Merge remote-tracking branch 'origin/master'

InterestingStuffs/bore设置.md

@@ -0,0 +1,131 @@
+This section describes detailed usage for the bore CLI command.
+
+Local Forwarding
+You can forward a port on your local machine by using the bore local command. This takes a positional argument, the local port to forward, as well as a mandatory --to option, which specifies the address of the remote server.
+
+bore local 5000 --to bore.pub
+You can optionally pass in a --port option to pick a specific port on the remote to expose, although the command will fail if this port is not available. Also, passing --local-host allows you to expose a different host on your local area network besides the loopback address localhost.
+
+The full options are shown below.
+
+Starts a local proxy to the remote server
+
+Usage: bore local [OPTIONS] --to <TO> <LOCAL_PORT>
+
+Arguments:
+  <LOCAL_PORT>  The local port to expose [env: BORE_LOCAL_PORT=]
+
+Options:
+  -l, --local-host <HOST>  The local host to expose [default: localhost]
+  -t, --to <TO>            Address of the remote server to expose local ports to [env: BORE_SERVER=]
+  -p, --port <PORT>        Optional port on the remote server to select [default: 0]
+  -s, --secret <SECRET>    Optional secret for authentication [env: BORE_SECRET]
+  -h, --help               Print help
+Self-Hosting
+As mentioned in the startup instructions, there is a public instance of the bore server running at bore.pub. However, if you want to self-host bore on your own network, you can do so with the following command:
+
+bore server
+That's all it takes! After the server starts running at a given address, you can then update the bore local command with option --to <ADDRESS> to forward a local port to this remote server.
+
+It's possible to specify different IP addresses for the control server and for the tunnels. This setup is useful for cases where you might want the control server to be on a private network while allowing tunnel connections over a public interface, or vice versa.
+
+The full options for the bore server command are shown below.
+
+Runs the remote proxy server
+
+Usage: bore server [OPTIONS]
+
+Options:
+      --min-port <MIN_PORT>          Minimum accepted TCP port number [env: BORE_MIN_PORT=] [default: 1024]
+      --max-port <MAX_PORT>          Maximum accepted TCP port number [env: BORE_MAX_PORT=] [default: 65535]
+  -s, --secret <SECRET>              Optional secret for authentication [env: BORE_SECRET]
+      --bind-addr <BIND_ADDR>        IP address to bind to, clients must reach this [default: 0.0.0.0]
+      --bind-tunnels <BIND_TUNNELS>  IP address where tunnels will listen on, defaults to --bind-addr
+  -h, --help                         Print help
+Protocol
+There is an implicit control port at 7835, used for creating new connections on demand. At initialization, the client sends a "Hello" message to the server on the TCP control port, asking to proxy a selected remote port. The server then responds with an acknowledgement and begins listening for external TCP connections.
+
+Whenever the server obtains a connection on the remote port, it generates a secure UUID for that connection and sends it back to the client. The client then opens a separate TCP stream to the server and sends an "Accept" message containing the UUID on that stream. The server then proxies the two connections between each other.
+
+For correctness reasons and to avoid memory leaks, incoming connections are only stored by the server for up to 10 seconds before being discarded if the client does not accept them.
+
+Authentication
+On a custom deployment of bore server, you can optionally require a secret to prevent the server from being used by others. The protocol requires clients to verify possession of the secret on each TCP connection by answering random challenges in the form of HMAC codes. (This secret is only used for the initial handshake, and no further traffic is encrypted by default.)
+
+# on the server
+bore server --secret my_secret_string
+
+# on the client
+bore local <LOCAL_PORT> --to <TO> --secret my_secret_string
+If a secret is not present in the arguments, bore will also attempt to read from the BORE_SECRET environment variable.
+
+Acknowledgements
+Created by Eric Zhang (@ekzhang1). Licensed under the MIT license.
+
+The author would like to thank the contributors and maintainers of the Tokio project for making it possible to write ergonomic and efficient network services in Rust.
+
+本节介绍 bore CLI 命令的详细用法。
+
+本地转发
+您可以使用 bore local 命令转发本地计算机上的端口。该命令需要一个位置参数，即要转发的本地端口，以及一个强制性的 --to 选项，该选项指定远程服务器的地址。
+
+bore local 5000 --to bore.pub
+您可以选择传入 --port 选项以在远程服务器上选择要公开的特定端口，但如果该端口不可用，则命令将失败。此外，传入 --local-host 允许您在本地网络上公开除环回地址 localhost 之外的不同主机。
+
+完整选项如下所示。
+
+启动到远程服务器的本地代理
+
+用法：bore local [OPTIONS] --to <TO> <LOCAL_PORT>
+
+参数：
+  <LOCAL_PORT>  要公开的本地端口 [env: BORE_LOCAL_PORT=]
+
+选项：
+  -l, --local-host <HOST>  要公开的本地主机 [default: localhost]
+  -t, --to <TO>            要将本地端口公开到的远程服务器地址 [env: BORE_SERVER=]
+  -p, --port <PORT>        远程服务器上要选择的可选端口 [default: 0]
+  -s, --secret <SECRET>    用于身份验证的可选密钥 [env: BORE_SECRET]
+  -h, --help               打印帮助
+自托管
+如启动说明中所述，bore.pub 上运行着 bore 服务器的公共实例。但是，如果您想在自己的网络上自托管 bore，可以使用以下命令：
+
+bore server
+就是这样！服务器在给定地址启动运行后，您可以更新 bore local 命令并使用选项 --to <ADDRESS> 将本地端口转发到此远程服务器。
+
+可以为控制服务器和隧道指定不同的 IP 地址。此设置对于您可能希望控制服务器位于专用网络而允许通过公共接口进行隧道连接的情况非常有用，反之亦然。
+
+bore server 命令的完整选项如下所示。
+
+运行远程代理服务器
+
+用法：bore server [OPTIONS]
+
+选项：
+      --min-port <MIN_PORT>          接受的最小 TCP 端口号 [env: BORE_MIN_PORT=] [default: 1024]
+      --max-port <MAX_PORT>          接受的最大 TCP 端口号 [env: BORE_MAX_PORT=] [default: 65535]
+  -s, --secret <SECRET>              用于身份验证的可选密钥 [env: BORE_SECRET]
+      --bind-addr <BIND_ADDR>        要绑定的 IP 地址，客户端必须能够访问此地址 [default: 0.0.0.0]
+      --bind-tunnels <BIND_TUNNELS>  隧道将侦听的 IP 地址，默认为 --bind-addr
+  -h, --help                         打印帮助
+协议
+存在一个隐式控制端口 7835，用于按需创建新连接。在初始化时，客户端通过 TCP 控制端口向服务器发送“Hello”消息，请求代理选定的远程端口。然后服务器响应确认并开始侦听外部 TCP 连接。
+
+每当服务器在远程端口上获得连接时，它都会为该连接生成一个安全的 UUID 并将其发送回客户端。然后客户端向服务器打开一个单独的 TCP 流，并在该流上发送包含 UUID 的“Accept”消息。然后服务器在两者之间代理这两个连接。
+
+出于正确性原因并避免内存泄漏，如果客户端不接受传入连接，服务器只会将其存储最多 10 秒，然后将其丢弃。
+
+身份验证
+在 bore server 的自定义部署中，您可以选择要求一个密钥以防止服务器被其他人使用。该协议要求客户端通过回答 HMAC 代码形式的随机挑战来验证每个 TCP 连接上密钥的所有权。（此密钥仅用于初始握手，默认情况下不会对进一步的流量进行加密。）
+
+# 在服务器上
+bore server --secret my_secret_string
+
+# 在客户端上
+bore local <LOCAL_PORT> --to <TO> --secret my_secret_string
+如果参数中不存在密钥，bore 也会尝试从 BORE_SECRET 环境变量中读取。
+
+致谢
+由 Eric Zhang (@ekzhang1) 创建。在 MIT 许可下获得许可。
+
+作者要感谢 Tokio 项目的贡献者和维护者，他们使在 Rust 中编写符合人体工程学且高效的网络服务成为可能。

