Eric Guo's blog.cloud-mes.com

Hoping writing JS, Ruby & Rails and Go article, but fallback to DevOps note

Setup a Gitlab Runner Server on Ubuntu 20.04

Permalink

According to the official documentation, I having a free lighthouse server from tencent and install Ubuntu 20.04 to running gitlab runner.

Install docker.

sudo apt-get remove docker docker-engine docker.io containerd runc
sudo apt-get install ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
docker run hello-world

Install gitlab runner

sudo su -
docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner --help
docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner register
docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner verify
docker run -d --name gitlab-runner --restart always -v /srv/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest
docker logs gitlab-runner
docker restart gitlab-runner

Upgrade gitlab runner

sudo su -
docker stop gitlab-runner && docker rm gitlab-runner
docker pull gitlab/gitlab-runner
docker run -d --name gitlab-runner --restart always -v /srv/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest
docker logs gitlab-runner
docker restart gitlab-runner

Fix the docker address pools conflict with internal network IP

docker network inspect bridge
vi /etc/docker/daemon.json
systemctl restart docker.service
docker network inspect bridge
{
"registry-mirrors": ["https://mirror.ccs.tencentyun.com", "http://hub-mirror.c.163.com"],
"default-address-pools":
[
{"base":"10.200.100.0/16","size":24}
]
}

Clean docker cache

wget https://gitlab.com/gitlab-org/gitlab-runner/-/raw/main/packaging/root/usr/share/gitlab-runner/clear-docker-cache
chmod +x clear-docker-cache
./clear-docker-cache

Further info

Install Rails Stack for Ubuntu 20.04

Permalink

Install nginx

sudo su -
cd /etc/apt/sources.list.d/
vi nginx.list
apt update

And paste the source:

nginx.list
deb https://nginx.org/packages/ubuntu/ focal nginx
deb-src https://nginx.org/packages/ubuntu/ focal nginx

And public keys:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ABF5BD827BD9BF62
apt update
apt-get install nginx
systemctl start nginx
systemctl enable nginx

It’s also possible to enable TLS 1.1/1.2 due to Ubuntu 20.04 not support by default.

/etc/nginx/nginx.conf
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
# seclevel for TLS 1.0 and 1.1
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:@SECLEVEL=1";

Install node.js 16 and yarn 1.x

Using nodesource distribution

curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -
sudo apt-get install gcc g++ make git
sudo apt-get install -y nodejs
## To install the Yarn package manager
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn

Install rbenv

sudo su - # as root
apt update
apt install build-essential libgdbm-dev libncurses-dev libreadline-dev libssl-dev libyaml-dev zlib1g-dev
logout # as ubuntu
# git clone https://github.com/rbenv/rbenv.git ~/.rbenv
git clone https://gitee.com/Eric-Guo/rbenv.git ~/.rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
source ~/.bashrc
type rbenv
# git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build
git clone https://gitee.com/Eric-Guo/ruby-build.git "$(rbenv root)"/plugins/ruby-build
# git clone https://github.com/andorchen/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror
git clone https://gitee.com/Eric-Guo/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror
rbenv install -l

Install ruby 3.0.3

rbenv install 3.0.3
rbenv global 3.0.3
echo "gem: --no-document" > ~/.gemrc
rbenv shell 3.0.3
gem update --system
gem install bundler
gem install bundler --default
gem install bundler

Install postgresql

apt-get install postgresql
apt-get install postgresql-server-dev-all
sudo su - postgres
createuser ubuntu
psql
ALTER ROLE ubuntu LOGIN;
CREATE DATABASE wefocusin_production WITH ENCODING='UTF8' OWNER=ubuntu;
logout
psql -d wefocusin_production -f wefocusin_production.sql

Install certbot

sudo apt install snapd
sudo snap install core
sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx

Using Podman-docker in Tlinux - TencentOS Version 3.1

Permalink

Notice gitlab still need using real docker instead of podman-docker and below is only record as a testing purpose and failed, detail see gitlab issue 27119.

