Mac服务器环境配置

服务器搭建记录

基础环境

Command Line Tools

Mac 的命令行开发者基础工具合集，包括 clang、make、git、lldb等等

xcode-select --install

该命令会触发图形化安装程序弹窗（需点击确认）

Homebrew

官网：https://brew.sh/zh-cn/

依赖 git，请先安装 Command Line Tools

建议使用国内镜像安装

/bin/zsh -c "$(curl -fsSL https://gitee.com/cunkai/HomebrewCN/raw/master/Homebrew.sh)"

安装结束后，更新环境变量

source /Users/XXXX/.zprofile

工具

htop

增强版 top，用于查看内存

brew install htop

使用 htop 命令查看动态内存使用情况

ncdu

磁盘占用查看工具

brew install ncdu

• ncdu 查看当前目录
• ncdu <PATH> 查看指定目录

orbstack

brew install orbstack

镜像配置

1. 配置
2. 重启 orbstack

Docker

Navidrome

~/navidrome/docker-compose.yml

services:
  navidrome:
    image: deluan/navidrome:latest
    platform: linux/amd64
    user: 1000:1000 # should be owner of volumes
    ports:
      - "4533:4533"
    restart: unless-stopped
    environment:
      # Optional: put your config options customization here. Examples:
      ND_BASEURL: /navidrome
      ND_LOGLEVEL: debug
    volumes:
      - "./data:/data"
      - "./music:/music:ro"

docker-compose up -d

immich

App 位置：~/Apps/immich

安装

1. 新建 App 文件夹，如 ~/Apps/immich

   mkdir ~/Apps/immich

2. 下载 docker-compose.yml and example.env（重命名为 .env）放到 App 文件夹

   wget -O docker-compose.yml https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml

   wget -O .env https://github.com/immich-app/immich/releases/latest/download/example.env

3. 环境配置，编辑 .env 文件，设置如照片上传位置

   UPLOAD_LOCATION=/Volumes/Drive-WD/immich/library

4. 启动容器

   docker compose up -d

安装完成，则可从默认 2283 端口访问

dashy

https://dashy.to

安装

App 位置：~/Apps/dashy

~/Apps/dashy/docker-compose.yml

version: "3.8"
services:
  dashy:
    # To build from source, replace 'image: lissy93/dashy' with 'build: .'
    # build: .
    image: lissy93/dashy
    container_name: Dashy
    # Pass in your config file below, by specifying the path on your host machine
    # volumes:
      # - /root/my-config.yml:/app/user-data/conf.yml
    ports:
      - 8088:8080
    # Set any environmental variables
    environment:
      - NODE_ENV=production
      - BASE_URL=/dashy
    # Specify your user ID and group ID. You can find this by running `id -u` and `id -g`
    #  - UID=1000
    #  - GID=1000
    # Specify restart policy
    restart: unless-stopped
    # Configure healthchecks
    healthcheck:
      test: ['CMD', 'node', '/app/services/healthcheck']
      interval: 1m30s
      timeout: 10s
      retries: 3
      start_period: 40s

docker compose up -d

https://github.com/gethomepage/homepage/discussions/4435

kavita

services:
    kavita:
        image: jvmilazz0/kavita:latest    # Using the stable branch from the official dockerhub repo.
        container_name: kavita
        volumes:
            - ./data/manga:/manga
            - ./data/comics:/comics
            - ./data/books:/books
            - ./config:/kavita/config     # /kavita/config must not be changed
        environment:
            - TZ=Asia/Shanghai
        ports:
            - "5000:5000"
        restart: unless-stopped

网络

Nginx 反代

Nginx 安装

1. 安装 nginx

   brew install nginx

2. 启动 nginx

   brew services start nginx

3. 测试访问

   curl -I http://localhost:8080

常用命令

• 重启 nginx

  brew services restart nginx

Nginx 配置

/opt/homebrew/etc/nginx

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       8080;
        server_name  localhost;

        location / {
            root   html;
            index  index.html index.htm;
        }

        location ^~ /navidrome/ {
            proxy_pass http://127.0.0.1:4533/navidrome/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Protocol $scheme;
            proxy_set_header X-Forwarded-Host $http_host;
            proxy_buffering off;
        }
        
        location ^~ /dashy/ {
            proxy_pass http://127.0.0.1:8088/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            # 重写规则
            proxy_redirect / /dashy/;
            proxy_cookie_path / /dashy/;

            # 只在 Dashy 路径下处理 conf.yml 重写
            location ~ ^/dashy/(.*\.yml)$ {
                # 内部重写，不暴露给外部
                internal;
                proxy_pass http://127.0.0.1:8088/$1;
            }

            # 内容替换 - 只修改 Dashy 相关的响应
            sub_filter_once off;
            sub_filter '"/conf.yml"' '"/dashy/conf.yml"';
            sub_filter "'/conf.yml'" "'/dashy/conf.yml'";
            sub_filter 'href="/' 'href="/dashy/';
            sub_filter 'src="/' 'src="/dashy/';

            add_header Access-Control-Allow-Origin *;
        }

        location ^~ /immich/ {
            # 重写路径：移除 /immich 前缀
            rewrite ^/immich/(.*)$ /$1 break;
            proxy_pass http://127.0.0.1:2283/;
            proxy_http_version 1.1;

