作者： hetao

nextcloud aio添加外部存储
- 添加环境变量NEXTCLOUD_MOUNT
  
  NEXTCLOUD_MOUNT会把宿主机上的路径映射到容器中相同的位置在compose.yaml文件的environment区段添加NEXTCLOUD_MOUNT: /opt/ncdata/ 注意不要加路径设为/mnt或/mnt/ncdata，因为这些nextcloud的默认数据目录重叠了。
  
  services: nextcloud-aio-mastercontainer: image: ghcr.io/nextcloud-releases/all-in-one:latest init: true restart: always container_name: nextcloud-aio-mastercontainer volumes: - nextcloud_aio_mastercontainer:/mnt/docker-aio-config ports: - 80:80 - 8080:8080 - 8443:8443 environment: NEXTCLOUD_MOUNT: /opt/ncdata/
  
  启用外部存储扩展
  
  添加外部目录的挂载
Views: 0
2025年5月22日
nextcloud aio重置
- 停止主容器 docker stop nextcloud-aio-mastercontainer
- 停止附属容器查看所有相关的附属容器 docker ps –format {{.Names}} 重复执行逐一关闭所有附属容器 docker stop nextcloud-aio-apache docker stop nextcloud-aio-whiteboard docker stop nextcloud-aio-notify-push docker stop nextcloud-aio-nextcloud docker stop nextcloud-aio-imaginary docker stop nextcloud-aio-redis docker stop nextcloud-aio-database docker stop nextcloud-aio-talk docker stop nextcloud-aio-collabora
- 删除已停止的容器查看所有已停止的容器 docker ps –filter “status=exited” 删除所有已停止的容器 docker container prune
- 删除容器网络 docker network rm nextcloud-aio
- 删除虚悬(dangling)状态的volume 查看所有虚悬卷 docker volume ls –filter “dangling=true” 删除所有虚悬卷 docker volume prune –filter all=1 如果配置了NEXTCLOUD_DATADIR环境变量需要手动清理该变量指向的文件夹查看是否还有没删除的卷 docker volume ls –format {{.Name}}
现在可以重新创建容器了
Views: 0
2025年5月22日

nextcloud aio安装

安装docker

参考docker官方教程

创建/opt/nextcloud/compose.yaml文件

services:
nextcloud-aio-mastercontainer:
  image: ghcr.io/nextcloud-releases/all-in-one:latest
  init: true
  restart: always
  container_name: nextcloud-aio-mastercontainer
  volumes:
    - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
    - /var/run/docker.sock:/var/run/docker.sock:ro
  network_mode: bridge
  ports:
    - 80:80 
    - 8080:8080
    - 8443:8443
  environment: 
    NEXTCLOUD_DATADIR: /opt/nextcloud/data/ncdata 
    NEXTCLOUD_MOUNT: /opt/ncdata/ 
    SKIP_DOMAIN_VALIDATION: true 
    #security_opt: ["label:disable"] # Is needed when using SELinux
volumes:
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer

启动容器

docker compose up -d
配置安装向导

打开https://192.168.33.32:8080 记下单词口令，后面登录要用填写域名，然后点submit，其它不要动等附属容器启动完成后记下admin密码
SSL证书

nextcloud aio用的是caddy申请证书，需要给nextcloud绑定一个公网IP和域名，caddy启动时会自动申请SSL证书
容器管理

通过https://192.168.33.32:8080/containers页面可以对附属容器进行管理

2025年5月22日

ZStack部署
ZStack安装
- 下载ISO安装镜像
  
  http://www.zstack.io/product/product_downloads/ 文件名 ZStack-x86_64-DVD-4.8.26-h84r.iso 建议下载4.8版本，我用5.3版本安装的时候会出现频繁死机，崩溃，内存溢出的问题。
- 创建Hyper-V虚拟机作为ZStack的管理节点和计算节点
  
