diff --git a/4 - Resources/Everything Claude Code 完整指南.md b/4 - Resources/Claude-Code/Everything Claude Code 完整指南.md similarity index 96% rename from 4 - Resources/Everything Claude Code 完整指南.md rename to 4 - Resources/Claude-Code/Everything Claude Code 完整指南.md index e8edb3e..dfb3df2 100644 --- a/4 - Resources/Everything Claude Code 完整指南.md +++ b/4 - Resources/Claude-Code/Everything Claude Code 完整指南.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 21:30" type: resource -tags: [claude-code, AI-tools, development-workflow, reference] +tags: [resource, claude-code, AI-tools, development-workflow, reference] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -253,11 +253,19 @@ ECC_DISABLED_HOOKS="pre:bash:tmux-reminder,post:edit:typecheck" ## Related +### Resources +- [[Everything Claude Code 方法论与最佳实践]] - [[Everything Claude Code 用法速查]] -- [[Claude Code Memory 日常最佳实践]] + +### Zettelkasten - [[Everything Claude Code 最佳实践]] - [[Everything Claude Code Agent 编排模式]] - [[Everything Claude Code Token 优化]] +- [[Everything Claude Code 多服务编排详解]] +- [[Claude Code Memory 日常最佳实践]] +- [[Hook驱动优于提示词驱动]] +- [[MCP数量与上下文窗口的反比关系]] +- [[本能学习系统的演化路径]] ## Source diff --git a/4 - Resources/Everything Claude Code 方法论与最佳实践.md b/4 - Resources/Claude-Code/Everything Claude Code 方法论与最佳实践.md similarity index 98% rename from 4 - Resources/Everything Claude Code 方法论与最佳实践.md rename to 4 - Resources/Claude-Code/Everything Claude Code 方法论与最佳实践.md index a1dcbc7..71bf90a 100644 --- a/4 - Resources/Everything Claude Code 方法论与最佳实践.md +++ b/4 - Resources/Claude-Code/Everything Claude Code 方法论与最佳实践.md @@ -1,7 +1,7 @@ --- created: "2026-03-19 12:00" type: resource -tags: [claude-code, AI-tools, methodology, best-practices, agent-orchestration] +tags: [resource, claude-code, AI-tools, methodology, best-practices, agent-orchestration] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -925,6 +925,18 @@ ECC 自动检测项目使用的包管理器,遵循 6 级优先级: ## Related +### Resources - [[Everything Claude Code 完整指南]] - [[Everything Claude Code 用法速查]] - [[GSD 方法论与最佳实践]] + +### Zettelkasten +- [[Everything Claude Code 最佳实践]] +- [[Everything Claude Code Agent 编排模式]] +- [[Everything Claude Code Token 优化]] +- [[Everything Claude Code 多服务编排详解]] +- [[Claude Code Memory 日常最佳实践]] +- [[Hook驱动优于提示词驱动]] +- [[MCP数量与上下文窗口的反比关系]] +- [[本能学习系统的演化路径]] +- [[上下文腐烂与全新窗口隔离]] diff --git a/4 - Resources/Everything Claude Code 用法速查.md b/4 - Resources/Claude-Code/Everything Claude Code 用法速查.md similarity index 97% rename from 4 - Resources/Everything Claude Code 用法速查.md rename to 4 - Resources/Claude-Code/Everything Claude Code 用法速查.md index 6126757..7f60f4b 100644 --- a/4 - Resources/Everything Claude Code 用法速查.md +++ b/4 - Resources/Claude-Code/Everything Claude Code 用法速查.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 22:10" type: resource -tags: [claude-code, AI-tools, development-workflow, cheatsheet] +tags: [resource, claude-code, AI-tools, development-workflow, cheatsheet] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -172,12 +172,16 @@ source: "https://github.com/affaan-m/everything-claude-code" ## Related +### Resources - [[Everything Claude Code 完整指南]] -- [[Everything Claude Code 多服务编排详解]] -- [[Claude Code Memory 日常最佳实践]] +- [[Everything Claude Code 方法论与最佳实践]] + +### Zettelkasten - [[Everything Claude Code 最佳实践]] - [[Everything Claude Code Agent 编排模式]] - [[Everything Claude Code Token 优化]] +- [[Everything Claude Code 多服务编排详解]] +- [[Claude Code Memory 日常最佳实践]] ## Source diff --git a/4 - Resources/GSD 方法论与最佳实践.md b/4 - Resources/Claude-Code/GSD 方法论与最佳实践.md similarity index 99% rename from 4 - Resources/GSD 方法论与最佳实践.md rename to 4 - Resources/Claude-Code/GSD 方法论与最佳实践.md index a6c1bd0..d690c80 100644 --- a/4 - Resources/GSD 方法论与最佳实践.md +++ b/4 - Resources/Claude-Code/GSD 方法论与最佳实践.md @@ -1,7 +1,7 @@ --- created: "2026-03-20 10:00" type: resource -tags: [claude-code, AI-tools, methodology, best-practices, project-management, gsd] +tags: [resource, claude-code, AI-tools, methodology, best-practices, project-management, gsd] source: "https://github.com/gsd-build/get-shit-done" --- @@ -901,6 +901,12 @@ fix(1-C): apply auth middleware to admin routes ## Related +### Resources - [[Everything Claude Code 完整指南]] - [[Everything Claude Code 用法速查]] - [[Everything Claude Code 方法论与最佳实践]] + +### Zettelkasten +- [[上下文腐烂与全新窗口隔离]] +- [[目标回溯验证vs正向任务检查]] +- [[Plans as Prompts设计模式]] diff --git a/4 - Resources/Engineering/Billo Release & PR Review Workflow.md b/4 - Resources/Engineering/Billo Release & PR Review Workflow.md index 0a6db7d..7400364 100644 --- a/4 - Resources/Engineering/Billo Release & PR Review Workflow.md +++ b/4 - Resources/Engineering/Billo Release & PR Review Workflow.md @@ -1,7 +1,7 @@ --- created: "2026-03-17" type: resource -tags: [engineering, workflow, azure-devops, jira, slack, billo] +tags: [resource, engineering, workflow, azure-devops, jira, slack, billo] source: "C:/Users/yaoji/git/Billo/release-workflow/SKILL.md" --- diff --git a/4 - Resources/HomeLab Infrastructure.md b/4 - Resources/HomeLab/HomeLab Infrastructure.md similarity index 99% rename from 4 - Resources/HomeLab Infrastructure.md rename to 4 - Resources/HomeLab/HomeLab Infrastructure.md index c2e0f09..7502c5c 100644 --- a/4 - Resources/HomeLab Infrastructure.md +++ b/4 - Resources/HomeLab/HomeLab Infrastructure.md @@ -1,7 +1,7 @@ --- created: "2026-03-10" type: resource -tags: [infrastructure, homelab, kubernetes, ci-cd, gitops] +tags: [resource, infrastructure, homelab, kubernetes, ci-cd, gitops] source: "HomeLab 部署实践" --- diff --git a/4 - Resources/OpenBB Invest API - K8s Infrastructure.md b/4 - Resources/HomeLab/OpenBB Invest API - K8s Infrastructure.md similarity index 97% rename from 4 - Resources/OpenBB Invest API - K8s Infrastructure.md rename to 4 - Resources/HomeLab/OpenBB Invest API - K8s Infrastructure.md index 303596c..a34579f 100644 --- a/4 - Resources/OpenBB Invest API - K8s Infrastructure.md +++ b/4 - Resources/HomeLab/OpenBB Invest API - K8s Infrastructure.md @@ -1,7 +1,7 @@ --- created: "2026-03-09" type: resource -tags: [kubernetes, infrastructure, devops, drone-ci, argocd, docker-registry] +tags: [resource, kubernetes, infrastructure, devops, drone-ci, argocd, docker-registry, homelab] source: "openbb-invest-api 项目部署实践" --- diff --git a/2 - Projects/VLESS-Reality/OpenClash-Config-Review-2026-03-19.md b/4 - Resources/Networking/OpenClash-Config-Review-2026-03-19.md similarity index 99% rename from 2 - Projects/VLESS-Reality/OpenClash-Config-Review-2026-03-19.md rename to 4 - Resources/Networking/OpenClash-Config-Review-2026-03-19.md index 5c5ed81..f10e404 100644 --- a/2 - Projects/VLESS-Reality/OpenClash-Config-Review-2026-03-19.md +++ b/4 - Resources/Networking/OpenClash-Config-Review-2026-03-19.md @@ -1,8 +1,10 @@ --- tags: + - resource - openclash - vless-reality - security-audit + - networking - router - homelab --- diff --git a/2 - Projects/VLESS-Reality/OpenClash-Configuration.md b/4 - Resources/Networking/OpenClash-Configuration.md similarity index 99% rename from 2 - Projects/VLESS-Reality/OpenClash-Configuration.md rename to 4 - Resources/Networking/OpenClash-Configuration.md index 38b1d01..bcd235d 100644 --- a/2 - Projects/VLESS-Reality/OpenClash-Configuration.md +++ b/4 - Resources/Networking/OpenClash-Configuration.md @@ -1,8 +1,10 @@ --- tags: + - resource - openclash - vless-reality - clash-config + - networking - router - dns - homelab diff --git a/2 - Projects/VLESS-Reality/VLESS-REALITY-Client-macOS.md b/4 - Resources/Networking/VLESS-REALITY-Client-macOS.md similarity index 99% rename from 2 - Projects/VLESS-Reality/VLESS-REALITY-Client-macOS.md