Build boringssl for iOS
Feb 16, 2019
Clone boringssl git clone https://github.com/google/boringssl.git boringssl Build boringssl cd boringssl mkdir build && cd build ./build.ios build.ios is my build script #!/bin/bash set -e export IPHONEOS_DEPLOYMENT_TARGET="9.0" # for -miphoneos-version-min arch=arm64 mkdir ${arch} && cd ${arch} cmake -DCMAKE_OSX_SYSROOT=iphoneos -DCMAKE_OSX_ARCHITECTURES=${arch} -GNinja ../.. ninja cd .. arch=armv7 mkdir ${arch} && cd ${arch} cmake -DCMAKE_OSX_SYSROOT=iphoneos -DCMAKE_OSX_ARCHITECTURES=${arch} -GNinja ../.. ninja cd .. arch=x86_64 mkdir ${arch} && cd ${arch} cmake -DCMAKE_OSX_SYSROOT=iphonesimulator -DCMAKE_OSX_ARCHITECTURES=${arch} -GNinja ../.. ninja cd .. crypto=crypto/libcrypto.a ssl=ssl/libssl.a lipo -create arm64/${crypto} armv7/${crypto} x86_64/${crypto} -o libcrypto.a lipo -create arm64/${ssl} armv7/${ssl} x86_64/${ssl} -o libssl.a Merge libcrypto & libssl If you want a standalone lib (name like libboringssl.a), you can use below shell script …
Build extern version of hugo
Feb 15, 2019
Official hugo do’nt support scss Build extern version of hugo from source git clone https://github.com/gohugoio/hugo.git hugo cd hugo go install --tags extended Copy hugo to system path sudo cp ~/go/bin/hugo /usr/bin Check hugo version infomation hugo version Hugo Static Site Generator v0.55.0-DEV/extended darwin/amd64 BuildDate: unknown
nginx with boringssl
Jan 27, 2019
build with boringssl enable TLS 1.3 enable 0-RTT Install & Run mount log dir to /opt/nginx/log config dir to /opt/nginx/etc web root to /opt/www docker pull cntrump/ubuntu_nginx_boringssl docker run -v /opt/nginx/etc:/etc/nginx -v /opt/nginx/log:/var/log/nginx -v /opt/www:/var/www -v /opt/nginx/cache:/var/cache/nginx -p 80:80 -p 443:443 -d cntrump/ubuntu_nginx_boringssl /usr/sbin/nginx -g "daemon off;" Using docker-compose docker-compose.yml version: '3' services: nginx: image: 'cntrump/ubuntu_nginx_boringssl' volumes: - /opt/nginx/etc:/etc/nginx - /opt/nginx/log:/var/log/nginx - /opt/nginx/cache:/var/cache/nginx - /opt/www:/var/www ports: - '80:80' - '443:443' command: /usr/sbin/nginx -g "daemon off;" deploy: restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s docker-compose start/stop/restart nginx Example nginx.conf A+ configuration for https://myssl.com …
Build nginx with boringssl on Ubuntu 18.04
Jan 24, 2019
Enable TLS 1.3 support Using official confiuration Using shell script #!/bin/sh set -e apt-get install build-essential curl git cmake ninja-build golang libpcre3-dev zlib1g-dev # build boringssl git clone --depth=1 https://github.com/google/boringssl.git cd boringssl mkdir build cd build cmake -GNinja .. ninja cd ../.. mkdir -p boringssl/.openssl/lib cp boringssl/build/crypto/libcrypto.a boringssl/build/ssl/libssl.a boringssl/.openssl/lib cd boringssl/.openssl ln -s ../include . cd ../.. # build nginx nginx_ver=1.15.8 curl -O https://nginx.org/download/nginx-${nginx_ver}.tar.gz tar zxvf nginx-${nginx_ver}.tar.gz cd nginx-${nginx_ver} ./configure --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib/nginx/modules \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --user=nginx \ --group=nginx \ --with-compat \ --with-file-aio \ --with-threads \ --with-http_addition_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_mp4_module \ --with-http_random_index_module \ --with-http_realip_module \ --with-http_secure_link_module \ --with-http_slice_module \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_sub_module \ --with-http_v2_module \ --with-mail \ --with-mail_ssl_module \ --with-stream \ --with-stream_realip_module \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --with-cc-opt="-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-${nginx_ver}/debian/debuild-base/nginx-${nginx_ver}=. -specs=/usr/share/dpkg/no-pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ --with-ld-opt="-Wl,-Bsymbolic-functions -specs=/usr/share/dpkg/no-pie-link.specs -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" \ --with-openssl-opt=enable-tls1_3 \ --with-openssl=../boringssl touch ../boringssl/.openssl/include/openssl/ssl.h make make install cd .. # create user nginx useradd -s /sbin/nologin nginx # test nginx /usr/sbin/nginx -V exit 0 Edit nginx.conf, enable TLS 1.3 support ssl_protocols TLSv1.2 TLSv1.3; ssl_early_data on; # enable 0-RTT ssl_certificate /etc/nginx/certs/fullchain.pem; ssl_certificate_key /etc/nginx/certs/privkey.pem; ssl_ciphers [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]:[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DES-CBC3-SHA; ssl_prefer_server_ciphers on; Install as system service Create nginx service configration file nginx.service …
