<![CDATA[夜空]]> https://blog.slogra.com/ zh-cn www.emlog.net mikrotik RB5009 mosdns容器自动更新规则并重启 https://blog.slogra.com/post-813.html 最近正好在搞mikrotik RB5009里的mosdns容器规则自动更新,刚好看到涡轮TV他在youtube上做了个ROS中通过 mosdns分流,只让科学上网流量走clash,且自动更新规则库的视频,他这个视频是直接在RB5009里就自动把mosdns的规则就更新了,不像我搞的python来更新,让我又省了1个外部服务,在他的频道下,我问了涡轮TV大佬能不能再加个在规则更新后自动重启mosdns容器,大佬没回我,自好自己搞了.

系统:mikrotik RB5009

脚本内容:
/tool fetch url=https://ghp.ci/https://raw.githubusercontent.com/IceCodeNew/4Share/master/geoip_china/china_ip_list.txt dst-path=/usb1/mosdns/var/mosdns/geoip_cn.txt

/tool fetch url=https://ghp.ci/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/proxy-list.txt dst-path=/usb1/mosdns/var/mosdns/geosite_geolocation-!cn.txt

/tool fetch url=https://ghp.ci/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt dst-path=/usb1/mosdns/var/mosdns/geosite_cn.txt

/tool fetch url=https://ghp.ci/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/apple-cn.txt dst-path=/usb1/mosdns/var/mosdns/geosite_apple.txt

#自动重启mosdns容器
/container stop [find name="9afa885a-9107-4c1c-9f2a-8af06a61caba"]; /delay 5; /container start [find name="9afa885a-9107-4c1c-9f2a-8af06a61caba"];

这里单独说下,我的这些mosdns规则是放在/usb1/mosdns/var/mosdns/目录下的,相信你们在脚本上也看到了,然后就是我的mosdns容器的名字是9afa885a-9107-4c1c-9f2a-8af06a61caba,不要照我的抄,你们要看看你们自己mikrotik系统里的mosdns容器的名字是什么,替换掉就可以了,我设置的是7天更新一次mosdns规则.

好了,以上就是全部内容了.
]]> Mon, 23 Sep 2024 02:24:43 +0000 rocdk890 https://blog.slogra.com/post-813.html python3获取每日新闻 https://blog.slogra.com/post-811.html 之前给大家分享的pyhon3抓取每日心语新闻,最近公众号好像不更新了,故给大家换了个新的.
软件环境: python3.x
cat /root/soft_shell/send_new.py
#!/usr/bin/env python
# -*- coding: UTF-8 -*-
'''
@IDE     :PyCharm 
@Author  :rocdk890
@Date    :2024/5/31 16:19
'''

import base64
import json
import datetime
import hashlib
import hmac
import time
import urllib.parse
import requests
import random
import re

def fetch_news(token):
	url = "https://v2.alapi.cn/api/zaobao"
	payload = f"token={token}&format=json"
	headers = {'Content-Type': "application/x-www-form-urlencoded"}

	response = requests.request("POST", url, data=payload, headers=headers)
	newdata = json.loads(response.text)
	date = newdata['data']['date']
	news = newdata['data']['news']

	return date, news

def send_to_dingding(message, access_token):
	timestamp = str(round(time.time() * 1000))
	# dingding 加签密钥
	secret = 'SECxxxxxxxxxxxxxxxxxxxxx'
	secret_enc = secret.encode('utf-8')
	string_to_sign = '{}\n{}'.format(timestamp, secret)
	string_to_sign_enc = string_to_sign.encode('utf-8')
	hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest()
	sign = urllib.parse.quote(base64.b64encode(hmac_code))

	headers = {
		"Content-Type": "application/json",
		"Charset": "UTF-8"
	}
	data = {
		"msgtype": "text",
		"text": {
			"content": message
		}
	}
	url = 'https://oapi.dingtalk.com/robot/send?access_token=' + access_token + "&timestamp=" + timestamp + "&sign=" + sign
	response = requests.post(url, json=data, headers=headers)
	if response.status_code != 200:
		raise Exception("Failed to send dingding message")