  创建虚拟机的时候要关闭安全启动，动态内存等关闭安全启动关闭动态内存启用网卡混杂模式开启嵌套虚拟化 Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true 参考：https://learn.microsoft.com/zh-cn/virtualization/hyper-v-on-windows/user-guide/enable-nested-virtualization
- 安装管理节点
  
  可以选择安装企业版和社会版，企业版没有授权只能管理一个计算节点，社区版则有各种功能限制，但不限制节点数。如果安装后没有启动Web界面(社区版有可能不自动启动Web界面)需要执行以下命令手动启动
  
  zstack-ctl install_ui zstack-ctl start_ui
  
  然后打开：http://192.168.33.183:5000/ 192.168.33.183是管理节点的IP
- 安装计算节点
  
  在选择Base Environment的时候选择ZStack Compute Node即可，只不过计算节点没有Web界面在一个计算集群中各个计算节点的网卡配置需要相同
- 初始化管理节点
  
  添加区域，区域就是地理区域，一个区域中包含存储，网络，和集群定义添加集群，集群是一组计算结点的集合，同一集群中的节点共用存储和网络资源添加物理机，一个物机就一个计算节点，管理节点也可以添加为物理机，ZStack可以管理KVM节点，也可以管理VMware Esix节点添加镜像服务器，就是一个iso等镜像文件的存储空间，这里是放在管理节点的/cloud_bs目录了添加存储，这里使用本地存储添加实例规格向镜像服务器中添加镜像 ZStack会从指定的URL远程下载镜像，也可以通过file://前缀指定本地其它目录的像像 BIOS指的是镜像的启动模式定义网络网卡名称就是物理网卡的设备名因为我使用的是桥接上网，所以后面要把三层网络删除再重新创建把上面定义的三层网络删除后再创建一个没有IP地址管理的三层网络
  
  以上已经完成了一个ZStack区域的初始化
- 创建云盘规格
  
  创建云盘规格
- 云主机
  
  创建云主机云主机基础规格资源配置信息确认云主机创建完成后还需要修改CPU模式，不然不能发挥CPU的全部功能
  
  安装好的效果
  
  我的测试中安装Windows11是不成功的，我猜是因为ZStack还不支持TPM模块的模拟。
我在测试的时候当管理网络和业务网络共用一张网卡时出现过云主机不能上网的问题，每次需要在计算节点上手动执行ip link set eth0 promisc on开启网卡的混杂模式，但是后来不知道怎么又好了。对于这种情况还有一种方法是手动创建网桥，而不是使用ZStack自动创建的网桥创建文件：/etc/sysconfig/network-scripts/ifcfg-br_eth0
```
DEVICE=br_eth0
NAME=br_eth0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.33.183
PREFIX=24
GATEWAY=192.168.33.1
DNS1=192.168.33.1
IPV6INIT=yes
IPV6_AUTOCONF=yes
DELAY=5
STP=no
```
然后配置ifcfg-eth0，把eth0加入网桥br_eth0
```
TYPE=Ethernet
BOOTPROTO=static
NAME=eth0
UUID=74db9f02-ee1f-42a2-9847-104fcfa26e8b
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
BRIDGE=br_eth0
```
重启后就会自动创建网桥br_eth0
Views: 0
2025年5月22日

centos10配置镜像源

centos.repo

[baseos]
name=CentOS Stream $releasever - BaseOS
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/BaseOS/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-baseos-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1

[baseos-debuginfo]
name=CentOS Stream $releasever - BaseOS - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/BaseOS/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-baseos-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[baseos-source]
name=CentOS Stream $releasever - BaseOS - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/BaseOS/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-baseos-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[appstream]
name=CentOS Stream $releasever - AppStream
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/AppStream/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-appstream-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1

[appstream-debuginfo]
name=CentOS Stream $releasever - AppStream - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/AppStream/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-appstream-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[appstream-source]
name=CentOS Stream $releasever - AppStream - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/AppStream/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-appstream-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[crb]
name=CentOS Stream $releasever - CRB
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/CRB/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-crb-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1

