n5105-istoreOS-esix8.0使用记录

发表于 分类于 阅读次数: 本文字数: 2.3k 阅读时长 ≈ 8 分钟
n5105六网口i226通过esxi8.0u安装istoreOS使用记录

ostoreOS分区扩容

root@iStoreOS:~# parted    # 输入 parted
GNU Parted 3.6
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print      # 输入 print                                                         
Model: ATA VMware Virtual S (scsi)
Disk /dev/sda: 34.4GB  
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 

Number  Start   End     Size    File system  Name  Flags
128     17.4kB  262kB   245kB                      bios_grub
 1      262kB   134MB   134MB   fat16              legacy_boot
 2      134MB   403MB   268MB                      msftdata
 3      403MB   2550MB  2147MB  ext4               msftdata

(parted) resizepart # 输入 resizepart                                                     
Partition number? 3    # 输入 3                                                   
Warning: Partition /dev/sda3 is being used. Are you sure you want to continue?
Yes/No? yes # 输入 yes                                                              
End?  [2550MB]? 31G  # 输入 剩余磁盘的大小                                                 
(parted) quit  # 输入   quit                                                         
Information: You may need to update /etc/fstab.
root@iStoreOS:~# resize2fs -p /dev/sda3  # 修改文件系统
resize2fs 1.47.0 (5-Feb-2023)
Filesystem at /dev/sda3 is mounted on /overlay; on-line resizing required
old_desc_blocks = 1, new_desc_blocks = 4
The filesystem on /dev/sda3 is now 7469991 (4k) blocks long.
root@iStoreOS:~#
root@iStoreOS:~# parted /dev/sda unit s print free
Model: ATA VMware Virtual S (scsi)
Disk /dev/sda: 67108864s
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 

Number  Start      End        Size       File system  Name  Flags
128     34s        511s       478s                          bios_grub
 1      512s       262655s    262144s    fat16              legacy_boot
 2      262656s    786943s    524288s                       msftdata
 3      786944s    60546875s  59759932s  ext4               msftdata
        60546876s  67108830s  6561955s   Free Space

root@iStoreOS:~# parted 
GNU Parted 3.6
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) unit s   # 使用扇区为单位,更精确                                                   
(parted) print free  # 再次确认空闲空间                                                     
Model: ATA VMware Virtual S (scsi)
Disk /dev/sda: 67108864s
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 

Number  Start      End        Size       File system  Name  Flags
128     34s        511s       478s                          bios_grub
 1      512s       262655s    262144s    fat16              legacy_boot
 2      262656s    786943s    524288s                       msftdata
 3      786944s    60546875s  59759932s  ext4               msftdata
        60546876s  67108830s  6561955s   Free Space

(parted) resizepart 3  # 选择分区号 3                                                   
Warning: Partition /dev/sda3 is being used. Are you sure you want to continue?
Yes/No? yes  
# 输入 -1s 表示使用磁盘最后一个扇区(全部空闲空间);
# 100%  将分区 3 扩展到磁盘尾部
End?  [60546875s]? 100%                                                   
(parted) quit                                                             
Information: You may need to update /etc/fstab.
# resize2fs /dev/sda3  这个也可以
root@iStoreOS:~# resize2fs -p /dev/sda3                                   
resize2fs 1.47.0 (5-Feb-2023)
Filesystem at /dev/sda3 is mounted on /overlay; on-line resizing required
old_desc_blocks = 4, new_desc_blocks = 4
The filesystem on /dev/sda3 is now 8290235 (4k) blocks long.

root@iStoreOS:~#

singbox安装

opkg update && opkg install sing-box_1.13.11_openwrt_x86_64.ipk
Downloading https://istore.istoreos.com/repo/all/compat/Packages.gz
Updated list of available packages in /var/opkg-lists/istore_compat
Downloading https://istore.istoreos.com/repo/all/compat/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/targets/x86/64/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_core
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/targets/x86/64/packages/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/base/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_base
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/base/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/targets/x86/64/kmods/6.6.127-1-50daf8372d971124fb3519e8d87e02ae/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_kmods
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/targets/x86/64/kmods/6.6.127-1-50daf8372d971124fb3519e8d87e02ae/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/luci/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_luci
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/luci/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_packages
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/packages/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/routing/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_routing
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/routing/Packages.sig
Signature check passed.
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/telephony/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_telephony
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/packages/x86_64/telephony/Packages.sig
Signature check passed.
Installing sing-box (1.13.11) to root...
Installing kmod-nfnetlink-queue (6.6.127-r1) to root...
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/targets/x86/64/kmods/6.6.127-1-50daf8372d971124fb3519e8d87e02ae/kmod-nfnetlink-queue_6.6.127-r1_x86_64.ipk
Installing kmod-nft-queue (6.6.127-r1) to root...
Downloading https://mirrors.cernet.edu.cn/openwrt/releases/24.10.6/targets/x86/64/kmods/6.6.127-1-50daf8372d971124fb3519e8d87e02ae/kmod-nft-queue_6.6.127-r1_x86_64.ipk
Configuring kmod-nfnetlink-queue.
Configuring kmod-nft-queue.
Configuring sing-box.
root@iStoreOS:~#