def main():
	token = "xxxxxxxxxxxxxxxx"
	access_token = "bxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
	date, news = fetch_news(token)
	message = f"时间: {date}\n新闻内容:\n" + "\n\n".join(news)
	send_to_dingding(message, access_token)

if __name__ == "__main__":
	main()
]]> Fri, 31 May 2024 09:20:59 +0000 rocdk890 https://blog.slogra.com/post-811.html pyhon3抓取每日心语新闻 https://blog.slogra.com/post-810.html    之前群里有个群友在群里炫耀他用python爬取一个网站,天天给他自己的网站发布最新的新闻,我问到了爬取的源站,故自己也花了几天时间也写了一个,并且把每日新闻发到钉钉上了.
   系统:centos7.x(64位)

cat /root/soft_shell/weixin_sogou.py
#!/usr/bin/env python
# -*- coding: UTF-8 -*-
'''
@IDE     :PyCharm
@Author  :rocdk890
@Date    :2023/05/31 14:32
@Update  : 2024/02/18 17:17
'''

import ssl
import socket
import os
import base64
import json
import datetime
import hashlib
import hmac
import time
import urllib.parse
import requests
import random
import re
import textwrap
from bs4 import BeautifulSoup
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.retry import Retry


headers = {
       "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
}

def dingding_notify(message, access_token):
       timestamp = str(round(time.time() * 1000))
       # dingding 加签密钥
       secret = 'SEC9xxxxxxxxxxxxxxxxxxxxxxxxxxx'
       secret_enc = secret.encode('utf-8')
       string_to_sign = '{}\n{}'.format(timestamp, secret)
       string_to_sign_enc = string_to_sign.encode('utf-8')
       hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest()
       sign = urllib.parse.quote(base64.b64encode(hmac_code))

       headers = {
              "Content-Type": "application/json",
              "Charset": "UTF-8"
       }
       data = {
              "msgtype": "text",
              "text": {
                     "content": message
              }
       }
       url = 'https://oapi.dingtalk.com/robot/send?access_token=' + access_token + "&timestamp=" + timestamp + "&sign=" + sign
       response = requests.post(url, json=data, headers=headers)
       if response.status_code != 200:
              raise Exception("Failed to send dingding message")

def get_k_h(url):
       b = int(random.random() * 100) + 1
       a = url.find("url=")
       url = url + "&k=" + str(b) + "&h=" + url[a + 4 + 21 + b: a + 4 + 21 + b + 1]
       return url


def get_real_url(content):
       url_text = re.findall("= \'(\S+?)\';", content, re.S)
       best_url = ''.join(url_text)
       return best_url


def html_url():
       base_url = "https://weixin.sogou.com/weixin"
       keyword = "每日心语简报"

       query_params = {
              "ie": "utf8",
              "s_from": "input",
              "_sug_": "y",
              "_sug_type_": "",
              "type": "1",
              "query": keyword
       }

       url = base_url + "?" + "&".join([f"{key}={value}" for key, value in query_params.items()])
       r = session.get(url, headers=headers, allow_redirects=True)
       html = r.text

       soup = BeautifulSoup(html, "html.parser")
       links = soup.find_all('a', uigs='account_article_0')

       link_list = []
       for link in links:
              href = link.get('href')
              full_url = "https://weixin.sogou.com" + href
              link_list.append(full_url)

       return link_list


def get_url():
       # dingding token
       access_token = "beb88xxxxxxxxxxxxxxxx"
       url_list = html_url()
       for link in url_list:
              link = get_k_h(link)
              response = session.get(link, headers=headers, allow_redirects=True)
              final_url = response.url

              # 获取真实url
              response = session.get(final_url, headers=headers, allow_redirects=True)
              content = response.text
              real_url = get_real_url(content)

              res = session.get(real_url, headers=headers)
              cont_html = res.text
              soup = BeautifulSoup(cont_html, 'html.parser')
              target_section = soup.find('section',
                                         style='padding-top: 10px;outline: 0px;max-width: 100%;box-sizing: border-box;border-color: rgb(252, 180, 43);visibility: visible;overflow-wrap: break-word !important;')

              if target_section:
                     target_text = target_section.get_text()
                     form_message = re.sub(r'([;。])', r'\1\n', target_text)
                     formatted_message = re.sub(r'(\d+、)', r'\n\1', form_message)
                     reversed_message = ''.join(reversed(formatted_message))
                     reversed_message = re.sub(r';', r'\n;', reversed_message, count=11)
                     reversed_message = re.sub(r';', r'\n;', reversed_message, count=1)
                     message = ''.join(reversed(reversed_message))
                     dingding_notify(message, access_token)
              else:
                     print("目标section未找到")


if __name__ == '__main__':
       get_url()