            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Host $http_host;
            proxy_set_header X-Forwarded-Prefix /immich;

            # 处理重定向
            proxy_redirect / /immich/;
            proxy_redirect http://127.0.0.1:2283/ /immich/;
            proxy_redirect http://localhost:2283/ /immich/;

            proxy_buffering off;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    include servers/*;
}

Caddy 反代

安装 Caddy

brew install caddy

安装目录为下文的 /opt/homebrew/Cellar/caddy/2.10.0

guoyi@mac-mini ~ % brew install caddy
==> Auto-updating Homebrew...
Adjust how often this is run with `$HOMEBREW_AUTO_UPDATE_SECS` or disable with
`$HOMEBREW_NO_AUTO_UPDATE=1`. Hide these hints with `$HOMEBREW_NO_ENV_HINTS=1` (see `man brew`).
==> Fetching downloads for: caddy
==> Fetching caddy
==> Downloading https://mirrors.aliyun.com/homebrew/homebrew-bottles/caddy-2.10.0.arm64_se
################################################################################### 100.0%
==> Pouring caddy-2.10.0.arm64_sequoia.bottle.1.tar.gz
==> Caveats
When running the provided service, caddy's data dir will be set as
  `/opt/homebrew/var/lib`
  instead of the default location found at https://caddyserver.com/docs/conventions#data-directory

To start caddy now and restart at login:
  brew services start caddy
Or, if you don't want/need a background service you can just run:
  XDG_DATA_HOME="/opt/homebrew/var/lib" HOME="/opt/homebrew/var/lib" /opt/homebrew/opt/caddy/bin/caddy run --config /opt/homebrew/etc/Caddyfile
==> Summary
🍺  /opt/homebrew/Cellar/caddy/2.10.0: 39 files, 39.5MB
==> Running `brew cleanup caddy`...
Disable this behaviour by setting `HOMEBREW_NO_INSTALL_CLEANUP=1`.
Hide these hints with `HOMEBREW_NO_ENV_HINTS=1` (see `man brew`).
==> No outdated dependents to upgrade!
==> Caveats
zsh completions have been installed to:
  /opt/homebrew/share/zsh/site-functions

在安装目录下，即可找到相应的服务配置 homebrew.mxcl.caddy.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>EnvironmentVariables</key>
        <dict>
                <key>HOME</key>
                <string>/opt/homebrew/var/lib</string>
                <key>XDG_DATA_HOME</key>
                <string>/opt/homebrew/var/lib</string>
        </dict>
        <key>KeepAlive</key>
        <true/>
        <key>Label</key>
        <string>homebrew.mxcl.caddy</string>
        <key>LimitLoadToSessionType</key>
        <array>
                <string>Aqua</string>
                <string>Background</string>
                <string>LoginWindow</string>
                <string>StandardIO</string>
                <string>System</string>
        </array>
        <key>ProgramArguments</key>
        <array>
                <string>/opt/homebrew/opt/caddy/bin/caddy</string>
                <string>run</string>
                <string>--config</string>
                <string>/opt/homebrew/etc/Caddyfile</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>StandardErrorPath</key>
        <string>/opt/homebrew/var/log/caddy.log</string>
        <key>StandardOutPath</key>
        <string>/opt/homebrew/var/log/caddy.log</string>
</dict>
</plist>

找到其中的默认配置路径：/opt/homebrew/etc/Caddyfile，当前还没有该文件，也没有启动服务，需要编写完配置文件后，再启动服务

Caddyfile 配置文件

/opt/homebrew/Cellar/caddy/2.10.0

brew services start caddy

cpolar 内网穿透

macos cpolar 使用说明

cpolar 安装

1. 安装 cpolar

   brew tap probezy/core && brew install cpolar

2. Token 认证

   cpolar authtoken xxxxxxx

3. 安装 cpolar 服务

   sudo cpolar service install

4. 启动 cpolar 服务

   sudo cpolar service start

5. 本地登入 http://127.0.0.1:9200/

ssh

设置 22 端口 tcp 隧道后

ssh <UserName>@3.tcp.cpolar.top -p <Port>

证书登入

1. 查看本机的 ~/.ssh 文件夹是否有公私钥对，没有则生成一对

   ssh-keygen

   默认命名为 id_rsa，也可输入自定义名字，如 mac_key，密码无需设置，自动生成私钥 mac_key 和公钥 mac_key.pub 两个文件

2. 将公钥上传到服务器

   mac_key.pub Ubuntu

   此命令自动将公钥传到 Ubuntu 所指服务器和用户的 .ssh/known_hosts 文件中

3. （Mac 额外步骤）本机添加私钥文件

   ssh-add -K mac_key

上面三步设置完成后，即可免密登录服务器