安装zoneinfo

apk add zoneinfo-core zoneinfo-asia
# 安装完成后,/usr/share/zoneinfo目录下会出现完整的时区数据文件。
#  创建localtime链接:
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# 重启时间服务:
/etc/init.d/sysntpd restart

安装AdGuard Home

下载:Are-u-ok/x86 at main · AUK9527/Are-u-ok

您是 x86_64 软路由(从报错路径 .../x86_64/packages/...可知),直接点击下载这个版本:👉 adguardhome_0.107.57-r1_x86_64.ipk
备用下载链接(如果清华源依然卡顿):
阿里云镜像:https://mirrors.aliyun.com/openwrt/releases/24.10.6/packages/x86_64/packages/adguardhome_0.107.57-r1_x86_64.ipk
官方 OpenWrt 源:https://downloads.openwrt.org/releases/24.10.6/packages/x86_64/packages/adguardhome_0.107.57-r1_x86_64.ipk
第二步:在 iStoreOS 中手动安装(无需命令行)

  1. 登录 iStoreOS 后台 → 进入 「iStore 应用商店」
  2. 点击顶部菜单的 「手动安装」 选项卡。
  3. 点击 「选择文件」,选中您刚下载的 adguardhome_0.107.57-r1_x86_64.ipk
  4. 点击 「上传并安装」,等待进度条完成(约 1-2 分钟)。
Docker Compose 安装:创建 docker-compose.yml文件:

镜像文件下载:


services:
  adguardhome:
    # 官方最新镜像
    image: adguard/adguardhome:latest
    container_name: adguardhome
    restart: unless-stopped
    # 使用 host 网络模式,这是 DNS 服务最稳定的配置方式
    network_mode: "host"
    volumes:
      # 配置文件存放目录(一定要映射出来)
      - ./work:/opt/adguardhome/work
      # 配置目录(一定要映射出来)
      - ./conf:/opt/adguardhome/conf
    # 如果使用 bridge 模式,需要开放以下端口(但推荐上面的 host 模式,此段可省略)
    # ports:
    #   - "53:53/tcp"
    #   - "53:53/udp"
    #   - "3000:3000/tcp"

docker compose up -d

设置

打开浏览器,访问 http://<您的iStoreOS_IP>:3000,会出现一个欢迎使用AdGuard Home !的界面,点击开始配置,进入ADGUARD网页管理界面的界面,监听接口右边的端口,初始化时显示的是80,我这里先修改为3000,但是提示被占用了(Error: control/install/configure | checking address 192.168.50.1:3000: listen tcp 192.168.50.1:3000: bind: address already in use | 400),后来我又修改成了3800,所以ADGUARD界面的访问地址就变成了http://192.168.50.1:3800
监听接口->选择:所有接口
下面的DNS服务器
监听接口->选择:所有接口
右边的端口:53不动。但是这里提示53端口也是被占用了(validating ports: listen tcp 0.0.0.0:53: bind: address already in use)。
回到 iStoreOS 后台,进入 网络 -> DHCP/DNS -> 设置及端口可以看到DNS 服务器端口现在是:53,它被Dnsmasq 是轻量级的 DHCP 服务器和 DNS 转发器占用了,我们把这个53修改成5353就可以了。
回到ADGUARD的初始化页面,发现53端口就没有被占用了,然后下一步。
填入要设置的用户名密码,下一步。就来了ADGUARD仪表盘的界面。
仪表盘菜单的 “设置” -> “DNS 设置” -> “上游 DNS 服务器” 的输入框里: 

tls://dns.pub
https://dns.pub/dns-query
tls://dns.alidns.com
https://dns.alidns.com/dns-query
# 也可以是下面的ip地址
223.5.5.5
119.29.29.29
180.76.76.76
182.254.116.116

第一行是阿里 DNS,第二行是腾讯 DNS,第三行是百度 DNS。。这种直接填 IP 的方式叫 UDP 模式,不需要加 https,也不会报错了。

“Bootstrap DNS 服务器:Bootstrap DNS 服务器里填你最快的 DNS 服务器用于解析上面的 DoT/DoH,建议使用本地运营商 DNS,或者百度下载一个 DNS 优选软件(来自 52pojie 分享),测试一下你最快的 DNS 填入即可。测试正常后,保存。推荐使用: 

9.9.9.10
149.112.112.10
2620:fe::10
2620:fe::fe:10

DNS 服务配置

  1. 启用 EDNS 客户端子网:启用。前面提及的上游 DNS 服务器都是支持 EDNS 技术的,它有助于获取到更合适的 CDN 节点,建议勾选;
  2. 启用 DNSSEC:启用。用于效验 DNS 记录的签名,防止 DNS 缓存被投毒,建议勾选。勾选后会在日志页面请求列显示小绿锁图标;

DNS 缓存配置

  1. 缓存大小:原值是:4194304;建议大小:104857600(100MB,大概能缓存 100w 条)。根据你需要设置,一般来越稍微大点好,第一次通过上游 dns 查询后,后面可以通过缓存来返回数据,会更快点。
  2. 覆盖最小 TTL 值:600 (Time To Live ttl 为 0 时,表示每次都是通过上游 dns 解析,就比较慢,设置时间后,在该 TTL 时间内,则是通过缓存直接返回解析结果,会更快。)
  3. 覆盖最大 TTL 值:3600
  4. 乐观缓存:开启

仪表盘菜单的 “设置” -> “过滤器” -> “DNS 黑名单” -> “添加黑名单” -> “从列表中选择” 的选择框里:一直下拉到 

##区域
##专注于区域广告和跟踪服务器的列表
CHN: AdRules DNS List @   ## 选择这个
CHN:anti-AD @         ##  选择这个
HUN: Hufilter @
IDN: ABPindo @
IRN: PersianBlocker list @
ISR: EasyList Hebrew
KOR: List-KR DNS @
KOR: YousList @ 
LIT: EasyList Lithuania (
MKD: Macedonian Pi-hole Blocklist @ 
NOR: Dandelion Sprouts nordiske filtre @
POL: CERT Polska List of malicious domains
POL: Polish filters for Pi-hole @
SWE: Frellwit's Swedish Hosts File A 
TUR: turk-adlist @
TUR: Turkish Ad Hosts
VNM: ABPVN List

选中CHN: AdRules DNS List @ CHN:anti-AD @保存 -> “检查更新”

仪表盘菜单的 “设置” -> “过滤器” -> “自定义过滤规则” 在输入框里输入: 

! ===== 电视版快手/云视听快TV 专属拦截 =====
||aisee.tv^
||aiseet.atianqi.com^
||kuaishou.com^
||ksapisrv.com^
||kwaicdn.com^
||live.kuaishou.com^
||graph.zhangmen.com^

! ===== 电视版抖音/西瓜视频 专属拦截 =====
||amemv.com^
||pstatp.com^
||snssdk.com^
||aweme.com^
||ixigua.com^
||bytedanceapi.com^
||douyin.com^
||byteimg.com^

! ===== 电视版B站/其他视频 专属拦截 =====
||bilibili.com^
||hdslb.com^
||bilivideo.com^
||acgvideo.com^

以上是**“电视版短视频大补丸”**规则,全是限制电视机的。

短视频规则:

! 京东/快手系拦截规则
||kuaishou.com^
||ksapisrv.com^
||kwaicdn.com^
||live.kuaishou.com^
||graph.zhangmen.com^

! 抖音/头条系拦截规则
||douyin.com^
||aweme.com^
||amemv.com^
||snssdk.com^
||byteimg.com^
||pstatp.com^
||ixigua.com^
||item.bytedanceapi.com^

! 哔哩哔哩/番剧拦截规则
||bilibili.com^
||hdslb.com^
||bilivideo.com^
||acgvideo.com^

! 微博视频拦截规则
||weibo.com^
||sinaimg.cn^

! 通用视频CDN及统计拦截
||json.video^
||vdn.apps.playstation.com^
||video.cpadn.com^

istoreOS-> 网络-> DHCP/DNS -> 转发DNS 转发中填入:192.168.50.1