前言
工作中经常忘记一些常用的命令,每次忘记都要重复去搜索。所以开个文章,每次遇到那些我以为我记住了的命令,就往这里塞,方便用时更快地ctrl+c、ctrl+v.😄
Docker
找出容器运行的compose文件名称和位置
docker inspect mongo | grep compose
镜像重命名
docker rename 重命名容器
docker tag node:14.15.4 hub.registry.com:latest
列出所有tag为none的镜像id
docker images -aq --filter dangling=true
删除所有tag为none的镜像
方法1:
docker rmi $(docker images -aq --filter dangling=true)
如果某些tag为none的镜像仍然被占用,会报错误,在ci工作中可能导致job失败
方法2:
docker image prune -f
清除无用的image,-f 指定该操作不用进行确认
添加用户到docker用户组
sudo usermod -aG docker ubuntu
newgrp docker
gitlab-runner
删除无效runner
gitlab-runner verify --delete
注册runner时解开锁定
gitlab-runner register --locked=false
解开runner锁定
gitlab-runner edit the-runner-name --locked=false
ssh
将本机的公钥存到目标服务器的authorized_keys中
ssh-copy-id -i ~/.ssh/id_rsa.pub root@139.9.240.168
查看某个服务器端口的公钥指纹
即本机~/.ssh/known_hosts文件中的对应内容
ssh-keyscan -p 22 139.9.240.168
远程登陆配置
ssh huaweiyun
# ~/.ssh/config
Host huaweiyun
# 端口,一般默认是22
Port 22
# 服务器名
HostName 139.9.240.168
# 用户名
User root
# 本地私钥文件
IdentityFile ~/.ssh/id_rsa
开启 ssh 会话
eval $(ssh-agent -s)
ssh-add # 将本机的私钥加载至会话内存中
shell
列出当前目录下所有文件大小、完整日期
- linux
ls -alh --full-time
- mac
ls -alhT
添加已有用户到已有用户组
sudo usermod -a -G docker opt
添加新用户到用户组
sudo useradd -G docker opt # 添加到附加组docker
sudo useradd -g docker opt # 添加到主要组docker
查询服务器公网ip的两种方式
curl ifconfig.me
curl httpbin.org/ip
查看出口ip
# alpine:apk add bind-tools
dig +short myip.opendns.com @resolver1.opendns.com
# 或者
curl -s checkip.dyndns.org | sed -e 's/.*Current IP Address: //' -e 's/<.*$//'
mongo
创建复合索引
db.getCollection('exposure').createIndex({"report_source":1, "report_type":1, "report_reason":1, "report_object":1, "report_datetime":-1}, {"unique":true,"background":true,"name":"anquan.exposure.receive_report_data"})
创建多个索引
db.ent_ref_app.createIndexes([{"COMPANYNAME":1},{"UNCID":1}],{"background":true})
去除重复数据
db.links.aggregate([
{
$group: { _id: {MiniBatchId: '$MiniBatchId',Root: '$Root',SubLink:'$SubLink'},count: {$sum: 1},dups: {$addToSet: '$_id'}}
},
{
$match: {count: {$gt: 1}}
}
],{allowDiskUse:true}).forEach(function(doc){
doc.dups.shift();
db.links.remove({_id: {$in: doc.dups}});
});
修改字段
db.getCollection('exposure').update({}, {"$unset":{"report_source":""}},{"multi":true})
db.getCollection('exposure').update({}, {"$set":{"report_source":"12321"}},{"multi":true})
聚合计数
db.txblack.aggregate([
{
"$addFields":{
"has_ip":{
"$cond":[
{"$ne":["$site_ip", ""]}
,1,0]
},
"has_region": {
"$cond":[
{
"$or": [
{"$ne":["$site_province",""]},
{"$ne":["$site_city",""]},
{"$ne":["$site_district",""]},
]
}
,1,0]
}
}
},
{
"$group":{
"_id":{
"source":"$Source",
"security":"$Security",
"evil_type":"$EvilType",
"check_status":"$icp_check_status",
"has_region": "$has_region",
"has_ip":"$has_ip"
},
"sum":{"$sum":1}
}
}
])
db.wechatArticle.aggregate([
{$match: {"task._id": ObjectId("63ea32364a1329000148b5d6"), "account._id": ObjectId("63ea32394a1329000148b6fb")}},
{$group: {"_id": {"firstEvilName": "$firstEvilName"}, count: {$sum: 1}}},
{$project: {"_id": 0, firstEvilName: "$_id.firstEvilName", sum: "$count"}}
])
// result
{ "firstEvilName" : "正常", "sum" : 986 }
{ "firstEvilName" : "拼写校验", "sum" : 2 }
mysql
建库建表
CREATE DATABASE `stats_platform` DEFAULT CHARACTER SET = `utf8mb4` DEFAULT COLLATE = `utf8mb4_general_ci`;
CREATE TABLE db_data_agg (
id INT NOT NULL AUTO_INCREMENT,
data_item_id INT NOT NULL COMMENT "数据项id, 外键",
agg_item VARCHAR(20) DEFAULT NULL COMMENT "聚合分类项目",
stat_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT "统计时间",
current_total INT NOT NULL DEFAULT 0 COMMENT "当前聚合项数据总量",
PRIMARY KEY (id),
FOREIGN KEY (data_item_id) REFERENCES db_data_items (id) ON DELETE CASCADE ON UPDATE CASCADE,
