yum install squid -y
yum install httpd-tools -y
cd squid*
./configure \
--prefix=/usr \
--exec-prefix=/usr \
--includedir=/usr/include \
--datadir=/usr/share \
--libdir=/usr/lib64 \
--libexecdir=/usr/lib64/squid \
--localstatedir=/var \
--sysconfdir=/etc/squid \
--sharedstatedir=/var/lib \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid \
--with-default-user=squid \
--enable-silent-rules \
--enable-dependency-tracking \
--with-openssl \
--enable-icmp \
--enable-delay-pools \
--enable-useragent-log \
--enable-esi \
--enable-follow-x-forwarded-for \
--enable-auth
make && make install
#编译安装
chown squid:squid /var/log/squid/
# 设置日志目录所属
htpasswd -cd /etc/squid/passwd squid1
#apache工具创建文件和用户密码
htpasswd -d /etc/squid/passwd squid2
#创建第二个用户和密码
/usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
squid1 123456
#输入密码提示"OK"
cat /etc/squid/squid.conf
visible_hostname fuckgfw
#创建一个主机名字,随意即可
http_port 1024
#指定服务端 ip:port
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
#启用认证
access_log /var/log/squid/access.log
#设置log路径
request_header_access X-Forwarded-For deny all
request_header_access From deny all
request_header_access Via deny all
#高匿配置
squid -k parse #检查配置文件
squid -s #后台运行服务
squid -k shutdown #关闭服务
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3128
#经过本机访问web将重定向到3128端口
iptables -I POSTROUTING -t nat -j MASQUERADE
#开启MASQUERADE地址伪装
echo 1 > /proc/sys/net/ipv4/ip_forward
grep ip_forward /etc/sysctl.conf &>/dev/null || echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
#开启NAT转发
通过以上配置就可以访问http和https的网站了 ~
... 同上文
#Generate Prviate Key
openssl genrsa -out attacker.club.private 2048
#Greate Certificate siqning request
openssl req -new -key attacker.club.private -out attacker.club.csr
Country Name (2 letter code) [XX]:US State or Province Name (full name) []:Illinois Locality Name (eg, city) [Default City]:Chicago Organization Name (eg, company) [Default Company Ltd]:Example Company LTD. Organizational Unit Name (eg, section) []:Information Technology Common Name (eg, your name or your server's hostname) []:Example Company LTD. Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:Example Company LTD.
git clone https://gitlab.com/xhang/gitlab.git
#下载补丁
cat gitlab/VERSION
#查看汉化版本
https://packages.gitlab.com/app/gitlab/gitlab-ce/search?q=10.6.4
yum install curl policycoreutils openssh-server openssh-clients && systemctl restart sshd
wget -c https://packages.gitlab.com/gitlab/gitlab-ce/el/7/x86_64/gitlab-ce-9.0.6-ce.0.el7.x86_64.rpm
rpm -ivh gitlab*.rpm
#下载和安装rpm包
vim /etc/gitlab/gitlab.rb
external_url 'http://gitlab.example.com'
gitlab-ctl reconfigure
git clone https://github.com/larryli/gitlabhq.git
#下载汉化包
gitlab-ctl stop
#关闭gitlab
head -1 /opt/gitlab/version-manifest.txt
#查看安装的gitlab版本
cd gitlab/
#进入汉化包目录
git diff v10.6.4 v10.6.4-zh >../v10.6.4-zh.diff
cd ..
yum install patch
patch -d /opt/gitlab/embedded/service/gitlab-rails -p1 < v10.6.4-zh.diff
~~\cp gitlabhq/* /opt/gitlab/embedded/service/gitlab-rails/ ~~
gitlab-ctl start
#启动gitlab
gitlab-ctl status
#查看状态
gitlab-ctl reconfigure
设置管理员密码
管理员账号登录的用户名:root
(虽然登录后管理员的用户名为Administrator,但是实际登录的用户名是root)
cat /etc/gitlab/gitlab.rb
gitlab_rails['ldap_enabled'] = true
###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: ' GitLab LDAP'
host: '10.0.0.200'
port: 389
uid: 'uid'
method: 'plain' # "start_tls" or "simple_tls" or "plain"
bind_dn: 'CN=Manager,DC=huored,DC=com'
password: 'XXX密码'
base: 'DC=huored,DC=com'
EOS
gitlab-ctl restart
#重启服务
/var/opt/gitlab/git-data/repositorie