fatal: cannot run gpg: No such file or directory

Mar 22, 2019

After installed GPG Site: https://gpgtools.org/ Git commit with error: fatal: cannot run gpg: No such file or directory error: gpg failed to sign the data fatal: failed to write commit object Solution: git config --global gpg.program $(which gpg) About Signing commits

Using xcrun

Mar 22, 2019

Run a command with special toolchain $ xcrun --toolchain org.llvm.8.0.0 clang -v output clang version 8.0.0 Target: x86_64-apple-darwin18.2.0 Thread model: posix InstalledDir: /Applications/Xcode.app/Contents/Developer/Toolchains/LLVM8.0.0.xctoolchain/usr/bin Show SDK path $ xcrun --show-sdk-path --sdk iphoneos /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk $ xcrun --show-sdk-path --sdk iphonesimulator /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator12.1.sdk $ xcrun --show-sdk-path --sdk macosx /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk

build LLVM 8 on macOS

Mar 21, 2019

TL;DR download my pre-built: LLVM8.0.1.xctoolchain.7z MD5: 32241cb3e093b15c58bd40200dc2fd76 LLVM8.0.0.xctoolchain.7z MD5: 169fd4d3fdffa5a136cbe77aac759cdc prepare building lldb Install editline Install pcre && swig Read code-signing.txt building clone llvm-project checkout 8.0 branch cd llvm run build-llvm.sh build-llvm.sh #!/bin/bash set -e mkdir build && cd build output=/tmp/llvm-build cmake -DCMAKE_INSTALL_PREFIX=${output} \ -DCMAKE_BUILD_TYPE=Release \ -DLLVM_INCLUDE_TESTS=OFF \ -DLLVM_INCLUDE_EXAMPLES=OFF \ -DLLDB_CODESIGN_IDENTITY='' \ -DLLDB_BUILD_FRAMEWORK=ON \ -DLLVM_ENABLE_PROJECTS="all" \ -DLLVM_CREATE_XCODE_TOOLCHAIN=ON \ -DCMAKE_OSX_DEPLOYMENT_TARGET=10.9 \ -GNinja \ .. ninja ninja install-xcode-toolchain echo build finish. echo toolchain installed at ${output} Note: you need install cmake and ninja first. …

A simple Dispatch Queue Pool

Mar 18, 2019

I named it MDispatchQueuePool. Really easy to use: [MDispatchQueuePool.sharedPool asyncExecute:^{ // put your code here ... }]; Here is MDispatchQueuePool.m @interface MDispatchQueuePool () { dispatch_queue_t _executionQueue; dispatch_queue_t _waitingQueue; dispatch_semaphore_t _maximumQueueSemaphore; } @end @implementation MDispatchQueuePool + (instancetype)sharedPool { static MDispatchQueuePool *pool = nil; static dispatch_once_t onceToken = 0; dispatch_once(&onceToken, ^{ pool = [[self alloc] init]; }); return pool; } - (instancetype)init { if (self = [super init]) { _executionQueue = dispatch_queue_create("queue.exec.MDispatchQueuePool", DISPATCH_QUEUE_CONCURRENT); _waitingQueue = dispatch_queue_create("queue.wait.MDispatchQueuePool", DISPATCH_QUEUE_SERIAL); dispatch_set_target_queue(_executionQueue, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0)); dispatch_set_target_queue(_waitingQueue, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0)); NSUInteger processorCount = MAX(NSProcessInfo.processInfo.processorCount, 2); _maximumQueueSemaphore = dispatch_semaphore_create(processorCount); } return self; } - (void)asyncExecute:(dispatch_block_t)block { if (!block) { return; } dispatch_block_t blockCopy = [block copy]; dispatch_async(_waitingQueue, ^{ dispatch_semaphore_wait(self->_maximumQueueSemaphore, DISPATCH_TIME_FOREVER); dispatch_async(self->_executionQueue, ^ { blockCopy(); dispatch_semaphore_signal(self->_maximumQueueSemaphore); }); }); } @end

Build LLVM for macOS

Mar 13, 2019

Build LLVM We build a toolchain for Xcode, and include these projects: clang clang-tools-extra libcxx libcxxabi compiler-rt libunwind polly lld clone llvm project, and build the 7.0.1 version git clone https://github.com/llvm/llvm-project.git llvm-project cd llvm-project/llvm git checkout llvmorg-7.0.1 mkdir build && cd build && build_llvm.sh Build obfuscator-LLVM obfuscator-LLVM upon LLVM, so We must clone LLVM project first. We build heroims’ fork, because his fork is newer. cd llvm-project git clone https://github.com/heroims/obfuscator.git obfuscator cd obfuscator git checkout llvm-7.0 mkdir build && cd build && build_llvm.sh build_llvm.sh #!/bin/bash set -e # projects: clang; clang-tools-extra; libcxx; libcxxabi; libunwind; lldb; compiler-rt; lld; polly; debuginfo-tests output=/tmp/llvm-build cmake -DCMAKE_INSTALL_PREFIX=${output} \ -DCMAKE_BUILD_TYPE=Release \ -DLLVM_INCLUDE_TESTS=Off \ -DLLVM_INCLUDE_EXAMPLES=Off \ -DLLVM_ENABLE_LIBCXX=ON \ -DLLVM_ENABLE_CXX1Y=ON \ -DLLVM_ENABLE_PROJECTS="clang;clang-tools-extra;libcxx;libcxxabi;compiler-rt;libunwind;polly;lld" \ -DLLVM_CREATE_XCODE_TOOLCHAIN=ON \ .. make -j `sysctl -n hw.logicalcpu_max` make install-xcode-toolchain echo build finish. echo toolchain installed at ${output} Download You can use my build here: …

Build boringssl for iOS

Feb 16, 2019

Clone boringssl git clone https://github.com/google/boringssl.git boringssl Build boringssl cd boringssl mkdir build && cd build ./build.ios build.ios is my build script #!/bin/bash set -e export IPHONEOS_DEPLOYMENT_TARGET="9.0" # for -miphoneos-version-min arch=arm64 mkdir ${arch} && cd ${arch} cmake -DCMAKE_OSX_SYSROOT=iphoneos -DCMAKE_OSX_ARCHITECTURES=${arch} -GNinja ../.. ninja cd .. arch=armv7 mkdir ${arch} && cd ${arch} cmake -DCMAKE_OSX_SYSROOT=iphoneos -DCMAKE_OSX_ARCHITECTURES=${arch} -GNinja ../.. ninja cd .. arch=x86_64 mkdir ${arch} && cd ${arch} cmake -DCMAKE_OSX_SYSROOT=iphonesimulator -DCMAKE_OSX_ARCHITECTURES=${arch} -GNinja ../.. ninja cd .. crypto=crypto/libcrypto.a ssl=ssl/libssl.a lipo -create arm64/${crypto} armv7/${crypto} x86_64/${crypto} -o libcrypto.a lipo -create arm64/${ssl} armv7/${ssl} x86_64/${ssl} -o libssl.a Merge libcrypto & libssl If you want a standalone lib (name like libboringssl.a), you can use below shell script …

Build extern version of hugo

Feb 15, 2019

Official hugo do’nt support scss Build extern version of hugo from source git clone https://github.com/gohugoio/hugo.git hugo cd hugo go install --tags extended Copy hugo to system path sudo cp ~/go/bin/hugo /usr/bin Check hugo version infomation hugo version Hugo Static Site Generator v0.55.0-DEV/extended darwin/amd64 BuildDate: unknown

nginx with boringssl

Jan 27, 2019

build with boringssl enable TLS 1.3 enable 0-RTT Install & Run mount log dir to /opt/nginx/log config dir to /opt/nginx/etc web root to /opt/www docker pull cntrump/ubuntu_nginx_boringssl docker run -v /opt/nginx/etc:/etc/nginx -v /opt/nginx/log:/var/log/nginx -v /opt/www:/var/www -v /opt/nginx/cache:/var/cache/nginx -p 80:80 -p 443:443 -d cntrump/ubuntu_nginx_boringssl /usr/sbin/nginx -g "daemon off;" Using docker-compose docker-compose.yml version: '3' services: nginx: image: 'cntrump/ubuntu_nginx_boringssl' volumes: - /opt/nginx/etc:/etc/nginx - /opt/nginx/log:/var/log/nginx - /opt/nginx/cache:/var/cache/nginx - /opt/www:/var/www ports: - '80:80' - '443:443' command: /usr/sbin/nginx -g "daemon off;" deploy: restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s docker-compose start/stop/restart nginx Example nginx.conf A+ configuration for https://myssl.com …

Build nginx with boringssl on Ubuntu 18.04

Jan 24, 2019

Enable TLS 1.3 support Using official confiuration Using shell script #!/bin/sh set -e apt-get install build-essential curl git cmake ninja-build golang libpcre3-dev zlib1g-dev # build boringssl git clone --depth=1 https://github.com/google/boringssl.git cd boringssl mkdir build cd build cmake -GNinja .. ninja cd ../.. mkdir -p boringssl/.openssl/lib cp boringssl/build/crypto/libcrypto.a boringssl/build/ssl/libssl.a boringssl/.openssl/lib cd boringssl/.openssl ln -s ../include . cd ../.. # build nginx nginx_ver=1.15.8 curl -O https://nginx.org/download/nginx-${nginx_ver}.tar.gz tar zxvf nginx-${nginx_ver}.tar.gz cd nginx-${nginx_ver} ./configure --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib/nginx/modules \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --user=nginx \ --group=nginx \ --with-compat \ --with-file-aio \ --with-threads \ --with-http_addition_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_mp4_module \ --with-http_random_index_module \ --with-http_realip_module \ --with-http_secure_link_module \ --with-http_slice_module \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_sub_module \ --with-http_v2_module \ --with-mail \ --with-mail_ssl_module \ --with-stream \ --with-stream_realip_module \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --with-cc-opt="-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-${nginx_ver}/debian/debuild-base/nginx-${nginx_ver}=. -specs=/usr/share/dpkg/no-pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ --with-ld-opt="-Wl,-Bsymbolic-functions -specs=/usr/share/dpkg/no-pie-link.specs -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" \ --with-openssl-opt=enable-tls1_3 \ --with-openssl=../boringssl touch ../boringssl/.openssl/include/openssl/ssl.h make make install cd .. # create user nginx useradd -s /sbin/nologin nginx # test nginx /usr/sbin/nginx -V exit 0 Edit nginx.conf, enable TLS 1.3 support ssl_protocols TLSv1.2 TLSv1.3; ssl_early_data on; # enable 0-RTT ssl_certificate /etc/nginx/certs/fullchain.pem; ssl_certificate_key /etc/nginx/certs/privkey.pem; ssl_ciphers [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]:[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DES-CBC3-SHA; ssl_prefer_server_ciphers on; Install as system service Create nginx service configration file nginx.service …

Install newest nginx on ubuntu 18.04

Jan 17, 2019

Install nginx_signing.key $ cd /etc/apt curl -O https://nginx.org/keys/nginx_signing.key apt-key add nginx_signing.key Update apt source $ vim /etc/apt/sources.list deb http://nginx.org/packages/ubuntu/ bionic nginx deb-src http://nginx.org/packages/ubuntu/ bionic nginx $ apt-get update apt-get install nginx