INDEX index_for_data_aggitem(data_item_id,agg_item)
)ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
按匹配值进行更新
UPDATE auth_permission SET name= CASE codename
WHEN 'can_view_scanconfig' THEN '查看检测任务配置'
WHEN 'check_scanconfig_list' THEN '查看检测任务配置列表'
WHEN 'can_add_scanconfig' THEN '新增检测任务配置'
WHEN 'edit_scanconfig' THEN '编辑检测任务配置'
WHEN 'kill_scanconfig' THEN '终止检测任务循环'
WHEN 'view_scan_detail' THEN '查看检测详情'
WHEN 'check_scantask_list' THEN '查看检测任务队列'
WHEN 'check_scan_report' THEN '查看检测报告'
WHEN 'kill_scantask' THEN '终止当前检测任务'
WHEN 'view_monitor_task' THEN '查看监测任务列表'
WHEN 'add_monitor_task' THEN '新增监测任务'
WHEN 'change_monitor_task' THEN '修改监测任务'
WHEN 'stop_monitor_task' THEN '终止监测任务'
WHEN 'view_monitor_task_detail' THEN '查看监测任务详情'
ELSE name
END
WHERE content_type_id=18;
查看、设置当前最大连接数
SHOW VARIABLES LIKE 'max_connections';
SET GLOBAL max_connections=1024;
-- 查看详细的连接数
SHOW STATUS LIKE 'Threads%';
查看当前所有的连接及状态
SHOW FULL PROCESSLIST;
--按客户端 IP 分组,看哪个客户端的链接数最多
SELECT client_ip,count(client_ip) AS client_num FROM (SELECT substring_index(host,':' ,1) AS client_ip FROM processlist ) AS connect_info GROUP BY client_ip ORDER BY client_num DESC;
--查看正在执行的线程,并按 Time 倒排序,看看有没有执行时间特别长的线程
SELECT * FROM information_schema.processlist WHERE Command != 'Sleep' ORDER BY Time DESC;
--找出所有执行时间超过 5 分钟的线程,拼凑出 kill 语句,方便后面查杀
SELECT CONCAT('kill ', id, ';') FROM information_schema.processlist WHERE Command != 'Sleep' and Time > 300 ORDER BY Time DESC;
关闭外键约束
SET FOREIGN_KEY_CHECKS=0;
查看修改sql_mode
SELECT @@global.sql_mode;
SET@@session.sql_mode="STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION";
SET@@global.sql_mode="STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION";
-- docker-compose中更改:
-- 1. 先自定义配置
vim custom.cnf
[mysqld]
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'
-- 2. 再挂载
mysql8:
volumes:
- "./db:/var/lib/mysql"
- "./custom.cnf:/etc/mysql/conf.d/custom.cnf"
查看各数据库的数据量大小、索引大小
select
table_schema as '数据库',
sum(table_rows) as '记录数',
sum(truncate(data_length/1024/1024, 2)) as '数据容量(MB)',
sum(truncate(index_length/1024/1024, 2)) as '索引容量(MB)'
from information_schema.tables
group by table_schema
order by sum(data_length) desc, sum(index_length) desc;
查看数据库各表的数据量、数据大小、索引大小
select
table_schema as '数据库',
table_name as '表名',
table_rows as '记录数',
truncate(data_length/1024/1024, 2) as '数据容量(MB)',
truncate(index_length/1024/1024, 2) as '索引容量(MB)'
from information_schema.tables
order by data_length desc, index_length desc;
firewall-cmd
开启服务器端口
firewall-cmd --add-port 8080/tcp
查看防火墙状态
firewall-cmd --state
查看区域信息
firewall-cmd --get-active-zones
查看指定接口所属区域
firewall-cmd--get-zone-of-interface=eth0
查看现有的规则
firewall-cmd --list-all
# 或
iptables -nL
重载防火墙配置
firewall-cmd --reload
添加单个单端口
firewall-cmd --permanent --zone=public --add-port=80/tcp
# --permanent 永久生效
# --zone作用域
# --add-port 添加一个端口
查看现有端口
firewall-cmd --zone=public --query-port=80/tcp
# 或
firewall-cmd --zone=public --list-ports
添加多个端口
firewall-cmd --permanent --zone=public --add-port=8080-8083/tcp
删除某个端口
firewall-cmd --permanent --zone=public --remove-port=81/tcp
针对某个 IP开放端口
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.142.166" port protocol="tcp" port="6379" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.233" accept"
删除某个IP
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.1.51" accept"
针对一个ip段访问
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.0/16" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="9200" accept"
操作后需要执行重载
firewall-cmd --reload
tmux
tmux ls # 列出tmux sessions
tmux new -s session_name # 创建一个tmux绘画
ctrl+b -> c # 新建窗口
ctrl+b -> 数字 # 切换窗口
ctrl+b -> d #退出窗口
---待续