rename to 4 - Resources/Networking/VLESS-REALITY-Client-macOS.md index 420f4d1..1108832 100644 --- a/2 - Projects/VLESS-Reality/VLESS-REALITY-Client-macOS.md +++ b/4 - Resources/Networking/VLESS-REALITY-Client-macOS.md @@ -1,8 +1,10 @@ --- tags: + - resource - openclash - vless-reality - proxy + - networking - macOS - homelab --- diff --git a/2 - Projects/VLESS-Reality/VLESS-REALITY-Router-iStoreOS.md b/4 - Resources/Networking/VLESS-REALITY-Router-iStoreOS.md similarity index 99% rename from 2 - Projects/VLESS-Reality/VLESS-REALITY-Router-iStoreOS.md rename to 4 - Resources/Networking/VLESS-REALITY-Router-iStoreOS.md index f3d1497..7f9d09e 100644 --- a/2 - Projects/VLESS-Reality/VLESS-REALITY-Router-iStoreOS.md +++ b/4 - Resources/Networking/VLESS-REALITY-Router-iStoreOS.md @@ -1,7 +1,9 @@ --- tags: + - resource - openclash - vless-reality + - networking - iStoreOS - router - dns diff --git a/2 - Projects/VLESS-Reality/VLESS-REALITY-Setup-Guide.md b/4 - Resources/Networking/VLESS-REALITY-Setup-Guide.md similarity index 96% rename from 2 - Projects/VLESS-Reality/VLESS-REALITY-Setup-Guide.md rename to 4 - Resources/Networking/VLESS-REALITY-Setup-Guide.md index cd6e846..625d3e8 100644 --- a/2 - Projects/VLESS-Reality/VLESS-REALITY-Setup-Guide.md +++ b/4 - Resources/Networking/VLESS-REALITY-Setup-Guide.md @@ -1,212 +1,214 @@ ---- -tags: - - openclash - - vless-reality - - proxy - - setup-guide - - homelab ---- - -# VLESS + XTLS-Vision + REALITY 搭建文档 - -> 基于 Xray-core 官方仓库,当前最推荐的代理方案。 -> 无需域名、无需 TLS 证书,流量伪装为正常 HTTPS 访问。 - -**部署状态:已完成** | 初始部署:2026-03-14 | Xray 版本:v26.2.6 -**用途:翻墙回国** — 从瑞典通过国内代理访问国内资源 - ---- - -## 当前状态总览 - -### 已完成 - -- [x] 阿里云服务器 Xray-core 部署 -- [x] iStoreOS 从旁路由升级为主网关 -- [x] Deco BE65 切换为 AP 模式 -- [x] DHCP 静态绑定(19 台设备) -- [x] 端口映射迁移(3 条规则) -- [x] OpenClash + mihomo 安装配置 -- [x] 内网 DNS(dnsmasq + OpenClash hosts) -- [x] 广告拦截(OpenClash GEOSITE 规则) -- [x] 翻墙回国验证(v.qq.com 正常播放) -- [x] AdGuard Home 移除(由 OpenClash 接管广告拦截和 DNS) - -### 最终方案 - -不使用 AdGuard Home,全部由 OpenClash + dnsmasq 处理: -- dnsmasq(:53) 负责内网 DNS + 转发到 OpenClash -- OpenClash(:7874) 负责 fake-ip 分流 + 广告拦截 + 翻墙回国 -- NameServer 必须用海外 DNS(8.8.8.8),不能用国内 DNS(避免环路) - ---- - -## 服务器信息 - -| 项目 | 值 | -|------|-----| -| 服务器 | `8.138.1.192` (Ubuntu 24.04 LTS, 阿里云广州) | -| 端口 | `443` | -| UUID | `04a7cfe3-10f6-4e38-8319-22a604e24018` | -| Private Key | `mLQp0G0_yYYBNeviVJ674UmaYLimx9vbixVQhlESTWU` | -| Public Key | `RTO_UOk5ncr3DAAYR08g08L0fo5ax9pmGFj8c8lXWgk` | -| 伪装目标 | `www.microsoft.com` | - -### 分享链接 - -``` -vless://04a7cfe3-10f6-4e38-8319-22a604e24018@8.138.1.192:443?encryption=none&flow=xtls-rprx-vision&security=reality&sni=www.microsoft.com&fp=chrome&pbk=RTO_UOk5ncr3DAAYR08g08L0fo5ax9pmGFj8c8lXWgk&type=tcp#VLESS-Reality -``` - ---- - -## 网络拓扑 - -### 当前状态 - -``` -光猫 (拨号, 瑞典 ISP) - │ - ▼ WAN (eth0, DHCP, 公网 IP) -iStoreOS / EasePi (192.168.68.63) ← 主网关 - ├── DHCP 服务器 (网关=.63, DNS=.63) - ├── AdGuard Home Docker (:53) ← 临时,待迁出 - ├── OpenClash (已安装,未启用,与 AGH 冲突) - ├── 端口映射 (2200, 443, 51888) - │ - ▼ LAN (eth1/eth2/eth3) - ├── Deco BE65 (AP 模式) → mesh WiFi → 手机/平板/笔记本 - └── 交换机 (2楼) → PVE + NAS + 其他有线设备 -``` - -### 目标架构 - -``` -光猫 → iStoreOS (192.168.68.63, 主网关) - ├── DHCP (网关=.63, DNS=AGH的IP) - ├── OpenClash (:7874, fake-ip + DNS劫持) - ├── 端口映射 - │ - ├── Deco BE65 (AP) → WiFi 设备 - └── 交换机 (2楼) - ├── PVE (192.168.68.69) → VM 跑 AdGuard Home - └── NAS (192.168.68.70) - -DNS 链路: -设备 → AdGuard Home (PVE VM:53, 广告过滤+内网重写) - └→ 上游: OpenClash (192.168.68.63:7874, fake-ip) - ├→ 国内域名 → VLESS 代理回国 - └→ 海外域名 → 直连 -``` - ---- - -## 物理布局 - -``` -1楼: 光猫 → iStoreOS (EasePi) → Deco BE65 主机 -2楼: 交换机 ← 网线连接 Deco → PVE 服务器 + NAS -``` - -注意:2楼设备通过 Deco AP 桥接到 iStoreOS,不是直连。 - ---- - -## 相关文档 - -| 文档 | 说明 | -|------|------| -| [主网关配置](./VLESS-REALITY-Router-iStoreOS.md) | iStoreOS 网络/DHCP/端口映射/OpenClash 配置 | -| [macOS 客户端](./VLESS-REALITY-Client-macOS.md) | ClashX Meta 客户端配置(外出时使用) | -| [AdGuard Home 备份](./adguardhome-backup-20260315.tar.gz) | 完整备份(配置+数据,89MB) | - ---- - -## PVE 虚拟机列表 - -| VMID | 名称 | IP | 状态 | 说明 | -|------|------|-----|------|------| -| 100 | HA (Home Assistant) | - | running | 智能家居 | -| 101 | k8s-cp1 | - | running | K8s 控制面 | -| 102 | Wireguard | 192.168.68.107 | running | VPN | -| 103 | k8s-w1 | - | running | K8s 工作节点 | -| 104 | k8s-w2 | - | running | K8s 工作节点 | -| 105 | pg-01 | - | running | PostgreSQL | -| 106 | network-scanner | 192.168.68.84 | running | 网络扫描 | -| 110 | adguard-home (LXC) | 192.168.68.110 | running | AdGuard Home(网络不稳定,待修复) | - ---- - -## 踩坑记录 - -### 1. OpenClash + AdGuard Home 53 端口冲突 - -OpenClash fake-ip 模式需要 DNS 劫持(占 53 端口),与 AdGuard Home 冲突。 -尝试的方案: -- 关闭 DNS 劫持 → fake-ip 不生效,无法代理 -- 开启防火墙转发 → dnsmasq 不运行,DNS 全断 -- AdGuard Home 上游指向 OpenClash → 其他设备(旁路由模式下)拿到 fake-ip 断网 - -**结论:必须分开部署在不同机器上。** - -### 2. Deco BE65 不支持自定义 DHCP 网关/DNS - -Deco 系列路由器的 DHCP 设置完全封闭,无法自定义下发网关和 DNS。 -**解决方案:** Deco 切 AP 模式,iStoreOS 接管 DHCP。 - -### 3. PVE LXC 容器网络延迟不稳定 - -Ubuntu 25.04 LXC 容器 eth0 不能自动启动,需要手动 `ip link set eth0 up`。 -即使手动配置后,ping 延迟在 9ms~200ms 之间波动。 -PVE 主机和 NAS 延迟正常(3-7ms),说明是 LXC 网络栈的问题。 -**待解决:改用完整 VM 或修复 LXC 网络。** - -### 4. 旁路由模式 bypass_gateway_compatible - -OpenClash 旁路由模式下必须开启 `bypass_gateway_compatible=1`,否则转发流量不通。 -同时必须关闭 `enable_redirect_dns=0`,否则会劫持所有设备 DNS 导致断网。 - -### 5. 1Password SSH Agent - -SSH 到新 IP 时需要在 `~/.ssh/config` 中添加 `IdentityAgent` 配置指向 1Password socket。 -不能用 `IdentitiesOnly=yes`,否则会阻止 1Password agent。 - ---- - -## 服务器管理 - -### 阿里云服务器 (8.138.1.192) - -```bash -ssh admin@8.138.1.192 - -# Xray 管理 -systemctl status xray -systemctl restart xray -journalctl -u xray -f - -# 更新 -bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -``` - -### iStoreOS 主网关 (192.168.68.63) - -```bash -SSH_AUTH_SOCK="$HOME/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ssh root@192.168.68.63 - -# 紧急恢复(如果 OpenClash 搞坏了网络) -/etc/init.d/openclash stop -nft -a list chain inet fw4 dstnat | grep 'DNS Hijack' | grep -o 'handle [0-9]*' | while read h; do nft delete rule inet fw4 dstnat $h; done -nft -a list chain inet fw4 nat_output | grep 'DNS Hijack' | grep -o 'handle [0-9]*' | while read h; do nft delete rule inet fw4 nat_output $h; done -``` - -### PVE (192.168.68.69) - -```bash -SSH_AUTH_SOCK="$HOME/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ssh root@192.168.68.69 - -# LXC 管理 -pct list -pct start/stop/restart 110 -pct exec 110 -- bash -``` +--- +tags: + - resource + - openclash + - vless-reality + - proxy + - networking + - setup-guide + - homelab +--- + +# VLESS + XTLS-Vision + REALITY 搭建文档 + +> 基于 Xray-core 官方仓库,当前最推荐的代理方案。 +> 无需域名、无需 TLS 证书,流量伪装为正常 HTTPS 访问。 + +**部署状态:已完成** | 初始部署:2026-03-14 | Xray 版本:v26.2.6 +**用途:翻墙回国** — 从瑞典通过国内代理访问国内资源 + +--- + +## 当前状态总览 + +### 已完成 + +- [x] 阿里云服务器 Xray-core 部署 +- [x] iStoreOS 从旁路由升级为主网关 +- [x] Deco BE65 切换为 AP 模式 +- [x] DHCP 静态绑定(19 台设备) +- [x] 端口映射迁移(3 条规则) +- [x] OpenClash + mihomo 安装配置 +- [x] 内网 DNS(dnsmasq + OpenClash hosts) +- [x] 广告拦截(OpenClash GEOSITE 规则) +- [x] 翻墙回国验证(v.qq.com 正常播放) +- [x] AdGuard Home 移除(由 OpenClash 接管广告拦截和 DNS) + +### 最终方案 + +不使用 AdGuard Home,全部由 OpenClash + dnsmasq 处理: +- dnsmasq(:53) 负责内网 DNS + 转发到 OpenClash +- OpenClash(:7874) 负责 fake-ip 分流 + 广告拦截 + 翻墙回国 +- NameServer 必须用海外 DNS(8.8.8.8),不能用国内 DNS(避免环路) + +--- + +## 服务器信息 + +| 项目 | 值 | +|------|-----| +| 服务器 | `8.138.1.192` (Ubuntu 24.04 LTS, 阿里云广州) | +| 端口 | `443` | +| UUID | `04a7cfe3-10f6-4e38-8319-22a604e24018` | +| Private Key | `mLQp0G0_yYYBNeviVJ674UmaYLimx9vbixVQhlESTWU` | +| Public Key | `RTO_UOk5ncr3DAAYR08g08L0fo5ax9pmGFj8c8lXWgk` | +| 伪装目标 | `www.microsoft.com` | + +### 分享链接 + +``` +vless://04a7cfe3-10f6-4e38-8319-22a604e24018@8.138.1.192:443?encryption=none&flow=xtls-rprx-vision&security=reality&sni=www.microsoft.com&fp=chrome&pbk=RTO_UOk5ncr3DAAYR08g08L0fo5ax9pmGFj8c8lXWgk&type=tcp#VLESS-Reality +``` + +--- + +## 网络拓扑 + +### 当前状态 + +``` +光猫 (拨号, 瑞典 ISP) + │ + ▼ WAN (eth0, DHCP, 公网 IP) +iStoreOS / EasePi (192.168.68.63) ← 主网关 + ├── DHCP 服务器 (网关=.63, DNS=.63) + ├── AdGuard Home Docker (:53) ← 临时,待迁出 + ├── OpenClash (已安装,未启用,与 AGH 冲突) + ├── 端口映射 (2200, 443, 51888) + │ + ▼ LAN (eth1/eth2/eth3) + ├── Deco BE65 (AP 模式) → mesh WiFi → 手机/平板/笔记本 + └── 交换机 (2楼) → PVE + NAS + 其他有线设备 +``` + +### 目标架构 + +``` +光猫 → iStoreOS (192.168.68.63, 主网关) + ├── DHCP (网关=.63, DNS=AGH的IP) + ├── OpenClash (:7874, fake-ip + DNS劫持) + ├── 端口映射 + │ + ├── Deco BE65 (AP) → WiFi 设备 + └── 交换机 (2楼) + ├── PVE (192.168.68.69) → VM 跑 AdGuard Home + └── NAS (192.168.68.70) + +DNS 链路: +设备 → AdGuard Home (PVE VM:53, 广告过滤+内网重写) + └→ 上游: OpenClash (192.168.68.63:7874, fake-ip) + ├→ 国内域名 → VLESS 代理回国 + └→ 海外域名 → 直连 +``` + +--- + +## 物理布局 + +``` +1楼: 光猫 → iStoreOS (EasePi) → Deco BE65 主机 +2楼: 交换机 ← 网线连接 Deco → PVE 服务器 + NAS +``` + +注意:2楼设备通过 Deco AP 桥接到 iStoreOS,不是直连。 + +--- + +## 相关文档 + +| 文档 | 说明 | +|------|------| +| [主网关配置](./VLESS-REALITY-Router-iStoreOS.md) | iStoreOS 网络/DHCP/端口映射/OpenClash 配置 | +| [macOS 客户端](./VLESS-REALITY-Client-macOS.md) | ClashX Meta 客户端配置(外出时使用) | +| [AdGuard Home 备份](./adguardhome-backup-20260315.tar.gz) | 完整备份(配置+数据,89MB) | + +--- + +## PVE 虚拟机列表 + +| VMID | 名称 | IP | 状态 | 说明 | +|------|------|-----|------|------| +| 100 | HA (Home Assistant) | - | running | 智能家居 | +| 101 | k8s-cp1 | - | running | K8s 控制面 | +| 102 | Wireguard | 192.168.68.107 | running | VPN | +| 103 | k8s-w1 | - | running | K8s 工作节点 | +| 104 | k8s-w2 | - | running | K8s 工作节点 | +| 105 | pg-01 | - | running | PostgreSQL | +| 106 | network-scanner | 192.168.68.84 | running | 网络扫描 | +| 110 | adguard-home (LXC) | 192.168.68.110 | running | AdGuard Home(网络不稳定,待修复) | + +--- + +## 踩坑记录 + +### 1. OpenClash + AdGuard Home 53 端口冲突 + +OpenClash fake-ip 模式需要 DNS 劫持(占 53 端口),与 AdGuard Home 冲突。 +尝试的方案: +- 关闭 DNS 劫持 → fake-ip 不生效,无法代理 +- 开启防火墙转发 → dnsmasq 不运行,DNS 全断 +- AdGuard Home 上游指向 OpenClash → 其他设备(旁路由模式下)拿到 fake-ip 断网 + +**结论:必须分开部署在不同机器上。** + +### 2. Deco BE65 不支持自定义 DHCP 网关/DNS + +Deco 系列路由器的 DHCP 设置完全封闭,无法自定义下发网关和 DNS。 +**解决方案:** Deco 切 AP 模式,iStoreOS 接管 DHCP。 + +### 3. PVE LXC 容器网络延迟不稳定 + +Ubuntu 25.04 LXC 容器 eth0 不能自动启动,需要手动 `ip link set eth0 up`。 +即使手动配置后,ping 延迟在 9ms~200ms 之间波动。 +PVE 主机和 NAS 延迟正常(3-7ms),说明是 LXC 网络栈的问题。 +**待解决:改用完整 VM 或修复 LXC 网络。** + +### 4. 旁路由模式 bypass_gateway_compatible + +OpenClash 旁路由模式下必须开启 `bypass_gateway_compatible=1`,否则转发流量不通。 +同时必须关闭 `enable_redirect_dns=0`,否则会劫持所有设备 DNS 导致断网。 + +### 5. 1Password SSH Agent + +SSH 到新 IP 时需要在 `~/.ssh/config` 中添加 `IdentityAgent` 配置指向 1Password socket。 +不能用 `IdentitiesOnly=yes`,否则会阻止 1Password agent。 + +--- + +## 服务器管理 + +### 阿里云服务器 (8.138.1.192) + +```bash +ssh admin@8.138.1.192 + +# Xray 管理 +systemctl status xray +systemctl restart xray +journalctl -u xray -f + +# 更新 +bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install +``` + +### iStoreOS 主网关 (192.168.68.63) + +```bash +SSH_AUTH_SOCK="$HOME/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ssh root@192.168.68.63 + +# 紧急恢复(如果 OpenClash 搞坏了网络) +/etc/init.d/openclash stop +nft -a list chain inet fw4 dstnat | grep 'DNS Hijack' | grep -o 'handle [0-9]*' | while read h; do nft delete rule inet fw4 dstnat $h; done +nft -a list chain inet fw4 nat_output | grep 'DNS Hijack' | grep -o 'handle [0-9]*' | while read h; do nft delete rule inet fw4 nat_output $h; done +``` + +### PVE (192.168.68.69) + +```bash +SSH_AUTH_SOCK="$HOME/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ssh root@192.168.68.69 + +# LXC 管理 +pct list +pct start/stop/restart 110 +pct exec 110 -- bash +``` diff --git a/2 - Projects/VLESS-Reality/VLESS-Reality 翻墙回国.md b/4 - Resources/Networking/VLESS-Reality 翻墙回国.md similarity index 97% rename from 2 - Projects/VLESS-Reality/VLESS-Reality 翻墙回国.md rename to 4 - Resources/Networking/VLESS-Reality 翻墙回国.md index 247e3b6..ed09e91 100644 --- a/2 - Projects/VLESS-Reality/VLESS-Reality 翻墙回国.md +++ b/4 - Resources/Networking/VLESS-Reality 翻墙回国.md @@ -1,12 +1,12 @@ --- created: "2026-03-15" -type: project -status: active -deadline: "" +type: resource tags: + - resource - openclash - vless-reality - proxy + - networking - homelab --- diff --git a/2 - Projects/OpenClaw/OpenClaw Agent 配置详情.md b/4 - Resources/OpenClaw/OpenClaw Agent 配置详情.md similarity index 97% rename from 2 - Projects/OpenClaw/OpenClaw Agent 配置详情.md rename to 4 - Resources/OpenClaw/OpenClaw Agent 配置详情.md index 7e534d5..03ea4a7 100644 --- a/2 - Projects/OpenClaw/OpenClaw Agent 配置详情.md +++ b/4 - Resources/OpenClaw/OpenClaw Agent 配置详情.md @@ -1,8 +1,7 @@ --- created: "2026-03-19 17:00" -type: project -status: active -tags: [openclaw, ai-agent, discord, multi-agent] +type: resource +tags: [resource, openclaw, ai-agent, discord, multi-agent, homelab] source: "ssh yiukai@192.168.68.108 ~/.openclaw/openclaw.json" --- diff --git a/2 - Projects/OpenClaw/OpenClaw 部署配置分析.md b/4 - Resources/OpenClaw/OpenClaw 部署配置分析.md similarity index 98% rename from 2 - Projects/OpenClaw/OpenClaw 部署配置分析.md rename to 4 - Resources/OpenClaw/OpenClaw 部署配置分析.md index cc2ac0e..cd01d22 100644 --- a/2 - Projects/OpenClaw/OpenClaw 部署配置分析.md +++ b/4 - Resources/OpenClaw/OpenClaw 部署配置分析.md @@ -1,8 +1,7 @@ --- created: "2026-03-19 17:00" -type: project -status: active -tags: [openclaw, ai-gateway, discord, homelab, deployment] +type: resource +tags: [resource, openclaw, ai-gateway, discord, homelab, deployment] source: "ssh yiukai@192.168.68.108 ~/.openclaw/" --- diff --git a/4 - Resources/OpenClaw-Skill-Reference.md b/4 - Resources/OpenClaw/OpenClaw-Skill-Reference.md similarity index 98% rename from 4 - Resources/OpenClaw-Skill-Reference.md rename to 4 - Resources/OpenClaw/OpenClaw-Skill-Reference.md index feacb05..3815abd 100644 --- a/4 - Resources/OpenClaw-Skill-Reference.md +++ b/4 - Resources/OpenClaw/OpenClaw-Skill-Reference.md @@ -1,7 +1,7 @@ --- created: "2026-03-10" type: resource -tags: [openclaw, ai-gateway, claude-code, skill] +tags: [resource, openclaw, ai-gateway, claude-code, skill, homelab] source: "https://docs.openclaw.ai/" --- diff --git a/4 - Resources/OpenVAS Usage Guide.md b/4 - Resources/Security/OpenVAS Usage Guide.md similarity index 99% rename from 4 - Resources/OpenVAS Usage Guide.md rename to 4 - Resources/Security/OpenVAS Usage Guide.md index a786863..8638913 100644 --- a/4 - Resources/OpenVAS Usage Guide.md +++ b/4 - Resources/Security/OpenVAS Usage Guide.md @@ -2,6 +2,7 @@ created: "2026-03-08" type: resource tags: + - resource - security - openvas - vulnerability-scanning diff --git a/2 - Projects/PVE Security Scanner.md b/4 - Resources/Security/PVE Security Scanner.md similarity index 99% rename from 2 - Projects/PVE Security Scanner.md rename to 4 - Resources/Security/PVE Security Scanner.md index d15dc71..addf938 100644 --- a/2 - Projects/PVE Security Scanner.md +++ b/4 - Resources/Security/PVE Security Scanner.md @@ -1,13 +1,13 @@ --- created: "2026-03-08" -type: project -status: active -deadline: "" +type: resource tags: + - resource - homelab - security - proxmox - networking + - vulnerability-scanning --- # PVE Security Scanner diff --git a/6 - Zettelkasten/20260307120000 PARA 与 Zettelkasten 的互补关系.md b/6 - Zettelkasten/20260307120000 PARA 与 Zettelkasten 的互补关系.md index 12e72df..3a5551b 100644 --- a/6 - Zettelkasten/20260307120000 PARA 与 Zettelkasten 的互补关系.md +++ b/6 - Zettelkasten/20260307120000 PARA 与 Zettelkasten 的互补关系.md @@ -1,7 +1,7 @@ --- created: "2026-03-07 12:00" type: zettel -tags: [concept, PKM] +tags: [zettel, concept, PKM, knowledge-management, zettelkasten] source: "Tiago Forte - Building a Second Brain / Niklas Luhmann - Zettelkasten" --- diff --git a/6 - Zettelkasten/20260308213000 Everything Claude Code 最佳实践.md b/6 - Zettelkasten/20260308213000 Everything Claude Code 最佳实践.md index 42993c1..711a1fc 100644 --- a/6 - Zettelkasten/20260308213000 Everything Claude Code 最佳实践.md +++ b/6 - Zettelkasten/20260308213000 Everything Claude Code 最佳实践.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 21:30" type: zettel -tags: [claude-code, best-practices, AI-tools] +tags: [zettel, claude-code, best-practices, AI-tools] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -43,5 +43,7 @@ source: "https://github.com/affaan-m/everything-claude-code" ## Related - [[Everything Claude Code 完整指南]] +- [[Everything Claude Code 方法论与最佳实践]] +- [[Everything Claude Code 用法速查]] - [[Everything Claude Code Agent 编排模式]] - [[Everything Claude Code Token 优化]] diff --git a/6 - Zettelkasten/20260308213100 Everything Claude Code Agent 编排模式.md b/6 - Zettelkasten/20260308213100 Everything Claude Code Agent 编排模式.md index b4b5df3..f60ce58 100644 --- a/6 - Zettelkasten/20260308213100 Everything Claude Code Agent 编排模式.md +++ b/6 - Zettelkasten/20260308213100 Everything Claude Code Agent 编排模式.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 21:31" type: zettel -tags: [claude-code, agent-orchestration, workflow] +tags: [zettel, claude-code, agent-orchestration, workflow] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -47,6 +47,7 @@ Phase 5: VERIFY (build-error-resolver) → done or loop ## Related +- [[Everything Claude Code 完整指南]] +- [[Everything Claude Code 方法论与最佳实践]] - [[Everything Claude Code 多服务编排详解]] - [[Everything Claude Code 最佳实践]] -- [[Everything Claude Code 完整指南]] diff --git a/6 - Zettelkasten/20260308213200 Everything Claude Code Token 优化.md b/6 - Zettelkasten/20260308213200 Everything Claude Code Token 优化.md index 48074d0..78c5a9d 100644 --- a/6 - Zettelkasten/20260308213200 Everything Claude Code Token 优化.md +++ b/6 - Zettelkasten/20260308213200 Everything Claude Code Token 优化.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 21:32" type: zettel -tags: [claude-code, token-optimization, cost] +tags: [zettel, claude-code, token-optimization, cost] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -43,5 +43,7 @@ Skill 启动时只读描述(约 100 tokens),只在相关时才加载完整 ## Related +- [[Everything Claude Code 完整指南]] +- [[Everything Claude Code 用法速查]] - [[Everything Claude Code 最佳实践]] - [[Everything Claude Code Agent 编排模式]] diff --git a/6 - Zettelkasten/20260308221500 Everything Claude Code 多服务编排详解.md b/6 - Zettelkasten/20260308221500 Everything Claude Code 多服务编排详解.md index d050557..b6875c9 100644 --- a/6 - Zettelkasten/20260308221500 Everything Claude Code 多服务编排详解.md +++ b/6 - Zettelkasten/20260308221500 Everything Claude Code 多服务编排详解.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 22:15" type: zettel -tags: [claude-code, multi-agent, orchestration, workflow] +tags: [zettel, claude-code, multi-agent, orchestration, workflow] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -568,9 +568,10 @@ Team Lead 通过 Task 状态自动判断何时启动下一阶段,不需要人 ## Related +- [[Everything Claude Code 完整指南]] +- [[Everything Claude Code 方法论与最佳实践]] - [[Everything Claude Code 用法速查]] - [[Everything Claude Code Agent 编排模式]] -- [[Everything Claude Code 完整指南]] ## Source diff --git a/6 - Zettelkasten/20260308223000 Claude Code Memory 日常最佳实践.md b/6 - Zettelkasten/20260308223000 Claude Code Memory 日常最佳实践.md index dd6b8d4..e05985a 100644 --- a/6 - Zettelkasten/20260308223000 Claude Code Memory 日常最佳实践.md +++ b/6 - Zettelkasten/20260308223000 Claude Code Memory 日常最佳实践.md @@ -1,7 +1,7 @@ --- created: "2026-03-08 23:30" type: zettel -tags: [claude-code, memory, persistence, workflow, best-practice] +tags: [zettel, claude-code, memory, persistence, workflow, best-practices] source: "daily usage + ECC documentation" --- @@ -180,9 +180,10 @@ Claude → 更新 MEMORY.md 索引 ## Related -- [[Everything Claude Code 多服务编排详解]] -- [[Everything Claude Code 用法速查]] - [[Everything Claude Code 完整指南]] +- [[Everything Claude Code 方法论与最佳实践]] +- [[Everything Claude Code 用法速查]] +- [[Everything Claude Code 多服务编排详解]] ## Source diff --git a/6 - Zettelkasten/20260319120100 Hook驱动优于提示词驱动.md b/6 - Zettelkasten/20260319120100 Hook驱动优于提示词驱动.md index 8ae0c35..5dc792a 100644 --- a/6 - Zettelkasten/20260319120100 Hook驱动优于提示词驱动.md +++ b/6 - Zettelkasten/20260319120100 Hook驱动优于提示词驱动.md @@ -1,7 +1,7 @@ --- created: "2026-03-19 12:01" type: zettel -tags: [claude-code, agent-reliability, automation] +tags: [zettel, claude-code, agent-reliability, automation] source: "https://github.com/affaan-m/everything-claude-code" --- diff --git a/6 - Zettelkasten/20260319120200 MCP数量与上下文窗口的反比关系.md b/6 - Zettelkasten/20260319120200 MCP数量与上下文窗口的反比关系.md index 4f9c1cc..cdad510 100644 --- a/6 - Zettelkasten/20260319120200 MCP数量与上下文窗口的反比关系.md +++ b/6 - Zettelkasten/20260319120200 MCP数量与上下文窗口的反比关系.md @@ -1,7 +1,7 @@ --- created: "2026-03-19 12:02" type: zettel -tags: [claude-code, context-window, performance, mcp] +tags: [zettel, claude-code, context-window, performance, mcp] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -24,5 +24,6 @@ source: "https://github.com/affaan-m/everything-claude-code" ## Related +- [[Everything Claude Code 完整指南]] - [[Everything Claude Code 方法论与最佳实践]] - [[Hook驱动优于提示词驱动]] diff --git a/6 - Zettelkasten/20260319120300 本能学习系统的演化路径.md b/6 - Zettelkasten/20260319120300 本能学习系统的演化路径.md index c6fb928..a0bee6b 100644 --- a/6 - Zettelkasten/20260319120300 本能学习系统的演化路径.md +++ b/6 - Zettelkasten/20260319120300 本能学习系统的演化路径.md @@ -1,7 +1,7 @@ --- created: "2026-03-19 12:03" type: zettel -tags: [claude-code, machine-learning, continuous-improvement, agent-evolution] +tags: [zettel, claude-code, machine-learning, continuous-improvement, agent-evolution] source: "https://github.com/affaan-m/everything-claude-code" --- @@ -26,5 +26,6 @@ ECC 的 Continuous Learning v2.1 实现了一个 AI Agent 自我改进的闭环 ## Related +- [[Everything Claude Code 完整指南]] - [[Everything Claude Code 方法论与最佳实践]] - [[Hook驱动优于提示词驱动]] diff --git a/6 - Zettelkasten/20260320100100 上下文腐烂与全新窗口隔离.md b/6 - Zettelkasten/20260320100100 上下文腐烂与全新窗口隔离.md index f30e6f7..de2b650 100644 --- a/6 - Zettelkasten/20260320100100 上下文腐烂与全新窗口隔离.md +++ b/6 - Zettelkasten/20260320100100 上下文腐烂与全新窗口隔离.md @@ -1,7 +1,7 @@ --- created: "2026-03-20 10:01" type: zettel -tags: [claude-code, context-window, ai-quality, gsd] +tags: [zettel, claude-code, context-window, ai-quality, gsd] source: "https://github.com/gsd-build/get-shit-done" --- diff --git a/6 - Zettelkasten/20260320100200 目标回溯验证vs正向任务检查.md b/6 - Zettelkasten/20260320100200 目标回溯验证vs正向任务检查.md index 5afb7cd..1730a9a 100644 --- a/6 - Zettelkasten/20260320100200 目标回溯验证vs正向任务检查.md +++ b/6 - Zettelkasten/20260320100200 目标回溯验证vs正向任务检查.md @@ -1,7 +1,7 @@ --- created: "2026-03-20 10:02" type: zettel -tags: [verification, methodology, ai-quality, gsd] +tags: [zettel, claude-code, verification, methodology, ai-quality, gsd] source: "https://github.com/gsd-build/get-shit-done" --- diff --git a/6 - Zettelkasten/20260320100300 Plans as Prompts设计模式.md b/6 - Zettelkasten/20260320100300 Plans as Prompts设计模式.md index 0da6327..f544d5a 100644 --- a/6 - Zettelkasten/20260320100300 Plans as Prompts设计模式.md +++ b/6 - Zettelkasten/20260320100300 Plans as Prompts设计模式.md @@ -1,7 +1,7 @@ --- created: "2026-03-20 10:03" type: zettel -tags: [prompt-engineering, ai-architecture, gsd] +tags: [zettel, claude-code, prompt-engineering, ai-architecture, gsd] source: "https://github.com/gsd-build/get-shit-done" ---