[crb-debuginfo]
name=CentOS Stream $releasever - CRB - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/CRB/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-crb-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[crb-source]
name=CentOS Stream $releasever - CRB - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/CRB/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-crb-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

centos-addons.repo

[highavailability]
name=CentOS Stream $releasever - HighAvailability
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/HighAvailability/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-highavailability-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=0

[highavailability-debuginfo]
name=CentOS Stream $releasever - HighAvailability - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/HighAvailability/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-highavailability-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[highavailability-source]
name=CentOS Stream $releasever - HighAvailability - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/HighAvailability/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-highavailability-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[nfv]
name=CentOS Stream $releasever - NFV
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/NFV/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-nfv-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=0

[nfv-debuginfo]
name=CentOS Stream $releasever - NFV - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/NFV/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-nfv-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[nfv-source]
name=CentOS Stream $releasever - NFV - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/NFV/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-nfv-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[rt]
name=CentOS Stream $releasever - RT
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/RT/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-rt-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=0

[rt-debuginfo]
name=CentOS Stream $releasever - RT - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/RT/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-rt-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[rt-source]
name=CentOS Stream $releasever - RT - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/RT/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-rt-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[resilientstorage]
name=CentOS Stream $releasever - ResilientStorage
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/ResilientStorage/$basearch/os
# metalink=https://mirrors.centos.org/metalink?repo=centos-resilientstorage-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=0

[resilientstorage-debuginfo]
name=CentOS Stream $releasever - ResilientStorage - Debug
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/ResilientStorage/$basearch/debug/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-resilientstorage-debug-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[resilientstorage-source]
name=CentOS Stream $releasever - ResilientStorage - Source
baseurl=https://mirrors.hetao.me/centos-stream/$releasever-stream/ResilientStorage/source/tree/
# metalink=https://mirrors.centos.org/metalink?repo=centos-resilientstorage-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

[extras-common]
name=CentOS Stream $releasever - Extras packages
baseurl=https://mirrors.hetao.me/centos-stream/SIGs/$releasever-stream/extras/$basearch/extras-common
# metalink=https://mirrors.centos.org/metalink?repo=centos-extras-sig-extras-common-$stream&arch=$basearch&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1

[extras-common-source]
name=CentOS Stream $releasever - Extras packages - Source
baseurl=https://mirrors.hetao.me/centos-stream/SIGs/$releasever-stream/extras/source/extras-common
# metalink=https://mirrors.centos.org/metalink?repo=centos-extras-sig-extras-common-source-$stream&arch=source&protocol=https,http
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
enabled=0

docker-ce.repo

[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/source/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://mirrors.hetao.me/docker-ce/linux/centos/$releasever/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.hetao.me/docker-ce/linux/centos/gpg

2025年5月15日

Ventoy启动Linux镜像
参考上一篇：https://blog.hetao.me/2025/05/12/ventoy%e5%90%af%e5%8a%a8windows%e9%95%9c%e5%83%8f/

启动Linux镜像和Windows的镜像区别就要是镜像制作方式

制作Linux镜像
1. 用Hyper-V创建一个vhd格式，大小固定的虚拟硬盘
2. 用Hyper-V创建一个虚拟机，使用UEFI启动，不勾选TPM(受信任的平台模块)
3. 正常安装虚拟机
  创建虚拟机后一定要把硬盘快照关掉
  在虚拟机设置->管理->检查点中取消启用检查点
4. 下载vtoyboot
  https://github.com/ventoy/vtoyboot/releases
  把下载vtoyboot-1.0.36.iso，解压其中的vtoyboot-1.0.36.tar.gz
  然后执行vtoyboot.sh脚本并关机
5. 复制镜像到U盘
  虚拟机关机后把vhd格式的硬盘镜像复制到U盘根目录,然后给硬盘镜像添加.vtoy后缀，不然无法启动。
6. 在BIOS中把UEFI启动类型
  以华硕主板为例
  进入Secure Boot设置菜单
  OS Type设为Other OS
  Secure Boot Mode设为Custom
  这样可以关闭安全启动并支持Linux系统的启动
Views: 0
2025年5月15日

ubuntu配置nftables规则(开机加载)

