Eric Guo's

in HTML5, JavaScript, Ruby & Rails, Python, and Cloud MES!

Deploy Another Rails App in the Same CentOS Server


Assure the first Rails app is running as user deployer and second as user scschub.

Setup second user account

adduser scschub
gpasswd -a scschub wheel
visudo # add scschub ALL=(ALL) NOPASSWD: ALL at end
sudo su - scschub
mkdir .ssh
chmod 700 .ssh

Install rbenv and ruby-build

cd # as a deployer
git clone git:// .rbenv
cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
~/.rbenv/bin/rbenv init
# As an rbenv plugin
mkdir -p "$(rbenv root)"/plugins
git clone "$(rbenv root)"/plugins/ruby-build

Install Ruby 2.6.1

rbenv install -l
rbenv install 2.6.1
rbenv global 2.6.1
eval "$(rbenv init -)" >> ~/.bash_profile
echo "gem: --no-document" > ~/.gemrc
gem install bundler

Fix permission for CentOS

sudo mkdir /var/www
cd /var/www
sudo mkdir scschub
sudo chown scschub:scschub scschub/

Copy puma config.rb and other shared link files

cap production puma:config

Create postgresql role

sudo su - postgres
createuser scschub --pwprompt
CREATE ROLE sccsa_users;
GRANT sccsa_users TO deployer;
GRANT sccsa_users TO scschub;

Allow both user can access the same data.

psql -d sccsa_production
ALTER TABLE wechat_sessions OWNER TO sccsa_users;
ALTER SEQUENCE wechat_sessions_id_seq OWNER TO sccsa_users;

Further reference.

How to Resolve Safari Download Filename Not Support Chinese


Found from stackoverflow, which I think should including in send_data acturally….

def make_and_send_pdf(pdf_name, options = {})
options = { :disposition => 'attachment' }.merge(options)
file_name = "#{pdf_name}.pdf"
filename: ERB::Util.url_encode(file_name),
type: 'application/pdf',
disposition: "#{options[:disposition]}; filename*= UTF-8''#{ERB::Util.url_encode(file_name)}"

Rbenv and CentOS Ruby on Rails Production Environment Install Log


Original refer, install on a Aliyun server.

Install software in root account

Update system

yum update
yum install -y htop git zlib zlib-devel gcc-c++ patch readline readline-devel libyaml-devel libffi-devel openssl-devel make bzip2 autoconf automake libtool bison curl sqlite-devel

Setup a user account

adduser deployer
gpasswd -a deployer wheel
visudo # add deployer ALL=(ALL) NOPASSWD: ALL at end
sudo su - deployer
mkdir .ssh
chmod 700 .ssh

Also disable root login and password via PermitRootLogin in /etc/ssh/sshd_config

Before exis, make sure you can login via ssh deployer@ip_address, other wise, check file permission.

Install rbenv and ruby-build

cd # as a deployer
git clone git:// .rbenv
cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
~/.rbenv/bin/rbenv init
# As an rbenv plugin
mkdir -p "$(rbenv root)"/plugins
git clone "$(rbenv root)"/plugins/ruby-build

Install Ruby 2.5.1

rbenv install -l
rbenv install 2.5.1
rbenv global 2.5.1
eval "$(rbenv init -)" >> ~/.bash_profile
echo "gem: --no-document" > ~/.gemrc
gem install bundler

Install Javascript Runtime

curl --silent --location | sudo bash -
sudo yum install nodejs
sudo curl -sL -o /etc/yum.repos.d/yarn.repo
sudo yum install yarn

Install postgresql

sudo yum install postgresql-server postgresql-contrib postgresql-devel
sudo postgresql-setup initdb
sudo systemctl start postgresql
sudo chkconfig postgresql on
sudo su - postgres
createuser deployer --pwprompt
CREATE DATABASE harman_vendor_production WITH ENCODING='UTF8' OWNER=deployer
# "local" is for Unix domain socket connections only
local all all peer
psql -d harman_vendor_production

Install nginx

sudo yum install epel-release
sudo yum install nginx

Fix permission for CentOS

sudo mkdir /var/www
cd /var/www
sudo mkdir jbl_product
sudo chown deployer:deployer jbl_product/

or further read nginx permission denied

Deploy Simple Rails App to CentOS 7.4 on Aliyun in 2018


It’s 2018, docker quite mature, but since we can buy a server less than 600 RMB in Aliyun including 40Gb storage, 1MB network, 1 core CPU and 2G memory, so I still want to install it in the triditional way.

Install software in root account

Update system

yum update
yum install htop
yum install git

Install RVM

Resolve can not import from hkp://

In a server which can running below cmd:

gpg --keyserver hkp:// --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
gpg --export --armor D39DC0E3
gpg --export --armor 39499BDB

In Aliyun server:

gpg --import -

and copy and paste the can run server public key content and press Ctrl+D

Install RVM

\curl -sSL | bash -s stable
source /etc/profile.d/

Update RVM to master

rvm get master
rvm list known # should see ruby 2.5

Install Ruby 2.5

rvm install ruby-2.5
echo "gem: --no-document" >> /etc/gemrc
echo "gem: --no-document" >> ~/.gemrc

