#!/usr/sbin/nft -f # From https://wiki.gbe0.com/en/linux/firewalling-and-filtering/nftables/template-inbound-outbound ## Clear/flush all existing rules flush ruleset # Main inet family filtering table table inet filter { # Rules for forwarded traffic chain forward { type filter hook forward priority 0; policy drop # 允許 Docker 容器網路轉發 # 允許從 Docker 網橋到任何地方的轉發 iifname "docker0" counter accept comment "允許來自 Docker 的轉發流量" iifname "br-*" counter accept comment "允許來自 Docker 網橋的轉發流量" # 允許已建立連接的回應流量 oifname { "docker0", "br-*" } ct state established,related counter accept comment "允許返回 Docker 的回應流量" meta l4proto { tcp, udp } th dport 53 counter accept comment "允許 DNS 查詢轉發" ## Log any unmatched traffic but rate limit logging to a maximum of 60 messages/minute ## The default policy will be applied to unmatched traffic limit rate 60/minute burst 100 packets \ log prefix "Forward - Drop: " \ comment "Log any unmatched traffic" ## Count the unmatched traffic counter \ comment "Count any unmatched traffic" } # Rules for input traffic chain input { type filter hook input priority 0; policy drop ## Permit inbound traffic to loopback interface iif lo \ accept \ comment "Permit all traffic in from loopback interface" # 允許來自 Docker 網路的連接 iifname { "docker0", "br-*" } counter accept comment "允許來自 Docker 網路的流量" ## Permit established and related connections ct state established,related \ counter \ accept \ comment "Permit established/related connections" ## Log and drop new TCP non-SYN packets tcp flags !
cron php laravel UI Boostrap jetstream docker-compose
laravel_docker
dokcer-compose.yml
cron: build: ./infra/docker/cron env_file: ./env.mariadb.local.env stop_signal: SIGTERM depends_on: - app volumes: - ./backend:/work/backend Dockerfile
FROM php:8.0.11-fpm-buster LABEL maintainer="ucan-lab <yes@u-can.pro>" #SHELL ["/bin/bash", "-oeux", "pipefail", "-c"] # timezone environment ENV TZ=Asia/Taipei \ # locale LANG=en_US.UTF-8 \ LANGUAGE=en_US:UTF-8 \ LC_ALL=en_US.UTF-8 \ # Laravel environment APP_SERVICES_CACHE=/tmp/cache/services.php \ APP_PACKAGES_CACHE=/tmp/cache/packages.php \ APP_CONFIG_CACHE=/tmp/cache/config.php \ APP_ROUTES_CACHE=/tmp/cache/routes.php \ APP_EVENTS_CACHE=/tmp/cache/events.php \ VIEW_COMPILED_PATH=/tmp/cache/views \ # SESSION_DRIVER=cookie \ LOG_CHANNEL=stderr \ DB_CONNECTION=mysql \ DB_PORT=3306 RUN apt-get update RUN apt-get -y install locales libicu-dev libzip-dev htop cron nano RUN apt-get -y install default-mysql-client RUN locale-gen en_US.
1. IAM User -> New User -> Demo_ECR Add Permissions policies 新增許可
a. 直接連接現有政策 AmazonEC2ContainerRegistryPowerUser
b. 建立policies -> Demo_ECR https://docs.aws.amazon.com/AmazonECR/latest/userguide/security-iam-awsmanpol.html
2. install aws cli tools windows https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html
3. aws ecr repositories -> private -> create repository input demo
Keep ooxxooxxooxxooxx.dkr.ecr.ap-northeast-1.amazonaws.com/demo
save
4. aws cli login powershell windows aws configure
go back IAM, show Demo_ECR -> 安全登入資料 security login
run 建立存取金鑰 create Access Key
copy new Access Key ID and AWS Secret Access Key
docker run -d -P -p 9005:9005 -p 2222:22 -v C:\Users\user\Downloads\ooxxooxx\public_html:/project --name test_sshd rastasheep/ubuntu-sshd:18.04 > apt update > apt install curl > curl -sL https://deb.nodesource.com/setup_16.x | bash - > apt-get install -y nodejs > npm install -g firebase-tools > cd /project > firebase login > firebase deploy
https://ubuntuqa.com/zh-tw/article/6721.html
docker-compose build --no-cache ooxxooxx
ERROR: Couldn’t find env file:
Try to use one line.
env_file: - ./env.mariadb.local.env env_file: ./env.mariadb.local.env
目錄裡面對應的檔案要先修改
=== 設定修改
[docker-compose]
docker-compose.yml ./backend 在執行docker-compose目錄下建立backend目錄,或者是移動位置
db-store 使用的是 volumes
[mysql]
infra/docker/mysql/Dockerfile
mysql user password root 等等自行變更,變更後要記得修改 infra/docker/php/Dockerfile
infra/docker/mysql/my.cnf
collation_server = utf8mb4_unicode_ci
[php]
infra/docker/php/Dockerfile 如果上面mysql設定有變更,記得這裡也要跟著變更
ENV TZ=Asia/Taipei
LANGUAGE=en_US:UTF-8
infra/docker/php/php.ini
mbstring.language = zh-tw
[nginx]
infra/docker/nginx/Dockerfile
ENV TZ=UTC+8
=== 指令開始執行
docker-compose up -d docker-compose exec app composer create-project --prefer-dist laravel/laravel . == jetstream Livewire !Now No Use
docker-compose exec app composer require laravel/jetstream docker-compose exec app php artisan jetstream:install livewire --teams docker-compose exec app php artisan migrate docker-compose exec web yarn install docker-compose exec web yarn dev == jetstream end
