SELinux sucks?! Safety always means inconvenient, right!

Just record what I made Nginx working with a project located in someone's HOME directory on a Linux machine with SELinux on.

  1. Nginx seems working normally, but it actually Didn't listen to a non-80 port at all. If it reports ValueError: Port tcp/8081 already defined, replace -a with -m.

semanage port -a -t http_port_t -p tcp 8081

Reference1 Reference2

  1. telnet localhost 8081 works, but telnet 192.168.168.168 8081 from another machine not working!

firewall-cmd permanent add-port=8081/tcp

firewall-cmd --reload

  1. Everything seems working good, but when you visit your site, Nginx just gives you a 403! You should ensure Nginx can access your project directory, everyone knows that, but is not enough when SELinux is on.

setsebool -P httpd_enable_homedirs 1

setenforce 0
systemctl restart nginx
systemctl daemon-reload

Reference

Caution: Javascript A || B expression is handy, but it also can cause tricky bugs

I had written the following code in a project

   ...
   return s && s.value || null

It works well for some days until a colleague did some code refactoring. In the beginning, s.value is a string value, and an empty string is not a valid value, so the code works well. After the refactoring, s.value became an integer, and this time 0 is a valid value. So you can imagine when s.value === 0 the code above will return null instead of 0. It leads to a bug!

Therefore please use the"A || B" expression with caution!

微信浏览器内H5活动页调起小程序, 服务器端开发备忘

  1. 公众平台设置H5静态页服务器IP白名单

  2. 上传验证文件到根目录(一定要先做好这一步才能做下一步啊

  3. 公众平台设置域名白名单

  4. 服务器端配置公众平台 appId, appSecret

  5. 缓存针对此appId的 accessToken 和 jsapi_ticket

  6. 服务器端生成签名.....参数一定要按字典序!(坑)

「新路由3 (new wifi3) D2 全千兆路由器华硕老毛子openwrt潘多拉高恪集客」配置ss+kcptun加速全自动翻墙备忘

半年多前配过一次,磕磕绊绊的,勉强配好了能用。这次老朋友又买了一台类似的机器,我以为会很快搞定,结果又陆续整了好几个小时。为避免下次折腾的时候浪费时间,简要记录一下折腾过程。

用到的软件

  • shadowsocks-libev-local
  • kcptun-client

几个要点

  1. 需要下载的软件只有这俩,一开始没有下载 shadowsocks-libev-local而是尝试用机器里已经下载好的 shadowsocksR-local 代替,未成功(并不一定是ssR的锅....
  2. 下载了kcptun,也配置了使用 kcptun,但kcptun服务一直不启动的原因是kcptun客户端的程序名字与系统中设置的不一致。安装好的客户端名字叫 kcptun-c 但默认配置的名字不是这个,务必要到「自动更新」那一页改一下配置
  3. 「全局配置」页配置:
  • TCP节点:SS+Kcptun: 节点名
  • UDP节眯:与TCP节点相同
  • Socks5节点:与TCP节点相同
  • DNS服务器(UDP): 默认
  • DNS模式: DNS2SOCKS + 使用Socks5节点解析
  • DNS地址:8.8.4.4 (Google DNS)
  • DNS劫持: 选中
  • 默认代理模式: GFW列表 (重要...尤其远程调试的时候,别瞎选全局...配不好的情况下一开代理,网会断,波及远程桌面!
  • 本机代理模式: GFW列表
  1. 「节点页」配置:
  • 服务器: 127.0.0.1
  • 使用ipv6: 不选中
  • 端口: kcptun 客户端打算用的端口
  • 加密方式: ss服务器用到的加密方式
  • 连接超时: 300 (默认值不用改
  • tcp快速打开: false (默认值不用改
  • 插件: 无
  • 使用kcptun: checkbox要勾中(废话
  • kcptun服务器: 你的kcptun服务器IP或域名
  • 使用ipv6: 不选中
  • kcptun参数配置: 把kcptun服务器配置的那堆参数照抄过来(只要端口参数之外的参数,一定要拿掉 -r -l 这两参数哦!

回头看看也没什么.....就这么点事儿,整了几个小时。如果第一次整完就写篇备忘记录....哈,亡羊补牢,犹未晚,我这不就写了么!

Vue.js Event modifier: .stop .prevent .passive .once .self .capture explanation

Two articles explain well this subject. One is in Chinese, the other is in English.