Install newest nginx on ubuntu 18.04
Jan 17, 2019
Install nginx_signing.key cd /etc/apt curl -O https://nginx.org/keys/nginx_signing.key apt-key add nginx_signing.key Update apt source vim /etc/apt/sources.list deb http://nginx.org/packages/ubuntu/ bionic nginx deb-src http://nginx.org/packages/ubuntu/ bionic nginx apt-get update apt-get install nginx
Setup flutter for iOS without homebrew on macOS
Jan 15, 2019
requirements: macports Install cocoapods sudo gem install cocoapods Deploy to iOS devices sudo port install usbmuxd libimobiledevice ideviceinstaller ios-deploy pod setup Get the Flutter SDK current stale version: 1.0.0 flutter_macos_v1.0.0-stable.zip unzip flutter_macos_v1.0.0-stable.zip Add the flutter tool to your path: export PATH=$PATH:`pwd`/flutter/bin
Install Chisel for Xcode without brew
Jan 14, 2019
Clone Chisel git clone https://github.com/facebook/chisel.git chisel Build and install chisel.framework cd chisel/Chisel sudo make install Setup chisel commands vim ~/.lldbinit # ~/.lldbinit command script import /your/repo/chisel/fblldb.py script fblldb.loadCommandsInDirectory('/your/repo/chisel/commands')
Get free SSL/TLS Certificates from Let's Encrypt
Jan 13, 2019
My platform: macOS + macports Install certbot sudo port install certbot Write a shell script make_cert.sh #!/bin/sh set -e sudo certbot --duplicate certonly -d "*.$1" -d "$1" --manual --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory Usage make_cert.sh domain.com Configure nginx Copy all certs to /etc/nginx/cert On Ubuntu vim /etc/nginx/sites-available/default Enable ssl configuration ssl on; ssl_certificate /etc/nginx/cert/fullchain.pem; ssl_certificate_key /etc/nginx/cert/privkey.pem;
Change toolchain for Xcode
Dec 20, 2018
Change toolchain for Xcode something about Xcode toolchian: Default toolchain location is /Applications/Xcode.app/Contents/Developer/Toolchains Extension of xcode toolchain bundle is .xctoolchain Display name and identifier of toolchain is defined in .xctoolchain/ToolchainInfo.plist CFBundleIdentifier : toolchain bundle identifier DisplayName : name displayed in Xcode menu All binaries, headers, libs etc in .xctoolchain/usr From menu Xcode - Toolchains to switch toolchians If you want install toolchain out of Xcode, the location is /Library/Developer/Toolchains If your toolchain is installed in /Library/Developer/Toolchains, must add CompatibilityVersion key to ToolchainInfo.plist and set the value is 2 with Number type. More about information of toolchain, you can learn from toolchain of swift Note: any applications builded with toolchain installed at /Library/Developer/Toolchains can not be uploaded to AppStore. …
Calc NSAttributedString size correctly with NSLayoutManager
Dec 16, 2018
Some code like this: NSAttributedString *attrString = [[NSAttributedString alloc] initWithString:@"lvv" attributes:@{NSFontAttributeName:[UIFont systemFontOfSize:30]}]; NSTextStorage *textStorage = [[NSTextStorage alloc] initWithAttributedString:attrString]; NSLayoutManager *layoutManager = [[NSLayoutManager alloc] init]; [textStorage addLayoutManager:layoutManager]; NSTextContainer *textContainer = [[NSTextContainer alloc] initWithSize:CGSizeMake(INFINITY, INFINITY)]; [layoutManager addTextContainer:textContainer]; CGRect usedRect = [layoutManager usedRectForTextContainer:textContainer]; NSLog(@"usedRect:%@", NSStringFromCGRect(usedRect)); result is CGRectZero: usedRect:{{0, 0}, {0, 0}} Why? Because glyph generation, layout and font fallback not have happened yet. Just adjust code simply: NSAttributedString *attrString = [[NSAttributedString alloc] initWithString:@"lvv" attributes:@{NSFontAttributeName:[UIFont systemFontOfSize:30]}]; NSLayoutManager *layoutManager = [[NSLayoutManager alloc] init]; NSTextContainer *textContainer = [[NSTextContainer alloc] initWithSize:CGSizeMake(INFINITY, INFINITY)]; [layoutManager addTextContainer:textContainer]; // add layout at the last NSTextStorage *textStorage = [[NSTextStorage alloc] init]; [textStorage addLayoutManager:layoutManager]; // set string after add layout [textStorage setAttributedString:attrString]; CGRect usedRect = [layoutManager usedRectForTextContainer:textContainer]; NSLog(@"usedRect:%@", NSStringFromCGRect(usedRect)); the result is correct: usedRect:{{0, 0}, {46.1962890625, 35.80078125}} BTW: Apple suggest call glyphRangeForTextContainer before usedRectForTextContainer , because the layout manager performs layout lazily. …
< Code is code />