sudo yum install podman-docker
sudo mv /etc/containers/registries.conf /etc/containers/registries.conf.orig
docker run --rm -t -i gitlab/gitlab-runner --help
sudo mkdir -p /srv/gitlab-runner/config
docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner register
docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner verify
/etc/containers/registries.conf
unqualified-search-registries = ["docker.io"]
[[registry]]
prefix = "docker.io"
insecure = false
blocked = false
location = "docker.io"
[[registry.mirror]]
location = "hub-mirror.c.163.com"
[[registry.mirror]]
location = "registry.docker-cn.com"

Install Gitlab 14.6 on Ubuntu 20.04 Log

Permalink

Installation gitlab from source is not easy, but it’s worth as it enable me do some edit latter, so here is my installation log.

Create git user and make git user sudo

adduser deployer
sudo su - deployer
mkdir .ssh
chmod 700 .ssh
vi .ssh/authorized_keys # and paste your public key
chmod 600 .ssh/authorized_keys
sudo su -
cd /etc/sudoers.d/
echo "deployer ALL=(ALL) NOPASSWD:ALL" > 20-deployer-user

Install build dependencies

sudo apt remove libcurl4 # see https://askubuntu.com/a/1134120/111945
sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libre2-dev \
libreadline-dev libncurses5-dev libffi-dev curl openssh-server libxml2-dev libxslt-dev \
libcurl4-openssl-dev libicu-dev logrotate rsync python-docutils pkg-config cmake runit-systemd

Install Ruby 2.7.6

sudo apt install git autoconf bison
mkdir /tmp/ruby && cd /tmp/ruby
curl --remote-name --progress-bar "https://cache.ruby-china.com/pub/ruby/2.7/ruby-2.7.6.tar.gz"
echo 'e7203b0cc09442ed2c08936d483f8ac140ec1c72e37bb5c401646b7866cb5d10 ruby-2.7.6.tar.gz' | sha256sum -c - && tar xzf ruby-2.7.6.tar.gz
cd ruby-2.7.6
./configure --disable-install-rdoc --enable-shared
make
sudo make install
gem update --system
gem install bundler
gem install --default bundler

Install Go 1.17

wget https://go.dev/dl/go1.17.11.linux-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.17.11.linux-amd64.tar.gz
sudo vi /etc/environment # add :/usr/local/go/bin in PATH
go version

Install Git in gitlab versions

sudo apt-get install -y libcurl4-openssl-dev libexpat1-dev gettext libz-dev libssl-dev libpcre2-dev build-essential git-core
git clone https://e.coding.net/sew/gitlab/gitaly.git -b 14-6-stable /tmp/gitaly
cd /tmp/gitaly
sudo make git GIT_PREFIX=/usr/local
sudo apt remove -y git-core git
sudo apt autoremove

Install Node.js 14 and other depends

sudo apt-get install -y graphicsmagick
sudo apt-get install -y postfix
sudo apt-get install -y libimage-exiftool-perl
curl --location "https://deb.nodesource.com/setup_14.x" | sudo bash -
sudo apt-get install -y gcc g++ make
sudo apt-get install -y nodejs
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn

System users

sudo adduser --disabled-login --gecos 'GitLab' git

Database

sudo apt install -y postgresql postgresql-client libpq-dev postgresql-contrib

And following the official documentation section.

Redis

sudo apt-get install redis-server

And following the official documentation section.

Clone Gitlab and do some change

Largely following official document.

sudo -u git -H git clone https://e.coding.net/sew/gitlab/gitlab.git -b thape_deploy gitlab
  • need change database.yml to using local user
  • need filling the config/secrets.yml with proper secrets by running rails secret
  • need setting the proxy for go
# setting go proxy
export GO111MODULE=on
export GOPROXY=https://goproxy.cn
sudo chown deployer:deployer -R .bundle/
bundle install
sudo chown git:git -R .bundle/

Install GitLab Shell

cd /usr/bin
sudo ln -s /usr/local/bin/git git
sudo -u git -H bundle exec rake gitlab:shell:install RAILS_ENV=production
cd /home/git/gitlab-shell/
sudo -u git -H make
cd /home/git/gitlab/
sudo -u git -H bundle exec rake gitlab:shell:install RAILS_ENV=production