配置/etc/nftables.conf,如下示例

#!/usr/sbin/nft -f

flush ruleset

table ip filter {
        chain input {
                type filter hook input priority 0;
        }
        chain forward {
                type filter hook forward priority filter; policy accept;
        }
        chain output {
                type filter hook output priority 0;
        }
}
table ip nat {
        chain POSTROUTING {
                type nat hook postrouting priority srcnat; policy accept;
                iifname "wg2" oifname "eth0" counter masquerade
        }
}

systemctl enable nftables

然后重启系统

2025年5月14日

powerdns性能基准测试

下载dnspyre

https://github.com/Tantalor93/dnspyre/releases

sqlite数据库

dnspyre -n 10 -c 100 –server 172.29.0.1 www.hetao.me

切换到mysql数据库后再次测试

性能基本没区别，说明数据库并不影响性能，因为查询都是在缓存中完成的，但是数据量大的时候数据库维护更方便。

Views: 0

2025年5月14日

PowerDNS-Admin添加HTTPS/SVCB记录

在/app/powerdnsadmin/lib/setting.py文件中编辑以下内容

        # Zone Record Settings
        'forward_records_allow_edit': {
            'A': True,
            'AAAA': True,
            'AFSDB': False,
            'ALIAS': False,
            'CAA': True,
            'CERT': False,
            'CDNSKEY': False,
            'CDS': False,
            'CNAME': True,
            'DNSKEY': False,
            'DNAME': False,
            'DS': False,
            'HINFO': False,
            'KEY': False,
            'LOC': True,
            'LUA': False,
            'MX': True,
            'NAPTR': False,
            'NS': True,
            'NSEC': False,
            'NSEC3': False,
            'NSEC3PARAM': False,
            'OPENPGPKEY': False,
            'PTR': True,
            'RP': False,
            'RRSIG': False,
            'SOA': False,
            'SPF': True,
            'SSHFP': False,
            'SRV': True,
            'TKEY': False,
            'TSIG': False,
            'TLSA': False,
            'SMIMEA': False,
            'TXT': True,
            'URI': False,
            'HTTPS': True,
            'SVCB': True
        },
        'reverse_records_allow_edit': {
            'A': False,
            'AAAA': False,
            'AFSDB': False,
            'ALIAS': False,
            'CAA': False,
            'CERT': False,
            'CDNSKEY': False,
            'CDS': False,
            'CNAME': False,
            'DNSKEY': False,
            'DNAME': False,
            'DS': False,
            'HINFO': False,
            'KEY': False,
            'LOC': True,
            'LUA': False,
            'MX': False,
            'NAPTR': False,
            'NS': True,
            'NSEC': False,
            'NSEC3': False,
            'NSEC3PARAM': False,
            'OPENPGPKEY': False,
            'PTR': True,
            'RP': False,
            'RRSIG': False,
            'SOA': False,
            'SPF': False,
            'SSHFP': False,
            'SRV': False,
            'TKEY': False,
            'TSIG': False,
            'TLSA': False,
            'SMIMEA': False,
            'TXT': True,
            'URI': False,
            'HTTPS': False,
            'SVCB': False
        },
    }

2. 重启PowerDNS-Admin

docker compose restart admin

3. 配置PowerDNS-Admin

然后就可以添加HTTPS记录了

2025年5月13日

caddy过滤请求
```
    @accept-language {
        header Accept-Language zh-CN*
        path /dns-query
    }
    reverse_proxy @accept-language http://172.29.0.1:8053 {
        trusted_proxies 0.0.0.0/0 ::/0
    }
```
以上配置表示只接受path为/dns-query和语言为zh-CN的请求

reverse_proxy的语法为

reverse_proxy 匹配器 proxy_url {

……

}

匹配器可以省略，当省略时默认为*号，表示充许所有请求

详细语法参考：

https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#syntax

Views: 0
2025年5月13日

作者： hetao

ZStack安装