2025年に読み仮名の生成を考える。

ちょっと必要、しかも完全ローカルが望ましい。

一般的なVPSで動かすことを想定。

以下の手段が想定できる。

# クラウドサービスを使う（今回は禁止）

- gooラボAPI

- Yahoo!言語解析API

# 自前実装（形態素解析系）

- MeCab（＋UniDic/NEologd）

- sudach

- Vaporetto （使用モデル：bccwj-suw+unidic_pos+pron　※UniDic ベースで学習済み）

https://github.com/daac-tools/vaporetto

# 自前実装（LLM系）

- gpt-oss(20B) ※そのままでも実際にN100とかでも動くけど遅い。さらに量子化すれば、一般的なVPSでも動作可能だが・・・

0.5B ggufがあったのでテストしてみる。

mradermacher/gpt-oss-0.5B-GGUF

- gemma3-12b

こいつはイケるだろ。

やはり大丈夫。

- BitNet b1.58 2B4T ※超軽量LLM

読み仮名無理だった・・・残念

重みを1.58ビットに量子化することによる恩恵は大きい。

1. メモリ消費量の大幅削減: モデルを保存・実行するために必要なメモリ量が格段に少なくなる。BitNet b1.58 2B4Tの非埋め込み（non-embedding）メモリ使用量はわずか0.4GB (400MB)だ。これは、比較対象となったモデルの中で次に小さいGoogleのGemma 3 1B（1.4GB）の約30%以下であり、他のモデルと比較しても圧倒的に小さい。

MS製の小型LLMじゃ無理か、英語圏の奴らに「よみがな」という概念がないからな・・・

https://bitnet-demo.azurewebsites.net/

こうなるって、予想ついた・・・

- internVL3.5 ※要検証

3.5じゃなく3の8Bの結果

3.5の小さいやつでどれだけいけるか、チェックしたい。

- intern-S1（これH100とかじゃないと動かんけど・・・）

- intern-S1-mini（民生品で動くが・・・ダメだ）

そこで、俺は考えた。

大規模言語モデル研究開発センター（LLMC）のLLM-jpって日本語はトップクラスなのでは？

こいつの小さい量子化モデルだとどうなるのか調べてみる。

ちなみに直近で富士通が1bit量子化成功してる。

https://www.itmedia.co.jp/aiplus/articles/2509/08/news113.html

使ったことないからわからんが・・・

LLM-jp-v4だと、小さいモデルも頭よくなりそうだが・・・まだ出てない。

https://llm-jp.nii.ac.jp/ja/blog/blog-1039/

こいつを実験してみよう！

llm-jp-3.1-1.8b-instruct4-gguf

割と行けるな・・・（カナをひらがなに強制変換すれば使えそうな予感）

サーバもrustだし、結局Vaporettoを使った。

bccwj-suw+unidic_pos+pron.model.zst（ファイルサイズ約6M）

chatgptの会話の履歴をhtmlにする。

gptの共有しても相手が見れない時、履歴として保存したい時に便利。

https://qiita.com/uni928/items/a9bfcf4209a8cb32cc30

まぁhtml置くのも面倒なので、Claudeでやったが・・・

https://claude.ai/public/artifacts/0efd5d22-9790-4770-ac0f-aacbefb21477

https://claude.ai/public/artifacts/ab4d7d31-2c6c-41fa-b11d-cc114cdb1a33

grok code fast 1

rustを書かせると、かなり失敗する。

Claude Codeのサブエージェントを利用すればいいかもしれない。

https://github.com/VoltAgent/awesome-claude-code-subagents

# rust専用

https://github.com/VoltAgent/awesome-claude-code-subagents/blob/main/categories/02-language-specialists/rust-engineer.md

cloudflareで取ったドメインでメールを送る

email送信、無料プランは１日300通まで。

brevo.com

UIがわかりにくいので図解で説明。

# 取得したドメインを設定

ドメインを設定。

推奨設定を選ぶ以下、手順５（画像の４を訂正）

cloudflareと連携

cloudflareのDNSに、brevoの認証情報が追加される。

add senderで自分のドメインのメールアドレスを作成。

SMTPの情報確認は以下の手順。

API用のメールテンプレートを作る

Save&Activateを押す。

テンプレートは番号で指定して使う。

#1なら1

Claude Codeに全部賭けるために入門する勉強会

Claude Codeに全部賭けるために入門する勉強会

メモ

google検索mcp

https://github.com/yukukotani/mcp-gemini-google-search

ご清聴ありがとうございました！ 本日の発表資料です。 デモ部分は動画になっています。 → Claude Codeを実務開発で使い倒して得られた知見 https://tonkotsuboy.github.io/20250731-forkwell-claude-code

codeignter4のシステムでcertbotが403で失敗する

tail -5 /var/log/apache2/system_error.log

access_compat モジュールは古いApache 2.2形式のアクセス制御を提供しますが、現代のApache 2.4では問題を引き起こすことがあります。

geoipがapache2.2で作ってたっぽ。

それを2.4にする。

だが、certbotのdryrun失敗する・・・

GeoIP設定が全てのロケーション（<Location />）に適用されており、Let's Encryptサーバー（日本国外のIP）からのアクセスをブロックしています。

