Eric Guo's blog.cloud-mes.com

Hoping writing JS, Ruby & Rails and Go article, but fallback to DevOps note

Install Rails 6 Stack in OpenAnolis Linux

Permalink

OpenAnolis released as alternative distribute linux of CentOS. After got a server at Aliyun double 11 sales, I try to install my familiar Rails web framework on it.

I start installing the Linux server by do a system upgrade:

sudo yum update -y && sudo reboot

But install htop in Anolis linux is not as easy as CentOS, it's require enable epel explicitly.

sudo yum config-manager --set-enabled PowerTools

sudo yum update

sudo yum --disablerepo="*" --enablerepo="epel" list available | grep htop

sudo yum --disablerepo="*" --enablerepo="epel" install htop

Install locale

yum install langpacks-en glibc-all-langpacks -y

localectl set-locale LANG=en_US.UTF-8

Create the deployer user

adduser deployer

sudo su - deployer

mkdir .ssh

chmod 700 .ssh

vi .ssh/authorized_keys # and paste your public key

chmod 600 .ssh/authorized_keys

Enable deployer as sudo

sudo su -

cd /etc/sudoers.d/

echo "deployer ALL=(ALL) NOPASSWD:ALL" > 20-deployer-user

Secure the ssh by turn off root and password

sudo tail /etc/ssh/sshd_config

PermitRootLogin no

PasswordAuthentication no

Install memcached & redis

sudo yum install memcached

sudo systemctl enable memcached

sudo yum install redis

sudo systemctl enable redis

Install node.js 16 & yarn

rpm -q --whatprovides centos-release # get anolis-release-8.4-6.an8.x86_64

curl -fsSL https://rpm.nodesource.com/setup_16.x > install_node.sh

vi install_node.sh

# find & append anolis in below line

# if [[ $DISTRO_PKG =~ ^(redhat|centos|almalinux|rocky|cloudlinux|mageia|sl|anolis)- ]]; then

sudo bash ./install_node.sh

sudo yum install -y nodejs

sudo yum install gcc-c++ make

curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo

sudo yum install yarn

Install dependencies required by rbenv and Ruby

yum install openssl-devel readline-devel zlib-devel gdbm-devel git

Install rbenv and ruby-build in deployer user

cd # as a deployer

git clone https://github.com/rbenv/rbenv.git .rbenv

cd ~/.rbenv && src/configure && make -C src

echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile

~/.rbenv/bin/rbenv init # As an rbenv plugin

echo 'eval "$(rbenv init -)"' >> ~/.bash_profile

mkdir -p "$(rbenv root)"/plugins

git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build

git clone https://github.com/andorchen/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror

Install ruby 3.0.2

rbenv install -l

rbenv install 3.0.2

rbenv global 3.0.2

rbenv shell 3.0.2

echo "gem: --no-document" > ~/.gemrc

gem update --system

Create postgresql db user and import DB

sudo su - postgres

createuser deployer

psql

ALTER ROLE deployer LOGIN;

CREATE DATABASE sccsa_production WITH ENCODING='UTF8' OWNER=deployer;

logout

psql -d sccsa_production -f sccsa_postgres_db.sql

Install snapd

sudo dnf install epel-release

sudo dnf upgrade

sudo yum install bash-completion

sudo yum install policycoreutils-python-utils

sudo yum --disablerepo="*" --enablerepo="epel" install snapd

sudo systemctl enable --now snapd.socket

sudo ln -s /var/lib/snapd/snap /snap

sudo snap install core; sudo snap refresh core

Install certbot

sudo snap install --classic certbot

sudo ln -s /snap/bin/certbot /usr/bin/certbot

sudo certbot --nginx

Extend the Disk Size in Ubuntu 20.04 Which Running in VMware

Permalink

Ubuntu extend disk is different with CentOS, largely using cloud-guest-utils tools.

apt-get install cloud-guest-utils

parted -l # Usually sda 3 is the root fs

growpart /dev/sda 3

pvs # To get the PV name

pvresize /dev/sda3

df -h # find /dev/mapper/ubuntu--vg-ubuntu--lv or similar

lvextend -r -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv

Largely copy from unix stackexchange.

Deploy Rails 7 Master With Webpacker 6 and Tailwind CSS JIT App in CentOS 8

Permalink

Got the newest CentOS 8 (4.18.0-305.12.1.el8_4.x86_64) and ready to install newest Rails 7 and here is the steps.

Disable SELinux

vi /etc/selinux/config

Install locale

dnf install langpacks-en glibc-all-langpacks -y

localectl set-locale LANG=en_US.UTF-8

Turn on EPEL and install htop

yum -y install epel-release

yum install htop

Install node.js 16 & yarn

curl --silent --location https://rpm.nodesource.com/setup_16.x | bash -

yum install -y gcc-c++ make

yum install -y nodejs

curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo

yum install yarn

Install dependencies required by rbenv and Ruby

yum install openssl-devel readline-devel zlib-devel gdbm-devel git

Setup second user account

adduser matlib

cd /etc/sudoers.d/

echo "matlib ALL=(ALL) NOPASSWD:ALL" > 20-matlib-user

sudo su - matlib

mkdir .ssh

chmod 700 .ssh

vi .ssh/authorized_keys # and paste your public key

chmod 600 .ssh/authorized_keys

Install rbenv and ruby-build

cd # as a matlib

git clone https://github.com/rbenv/rbenv.git .rbenv

cd ~/.rbenv && src/configure && make -C src

echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile

~/.rbenv/bin/rbenv init

# As an rbenv plugin

mkdir -p "$(rbenv root)"/plugins

git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build

git clone https://github.com/andorchen/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror

Install Ruby 3.0.2

rbenv install -l

rbenv install 3.0.2

rbenv global 3.0.2

rbenv shell 3.0.2

eval "$(rbenv init -)" >> ~/.bash_profile

echo "gem: --no-document" > ~/.gemrc

gem update --system

Fix permission for CentOS

sudo mkdir /var/www

cd /var/www

sudo mkdir matlib

sudo chown matlib:matlib matlib/

Install nginx

yum install nginx

sudo firewall-cmd --add-service=http --permanent

sudo firewall-cmd --add-service=https --permanent

sudo firewall-cmd --reload

Deploy TARO Documents to the 4 GB Memory Server

Permalink

The official taro document build setting NODE_OPTIONS=--max-old-space-size=5120 in packages.json, but I would link to deploy a TARO documents to my 4 GB memory server, so here is how to.

Change NODE_OPTIONS settings

Change to NODE_OPTIONS=--max-old-space-size=2500 is reasonable in a 4GB memory server, but that's far from enough.

Enable the swap

sudo fallocate -l 1G /swapfile

# or sudo dd if=/dev/zero of=/swapfile bs=1024 count=1048576

sudo chmod 600 /swapfile

sudo mkswap /swapfile

sudo swapon /swapfile

# To make it permanent

sudo echo '/swapfile swap swap defaults 0 0' >> /etc/fstab

Stop more services while building

sudo systemctl stop postgresql-12

sudo systemctl stop memcached

sudo systemctl stop nginx

sudo systemctl stop docker

It can be restart after reboot.

Install lib vips

The @docusaurus/core like 2.0.0-beta.1 require vips library, so need install vips at CentOS 7

sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

sudo yum install yum-utils

sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm

sudo yum-config-manager --enable remi

sudo yum install vips vips-devel vips-tools

If in Ubuntu 20.04, just need install sudo apt-get install libvips-tools.

Call Brew Install Ruby From Mathematica Wolfram Kernel

Permalink 

RegisterExternalEvaluator["Ruby", "/usr/local/opt/ruby/bin/ruby"]

ExternalEvaluate["Ruby", "RUBY_VERSION"]

It's works even exit in wolfram kernel, for Mathematica in Apple Silicon:

gem install ffi-rzmq

RegisterExternalEvaluator["Ruby", "/opt/homebrew/opt/ruby/bin/ruby"]

ExternalEvaluate["Ruby", "RUBY_VERSION"]

Deploy New Rails 6 Application in Ubuntu 20.04

Permalink

Create new user

adduser cybros_vendor

sudo su - cybros_vendor

mkdir .ssh

chmod 700 .ssh

vi .ssh/authorized_keys # and paste your public key

chmod 600 .ssh/authorized_keys

Enable new user as sudo

sudo su -

cd /etc/sudoers.d/

echo "cybros_vendor ALL=(ALL) NOPASSWD:ALL" > 80-cybros_vendor-user

Install nginx

sudo apt-get install nginx

It's also possible to enable TLS 1.1/1.2 due to Ubuntu 20.04 not support by default.

/etc/nginx/nginx.conf
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

# seclevel for TLS 1.0 and 1.1

ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:@SECLEVEL=1";

Install node.js 15 and yarn 1.x

Using nodesource distribution

curl -fsSL https://deb.nodesource.com/setup_15.x | sudo -E bash -

sudo apt-get install gcc g++ make git

sudo apt-get install -y nodejs

## To install the Yarn package manager

curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null

echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list

sudo apt-get update && sudo apt-get install yarn

Install rbenv and Ruby 3.0.1

sudo apt install rbenv

sudo su - cybros_vendor

mkdir -p "$(rbenv root)"/plugins

git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build

git clone https://github.com/andorchen/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror

rbenv install 3.0.1

rbenv global 3.0.1

echo "gem: --no-document" > ~/.gemrc

eval "$(rbenv init -)" >> ~/.bash_profile # or past the `rbenv init -`

rbenv shell 3.0.1

Install MySQL Client

sudo apt-get install gnupg2

wget https://repo.percona.com/apt/percona-release_latest.$(lsb_release -sc)_all.deb

sudo dpkg -i percona-release_latest.$(lsb_release -sc)_all.deb

sudo percona-release setup ps80

sudo apt-get install percona-server-client

sudo apt-get install libmysqlclient-dev

Create MySQL DB user

mysql -u root -p

CREATE DATABASE cybros_vendor character set UTF8mb4 collate utf8mb4_bin;

CREATE USER 'cybros_vendor'@'%' IDENTIFIED BY 'cybros_vendor_password';

GRANT ALL ON cybros_vendor.* TO 'cybros_vendor'@'%';

FLUSH PRIVILEGES;

Link rbenv to make capistrano works

mkdir -p ~/.rbenv/bin

cd ~/.rbenv/bin

ln -s /usr/bin/rbenv rbenv

Install Oracle Instant Client

Download Version 19.14.0.0.0 and following ruby-oci8 document

sudo mkdir /opt/oracle

sudo unzip instantclient-basic-linux.x64-19.14.0.0.0dbru.zip -d /opt/oracle

sudo unzip instantclient-sqlplus-linux.x64-19.14.0.0.0dbru.zip -d /opt/oracle/

sudo unzip instantclient-sdk-linux.x64-19.14.0.0.0dbru.zip -d /opt/oracle/

cd /usr/local/bin

sudo ln -s /opt/oracle/instantclient_19_14/sqlplus  sqlplus

export LD_LIBRARY_PATH=/opt/oracle/instantclient_19_14

gem install ruby-oci8
Append tolink
TNS_ADMIN=/opt/oracle/instantclient_19_14/network/admin

LD_LIBRARY_PATH=/opt/oracle/instantclient_19_14

NLS_LANG=AMERICAN_AMERICA.AL32UTF8

Also need setting in systemd/system/puma_service or side_service

Environment="TNS_ADMIN=/opt/oracle/instantclient_19_14/network/admin"

Environment="LD_LIBRARY_PATH=/opt/oracle/instantclient_19_14"

Environment="NLS_LANG=AMERICAN_AMERICA.AL32UTF8"

Deploy Coreui 4 Beta Demo Site to Aliyun OSS Nginx Host

Permalink

Due to Core UI 4 still no demo site, but I already want to using it, so I built a site myself.

Add a dedicated user

adduser coreui4_demo

sudo su - coreui4_demo

mkdir .ssh

chmod 700 .ssh

vi .ssh/authorized_keys # and paste your public key

chmod 600 .ssh/authorized_keys

Prepare deploy folder

cd /var/www

mkdir coreui4_demo

chown coreui4_demo:coreui4_demo coreui4_demo

Change code to deploy

See cn_site branch for detail modifies.

Do the real deploy

bundle exec cap production deploy

New nginx conf

Sample nginx configure file
server {

  server_name coreui.redwoodjs.cn;

  index index.html;

  root /var/www/coreui4_demo/current/dist;

 
  location / {

    try_files $uri $uri/ /index.html;

    access_log /var/www/coreui4_demo/shared/log/nginx.access.log;

    error_log /var/www/coreui4_demo/shared/log/nginx.error.log;

  }

 
  listen 443 ssl; # managed by Certbot

  ssl_certificate /etc/letsencrypt/live/api.wefocusin.com/fullchain.pem; # managed by Certbot

  ssl_certificate_key /etc/letsencrypt/live/api.wefocusin.com/privkey.pem; # managed by Certbot

  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

 
server {

  if ($host = coreui.redwoodjs.cn) {

      return 301 https://$host$request_uri;

  } # managed by Certbot

 
  listen 80;

  server_name coreui.redwoodjs.cn;

  return 404; # managed by Certbot

}