点击查看原图
]]> Sun, 18 Feb 2024 10:04:26 +0000 rocdk890 https://blog.slogra.com/post-810.html python3计算234游戏概率 https://blog.slogra.com/post-809.html    刚刚无聊在抖音上看到1个用234游戏来坑小朋友零花钱的游戏,因视频中的大女儿用c++代码来计算概率,故我用python3也写了个来计算概率.
点击查看原图

#!/usr/bin/env python
# -*- coding: UTF-8 -*-

import math

def a(n):
       result = 1
       for i in range(1, int(n) + 1):
              result *= i
       return result

def calculate_probability(x, y, z):
       global b, c
       b = 1
       c = 1

       if x > 9 or y > 9 or z > 9:
              return "Invalid input. x, y, and z should be less than or equal to 9."

       if x != y and x != z and y != z:
              b = 6
       elif (x == y and x != z) or (x == z and x != y) or (y == z and y != x):
              b = 3

       result = (a(9) ** 4 * a(18)) * b / (a(27) * (a(x) * a(y) * a(z) * a(9 - x) * a(9 - y) * a(9 - z))) * 100
       return f"{result:.5f}%"

if __name__ == "__main__":
       x, y, z = map(int, input("Enter the values of x, y, z separated by space: ").split())

       result = calculate_probability(x, y, z)
       print(result)
点击查看原图
]]> Wed, 14 Feb 2024 06:28:02 +0000 rocdk890 https://blog.slogra.com/post-809.html shell脚本监控https证书到期时间,并支持钉钉和企业微信通知 https://blog.slogra.com/post-808.html     之前的证书监控脚本在我服务器一直正常运行,在22年底的时候给一个客户做证书监控,然后客户提出要求同时支持企业微信和钉钉一起发通知,并希望能在证书快到期之前发通知提醒,所以我对之前那个脚本进行修改后,现在线上正常运行了快一年了.下面我们来看脚本:

cat /root/soft_shell/check_https.sh
#!/bin/bash
################ Version Info ##################
# DAte:        2023/2/27
# Author:      rocdk890
# Version:     2.0
# Attention:   通过域名获取证书的过期时间
################################################

# 钉钉机器人access_token
DD_TOKEN="https://oapi.dingtalk.com/robot/send?access_token=xxxxxxxxxxxxxxxxxxxxx"
# 企业微信机器人key
WX_KEY="https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxxxxxxxxxxxxxxx"

# 存储需要监控的域名文件
file="/root/soft_shell/domain_ssl.info"

# 遍历域名文件中的每一个域名
while read line; do
    # 忽略以 # 开头的注释行
    if [[ $line == \#* ]]; then
        continue
    fi

    host=$(echo "${line}" | awk -F ':' '{print $1}')
    port=$(echo "${line}" | awk -F ':' '{print $2}')

    # 计算 SSL 证书到期剩余天数
    end_time=$(date +%s -d "$(echo | openssl s_client -servername $host -connect $host:$port 2>/dev/null | openssl x509 -noout -dates | grep 'After' | awk -F '=' '{print $2}' | awk -F ' +' '{print $1,$2,$4 }')")
    now_time=$(date +%s -d "$(date "+%Y-%m-%d %H:%M:%S")")
    days=$(($(($end_time - $now_time))/(60*60*24)))

    # 判断是否需要发送消息
    if [ $days -eq 30 ] || [ $days -eq 15 ] || ([ $days -le 7 ] && [ $days -gt 0 ]); then
        # 判断是否已经发送过此消息
        if grep -q "$host:$port:$days" /tmp/domain_ssl_alert.log; then
            continue
        fi

        # 发送钉钉和企业微信消息
        curl ${DD_TOKEN} -H 'Content-Type: application/json' -X POST --data '{"msgtype":"text","text":{"content":"告警域名: \n'$host' \n\nSSL证书到期时间剩余:'$days' 天\n"}}'
        curl ${WX_KEY} -H 'Content-Type:application/json' -d '{"msgtype":"text","text":{"content":"告警域名: \n'$host' \n\nSSL证书到期时间剩余:'$days' 天\n"}}'

        # 记录已发送消息的域名和天数
        echo "$host:$port:$days" >> /tmp/domain_ssl_alert.log
    fi
done < "$file"


要监控的域名,这里以我自己的域名为例:
cat /root/soft_shell/domain_ssl.info
blog.slogra.com:443

在crontab里设置每天早上9点35进行检查(因为我9点半上班,所以设置成9点35进行检查的话,这样不会看漏掉消息)
35 9 * * * /bin/bash /root/soft_shell/check_https.sh

好了,最后提醒你们记得提前把钉钉和企业微信的机器人的key准备好.
]]> Mon, 22 Jan 2024 09:01:39 +0000 rocdk890 https://blog.slogra.com/post-808.html openwrt无法进入登录界面 https://blog.slogra.com/post-807.html     如果你跟我一样,使用的是默认主题,并且还突然出现无法登录后台界面,并且还是esir的固件,那么下面这篇文章也许对你有用.
    报错信息是:
    /usr/lib/lua/luci/dispatcher.lua:460: Failed to execute function dispatcher target for entry '/'.
    The called action terminated with an exception:
    /usr/lib/lua/luci/util.lua:623: Unable to establish ubus connection
    stack traceback:
            [C]: in function 'assert'
            /usr/lib/lua/luci/dispatcher.lua:460: in function 'dispatch'
            /usr/lib/lua/luci/dispatcher.lua:141: in function </usr/lib/lua/luci/dispatcher.lua:140>

查看ubusd这个进程是否存在:
ps -ef|grep ubusd
ubus call network.interface dump

解决办法:
rm -rf /var/luci*
killall -9 ubusd ; /sbin/ubusd &
/etc/init.d/uhttpd restart

好了,再在浏览器上进行刷新就可以看到openwrt的登录界面了.
ps:
https://www.right.com.cn/forum/thread-214552-1-1.html
]]> Fri, 08 Dec 2023 05:55:17 +0000 rocdk890 https://blog.slogra.com/post-807.html PVE检测虚拟机是否存活并自动重启 https://blog.slogra.com/post-806.html 最近不知道怎么回事,用了200多天的openwrt居然宕机了,关键还是在我早上起来才知道,等我晚上回来处理好后,少不了被家人一顿劈头盖脸,为了防止再出现这样的情况,在网上找了个能在pve里自动监控虚拟机并重启的脚本,当然我只简单优化了下.
系统:PVE 7.x

创建脚本:
vi /root/soft_shell/check_servers.sh
#!/bin/bash

QMPATH="/usr/sbin/qm"
MAX_FAILURES=3  # 连续失败的最大次数
RESET_AFTER_SUCCESS=2  # 连续成功后重置失败计数的阈值

FAILURE_FILE="/path/to/failure_file.txt"  # 存储失败信息的文件路径

declare -A failure_count  # 记录每个虚拟机的连续失败次数

function load_failure_count() {
    if [[ -f "$FAILURE_FILE" ]]; then
        source "$FAILURE_FILE"
    fi
}

function save_failure_count() {
    declare -p failure_count > "$FAILURE_FILE"
}

function check_and_restart() {
    local vm_id="$1"
    local vm_ip="$2"
    local now

    ping -c 4 "$vm_ip" > /dev/null

    if [[ $? != 0 ]]; then
        now=$(date +%s)
        echo "[$now] [NO] id = $vm_id, ip = $vm_ip"

        if [[ -z "${failure_count["$vm_id"]}" ]]; then
            failure_count["$vm_id"]=1  # 初始失败次数为1
        else
            ((failure_count["$vm_id"]++))