Let's Encryptのチャレンジファイルアクセスを地理的制限から除外する必要があります。

GeoIP設定による地理的アクセス制限が Let's Encrypt チャレンジをブロックしていました：

geoip-japan.conf

 で <Location /> により全てのパスに日本からのアクセスのみを許可

Let's Encrypt の検証サーバー（海外IP）が .well-known/acme-challenge/ にアクセスできない

その結果、403 Forbidden エラーが発生

解決策

access_compatモジュールを無効化 - 古いApache 2.2形式のアクセス制御を排除

Apache設定をApache 2.4形式に変換 - Order/Deny/Allow → Require ディレクティブ

.well-knownディレクトリをGeoIP制限から除外：

途中までcursor[claude4]でやってたけど、何も進まなくなってしまったので、windsurf[claude4 thinking(BYOK)]のプランモードにした。

# Certbot Dry Run Plan

## Notes

- User wants to run certbot in dry run mode.

- Domain: system.xn--pck1d9bw09wkw5b89tgnf.com

- Challenge directory: /var/www/html/system.gaichuukujoclub/public/.well-known/acme-challenge/

- Certbot dry run command was executed, but failed with a 403 error on the challenge file.

- Manual HTTP access to a test challenge file returns 200 OK, suggesting a possible difference in permissions or timing for certbot-created files.

- Apache config was reviewed and updated to explicitly allow access to .well-known; FollowSymLinks option was set for RewriteRule to function.

- Directory ownership and permissions were checked and set to www-data:755.

- 403 error persists for certbot-created files; further investigation ongoing.

- Created certbot deploy hook to fix permissions for challenge files.

- Adjusted permissions/ownership for challenge directory and files directly.

- Created and tested manual challenge file with certbot-style token; file accessible (200 OK).

- Pre-hook script added to ensure permissions before certbot runs.

- Apache config for acme-challenge directory was further adjusted; HTTP access to test challenge file now returns 200 OK.

- Certbot dry run still fails with 403 error; further diagnosis needed.

- Running certbot with sudo/root is required and was attempted; 403 error persists.

- Investigating possible mod_rewrite (RewriteRule) interference as a cause of 403 error.

- .htaccess RewriteRules in /public/.htaccess identified as likely cause of 403 error; next step is to adjust/test RewriteRules to resolve certbot challenge issue.

- .htaccess RewriteRules were adjusted to prioritize ACME challenge and add exclusion for challenge path; certbot dry run still fails with 403 error after fix. Further diagnosis of .htaccess and rewrite logic needed.

- .htaccess was completely disabled and certbot dry run still fails with 403 error; .htaccess is not the root cause. Further Apache configuration and environment diagnostics needed.

- Apache error log shows access_compat module is denying access (AH01797: client denied by server configuration); focus on resolving this Apache config issue.

- access_compat module was disabled to resolve the Apache config issue; next step is to restart Apache and test certbot again.

- Apache restart failed due to legacy 'Order' directive in geoip-japan.conf after disabling access_compat; must resolve this Apache config error before proceeding.

- geoip-japan.conf was updated from Apache 2.2 'Order/Deny/Allow' to Apache 2.4 'Require' directives; next steps are to test Apache config, restart Apache, and test certbot dry run.

- Apache config syntax error (SetEnvIf in <RequireAny>) was fixed; config now passes syntax check. Next steps: restart Apache, test certbot dry run, and verify if the 403 error is resolved.

- Apache was successfully restarted and certbot dry run was tested again, but the 403 error persists. Further diagnosis of Apache config, permissions, or environment is needed.

- GeoIP configuration was blocking Let's Encrypt challenge requests; config updated to exclude .well-known directory from GeoIP restrictions. Next steps: test Apache config, restart Apache, and test certbot dry run again.

- GeoIP config structure was fixed (no nested <LocationMatch>); Apache config now passes syntax check. Next steps: restart Apache and test certbot dry run again.