生活OKRs/25.12-26.02 OKR.canvas

@@ -6,7 +6,7 @@
 		{"id":"0b25ceb1c28f6da1","type":"text","text":"# 十二月已完成\n\n\nP2 短剧流程串起来 部分逻辑更新\n\n- 拆分发布流程 done","x":-482,"y":240,"width":440,"height":340},
 		{"id":"b79f3a0f35402ec1","type":"text","text":"# 一月已完成\n\nP1 海龟交易法 \n- 数据爬虫bug解决  切换成单一标底获取\n- 选股部分  xq done\n","x":34,"y":240,"width":440,"height":340},
 		{"id":"1597ad15730745ea","type":"text","text":"# 十一月已完成\n\nP1 suno youtube视频\n- 生成音频\n- 动画 done\n- 音频有什么特征\n- 控制音乐时长","x":540,"y":240,"width":440,"height":340},
-		{"id":"5aac58c184e57887","type":"text","text":"# 计划\n这周要做的3~5件重要的事情，这些事情能有效推进实现OKR。\n\nP1 必须做。P2 应该做\n\n\nP1 海龟交易法 \n\n- 9点28-29分开始检测价格，做出预备\n- 突破价格似乎不对-以及突破但是没有提示\n- 实时数据改用雪球接口 done\n- 东方财富获取历史数据改用clash切换节点，并增加重试功能 done\n- 买入后邮件内容增加下一步加仓价格\n- 成功买入后，预备加仓/预备标志归零\n\nP1 商业保险调研\n\nP1 新号1000粉丝\n\nP2 短剧流程串起来 部分逻辑更新\n- 如当天收集任务，剪辑前一天任务，拆分收集与剪辑任务数据库\n- 拆分发布流程 done\n\n","x":-490,"y":-573,"width":450,"height":347}
+		{"id":"5aac58c184e57887","type":"text","text":"# 计划\n这周要做的3~5件重要的事情，这些事情能有效推进实现OKR。\n\nP1 必须做。P2 应该做\n\n\nP1 海龟交易法 \n\n- 9点28-29分开始检测价格，做出预备 done\n- 突破价格似乎不对-以及突破但是没有提示\n- 实时数据改用雪球接口 done\n- 东方财富获取历史数据改用clash切换节点，并增加重试功能 done\n- 买入后邮件内容增加下一步加仓价格 done\n- 成功买入后，预备加仓/预备标志归零 done\n- pass后都增加一个冷却时间 done\n\nP1 商业保险调研\n\nP1 新号1000粉丝\n\nP2 短剧流程串起来 部分逻辑更新\n- 如当天收集任务，剪辑前一天任务，拆分收集与剪辑任务数据库\n- 拆分发布流程 done\n\n","x":-490,"y":-573,"width":450,"height":347}
 	],
 	"edges":[]
 }