            if ((failure_count["$vm_id"] >= MAX_FAILURES)); then
                echo "[$now] [RESTART] Restarting $vm_id after $MAX_FAILURES consecutive failures."
                "$QMPATH" stop "$vm_id"
                "$QMPATH" start "$vm_id"
                failure_count["$vm_id"]=0  # 重置连续失败次数
            fi
        fi
    else
        # 如果ping成功,则重置虚拟机的失败计数
        if [[ -n "${failure_count["$vm_id"]}" && ${failure_count["$vm_id"]} -gt 0 ]]; then
            echo "[$now] [OK] id = $vm_id, ip = $vm_ip"
            failure_count["$vm_id"]=0
        fi
    fi
}

function main() {
    local vm_list="$1"
    local vm_id
    local vm_ip

    load_failure_count

    for each in $vm_list; do
        vm_id=$(echo "$each" | awk -F: '{ print $1 }')
        vm_ip=$(echo "$each" | awk -F: '{ print $2 }')
        check_and_restart "$vm_id" "$vm_ip"
    done

    save_failure_count
}

# 需要检查的虚拟机列表,格式为 vm_id:vm_ip
vm_list="
101:192.168.1.254
102:192.168.1.250
"

main "$vm_list"

保存后,执行:
crontab -e
*/3 * * * * /bin/bash /root/soft_shell/check_servers.sh


脚本来自下面链接,我在其上面进行了简单的优化:
https://blog.lucien.ink/archives/531/
]]> Tue, 05 Dec 2023 08:30:36 +0000 rocdk890 https://blog.slogra.com/post-806.html centos7 yum升级openssl到最新版本 https://blog.slogra.com/post-805.html   今天使用python3进行对网站爬取的时候,安装urllib3的时候,报ImportError: urllib3 v2.0 only supports OpenSSL 1.1.1+,马上看了下服务器的nopessl版本,果然很低,马上对其进行升级,下面是操作的步骤.
点击查看原图
  系统:centos7.x(64位)
1.安装epel-release
yum -y install epel-release

2.安装openssl
yum -y install openssl11 openssl11-devel

3.使用新版本替换系统默认的openssl版本
mv /usr/bin/openssl  /usr/bin/openssl.old

mv /usr/lib64/openssl  /usr/lib64/openssl.old

ln -s /usr/bin/openssl11   /usr/bin/openssl

ln -s  /usr/lib64/openssl11  /usr/lib64/openssl

ln -s /usr/include/openssl11  /usr/include/openssl

4.验证
openssl version
点击查看原图
好了,可以看到openssl已经升级到新版本了.
]]> Fri, 24 Nov 2023 02:41:21 +0000 rocdk890 https://blog.slogra.com/post-805.html PVE7.0 LXC容器开启TUN/TAP https://blog.slogra.com/post-804.html 之前给大家介绍了PVE使用LXC搭建openwrt,今天想在openwrt里使用tun(为什么想使用tun,你懂的),发现居然报错,去群里问了下大佬,大佬问我是否有添加tun的配置,我才知道原来没有配置tun.
系统: PVE 7.X

1.进入pve
这步略过,怎么进PVE就不用我教了吧.

2.找到之前创建的ct容器配置文件
因我之前给的id是102,所以需要找到102的配置文件
cd /etc/pve/lxc/

cat >>102.conf<<EOF
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop: 
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
EOF

3.然后重启102容器就可以了.
]]> Mon, 06 Nov 2023 09:42:19 +0000 rocdk890 https://blog.slogra.com/post-804.html docker java11容器遇到Could not initialize class sun.awt.X11FontManager解决办法 https://blog.slogra.com/post-803.html 问题原因:这种一般是出现在 docker部署,且使用了精简版的 linux 基础镜像,有多精简呢?? 精简到把字体都阉割掉了,好狠…如果你的项目有字体相关操作,比如导出 excel,就会报上述异常
系统:centos 7.x(64位)
软件版本:jdk 11

解决办法:
如果你跟我一样在docker java镜像里使用的centos7的镜像,那么就可以在dockerfile里添加:
RUN yum install dejavu-sans-fonts fontconfig -y

如果你的容器已经在运行了,你又不想重新编译dockerfile并进行打包,那么你就可以执行:
yum install dejavu-sans-fonts fontconfig -y

这样就可以解决Could not initialize class sun.awt.X11FontManager的报错.
]]> Mon, 23 Oct 2023 08:37:06 +0000 rocdk890 https://blog.slogra.com/post-803.html