- Certbot dry run was successful after excluding .well-known from GeoIP restrictions; 403 error is resolved and Let's Encrypt challenge now works as expected.

- User requested to proceed with actual SSL certificate issuance after successful dry run.

- Attempt to issue actual SSL certificate failed due to existing (broken) renewal configuration for the domain; next step is to resolve renewal config file issue before reissuing certificate.

- Broken renewal config file was found to be empty and has been deleted; next step is to re-attempt issuing the actual SSL certificate with certbot.

- Attempt to issue actual SSL certificate failed again due to existing expired certificate files in the live directory; next step is to clean up or renew the expired certificate files before reissuing.

- Actual SSL certificate was successfully issued using certbot with --force-renewal; task is now complete.

- SSL certificate is issued, but HTTPS (port 443) VirtualHost is not yet configured in Apache; user encountered SSL_ERROR_RX_RECORD_TOO_LONG when accessing via HTTPS. Next step is to add Apache HTTPS VirtualHost configuration and enable HTTPS.

- HTTPS (port 443) VirtualHost configuration has been added to Apache; config test passed. Next step is to restart Apache to enable HTTPS.

- Apache was restarted successfully; HTTPS should now be enabled and accessible.

- User now wants to update/renew SSL certificates for kokyakuzouka-labo.com and system.kokyakuzouka-labo.com; next step is to check their current certificate status and plan renewal.

- kokyakuzouka-labo.com certificate is expired as of 2025-07-21.

- system.kokyakuzouka-labo.com certificate file is missing or broken; needs reissue or repair.

- Apache config files for kokyakuzouka-labo.com found in sites-available (kokyakuzouka-labo.com.conf, kokyakuzouka-labo.com-le-ssl.conf); next step is to review these configs to determine webroot for certificate renewal.

- kokyakuzouka-labo.com DocumentRoot and SSL paths confirmed: /var/www/html/kokyakuzouka-labo.com

- system.kokyakuzouka-labo.com DocumentRoot confirmed: /var/www/html/system.kokyakuzouka-labo.com/public; SSL config present in sites-available.

- Apache configs for kokyakuzouka-labo.com and system.kokyakuzouka-labo.com are not enabled in sites-enabled; must enable before renewal.

- HTTP (port 80) access to kokyakuzouka-labo.com is being refused; Let's Encrypt challenge cannot reach the server. Must resolve HTTP connectivity before renewal can succeed.

- Apache is not listening on port 80; service is in a failed state and must be fixed before HTTP access and certificate renewal can proceed.

- Apache startup fails with 'AH00020: Configuration Failed, exiting' (runtime error, not syntax); must diagnose and resolve before proceeding with cert renewal.

- Likely cause: enabled SSL site (kokyakuzouka-labo.com-le-ssl) references missing/broken certificate files, causing Apache to fail. Disabling this site should restore HTTP service for renewal.

- Disabled kokyakuzouka-labo.com-le-ssl and system.kokyakuzouka-labo.com sites; Apache now starts and is running. Ready to continue with certificate renewal steps.

- HTTP access is restored, but certbot renewal for kokyakuzouka-labo.com fails with 404 due to HTTP→HTTPS redirect and no valid SSL. Need to address redirect or temporarily disable for renewal.

- Redirect exclusion implemented, Apache reloaded, now need to diagnose and resolve 500 error on ACME challenge before proceeding with cert renewal.

- 500 error root cause found: legacy 'Satisfy' directive in .htaccess under .well-known/acme-challenge causes internal server error during ACME challenge. Must remove or update this directive for Apache 2.4+ compatibility.

- Legacy 'Satisfy' directive .htaccess file under .well-known/acme-challenge has been removed. 500 error should be resolved; next, need to address Certbot 'live directory exists' error for kokyakuzouka-labo.com renewal.

- Existing /etc/letsencrypt/live/kokyakuzouka-labo.com certificate files are present but expired; Certbot 'live directory exists' error occurs when attempting renewal. Next step: resolve this error by renewing or cleaning up the existing certificate files.

- User noted that system.kokyakuzouka-labo.com may have the same legacy .htaccess/Satisfy issue and should be checked and cleaned up similarly.

- Checked for legacy .htaccess/Satisfy directive under .well-known/acme-challenge for system.kokyakuzouka-labo.com; directory does not exist, so no action needed at this time.

- Broken/empty renewal config file for kokyakuzouka-labo.com identified as cause of renewal error; next step is to delete this file and re-attempt certificate issuance.

- kokyakuzouka-labo.com certificate was successfully reissued and saved at /etc/letsencrypt/live/kokyakuzouka-labo.com-0001/. Next, update Apache SSL config to use new certificate path before proceeding with system.kokyakuzouka-labo.com.

- Apache SSL config for kokyakuzouka-labo.com has been updated to use the new certificate path at /etc/letsencrypt/live/kokyakuzouka-labo.com-0001/. Apache config test passed, and service was successfully restarted.

- kokyakuzouka-labo.com SSL site has been enabled and Apache reloaded; HTTPS access tested and confirmed working. Ready to proceed with system.kokyakuzouka-labo.com certificate issuance.

- Attempting to enable system.kokyakuzouka-labo.com site and reload Apache failed due to missing/broken certificate file (SSLCertificateFile: file '/etc/letsencrypt/live/system.kokyakuzouka-labo.com/fullchain.pem' does not exist or is empty). Need to resolve this before certificate issuance.

- SSL section in Apache config for system.kokyakuzouka-labo.com has been temporarily commented out to allow certificate issuance; config test passed.

- Broken renewal config file for kokyakuzouka-labo.com has been deleted as part of auto-renewal setup.

- Broken renewal config file for system.xn--pck1d9bw09wkw5b89tgnf.com has been deleted as part of auto-renewal setup.

- Renewal dry run (certbot renew --dry-run) succeeded for all certificates; valid renewal config files have been regenerated.

- certbot.timer is enabled and active for automatic certificate renewal.

- Apache reload is now automated after certificate renewal; deploy hook has been created and made executable.

- All automation (certbot renew, Apache reload, permissions fix) is complete and verified.

## Task List

- [x] Prepare certbot command for dry run with webroot and domain

- [x] Execute certbot dry run

- [x] Diagnose and resolve 403 error on certbot challenge file

  - [x] Check web server configuration for .well-known access

  - [x] Verify permissions/ownership of certbot-created challenge files

  - [x] Test manual challenge file with certbot-style token

- [x] Verify output and report results

- [x] Issue actual SSL certificate with certbot

  - [x] Fix/clean up broken renewal config for domain

  - [x] Clean up or renew expired certificate files in live directory

- [x] Add and enable Apache HTTPS (port 443) VirtualHost configuration

- [x] Restart Apache to enable HTTPS

- [x] Check and renew SSL certificates for kokyakuzouka-labo.com and system.kokyakuzouka-labo.com

  - [x] Review Apache config and confirm webroot for kokyakuzouka-labo.com

  - [x] Review Apache config and confirm webroot for system.kokyakuzouka-labo.com

  - [x] Enable Apache configs for kokyakuzouka-labo.com and system.kokyakuzouka-labo.com

  - [x] Disable problematic SSL configs to restore Apache

  - [x] Address HTTP→HTTPS redirect or temporarily disable for renewal

    - [x] Remove or update legacy 'Satisfy' directive in .htaccess under .well-known/acme-challenge

    - [x] Check for legacy .htaccess/Satisfy directive under .well-known/acme-challenge for system.kokyakuzouka-labo.com (directory does not exist, no action needed)

    - [x] Diagnose and resolve Certbot 'live directory exists' error for kokyakuzouka-labo.com

      - [x] Review and handle existing/expired certificate files in /etc/letsencrypt/live/kokyakuzouka-labo.com

      - [x] Delete broken/empty renewal config file for kokyakuzouka-labo.com

      - [x] Remove /etc/letsencrypt/live/kokyakuzouka-labo.com directory to resolve Certbot conflict

  - [x] Renew expired certificate for kokyakuzouka-labo.com

  - [x] Update Apache SSL config for kokyakuzouka-labo.com to use new certificate path

  - [x] Restart Apache after updating SSL config for kokyakuzouka-labo.com

  - [x] Test HTTPS access to kokyakuzouka-labo.com after SSL config update

  - [x] Reissue/fix missing certificate for system.kokyakuzouka-labo.com (resolve SSL config/cert file issue before issuing)

    - [x] Temporarily disable SSL section in Apache config for system.kokyakuzouka-labo.com to allow certificate issuance

    - [x] Issue certificate for system.kokyakuzouka-labo.com

    - [x] Restore SSL section in Apache config and enable HTTPS for system.kokyakuzouka-labo.com

  - [x] Add deploy hook to reload Apache after certificate renewal

## Current Goal

All certificate and Apache automation is complete and verified

【LLM】Kimi K2

MoonshotAIのLLM。

windsurfでも対応した。

Claude 3.7 sonnetがx1.0

Claude 3.7 sonnet Thikingがx1.25

Kimi K2はx0.5