Install GitLab Workhorse

sudo -u git -H bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse,https://e.coding.net/sew/gitlab/gitlab-workhorse]" RAILS_ENV=production
cd /home/git/gitlab-workhorse
sudo -u git -H git checkout -b 8-65-stable
cd /home/git/gitlab
sudo -u git -H bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse,https://e.coding.net/sew/gitlab/gitlab-workhorse]" RAILS_ENV=production

Install GitLab-Elasticsearch-indexer on Enterprise Edition

sudo su - git
cd /home/git
git clone https://e.coding.net/sew/gitlab/gitlab-elasticsearch-indexer.git
logout
cd /usr/bin
sudo ln -s /usr/local/go/bin/go go
cd /home/git/gitlab
sudo -u git -H bundle exec rake "gitlab:indexer:install[/home/git/gitlab-elasticsearch-indexer,https://e.coding.net/sew/gitlab/gitlab-elasticsearch-indexer.git]" RAILS_ENV=production

Install GitLab Pages

cd /home/git
sudo -u git -H git clone https://e.coding.net/sew/gitlab/gitlab-pages.git
cd gitlab-pages
sudo -u git -H git checkout v$(</home/git/gitlab/GITLAB_PAGES_VERSION)
sudo -u git -H make

Install Gitaly

Beside following documents, also need to do a bundler install in ruby folder and configure-authentication.

cd /home/git/gitlab
sudo -u git -H bundle exec rake "gitlab:gitaly:install[/home/git/gitaly,/home/git/repositories,https://e.coding.net/sew/gitlab/gitaly.git]" RAILS_ENV=production

Some configure after install

I only record I do:

  1. trusted-proxies

Backup

cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
# find backup at ./gitlab/tmp/backups

Using Patch-package to Tuning CSS in 3rd Party Packages

Permalink

Add patch-package

yarn add patch-package postinstall-postinstall

Apply the change

Open sublime-text and modify the source code

Generate the patch

yarn patch-package viewerjs

Auto patch

"private": true,
+ "scripts": {
+ "postinstall": "patch-package"
+ },
"dependencies": {

Resolve G++ Error Unrecognized Command Line Optionstd=c++14

Permalink

When I try to deploy next 10 in CentOS 7, which required a npm package deasync which using C++ 14 feature, but the CentOS 7 gcc not support, so below is how to resolved.

yum list | grep gcc
yum install centos-release-scl-rh
yum install llvm-toolset-7-clang
yum install centos-release-scl
yum install devtoolset-7-gcc.x86_64 && yum install devtoolset-7-gcc-c++.x86_64
# or yum install devtoolset-7-toolchain
scl enable devtoolset-7 bash
yarn install

You only need to enable devtoolset-7 once when do the yarn install, after that the node_modules will having the library so no need enable in every deploy.

Rails Developer Installation Log on MacBook M1 Pro

Permalink

I got my third MacBook Pro today. It’s the first Apple Silicon CPU Mac. I bought in JD and due to I choose the base model, it’s arrived with in only 10 hours later.

Mac App Store install list

  • AdBlock Pro (10.0.5)
  • Affinity Designer (1.10.4)
  • Affinity Photo (1.10.4)
  • Affinity Publisher (1.10.4)
  • Artstudio Pro (3.2.16)
  • Diagrams (2.2.0)
  • Elmedia Video Player (8.1)
  • iA Writer (5.6.16)
  • iMovie (10.3.1)
  • Instapaper Save (1.2)
  • Jump Desktop (8.8.16)
  • Keynote (11.2)
  • LiquidText (2.1.4)
  • Logoist 4 (4.2.1)
  • Mate Translate (7.1.1)
  • MathStudio (8.1.1)
  • MockFlow (2.4.3)
  • Numbers (11.2)
  • OwlOCR (4.9.2)
  • Pages (11.2)
  • PasteNow (1.10)
  • PDF Expert (2.5.18)
  • Pixelmator Pro (2.3)
  • SimpleMind Pro (1.30.2)
  • Slack (4.22.1)
  • SQLPro Studio (2021.104)
  • Tampermonkey (4.13.6140)
  • Tweetbot (3.5.7)
  • WeChat (3.2.1)
  • Xcode (13.1)
  • 腾讯视频 (2.26.0)

brew install cask list

  • aldente
  • chromedriver
  • chromium
  • dash
  • discord
  • evernote
  • figma
  • google-chrome
  • hype
  • imageoptim
  • marginnote
  • obs
  • paw
  • sublime-merge
  • sublime-text
  • viscosity
  • zoom

brew install console list

  • node
  • ruby
  • bash
  • gh
  • git
  • gdu
  • libxml2
  • memcached
  • percona-server
  • postgresql
  • puma-dev
  • redis
  • yamllint
  • yarn
  • highlight
  • jq
  • unrar
  • imagemagick
  • mas
  • minio
  • smartmontools
  • git-filter-repo
  • git-trim
  • libpq
  • rabbitmq
  • go
  • rust
  • watchman
  • vips
  • lima

Setting ruby .gemrc

~/.gemrc
---
:backtrace: false
:bulk_threshold: 1000
:sources:
- https://rubygems.org/
:update_sources: true
:verbose: true
:concurrent_downloads: 8
gem: "--no-document"

Setting bundler

~/.bundle/config
---
BUNDLE_DEFAULT: "2.1.4"
BUNDLE_BUILD__LIBXML___RUBY: "--with-xml2-include=/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/libxml2"
BUNDLE_BUILD__NOKOGIRI: "--use-system-libraries --with-xml2-include=/opt/homebrew/Cellar/libxml2/2.9.12/include/libxml2"
BUNDLE_GEM__TEST: "false"
BUNDLE_GEM__CI: "false"
BUNDLE_GEM__MIT: "false"
BUNDLE_GEM__CHANGELOG: "false"
BUNDLE_GEM__RUBOCOP: "false"
BUNDLE_GEMS__CONTRIBSYS__COM: ""
BUNDLE_LOCAL__ACTIVERECORD___ORACLE_ENHANCED___ADAPTER: "/Users/guochunzhong/git/oss/oracle-enhanced"
BUNDLE_LOCAL__ACTIVERECORD___SQLSERVER___ADAPTER: "/Users/guochunzhong/git/oss/activerecord-sqlserver-adapter"
BUNDLE_LOCAL__ADMINISTRATE: "/Users/guochunzhong/git/oss/administrate"
BUNDLE_LOCAL__AJAX___DATATABLES___RAILS: "/Users/guochunzhong/git/oss/ajax-datatables-rails"
BUNDLE_LOCAL__ANNOTATE: "/Users/guochunzhong/git/oss/annotate_models"
BUNDLE_LOCAL__AWESOME_NESTED_SET: "/Users/guochunzhong/git/oss/awesome_nested_set"
BUNDLE_LOCAL__BLADE: "/Users/guochunzhong/git/oss/blade"
BUNDLE_LOCAL__CANONICAL___RAILS: "/Users/guochunzhong/git/oss/canonical-rails"
BUNDLE_LOCAL__CAPISTRANO___RACECAR: "/Users/guochunzhong/git/workstream/capistrano-racecar"
BUNDLE_LOCAL__CAPYBARA___SELECT2: "/Users/guochunzhong/git/oss/capybara-select2"
BUNDLE_LOCAL__CAPYBARA_ACCESSIBLE_SELECTORS: "/Users/guochunzhong/git/oss/capybara_accessible_selectors"
BUNDLE_LOCAL__COFFEE___SCRIPT___SOURCE: "/Users/guochunzhong/git/oss/coffee-script-source"
BUNDLE_LOCAL__DEVISE: "/Users/guochunzhong/git/oss/devise"
BUNDLE_LOCAL__DEVISE___JWT: "/Users/guochunzhong/git/oss/devise-jwt"
BUNDLE_LOCAL__DEVISE_INVITABLE: "/Users/guochunzhong/git/oss/devise_invitable"
BUNDLE_LOCAL__DEVISE_LDAP_AUTHENTICATABLE: "/Users/guochunzhong/git/oss/devise_ldap_authenticatable"
BUNDLE_LOCAL__DOORKEEPER: "/Users/guochunzhong/git/oss/doorkeeper"
BUNDLE_LOCAL__DOORKEEPER___OPENID_CONNECT: "/Users/guochunzhong/git/oss/doorkeeper-openid_connect"
BUNDLE_LOCAL__EXCEPTION_NOTIFICATION: "/Users/guochunzhong/git/oss/exception_notification"
BUNDLE_LOCAL__FRIENDLY_ID: "/Users/guochunzhong/git/oss/friendly_id"
BUNDLE_LOCAL__GLOBALIZE: "/Users/guochunzhong/git/oss/globalize"
BUNDLE_LOCAL__GUARD___LIVERELOAD: "/Users/guochunzhong/git/oss/guard-livereload"
BUNDLE_LOCAL__HOMELAND___JOBS: "/Users/guochunzhong/git/oss/homeland-jobs"
BUNDLE_LOCAL__HOMELAND___NOTE: "/Users/guochunzhong/git/oss/homeland-note"
BUNDLE_LOCAL__HOMELAND___PRESS: "/Users/guochunzhong/git/oss/homeland-press"
BUNDLE_LOCAL__HOMELAND___SITE: "/Users/guochunzhong/git/oss/homeland-site"
BUNDLE_LOCAL__HOMELAND___WIKI: "/Users/guochunzhong/git/oss/homeland-wiki"
BUNDLE_LOCAL__JBUILDER: "/Users/guochunzhong/git/oss/jbuilder"
BUNDLE_LOCAL__JIEBA_RB: "/Users/guochunzhong/git/oss/jieba_rb"
BUNDLE_LOCAL__LISTEN: "/Users/guochunzhong/git/oss/listen"
BUNDLE_LOCAL__MAILGUN___RUBY: "/Users/guochunzhong/git/oss/mailgun-ruby"
BUNDLE_LOCAL__META___TAGS: "/Users/guochunzhong/git/oss/meta-tags"
BUNDLE_LOCAL__MIDORI___CONTRIB: "/Users/guochunzhong/git/oss/midori-confrib"
BUNDLE_LOCAL__MYSQL2: "/Users/guochunzhong/git/oss/mysql2"
BUNDLE_LOCAL__OMNIAUTH: "/Users/guochunzhong/git/oss/omniauth"
BUNDLE_LOCAL__OMNIAUTH___OPENID___CONNECT: "/Users/guochunzhong/git/oss/omniauth_openid_connect"
BUNDLE_LOCAL__OMNIAUTH___OPENID_CONNECT___PROVIDERS: "/Users/guochunzhong/git/oss/omniauth-openid_connect-providers"
BUNDLE_LOCAL__OMNIAUTH___WECHAT___OAUTH2: "/Users/guochunzhong/git/oss/omniauth-wechat-oauth2"
BUNDLE_LOCAL__OMNIAUTH_OPENID_CONNECT: "/Users/guochunzhong/git/oss/omniauth_openid_connect"
BUNDLE_LOCAL__OPENPROJECT___TRANSLATIONS: "/Users/guochunzhong/git/oss/openproject-translations"
BUNDLE_LOCAL__PUNDIT: "/Users/guochunzhong/git/oss/pundit"
BUNDLE_LOCAL__QINIU: "/Users/guochunzhong/git/oss/qiniu-ruby-sdk"
BUNDLE_LOCAL__QUEUE_CLASSIC: "/Users/guochunzhong/git/oss/queue_classic"
BUNDLE_LOCAL__RACK___LIVERELOAD: "/Users/guochunzhong/git/oss/rack-livereload"
BUNDLE_LOCAL__RAILS: "/Users/guochunzhong/git/oss/rails"
BUNDLE_LOCAL__RBTREE: "/Users/guochunzhong/git/oss/rbtree"
BUNDLE_LOCAL__REDIS___NAMESPACE: "/Users/guochunzhong/git/oss/redis-namespace"
BUNDLE_LOCAL__RESPONDERS: "/Users/guochunzhong/git/oss/responders"
BUNDLE_LOCAL__RSPEC___ACTIVEMODEL___MOCKS: "/Users/guochunzhong/git/oss/rspec-activemodel-mocks"
BUNDLE_LOCAL__RSPEC___EXAMPLE_DISABLER: "/Users/guochunzhong/git/oss/rspec-example_disabler"
BUNDLE_LOCAL__RUBY___SAML: "/Users/guochunzhong/git/sso/ruby-saml"
BUNDLE_LOCAL__SAML_IDP: "/Users/guochunzhong/git/sso/saml_idp"
BUNDLE_LOCAL__SDOC: "/Users/guochunzhong/git/oss/sdoc"
BUNDLE_LOCAL__SHOPIFY_APP: "/Users/guochunzhong/git/oss/shopify_app"
BUNDLE_LOCAL__WARDEN___JWT_AUTH: "/Users/guochunzhong/git/oss/warden-jwt_auth"
BUNDLE_LOCAL__WEB___CONSOLE: "/Users/guochunzhong/git/oss/web-console"
BUNDLE_LOCAL__WEBSOCKET___CLIENT___SIMPLE: "/Users/guochunzhong/git/oss/websocket-client-simple"
BUNDLE_LOCAL__WECHAT: "/Users/guochunzhong/git/oss/wechat"
BUNDLE_LOCAL__YXT___API: "/Users/guochunzhong/git/sso/yxt-api"

Copy user fonts and directory

Copy original ~/Library/Fonts and ~/Library/Dictionaries to new mac, which install the fonts and dictionary.

Import GnuPG and setting signing key

brew install gnupg
gnupg
cd ~/.gnupg/
echo 'keyserver hkps://keys.openpgp.org' >> gpg.conf
gpg --search yejun@hey.com
# or download by search at browser https://keys.openpgp.org
gpg --import DCC53DBA60DA2A97EED85CFE0F3E2C6AF4CAAD99.asc
gpg --list-secret-keys user@example.com
gpg --export-secret-keys YOUR_ID_HERE > gpg_ericguocz_private.key
gpg --import gpg_user_private.key
gpg --list-secret-keys --keyid-format=long
git config --global user.signingkey 0F3E2C6AF4CAAD99
git config --global commit.gpgsign true

.profile

export PATH="/opt/homebrew/opt/ruby/bin:$PATH:$HOME/.cargo/bin"
export HISTSIZE=8000
export ADBLOCK=true
export HOMEBREW_GITHUB_API_TOKEN=
export LANG=en_US.UTF-8
export LC_CTYPE=en_US.UTF-8
# export RUBYOPT=-w
export EDITOR="vim"
export BUNDLER_EDITOR="subl"
export GEM_EDITOR="subl"
export USE_OFFICIAL_GEM_SOURCE="true"
export HOMEBREW_EDITOR="subl"
export HOMEBREW_NO_AUTO_UPDATE=1
export HOMEBREW_NO_INSTALL_CLEANUP=1
export BASH_IT_HTTP_PROXY=http://127.0.0.1:6152/
export BASH_IT_HTTPS_PROXY=http://127.0.0.1:6152/
export GITHUB_APP_ID=
export GITHUB_APP_SECRET=
export CIRCLE_TOKEN=
# export TNS_ADMIN=/usr/local/network/admin/
# export NLS_LANG=AMERICAN_AMERICA.AL32UTF8
export NO_ORACLE_ENHANCED=1
export PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
export PUPPETEER_EXECUTABLE_PATH=/opt/homebrew/bin/chromium
export MANPATH=/usr/share/man:/opt/homebrew/share/ubuntu_man
export ESBUILD_BINARY_PATH=/opt/homebrew/bin/esbuild
export DEVISE_JWT_SECRET_KEY=
export START_DIR="/Users/guochunzhong/git"
if [[ $PWD == $HOME ]]; then
cd $START_DIR
fi
eval "$(/opt/homebrew/bin/brew shellenv)"

Install Node.js 16 Stack in TencentOS Server 3.1

Permalink

TencentOS Server is Tencent’s copy cat version of RHEL 8. Compare with Ali’s OpenAnolis, TencentOS seems more open, at least the kernel can be found at Github, but same as many China big internet company, the source code is open source once a year. I try to install my familiar Rails web framework on it and here is the log.

Install htop

yum update -y && yum install htop && reboot

Install locale

yum install langpacks-en glibc-all-langpacks -y
localectl set-locale LANG=en_US.UTF-8

Create the deployer user

adduser deployer
sudo su - deployer
mkdir .ssh
chmod 700 .ssh
vi .ssh/authorized_keys # and paste your public key
chmod 600 .ssh/authorized_keys

Enable deployer as sudo

sudo su -
cd /etc/sudoers.d/
echo "deployer ALL=(ALL) NOPASSWD:ALL" > 20-deployer-user

Secure the ssh by turn off root and password

sudo tail /etc/ssh/sshd_config

PermitRootLogin no
PasswordAuthentication no

Install node.js 14 & yarn

sudo dnf module install nodejs:14
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo
sudo yum install yarn

Install Rails 6 Stack in OpenAnolis Linux

Permalink

OpenAnolis released as alternative distribute linux of CentOS. After got a server at Aliyun double 11 sales, I try to install my familiar Rails web framework on it.

I start installing the Linux server by do a system upgrade:

sudo yum update -y && sudo reboot

But install htop in Anolis linux is not as easy as CentOS, it’s require enable epel explicitly.

sudo yum config-manager --set-enabled PowerTools
sudo yum update
sudo yum --disablerepo="*" --enablerepo="epel" list available | grep htop
sudo yum --disablerepo="*" --enablerepo="epel" install htop

Install locale

yum install langpacks-en glibc-all-langpacks -y
localectl set-locale LANG=en_US.UTF-8

Create the deployer user

adduser deployer
sudo su - deployer
mkdir .ssh
chmod 700 .ssh
vi .ssh/authorized_keys # and paste your public key
chmod 600 .ssh/authorized_keys

Enable deployer as sudo

sudo su -
cd /etc/sudoers.d/
echo "deployer ALL=(ALL) NOPASSWD:ALL" > 20-deployer-user

Secure the ssh by turn off root and password

sudo tail /etc/ssh/sshd_config

PermitRootLogin no
PasswordAuthentication no

Install memcached & redis

sudo yum install memcached
sudo systemctl enable memcached
sudo yum install redis
sudo systemctl enable redis

Install node.js 16 & yarn

rpm -q --whatprovides centos-release # get anolis-release-8.4-6.an8.x86_64
curl -fsSL https://rpm.nodesource.com/setup_16.x > install_node.sh
vi install_node.sh
# find & append anolis in below line
# if [[ $DISTRO_PKG =~ ^(redhat|centos|almalinux|rocky|cloudlinux|mageia|sl|anolis)- ]]; then
sudo bash ./install_node.sh
sudo yum install -y nodejs
sudo yum install gcc-c++ make
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo
sudo yum install yarn

Install dependencies required by rbenv and Ruby

yum install openssl-devel readline-devel zlib-devel gdbm-devel git

Install rbenv and ruby-build in deployer user

cd # as a deployer
git clone https://github.com/rbenv/rbenv.git .rbenv
cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
~/.rbenv/bin/rbenv init # As an rbenv plugin
echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
mkdir -p "$(rbenv root)"/plugins
git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build
git clone https://github.com/andorchen/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror

Install ruby 3.0.2

rbenv install -l
rbenv install 3.0.2
rbenv global 3.0.2
rbenv shell 3.0.2
echo "gem: --no-document" > ~/.gemrc
gem update --system

Create postgresql db user and import DB

sudo su - postgres
createuser deployer
psql
ALTER ROLE deployer LOGIN;
CREATE DATABASE sccsa_production WITH ENCODING='UTF8' OWNER=deployer;
logout
psql -d sccsa_production -f sccsa_postgres_db.sql

Install snapd

sudo dnf install epel-release
sudo dnf upgrade
sudo yum install bash-completion
sudo yum install policycoreutils-python-utils
sudo yum --disablerepo="*" --enablerepo="epel" install snapd
sudo systemctl enable --now snapd.socket
sudo ln -s /var/lib/snapd/snap /snap
sudo snap install core; sudo snap refresh core

Install certbot

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx