Build nginx with boringssl on Ubuntu 18.04

Jan 24, 2019

Enable TLS 1.3 support Using official confiuration Using shell script #!/bin/sh set -e apt-get install build-essential curl git cmake ninja-build golang libpcre3-dev zlib1g-dev # build boringssl git clone --depth=1 https://github.com/google/boringssl.git cd boringssl mkdir build cd build cmake -GNinja .. ninja cd ../.. mkdir -p boringssl/.openssl/lib cp boringssl/build/crypto/libcrypto.a boringssl/build/ssl/libssl.a boringssl/.openssl/lib cd boringssl/.openssl ln -s ../include . cd ../.. # build nginx nginx_ver=1.15.8 curl -O https://nginx.org/download/nginx-${nginx_ver}.tar.gz tar zxvf nginx-${nginx_ver}.tar.gz cd nginx-${nginx_ver} ./configure --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib/nginx/modules \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --user=nginx \ --group=nginx \ --with-compat \ --with-file-aio \ --with-threads \ --with-http_addition_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_mp4_module \ --with-http_random_index_module \ --with-http_realip_module \ --with-http_secure_link_module \ --with-http_slice_module \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_sub_module \ --with-http_v2_module \ --with-mail \ --with-mail_ssl_module \ --with-stream \ --with-stream_realip_module \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --with-cc-opt="-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-${nginx_ver}/debian/debuild-base/nginx-${nginx_ver}=. -specs=/usr/share/dpkg/no-pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ --with-ld-opt="-Wl,-Bsymbolic-functions -specs=/usr/share/dpkg/no-pie-link.specs -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" \ --with-openssl-opt=enable-tls1_3 \ --with-openssl=../boringssl touch ../boringssl/.openssl/include/openssl/ssl.h make make install cd .. # create user nginx useradd -s /sbin/nologin nginx # test nginx /usr/sbin/nginx -V exit 0 Edit nginx.conf, enable TLS 1.3 support ssl_protocols TLSv1.2 TLSv1.3; ssl_early_data on; # enable 0-RTT ssl_certificate /etc/nginx/certs/fullchain.pem; ssl_certificate_key /etc/nginx/certs/privkey.pem; ssl_ciphers [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]:[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DES-CBC3-SHA; ssl_prefer_server_ciphers on; Install as system service Create nginx service configration file nginx.service …

Install newest nginx on ubuntu 18.04

Jan 17, 2019

Install nginx_signing.key $ cd /etc/apt curl -O https://nginx.org/keys/nginx_signing.key apt-key add nginx_signing.key Update apt source $ vim /etc/apt/sources.list deb http://nginx.org/packages/ubuntu/ bionic nginx deb-src http://nginx.org/packages/ubuntu/ bionic nginx $ apt-get update apt-get install nginx

Setup flutter for iOS without homebrew on macOS

Jan 15, 2019

requirements: macports Install cocoapods $ sudo gem install cocoapods Deploy to iOS devices $ sudo port install usbmuxd libimobiledevice ideviceinstaller ios-deploy $ pod setup Get the Flutter SDK current stale version: 1.0.0 flutter_macos_v1.0.0-stable.zip $ unzip flutter_macos_v1.0.0-stable.zip Add the flutter tool to your path: $ export PATH=$PATH:`pwd`/flutter/bin

Install Chisel for Xcode without brew

Jan 14, 2019

Clone Chisel git clone https://github.com/facebook/chisel.git chisel Build and install chisel.framework cd chisel/Chisel sudo make install Setup chisel commands vim ~/.lldbinit # ~/.lldbinit command script import /your/repo/chisel/fblldb.py script fblldb.loadCommandsInDirectory('/your/repo/chisel/commands')

Get free SSL/TLS Certificates from Let's Encrypt

Jan 13, 2019

My platform: macOS + macports Install certbot $ sudo port install certbot Write a shell script make_cert.sh #!/bin/sh set -e sudo certbot --duplicate certonly -d "*.$1" -d "$1" --manual --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory Usage $ make_cert.sh domain.com Configure nginx Copy all certs to /etc/nginx/cert On Ubuntu $ vim /etc/nginx/sites-available/default Enable ssl configuration ssl on; ssl_certificate /etc/nginx/cert/fullchain.pem; ssl_certificate_key /etc/nginx/cert/privkey.pem;

Change toolchain for Xcode

Dec 20, 2018

Change toolchain for Xcode something about Xcode toolchian: Default toolchain location is /Applications/Xcode.app/Contents/Developer/Toolchains Extension of xcode toolchain bundle is .xctoolchain Display name and identifier of toolchain is defined in .xctoolchain/ToolchainInfo.plist CFBundleIdentifier : toolchain bundle identifier DisplayName : name displayed in Xcode menu All binaries, headers, libs etc in .xctoolchain/usr From menu Xcode - Toolchains to switch toolchians If you want install toolchain out of Xcode, the location is /Library/Developer/Toolchains If your toolchain is installed in /Library/Developer/Toolchains, must add CompatibilityVersion key to ToolchainInfo.plist and set the value is 2 with Number type. More about information of toolchain, you can learn from toolchain of swift Note: any applications builded with toolchain installed at /Library/Developer/Toolchains can not be uploaded to AppStore. …

Calc NSAttributedString size correctly with NSLayoutManager

Dec 16, 2018

Some code like this: NSAttributedString *attrString = [[NSAttributedString alloc] initWithString:@"lvv" attributes:@{NSFontAttributeName:[UIFont systemFontOfSize:30]}]; NSTextStorage *textStorage = [[NSTextStorage alloc] initWithAttributedString:attrString]; NSLayoutManager *layoutManager = [[NSLayoutManager alloc] init]; [textStorage addLayoutManager:layoutManager]; NSTextContainer *textContainer = [[NSTextContainer alloc] initWithSize:CGSizeMake(INFINITY, INFINITY)]; [layoutManager addTextContainer:textContainer]; CGRect usedRect = [layoutManager usedRectForTextContainer:textContainer]; NSLog(@"usedRect:%@", NSStringFromCGRect(usedRect)); result is CGRectZero: usedRect:{{0, 0}, {0, 0}} Why? Because glyph generation, layout and font fallback not have happened yet. Just adjust code simply: NSAttributedString *attrString = [[NSAttributedString alloc] initWithString:@"lvv" attributes:@{NSFontAttributeName:[UIFont systemFontOfSize:30]}]; NSLayoutManager *layoutManager = [[NSLayoutManager alloc] init]; NSTextContainer *textContainer = [[NSTextContainer alloc] initWithSize:CGSizeMake(INFINITY, INFINITY)]; [layoutManager addTextContainer:textContainer]; // add layout at the last NSTextStorage *textStorage = [[NSTextStorage alloc] init]; [textStorage addLayoutManager:layoutManager]; // set string after add layout [textStorage setAttributedString:attrString]; CGRect usedRect = [layoutManager usedRectForTextContainer:textContainer]; NSLog(@"usedRect:%@", NSStringFromCGRect(usedRect)); the result is correct: usedRect:{{0, 0}, {46.1962890625, 35.80078125}} BTW： Apple suggest call glyphRangeForTextContainer before usedRectForTextContainer , because the layout manager performs layout lazily. …

Debug WebKit with Xcode on iOS simulator

Dec 15, 2018

Debug WebKit with Xcode on iOS simulator Build WebKit git clone git://git.webkit.org/WebKit.git WebKit cd WebKit sudo Tools/Scripts/configure-xcode-for-ios-development Tools/Scripts/build-webkit --debug --ios-simulator It will take 1 hour. Configure WebKit.xcworkspace open WebKit.xcworkspace with Xcode File - Workspace Settings Advanced … Custom - Relative to Workspace Products: WebKitBuild Intermediates: WebKitBuild Done Configure MobileMiniBrowser open MobileMiniBrowser project in WebKit.xcworkspace change TARGETS (both MobileMiniBrowser and MobileMiniBrowser.framework) Build Settings - Base SDK: iOS change Architectures: Standard architectures (optional) Edit Info.plist of MobileMiniBrowser, add NSAppTransportSecurity settings for access http site. Configure Scheme of AllSource All Source - Edit Scheme … Run - Executable: MobileMiniBrower.app All done. …