOGo.woa/WebServerResources/ { alias /usr/lib64/GNUstep/SOGo/WebServerResources/; expires max; } location /SOGo/WebServerResources/ { alias /usr/lib64/GNUstep/SOGo/WebServerResources/; expires max; } location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ { alias /usr/lib64/GNUstep/SOGo/$1.SOGo/Resources/$2; expires max; }
[root@vps html]# cat /etc/nginx/templates/netdata.tmpl # Running netdata as a subfolder to an existing virtual host # FYI: https://github.com/firehol/netdata/wiki/Running-behind-nginx location = /netdata { return 301 /netdata/; } location ~ /netdata/(? ndpath .*) { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; proxy_pass http://127.0.0.1:19999/$ndpath$is_args$args; gzip on; gzip_proxied any; gzip_types *; auth_basic "Authentication Required"; auth_basic_user_file /etc/nginx/netdata.users; }
[root@vps html]# cat /etc/nginx/templates/php-catchall.tmpl # Normal PHP scripts location ~ \.php$ { include /etc/nginx/templates/fastcgi_php.tmpl; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; }
[root@vps html]# cat /etc/nginx/templates/stub_status.tmpl location = /stub_status { stub_status on; access_log off; allow 127.0.0.1; deny all; } location = /status { include fastcgi_params; fastcgi_pass php_workers; fastcgi_param SCRIPT_FILENAME $fastcgi_script_name; access_log off; allow 127.0.0.1; deny all; }
[root@vps html]# cat /etc/nginx/templates/nextcloud.tmpl location = /.well-known/carddav { return 301 $scheme://$host/nextcloud/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/nextcloud/remote.php/dav; } location /.well-known/acme-challenge { } location ^~ /nextcloud { # set max upload size client_max_body_size 512M; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; location /nextcloud { rewrite ^ /nextcloud/index.php$request_uri; } location ~ ^\/nextcloud\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { deny all; } location ~ ^\/nextcloud\/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+)\.php(?:$|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; #Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^\/nextcloud\/(?:updater|ocs-provider)(?:$|\/) { try_files $uri/ =404; index index.php; } # Adding the cache control header for js, css and map files # Make sure it is BELOW the PHP block location ~ ^\/nextcloud\/.+[^\/]\.(?:css|js|woff2?|svg|gif|map)$ { try_files $uri /nextcloud/index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; # Add headers to serve security related headers (It is intended # to have those duplicated to the ones above) # Before enabling Strict-Transport-Security headers please read # into this topic first. # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; add_header Referrer-Policy no-referrer; # Optional: Don't log access to assets access_log off; } location ~ ^\/nextcloud\/.+[^\/]\.(?:png|html|ttf|ico|jpg|jpeg)$ { try_files $uri /nextcloud/index.php$request_uri; # Optional: Don't log access to other assets access_log off; } }
[root@vps html]# cat /etc/nginx/conf-available/php_fpm.conf upstream php_workers { server 127.0.0.1:9999; } upstream php-handler { server 127.0.0.1:9000; # server unix:/var/run/php/php7.4-fpm.sock; }
2022/04/06 11:48:31 [error] 183326#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: _, request: "GET /web/index.php HTTP/2.0", upstream: "fastcgi://127.0.0.1:9999", host: "xxxxxxx.xx"
Řešení dotazu:
upstream php_workers { server 127.0.0.1:9999; } upstream php-handler { server 127.0.0.1:9000; # server unix:/var/run/php/php7.4-fpm.sock; }
Kdepak, ten běží.
[root@vps ~]# systemctl status php-fpm.service ● php-fpm.service - The PHP FastCGI Process Manager Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2022-04-06 10:35:33 CEST; 5h 36min ago Main PID: 179534 (php-fpm) Status: "Processes active: 0, idle: 6, Requests: 869, slow: 0, Traffic: 0req/sec" Tasks: 7 (limit: 24932) Memory: 115.6M CGroup: /system.slice/php-fpm.service ├─179534 php-fpm: master process (/etc/php-fpm.conf) ├─190997 php-fpm: pool inet ├─191040 php-fpm: pool inet ├─191044 php-fpm: pool inet ├─191083 php-fpm: pool inet ├─191087 php-fpm: pool inet └─191616 php-fpm: pool inet Apr 06 14:16:23 vps php-fpm[179534]: [NOTICE] [pool inet] child 179539 exited with code 0 after 13250.376719 seconds from start Apr 06 14:16:23 vps php-fpm[179534]: [NOTICE] [pool inet] child 191040 started Apr 06 14:16:53 vps php-fpm[179534]: [NOTICE] [pool inet] child 179538 exited with code 0 after 13280.381147 seconds from start Apr 06 14:16:53 vps php-fpm[179534]: [NOTICE] [pool inet] child 191044 started Apr 06 14:17:23 vps php-fpm[179534]: [NOTICE] [pool inet] child 179536 exited with code 0 after 13310.377432 seconds from start Apr 06 14:17:23 vps php-fpm[179534]: [NOTICE] [pool inet] child 191083 started Apr 06 14:17:53 vps php-fpm[179534]: [NOTICE] [pool inet] child 179537 exited with code 0 after 13340.382813 seconds from start Apr 06 14:17:53 vps php-fpm[179534]: [NOTICE] [pool inet] child 191087 started Apr 06 14:28:53 vps php-fpm[179534]: [NOTICE] [pool inet] child 179596 exited with code 0 after 13966.336811 seconds from start Apr 06 14:28:53 vps php-fpm[179534]: [NOTICE] [pool inet] child 191616 started
telnet 127.0.0.1 9999 curl 'http://127.0.0.1:9999/'Ten port je divný, přijde mi, že log nedpovídá konfiguraci. Vidím ho jen u
php_workers
, které se použije jen u location = /status
. Funguje správně reloadování?
sudo nginx -tZmění se port v logu, pokud ho změníš u
php_workers
?
[root@vps ~]# ss -lntp State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 5 127.0.0.1:20000 0.0.0.0:* users:(("sogod",pid=1469,fd=4),("sogod",pid=1468,fd=4),("sogod",pid=1467,fd=4),("sogod",pid=1466,fd=4),("sogod",pid=1465,fd=4),("sogod",pid=1464,fd=4),("sogod",pid=1463,fd=4),("sogod",pid=1462,fd=4),("sogod",pid=1461,fd=4),("sogod",pid=1460,fd=4),("sogod",pid=1433,fd=4)) LISTEN 0 5 127.0.0.1:7777 0.0.0.0:* users:(("python3",pid=1505,fd=6)) LISTEN 0 128 0.0.0.0:993 0.0.0.0:* users:(("dovecot",pid=1134,fd=50)) LISTEN 0 5 127.0.0.1:7778 0.0.0.0:* users:(("python3",pid=1505,fd=7)) LISTEN 0 5 127.0.0.1:7779 0.0.0.0:* users:(("python3",pid=1505,fd=8)) LISTEN 0 100 0.0.0.0:995 0.0.0.0:* users:(("dovecot",pid=1134,fd=30)) LISTEN 0 128 127.0.0.1:9000 0.0.0.0:* users:(("php-fpm",pid=270596,fd=12),("php-fpm",pid=269997,fd=12),("php-fpm",pid=269983,fd=12),("php-fpm",pid=269949,fd=12),("php-fpm",pid=269904,fd=12),("php-fpm",pid=269865,fd=12),("php-fpm",pid=269449,fd=12),("php-fpm",pid=179534,fd=9)) LISTEN 0 128 127.0.0.1:10024 0.0.0.0:* users:(("/usr/sbin/amavi",pid=1672,fd=7),("/usr/sbin/amavi",pid=1671,fd=7),("/usr/sbin/amavi",pid=1670,fd=7),("/usr/sbin/amavi",pid=1669,fd=7),("/usr/sbin/amavi",pid=1494,fd=7)) LISTEN 0 100 127.0.0.1:10025 0.0.0.0:* users:(("master",pid=1512,fd=121)) LISTEN 0 128 127.0.0.1:10026 0.0.0.0:* users:(("/usr/sbin/amavi",pid=1672,fd=8),("/usr/sbin/amavi",pid=1671,fd=8),("/usr/sbin/amavi",pid=1670,fd=8),("/usr/sbin/amavi",pid=1669,fd=8),("/usr/sbin/amavi",pid=1494,fd=8)) LISTEN 0 100 0.0.0.0:587 0.0.0.0:* users:(("master",pid=1512,fd=104)) LISTEN 0 128 127.0.0.1:10027 0.0.0.0:* users:(("/usr/sbin/amavi",pid=1672,fd=9),("/usr/sbin/amavi",pid=1671,fd=9),("/usr/sbin/amavi",pid=1670,fd=9),("/usr/sbin/amavi",pid=1669,fd=9),("/usr/sbin/amavi",pid=1494,fd=9)) LISTEN 0 128 127.0.0.1:11211 0.0.0.0:* users:(("memcached",pid=637,fd=23)) LISTEN 0 100 127.0.0.1:10028 0.0.0.0:* users:(("master",pid=1512,fd=124)) LISTEN 0 128 127.0.0.1:9998 0.0.0.0:* users:(("/usr/sbin/amavi",pid=1672,fd=10),("/usr/sbin/amavi",pid=1671,fd=10),("/usr/sbin/amavi",pid=1670,fd=10),("/usr/sbin/amavi",pid=1669,fd=10),("/usr/sbin/amavi",pid=1494,fd=10)) LISTEN 0 100 0.0.0.0:110 0.0.0.0:* users:(("dovecot",pid=1134,fd=28)) LISTEN 0 100 127.0.0.1:7790 0.0.0.0:* users:(("uwsgi",pid=1431,fd=10),("uwsgi",pid=1430,fd=10),("uwsgi",pid=1429,fd=10),("uwsgi",pid=1428,fd=10),("uwsgi",pid=1427,fd=10),("uwsgi",pid=1049,fd=10)) LISTEN 0 128 0.0.0.0:143 0.0.0.0:* users:(("dovecot",pid=1134,fd=48)) LISTEN 0 100 127.0.0.1:7791 0.0.0.0:* users:(("uwsgi",pid=1478,fd=10),("uwsgi",pid=1477,fd=10),("uwsgi",pid=1476,fd=10),("uwsgi",pid=1475,fd=10),("uwsgi",pid=1474,fd=10),("uwsgi",pid=1061,fd=10)) LISTEN 0 128 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=183326,fd=10),("nginx",pid=183325,fd=10)) LISTEN 0 100 0.0.0.0:465 0.0.0.0:* users:(("master",pid=1512,fd=108)) LISTEN 0 128 127.0.0.1:24242 0.0.0.0:* users:(("stats",pid=1411,fd=10),("dovecot",pid=1134,fd=23)) LISTEN 0 100 127.0.0.1:12340 0.0.0.0:* users:(("dovecot",pid=1134,fd=71)) LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=644,fd=5)) LISTEN 0 100 127.0.0.1:24 0.0.0.0:* users:(("lmtp",pid=1407,fd=9),("lmtp",pid=1406,fd=9),("lmtp",pid=1405,fd=9),("lmtp",pid=1404,fd=9),("lmtp",pid=1397,fd=9),("dovecot",pid=1134,fd=38)) LISTEN 0 100 0.0.0.0:25 0.0.0.0:* users:(("master",pid=1512,fd=16)) LISTEN 0 128 0.0.0.0:443 0.0.0.0:* users:(("nginx",pid=183326,fd=8),("nginx",pid=183325,fd=8)) LISTEN 0 128 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=251411,fd=75)) LISTEN 0 100 127.0.0.1:4190 0.0.0.0:* users:(("dovecot",pid=1134,fd=18)) LISTEN 0 128 127.0.0.1:19999 0.0.0.0:* users:(("netdata",pid=251411,fd=5)) LISTEN 0 128 [::]:993 [::]:* users:(("dovecot",pid=1134,fd=51)) LISTEN 0 100 [::]:995 [::]:* users:(("dovecot",pid=1134,fd=31)) LISTEN 0 128 *:3306 *:* users:(("mysqld",pid=832,fd=24)) LISTEN 0 100 [::]:587 [::]:* users:(("master",pid=1512,fd=105)) LISTEN 0 100 [::]:110 [::]:* users:(("dovecot",pid=1134,fd=29)) LISTEN 0 128 [::]:143 [::]:* users:(("dovecot",pid=1134,fd=49)) LISTEN 0 128 [::]:80 [::]:* users:(("nginx",pid=183326,fd=11),("nginx",pid=183325,fd=11)) LISTEN 0 100 [::]:465 [::]:* users:(("master",pid=1512,fd=109)) LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=644,fd=7)) LISTEN 0 100 [::]:25 [::]:* users:(("master",pid=1512,fd=17)) LISTEN 0 128 [::]:443 [::]:* users:(("nginx",pid=183326,fd=9),("nginx",pid=183325,fd=9)) LISTEN 0 128 [::1]:8125 [::]:* users:(("netdata",pid=251411,fd=64))
[root@vps ~]# curl 'http://127.0.0.1:9999/' curl: (7) Failed to connect to 127.0.0.1 port 9999: Connection refused
Pardon, jsem totálně slepý.
V /etc/nginx/conf-enabled/php_fpm.conf změněn port na 9000 a všechno jede
upstream php_workers { server 127.0.0.1:9000; } upstream php-handler { server 127.0.0.1:9000; # server unix:/var/run/php/php7.4-fpm.sock; }
Mocrát děkuji
Tiskni
Sdílej: