Samba add user for share

add user

sudo smbpasswd -a USER
sudo smbpasswd -e USER

set up share path

/etc/samba/smb.conf

[USER] 

       comment = USER home 

       path = /home/USER 

       writeable = yes 

       public=yes 

       browseable = yes 

       create mode = 776 

       force directory mode = 776 

restart samba service

sudo systemctl restart smbd.service
sudo systemctl restart nmbd.service

if still can't access, then check below config

/etc/samba/smb.conf

[global]    hosts allow = #add your IP here 

restart samba service again, it should work now.

Fix issue : grunt init failed with error Couldn't find match for "

Issue

PS D:\Ghost> grunt init
Running "update_submodules:pinned" (update_submodules) task

Running "subgrunt:init" (subgrunt) task
yarn install v1.7.0
[1/5] Validating package.json...
[2/5] Resolving packages...
[3/5] Fetching packages...
warning Pattern ["glob@latest"] is trying to unpack in the same destination "C:\\Users\\lenger\\AppData\\Local\\Yarn\\Ca
che\\v1\\npm-glob-7.1.2-c19c9df9a028702d678612384a6552404c636d15" as pattern ["glob@^7.0.5","glob@^7.0.5","glob@^7.1.0",
"glob@^7.0.4","glob@^7.1.2","glob@^7.0.3","glob@^7.0.3","glob@^7.0.0","glob@7.1.2","glob@^7.0.3"]. This could result in
non-deterministic behavior, skipping.
error Couldn't find match for "8dc6b689903c9363ade94e2e4d21c94813bbbe98" in "refs/heads/master,refs/heads/node-4-compat,
refs/tags/v0.0.1,refs/tags/v0.0.2,refs/tags/v0.0.3,refs/tags/v0.1.0,refs/tags/v0.1.1" for "https://github.com/kevinansfi
eld/eslint-plugin-sort-imports-es6-autofix.git".
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
Warning: Failed installing node modules in "core/client". Use --force to continue.

Aborted due to warnings.

Solution

find -name "yarn.lock" | xargs rm -f 

then grunt init again

grunt init 

Transfer your ghost server between hosts

Assume you have a ghost server ran at a host machine.
Oneday the host machine maybe out of space or you find a new cheap host,
or you have a new host that have power memory and performance.
Then you may need to transfer your ghost server to another new host.

tar your ghost server to a *.tar.gz

//blog is my ghost server root directory

$cd www/blog
$tar -zcvf blog.tar.gz blog

copy the blog.tar.gz to the new host

preinstall on new host

nginx
sudo apt-get install nginx
node.js
https://nodejs.org/en/download/
extract and add node bin path to env
ghost

npm i -g ghost-cli 

acme.sh
https://github.com/Neilpang/acme.sh

configure on new host

tar cvf blog.tar.gz 

nginx conf

sudo ln -sf blog/system/files/blog.conf /etc/nginx/sites-available/blog.conf
sudo ln -sf /etc/nginx/sites-available/blog.conf /etc/nginx/sites-enabled/blog.conf

start http server

ghost start 

if you encounter systemd error, just follow the hint command(ghost linuxuser systemd) by ghost
and run ghost start again.
Before you start your ghost server, you should change the DNS record for your server. Since you changed host, the IP would changed.

enable https server via letsencrypt

sudo ln -sf blog/system/files/blog-ssl.conf /etc/nginx/sites-available/blog-ssl.conf
sudo ln -sf /etc/nginx/sites-available/blog-ssl.conf /etc/nginx/sites-enabled/blog-ssl.conf
acme.sh --issue --home /etc/letsencrypt --domain errong.win --webroot /home/errong_leng/www/blog/system/nginx-root --reloadcmd "nginx -s reload" --accountemail errong.leng@gmail.com

http nginx conf

server {
    listen 80;
    listen [::]:80;

    server_name errong.win;
    root /home/errong_leng/www/blog/system/nginx-root;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:6666;
        
    }

    location ~ /.well-known {
        allow all;
    }

    client_max_body_size 50m;
}

https nginx conf

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name errong.win;
    root /home/errong_leng/www/blog/system/nginx-root;

    ssl_certificate /etc/letsencrypt/errong.win/fullchain.cer;
    ssl_certificate_key /etc/letsencrypt/errong.win/errong.win.key;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:6666;
        
    }

    location ~ /.well-known {
        allow all;
    }

    client_max_body_size 50m;
}

setup shadowsocks server on ubuntu 16.04

install

sudo apt-get install software-properties-common -y
sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y
sudo apt-get update
sudo apt install shadowsocks-libev

configure

sudo vim /etc/shadowsocks-libev/config.json
{
    "server":"10.128.0.2",
    "server_port":8911,
    "local_port":1008,
    "password":"jesusislove",
    "timeout":60,
    "method":"chacha20-ietf-poly1305"
}

start server

sudo systemctl start shadowsocks-libev

google compute engine

If the server are running on a google compute engine,
You need to setup a firewall rules for the server port(8911, written in config.json).
shadowsocks
Apply to all
IP ranges: 0.0.0.0/0
tcp:8911, udp:8911
Allow

client configuration

iOS
Android
Shadowsocks for Android / iOS also accepts BASE64 encoded URI format configs:

ss://BASE64-ENCODED-STRING-WITHOUT-PADDING#TAG 

Where the plain URI should be:

ss://method:password@hostname:port 

Quick Guide

他的力量若不够

利未记五7、11

7「他的力量若不够献一只羊羔，就要因所犯的罪，把两只斑鸠或是两只雏鸽带到耶和华面前为赎愆祭：一只作赎罪祭，一只作燔祭。

11「他的力量若不够献两只斑鸠或是两只雏鸽，就要因所犯的罪带供物来，就是细面伊法十分之一为赎罪祭；不可加上油，也不可加上乳香，因为是赎罪祭。

Photo by Brooke Lark / Unsplash

expressjs : implement http file download

Express helper, res.download

Express has a helper for this:

app.get('/xxx', function(req, res){ 

  var file = __dirname + '/xxx'; 

  res.download(file); // Set disposition and send it. 

}); 

http file download header

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition

res.setHeader('Content-disposition', 'attachment; filename=xxx'); 

iptables, clean all rules

command

sudo iptables -P INPUT ACCEPT
sudo iptables -F

list all rules

sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination