CSnap/cheetsheetz
CSnap
/
cheetsheetz
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Modified Python Sheet.

This commit is contained in:
CSnap 2023-11-19 07:17:42 +00:00
parent 0839076441
commit dad8bebf54
2 changed files with 180 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

251
LEMP.md
View File

@ -1,29 +1,56 @@
# Initial Fedora Super-LEMP setup: # Fedora Super-LEMP setup:
### *Based on https://www.howtoforge.com/how-to-install-nginx-with-php-and-mariadb-lemp-stack-on-fedora-32/* *Based on https://www.howtoforge.com/how-to-install-nginx-with-php-and-mariadb-lemp-stack-on-fedora-32/*
## Massive swiss-army knife setup ## Install packages
### Massive swiss-army knife setup
``` ```
dnf install certbot* htop iftop iotop iptraf nano openssh-server net-tools nginx* rsync screen vim dnf install certbot certbot-nginx cockpit htop iftop iptraf nano openssh-server net-tools nginx* rsync screen vim wget && dnf groupinstall "Development Tools" "Web Server" "Mysql" "php"
wget && dnf groupinstall "Development Tools" "Web Server" "Mysql" "php"
``` ```
### Or Less Extra
`dnf install certbot certbot-nginx nginx `
`dnf install vim nano rsync screen vim wget net-tools htop iftop iptraf openssh-server bash-completion`
`dnf groupinstall "Development Tools" "Web Server" "Mysql" "php"`
### More butter Rocky variant
`dnf install epel-release`
`dnf install git vim nano rsync screen vim wget net-tools htop iftop iptraf openssh-server bash-completion mariadb mariadb-server certbot python3-certbot-nginx nginx php-fpm`
`dnf groupinstall "Development Tools"`
## Add non-root administrator ## Add non-root administrator
`adduser user` `adduser user`
`usermod -aG wheel user` `usermod -aG wheel user`
`passwd user` `passwd user`
`vi /etc/sudoers` `vi /etc/sudoers`
`sudo -i -u user` `sudo -i -u user`
## Configure SSH ## Configure SSH
`ssh-keygen -t rsa -b 4096` `ssh-keygen -t rsa -b 4096`
### Change port and root login settings ### Change port and root login settings
`vi /etc/ssh/sshd_config` `vi /etc/ssh/sshd_config`
### Add keys (also see `ssh-copy-id`) ### Add keys ( also see `ssh-copy-id` )
`vi .ssh/authorized_keys` `vi .ssh/authorized_keys`
## Firewall settings ## Firewall settings
``` ```
systemctl enable firewalld systemctl enable firewalld
systemctl start firewalld systemctl start firewalld
@ -52,33 +79,84 @@ mysql -u root -p
CREATE USER 'user1'@localhost IDENTIFIED BY 'password1'; CREATE USER 'user1'@localhost IDENTIFIED BY 'password1';
CREATE USER 'namenode'@localhost IDENTIFIED BY ':passwd'; CREATE USER 'namenode'@localhost IDENTIFIED BY ':passwd';
GRANT ALL PRIVILEGES ON *.* TO 'user1'@localhost IDENTIFIED BY 'password1'; GRANT ALL PRIVILEGES ON *.* TO 'user1'@localhost IDENTIFIED BY 'password1';
GRANT ALL PRIVILEGES ON *.* TO 'namenode'@localhost IDENTIFIED BY ':passwd'; GRANT ALL PRIVILEGES ON *.* TO 'user2'@localhost IDENTIFIED BY 'passwd2';
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
SHOW GRANTS FOR 'user1'@localhost; SHOW GRANTS FOR 'user1'@localhost;
SHOW GRANTS FOR 'namenode'@localhost; SHOW GRANTS FOR 'user2'@localhost;
CREATE DATABASE 'yourDB'; CREATE DATABASE 'yourDB';
SHOW DATABASES; SHOW DATABASES;
DROP USER 'user1'@localhost; DROP USER 'user1'@localhost; # Just for example to show how to delete a user
``` ```
## Redis Setup ## Redis Setup
`dnf install redis php-redis` `dnf install redis php-redis`
`sudo systemctl enable --now redis` `sudo systemctl enable --now redis`
```
vi /etc/redis/redis.conf ## Change bind (0.0.0.0) & requirepass && port (2*) && maxmemory (256mb) && `vi /etc/redis/redis.conf`
maxmemory-policy allkeys-lru
``` Change bind (0.0.0.0), `requirepass`, `port (2*)`, `maxmemory` (256mb), and `maxmemory-policy allkeys-lru`.
`systemctl restart redis` `systemctl restart redis`
``` ```
firewall-cmd --zone=public --permanent --add-port=26379/tcp firewall-cmd --zone=public --permanent --add-port=26379/tcp
firewall-cmd --reload firewall-cmd --reload
``` ```
## NGINX Detailed explanation below ## NGINX
### Important working directories:
```
/usr/share/nginx/
/etc/nginx/
```
### Create user working directory for custom configuration files:
```
mkdir /etc/nginx/sites-available # Create a directory for nginx.conf files
mkdir /usr/share/nginx/example.com/html -p # Create new webroot with specified structure
```
### Now we can create a new config file to start with:
`vi /etc/nginx/sites-available/example.com.conf`
### Link it to active conf directory
`ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/conf.d/`
### If it is required at some point, removing that symlink is as easy as:
`rm /etc/nginx/conf.d/example.com.conf`
### Now we edit the nginx.conf
`vi /etc/nginx/nginx.conf`
### Set the following lines after the line "include /etc/nginx/conf.d/*.conf" (if not already set):
```
server_names_hash_bucket_size 64; # Should already exist in recent versions
types_hash_max_size 4096; ## Should already be set
```
### Comment out the root location directive (Can uncomment after setup so as not to confuse cache while testing?)
**To test and reload the configuration:**
`nginx -t`
`systemctl reload nginx`
### Simple recap moving forward: ### Simple recap moving forward:
``` ```
systemctl start nginx ystemctl start nginx
systemctl restart nginx systemctl restart nginx
systemctl enable nginx systemctl enable nginx
systemctl status nginx systemctl status nginx
@ -88,114 +166,107 @@ mkdir /etc/nginx/sites-available
mkdir /usr/share/nginx/example.com/html -p mkdir /usr/share/nginx/example.com/html -p
vi /etc/nginx/sites-available/example.com.conf vi /etc/nginx/sites-available/example.com.conf
ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/conf.d/ ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/conf.d/
vi /etc/nginx/nginx.com # comment out the root in default server block???? vi /etc/nginx/nginx.com # comment out the root in default server block (troubleshooting)
systemctl reload nginx systemctl reload nginx
``` ```
***There are some caveats with tutorials and default directory locations across operating systems.*** ## PHP-FPM setup
The following is the fairly generic advice followed and always created confusion for me as a ### Change user in configuration (nginx):
newcomer to nginx.
```
mkdir /etc/nginx/sites-available # Create a directory for nginx.conf files
mkdir /etc/nginx/sites-enabled # Create a directory for active ones (Which is unnecessary as you could publish symlinks later to the existing conf.d directory) `vi /etc/php-fpm.d/www.conf`
`systemctl enable php-fpm`
`systemctl restart php-fpm`
### PHP-OPCache setup
`vi /etc/php.d/10-opcache.ini`
```
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
``` ```
In most installation/setup guides, no one explains what we are doing here (or that the folders could be named anything). `systemctl restart php-fpm`
But, it is actually an advanced structure where you can control sites that are published to the web by creating and deleting the symlinks and reloading nginx.
Nginx specific guides don't usually resort to this as it adds unnecessary complexity. Third-party installation guides tend to lean towards this old Debian convention and continue repeating this advice. `systemctl reload nginx`
The next part is where it gets tricky, because this step is where nginx guides and installation guides really begin to conflict. ### phpMyAdmin setup
Install guides want us to, essentially, hijack the default apache web root (`/var/www/`). `dnf install phpmyadmin `
Now, this may be best practice if you plan on doing some apache integration later.
But it confuses the process and implementation when comparing to nginx guides using the common nginx webroot: `/usr/share/nginx/`.
***The following creates a new directory to use as website root while creating any necessary parent (`-p`) directories.***
`mkdir /var/www/example.com/html -p` `ln -s /usr/share/phpMyAdmin/ /usr/share/nginx/hosting.namenode.xyz/dbpma`
***But you could do this same thing inside the existing nginx webroot instead:*** `chown -R nginx:nginx /var/lib/php/session`
`mkdir /usr/share/nginx/example.com/html -p` `chown -R nginx:nginx /var/lib/phpMyAdmin`
***or*** `chown -R nginx:nginx /etc/phpMyAdmin`
`mkdir /usr/share/nginx/example.com/public_html -p` `vi /etc/phpMyAdmin/config.inc.php`
And then use that directory as the root inside your individual nginx conf files (in place of /var/www). ```
Doing this would align better with nginx specific guides for repository based packages (fedora/centos/redhat). $cfg['Servers'][$i]['AllowNoPassword'] = false;
However, then it must be substituted in any following instructions for `/var/www/*` (trivial). $cfg['Servers'][$i]['AllowRoot'] = false;
Additionally, all of that extra fluff is unnecessary for a single site instance where `/usr/share/nginx/html/` is already being served as the main directory for the domain pointed at the server. $cfg['TempDir'] = '/var/lib/phpMyAdmin/temp';
Best practice says we will better protect our work from future update breakage by keeping site specific work separate from installation defaults.
And so, I digress.
**Now we can create a new config file to start with:** ```
`systemctl reload php-fpm`
`systemctl reload nginx`
### Securing phpMyAdmin further
```
vi pass-infile ## make a password for openssl to encrypt - one line no spaces
```
```
openssl passwd -in pass-infile ## Copy the output (your encrypted password)
```
```
vi /etc/nginx/pma_pass # Create a user/pass pair for the authentication gateway.
```
### Format:
```
user:p@s$w0Rd # one line
```
### Add the required "dbpma" section
`vi /etc/nginx/sites-available/example.com.conf` `vi /etc/nginx/sites-available/example.com.conf`
**Once we are ready to activate this site to be served (will make sense after nginx.conf settings) we will link it:** `systemctl reload nginx`
`ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/` [Install and secure PMA with NGINX Ubuntu 18.04](https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-with-nginx-on-an-ubuntu-18-04-server)
**What they don't tell you is that removing that symlink is as easy as:**
`rm /etc/nginx/sites-enabled/example.com.conf` ## Cockpit Setup
**Now we edit the nginx.conf** `vi /etc/cockpit/cockpit.conf`
`vi /etc/nginx/nginx.conf` `vi /etc/nginx/sites-available/example.com.conf`
*Paste the following lines after the line:* `include /etc/nginx/conf.d/*.conf` [Proxying Cockpit over NGINX](https://github.com/cockpit-project/cockpit/wiki/Proxying-Cockpit-over-nginx)
[Reverse proxy Cockpit over NGINX](https://www.freesoftwareservers.com/display/FREES/Reverse+Proxy+Cockpit+over+NGinX)
## Certbot setup (Examples)
``` ```
include /etc/nginx/sites-enabled/*.conf; certbot --nginx -d example.com -d www.example.com
server_names_hash_bucket_size 64;
``` certbot --nginx --agree-tos -d example.com -d www.example.com --email your-email-address
**and**
```
types_hash_max_size 4096; ## Should already be set
```
Now there is usually a root described in the main conf so you will need to remove/alter that line
as well. You could also create some kind of redirect to send generic requests to the default IP to
the main domain of the server, but nobody explains or gives examples of any of that. So the default
is usually easiest to remove the main directive.
**To test and reload the configuration:** certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --must-staple -d example.com -d www.example.com --email your-email-address
```
nginx -t
systemctl reload nginx
``` ```
### Simple recap moving forward: `$ EDITOR=vim crontab -e`
```
systemctl start nginx
systemctl restart nginx
systemctl enable nginx
systemctl status nginx
systemctl reload nginx
nginx -t
mkdir /etc/nginx/sites-available
mkdir /usr/share/nginx/example.com/html -p
vi /etc/nginx/sites-available/example.com.conf
ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/conf.d
vi /etc/nginx/nginx.com # comment out the root in default server block
systemctl reload nginx
``` ```
## PHP-FPM setup 25 2 * * 0 /usr/bin/certbot renew --quiet # Every Sunday 2:25am
### Change user in configuration:
```
vi /etc/php-fpm.d/www.conf
systemctl restart php-fpm
```
### phpMyAdmin setup
```
dnf install phpmyadmin
``` ```

28
python.md
View File

@ -16,16 +16,26 @@
12. [Exception Handling](#exception-handling) 12. [Exception Handling](#exception-handling)
13. [Classes and Objects](#classes-and-objects) 13. [Classes and Objects](#classes-and-objects)
14. [SQLite3 Database Connection](#sqlite3-database-connection) 14. [SQLite3 Database Connection](#sqlite3-database-connection)
- 14.1 [Connecting to a Database](#connecting-to-a-database)
- 14.2 [Creating a Table](#creating-a-table) 14.1 [Connecting to a Database](#connecting-to-a-database)
- 14.3 [Inserting Data](#inserting-data)
- 14.4 [Querying Data](#querying-data) 14.2 [Creating a Table](#creating-a-table)
- 14.5 [Updating Data](#updating-data)
- 14.6 [Deleting Data](#deleting-data) 14.3 [Inserting Data](#inserting-data)
- 14.7 [Closing the Connection](#closing-the-connection)
14.4 [Querying Data](#querying-data)
14.5 [Updating Data](#updating-data)
14.6 [Deleting Data](#deleting-data)
14.7 [Closing the Connection](#closing-the-connection)
15. [JSON Data Connection](#json-data-connection) 15. [JSON Data Connection](#json-data-connection)
- 15.1 [Loading JSON Data](#loading-json-data)
- 15.2 [Writing JSON Data](#writing-json-data) 15.1 [Loading JSON Data](#loading-json-data)
15.2 [Writing JSON Data](#writing-json-data)
## Variables ## Variables