Install node.js

yum install nodejs
node --version # v6.12.3

Install yarn

curl --silent --location | sudo tee /etc/yum.repos.d/yarn.repo
yum install yarn

Install nginx

yum install nginx
sudo chkconfig nginx on

Normal user

Create new user - harman

adduser --home-dir /data/www/harman harman -g rvm

Copy authorized_keys

mkdir /data/www/harman/.ssh
sudo cp ~/.ssh/authorized_keys /data/www/harman/.ssh/
sudo chown harman:rvm /data/www/harman/.ssh/

Do capistrano deploy

Change nginx

Modify nginx

Add below to http section and comment out default server section.

http {
log_format timed_combined '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'$request_time $upstream_response_time $pipe';
access_log /var/log/nginx/access.log timed_combined;

Create /etc/nginx/conf.d/harman.conf

upstream harman_web {
server unix:/data/www/harman/shared/tmp/unicorn.socket fail_timeout=0;
keepalive 3;
server {
listen 80 default_server;
# server_name;
location /nginx_status {
deny all;
stub_status on;
root /data/www/harman/current/public;
access_log /data/www/harman/shared/log/harman-access.log timed_combined buffer=1k;
error_log /data/www/harman/shared/log/harman-error.log;
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html break;
location ~ (/assets|/uploads|/system|/favicon.ico|/*.txt) {
access_log off;
expires 14d;
gzip_static on;
add_header Cache-Control public;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering on;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://harman_web;
gzip on;

Chart Number and Calculation Logic Explanation for OpenApply


I plan to rewrite the OpenApply all the chart, so need list the calculation logic as below first.


The dashboard provides a quick overview of most common key number for the school.


Enquiries provide a month by month overview for inquiry and it’s submitted applicant forms number.

Monthly inquiry students define as the new students created at that month.

Monthly conversion students define as the student who submits the application form that month.

So normally, such gap between inquiries and conversion should not very large, otherwise, it’s indicate maybe your application form is too complex and many students don’t finish it.


Applicants will list the students’ number per day, the students is the one who was being marked at the applied status in that day, the mark effective date can be different with actually the marking day.

Applicants date range always starts at Month Day 1.

The applicants number is based on student status history effective on date.


Enrolment chart will display the count number of enrolled student per that month. The enrolled day is students status histories enrolled record effective on date.


Re-enrolment help you manage the re-enrolment student status. there is 3 status which will be recorded in student reenrolment status.

Pending means email already sent, but student no response. Confirmed means student confirm the re-enrolment for your select academic year. Declined means student read the email but decide not continue attending the school at the select academic year.

If the student is eligible to attend the select academic year, but no student reenrolment status record, it will belong to Not sent.



Based on filter condition, to analyze the company, nationality by reference source or grade distribution.

The time range always the academic year.

Conversion Funnel

Conversion Funnel focus on the enroll perspective.

The left part is the drop down student status for the select academic year, the Pending number is 100% percent, then all other status is based on that percent.

In demo side, as the enrolled student in 25%, which means only ¼ student can be enrolled amount all inquiry student.

Center part pie chat compare the declined and enrolled students for that year.

Right small pie chat display sub status for select status students, if the school does not configure their own sub-status, it will leave blank.


This part no chart, so intentionally leave blank.


The checklist will give an overview of checklist status per academic year and per program.

Pending means those students not complete the checklist item. Partial means those students have already filled the forms, but not submit yet. Complete means those students finish such checklist item.

Click any part of rectangle box will display detail students in such status in the checklist item.

You can filter to analyze students as the checklist completion data source.


It will analyze the student country, if the student country is blank, will take parents country instead.


It will analyze the student’s nationality.


It will analyze the student’s language.

Pow Used .dev Will Be Redirect to Https by Google Chrome


After Chrome 63 released, Google makes the decision to redirect .dev to https direct as they buy the domain TLD.

So if you using pow as well like me, you need to add below line to ~/.profile:

export POW_DOMAINS=localhost

And running below command and restart pow.

cd /etc/resolver/
sudo mv dev localhost
launchctl unload -w ~/Library/LaunchAgents/cx.pow.powd.plist
sudo launchctl unload -w /Library/LaunchDaemons/cx.pow.firewall.plist
sudo pow --install-system
pow --install-local
sudo launchctl load -w /Library/LaunchDaemons/cx.pow.firewall.plist
launchctl load -w ~/Library/LaunchAgents/cx.pow.powd.plist

So you can continue using http://faria.oa.localhost/ to access your local rails projects.

Ruby Conf China 2017 Notes


第一场 m-ruby on nginx from strikely

Performance Result


XSS via blog using m-ruby


Real usage in strikely

Image compress, jwt token verify

Sample setup code


1.9.3 syntax only and can not require files and existing ruby gems.

第二场 Ethereum on Ruby


区块链组成:加密算法、P2P网络、共识算法、可证实的数据结构(区块链 Authenticated Data Structure)。

Contract Account是的机器在历史上第一次财务独立,可以代替一切中间人的角色。

EVM Ethereum Virtual Machine 计费力度可以到指令。


Solidity, Viper(类Python,类型更安全), Bamboo(做形式化证明)

Precompile Contract 预编译的合约用于加速处理,都是加密相关的功能。

第三场 Ruby异步编程奥德赛


第四场 Erlang开发web框架


第五场 Ruby Web实时通讯方案剖析 侯俊杰


第六场 Exploring ActiveRecord

第七场 Docker 发布

第八场 Ruby-Packer

Based on SquashFS

第九场 Elixir

第十场 金数据鉴黄

tesseract-ocr 字符识别

第十一场 mobx-ruby