0%

Mac服务器环境配置

服务器搭建记录

基础环境

Command Line Tools

Mac 的命令行开发者基础工具合集,包括 clang、make、git、lldb等等

1
xcode-select --install

该命令会触发图形化安装程序弹窗(需点击确认)

Homebrew

官网:https://brew.sh/zh-cn/

依赖 git,请先安装 Command Line Tools

建议使用国内镜像安装

1
/bin/zsh -c "$(curl -fsSL https://gitee.com/cunkai/HomebrewCN/raw/master/Homebrew.sh)"

安装结束后,更新环境变量

1
source /Users/XXXX/.zprofile

工具

htop

增强版 top,用于查看内存

1
brew install htop

使用 htop 命令查看动态内存使用情况

ncdu

磁盘占用查看工具

1
brew install ncdu
  • ncdu 查看当前目录
  • ncdu <PATH> 查看指定目录

orbstack

1
brew install orbstack

镜像配置

  1. 配置
  2. 重启 orbstack

Docker

~/navidrome/docker-compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
services:
navidrome:
image: deluan/navidrome:latest
platform: linux/amd64
user: 1000:1000 # should be owner of volumes
ports:
- "4533:4533"
restart: unless-stopped
environment:
# Optional: put your config options customization here. Examples:
ND_BASEURL: /navidrome
ND_LOGLEVEL: debug
volumes:
- "./data:/data"
- "./music:/music:ro"

docker-compose up -d

immich

App 位置:~/Apps/immich

安装

  1. 新建 App 文件夹,如 ~/Apps/immich

    1
    mkdir ~/Apps/immich
  2. 下载 docker-compose.yml and example.env(重命名为 .env)放到 App 文件夹

    1
    wget -O docker-compose.yml https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
    1
    wget -O .env https://github.com/immich-app/immich/releases/latest/download/example.env
  3. 环境配置,编辑 .env 文件,设置如照片上传位置

    1
    UPLOAD_LOCATION=/Volumes/Drive-WD/immich/library
  4. 启动容器

    1
    docker compose up -d

安装完成,则可从默认 2283 端口访问

dashy

https://dashy.to

安装

App 位置:~/Apps/dashy

~/Apps/dashy/docker-compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
version: "3.8"
services:
dashy:
# To build from source, replace 'image: lissy93/dashy' with 'build: .'
# build: .
image: lissy93/dashy
container_name: Dashy
# Pass in your config file below, by specifying the path on your host machine
# volumes:
# - /root/my-config.yml:/app/user-data/conf.yml
ports:
- 8088:8080
# Set any environmental variables
environment:
- NODE_ENV=production
- BASE_URL=/dashy
# Specify your user ID and group ID. You can find this by running `id -u` and `id -g`
# - UID=1000
# - GID=1000
# Specify restart policy
restart: unless-stopped
# Configure healthchecks
healthcheck:
test: ['CMD', 'node', '/app/services/healthcheck']
interval: 1m30s
timeout: 10s
retries: 3
start_period: 40s

docker compose up -d

https://github.com/gethomepage/homepage/discussions/4435

kavita

1
2
3
4
5
6
7
8
9
10
11
12
13
14
services:
kavita:
image: jvmilazz0/kavita:latest # Using the stable branch from the official dockerhub repo.
container_name: kavita
volumes:
- ./data/manga:/manga
- ./data/comics:/comics
- ./data/books:/books
- ./config:/kavita/config # /kavita/config must not be changed
environment:
- TZ=Asia/Shanghai
ports:
- "5000:5000"
restart: unless-stopped

网络

Nginx 反代

Nginx 安装

  1. 安装 nginx

    1
    brew install nginx
  2. 启动 nginx

    1
    brew services start nginx
  3. 测试访问

    1
    curl -I http://localhost:8080

常用命令

  • 重启 nginx

    1
    brew services restart nginx

Nginx 配置

/opt/homebrew/etc/nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
worker_processes  1;

events {
worker_connections 1024;
}

http {
include mime.types;
default_type application/octet-stream;

sendfile on;
keepalive_timeout 65;

server {
listen 8080;
server_name localhost;

location / {
root html;
index index.html index.htm;
}

location ^~ /navidrome/ {
proxy_pass http://127.0.0.1:4533/navidrome/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_buffering off;
}

location ^~ /dashy/ {
proxy_pass http://127.0.0.1:8088/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

# 重写规则
proxy_redirect / /dashy/;
proxy_cookie_path / /dashy/;

# 只在 Dashy 路径下处理 conf.yml 重写
location ~ ^/dashy/(.*\.yml)$ {
# 内部重写,不暴露给外部
internal;
proxy_pass http://127.0.0.1:8088/$1;
}

# 内容替换 - 只修改 Dashy 相关的响应
sub_filter_once off;
sub_filter '"/conf.yml"' '"/dashy/conf.yml"';
sub_filter "'/conf.yml'" "'/dashy/conf.yml'";
sub_filter 'href="/' 'href="/dashy/';
sub_filter 'src="/' 'src="/dashy/';

add_header Access-Control-Allow-Origin *;
}

location ^~ /immich/ {
# 重写路径:移除 /immich 前缀
rewrite ^/immich/(.*)$ /$1 break;
proxy_pass http://127.0.0.1:2283/;
proxy_http_version 1.1;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Prefix /immich;

# 处理重定向
proxy_redirect / /immich/;
proxy_redirect http://127.0.0.1:2283/ /immich/;
proxy_redirect http://localhost:2283/ /immich/;

proxy_buffering off;
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

include servers/*;
}

Caddy 反代

安装 Caddy

1
brew install caddy

安装目录为下文的 /opt/homebrew/Cellar/caddy/2.10.0

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
guoyi@mac-mini ~ % brew install caddy
==> Auto-updating Homebrew...
Adjust how often this is run with `$HOMEBREW_AUTO_UPDATE_SECS` or disable with
`$HOMEBREW_NO_AUTO_UPDATE=1`. Hide these hints with `$HOMEBREW_NO_ENV_HINTS=1` (see `man brew`).
==> Fetching downloads for: caddy
==> Fetching caddy
==> Downloading https://mirrors.aliyun.com/homebrew/homebrew-bottles/caddy-2.10.0.arm64_se
################################################################################### 100.0%
==> Pouring caddy-2.10.0.arm64_sequoia.bottle.1.tar.gz
==> Caveats
When running the provided service, caddy's data dir will be set as
`/opt/homebrew/var/lib`
instead of the default location found at https://caddyserver.com/docs/conventions#data-directory

To start caddy now and restart at login:
brew services start caddy
Or, if you don't want/need a background service you can just run:
XDG_DATA_HOME="/opt/homebrew/var/lib" HOME="/opt/homebrew/var/lib" /opt/homebrew/opt/caddy/bin/caddy run --config /opt/homebrew/etc/Caddyfile
==> Summary
🍺 /opt/homebrew/Cellar/caddy/2.10.0: 39 files, 39.5MB
==> Running `brew cleanup caddy`...
Disable this behaviour by setting `HOMEBREW_NO_INSTALL_CLEANUP=1`.
Hide these hints with `HOMEBREW_NO_ENV_HINTS=1` (see `man brew`).
==> No outdated dependents to upgrade!
==> Caveats
zsh completions have been installed to:
/opt/homebrew/share/zsh/site-functions

在安装目录下,即可找到相应的服务配置 homebrew.mxcl.caddy.plist

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>EnvironmentVariables</key>
<dict>
<key>HOME</key>
<string>/opt/homebrew/var/lib</string>
<key>XDG_DATA_HOME</key>
<string>/opt/homebrew/var/lib</string>
</dict>
<key>KeepAlive</key>
<true/>
<key>Label</key>
<string>homebrew.mxcl.caddy</string>
<key>LimitLoadToSessionType</key>
<array>
<string>Aqua</string>
<string>Background</string>
<string>LoginWindow</string>
<string>StandardIO</string>
<string>System</string>
</array>
<key>ProgramArguments</key>
<array>
<string>/opt/homebrew/opt/caddy/bin/caddy</string>
<string>run</string>
<string>--config</string>
<string>/opt/homebrew/etc/Caddyfile</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StandardErrorPath</key>
<string>/opt/homebrew/var/log/caddy.log</string>
<key>StandardOutPath</key>
<string>/opt/homebrew/var/log/caddy.log</string>
</dict>
</plist>

找到其中的默认配置路径:/opt/homebrew/etc/Caddyfile,当前还没有该文件,也没有启动服务,需要编写完配置文件后,再启动服务

Caddyfile 配置文件

/opt/homebrew/Cellar/caddy/2.10.0

brew services start caddy

cpolar 内网穿透

macos cpolar 使用说明

cpolar 安装

  1. 安装 cpolar

    1
    brew tap probezy/core && brew install cpolar
  2. Token 认证

    1
    cpolar authtoken xxxxxxx
  3. 安装 cpolar 服务

    1
    sudo cpolar service install
  4. 启动 cpolar 服务

    1
    sudo cpolar service start
  5. 本地登入 http://127.0.0.1:9200/

ssh

设置 22 端口 tcp 隧道后

1
ssh <UserName>@3.tcp.cpolar.top -p <Port>

证书登入

  1. 查看本机的 ~/.ssh 文件夹是否有公私钥对,没有则生成一对

    1
    ssh-keygen

    默认命名为 id_rsa,也可输入自定义名字,如 mac_key,密码无需设置,自动生成私钥 mac_key 和公钥 mac_key.pub 两个文件

  2. 将公钥上传到服务器

    1
    mac_key.pub Ubuntu

    此命令自动将公钥传到 Ubuntu 所指服务器和用户的 .ssh/known_hosts 文件中

  3. (Mac 额外步骤)本机添加私钥文件

    1
    ssh-add -K mac_key

上面三步设置完成后,即可免密登录服务器