终于搞懂了 ssh-add ssh-agent ssh -A user@host 实现的SSO

• keyword: SSH + SSO

https://www.ssh.com/academy/ssh/agent

1
2
3
4
5
6
7
8

eval `ssh-agent` && ssh-add # 启动 ssh-agent 并且把当前用户的 key加到agent里

ssh -A user@host_a # 如果sshconfig里没有 `ForwardAgent yes`
ssh    user@host_a # 如果sshconfig里  有 `ForwardAgent yes`

ssh-add -l # 检查本机的key是否被带到了机器上

ssh user@host_b

假设 本机 可以ssh到 host_b
假设 host_a 不可以ssh到 host_b

使用上面的方法, 可以实现在 host_a 上, 直接ssh登录 host_b

假设 本机 有权限拉代码库A的代码
假设 host_a 没有权限拉代码库A的代码

使用上面的方法, 可以实现在 host_a 上, 拉代码库A的代码

Youtube Tutorial

Tampermonkey

Tampermonkey 是一款 浏览器插件

需求来源

空余时间在B站学习C语言, 偶尔发现 某个接口可以获取到列表信息, 可以通过这个计算还剩多长时间能学完这个系列

结合大佬分享过的脚本工具 TamperMonkey

发现可以自动化这个过程… 真是太好了

脚本实现

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

// ==UserScript==
// @name         bilibili
// @namespace    http://tampermonkey.net/
// @version      0.1
// @description  try to take over the world!
// @author       ljw532344863@sina.com
// @match        https://www.bilibili.com/video/*
// @icon         data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==
// @grant        none
// ==/UserScript==

window.addEventListener('load', function(){
    (function() {
        'use strict';

        fetch("https://api.bilibili.com/x/player/pagelist?bvid=BV1bs41197KN&jsonp=jsonp")
            .then(response => response.json())
            .then(function(info){
            let data = info.data;
            let urlSearchParams = new URLSearchParams(window.location.search);
            let params = Object.fromEntries(urlSearchParams.entries());
            let currentPage = params.p;
            let isCurrentPage = function(item){return (item.page==currentPage);};

            let wanted = data.filter(isCurrentPage);
            let pageIndex = data.findIndex(isCurrentPage);

            let restPages = data.slice(pageIndex);
            // duration 的单位是秒
            let restTime = restPages.map(item => item.duration).reduce((a, b) => a + b) / 60;
            alert(`当前正在观看第 ${currentPage} 节: "${wanted[0].part}"\n剩余时间: ${parseInt(restTime)} 分钟`);
        })
            .catch(err => {
            console.log('caught it!',err);
        });

    })();
})

脚本调试方法

谷歌浏览器 -> F12 -> “Source” Tab -> “Snippets” -> “Net Snippets” -> write your script and enjoy debuging…

Have Fun automating !!!

注: 这里主要记录怎么申请免费的SSL证书 和 在nginx上配置HTTPS

主要的参考文档: 阿里云.SSL证书服务

起因: 调试 小米小爱开放平台 里的 服务端口类型 需要https接口

前置要求

• 一个阿里云账号
• 一个已备案的域名
• 一台ECS(Ubuntu)
• 一个用nginx代理的http服务

申请SSL证书

• 进入 阿里云SSL证书 控制台
• SSL证书
• 免费证书 (测试, 个人试用场景, 商用的不在这里讨论)
• 立即购买
• 填入必要信息即可
• 在 状态 那里可以看到证书的签发进度
• 签发后, 点击下载

上传 key和pem

1

scp yourdomain_nginx.zip youserver:/home/

检查 ECS的安全组

• 进入 阿里云ECS控制台
• 进入ECS实例控制台
• 进入 安全组 tab, 进入安全组配置
• 检查 安全组的入方向是否允许 443 端口的访问, 如果没有, 点击 快速添加, 选择https即可

检查 ECS的防火墙配置

1
2
3
4
5

sudo ufw status
sudo ufw allow https

# 本机测试端口是否已开放
telnet yourdomain 443

配置nginx

在Nginx（或Tengine）服务器上安装证书

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

# http请求转为https请求
server {
  listen 80;
  server_name yourdomain;
  rewrite ^(.*)$ https://${server_name}$1 permanent;
}

server {
  listen 443;
  ssl on;
  server_name yourdomain;

  ssl_certificate     /etc/nginx/cert/6556112_yourdomain.pem; # 证书pem 所在的路径
  ssl_certificate_key /etc/nginx/cert/6556112_yourdomain.key; # 证书key 所在的路径
  ssl_session_timeout 5m;

  ...
}

配置后, 需要reload nginx服务

1
2

sudo nginx -t
sudo nginx -s reload

验证https生效

1
2
3

curl -I http://yourdomain  # 应该返回 `301 Moved Permanently`
curl -L http://yourdomain  # 应该正常访问(200)
curl -I https://yourdomain # 应该正常访问(200)

You’re All Set !!!

分享看视频做的一些记录

Top 3 Mistakes Junior Coders Make
https://www.youtube.com/watch?v=4Bgeumjhf4w

1. They believe everything they have build has to be scalable like Facebook or Instagram, they always look at “what happens if I have s millions users, what am I going to do…”. This is not gonna happen for 99.99999% of projects that you have work on, you do not have to worry about scale for the most part, for the vast majority apps you ever work on.

2. Write time speed is far more important than runtime speed in development.

3. Don’t be chasing after the bleeding edge tech, let the jobs and opportunities and job requirements determine what tech you choose, not what’s buzzing now on interwebs.

4. Don’t try to write overly complex code. Don’t do it.

5. Strive to write really easy to understand code and you will rise quickly as a favorite developer in the team or in the business, because they are going to say: “This person here write really good simple code.”

6. Newbies tried to reinvent the wheels, they are reluctant to use libraries or frameworks

These tips are based on my 250 years as a developer, trust me, these are universal, doesn’t matter what language, doesn’t matter what framework, nothing matters really…

Graph Visualization
https://graphviz.org/about/

Guide
https://graphviz.org/pdf/dotguide.pdf

Graphviz Visual Editor(Playground)
http://magjac.com/graphviz-visual-editor/

将代码转换为图片…

Inspired by https://github.com/aasm/aasm_graph

1
2
3
4

# Macos Installation

tldr dot
brew install graphviz

类似的工具

• gs - Ghostscript (PostScript and PDF language interpreter and previewer) man gs # on macos
• https://mermaid-js.github.io/mermaid/#/
• https://mermaid-js.github.io/mermaid-live-editor

使用类似工具的理由

• 文本占用空间小
• 修改灵活, 成本低
• 文本可以用git之类的版本管理工具做记录

shell 里, !! 表示上一个命令

刚发现一个结合 watch 的好的用法

1
2
3
4
5
6
7
8
9
10
11

➜  ~ df -h
Filesystem      Size  Used Avail Use% Mounted on
udev            934M     0  934M   0% /dev
tmpfs           192M  4.8M  187M   3% /run
/dev/vda1        40G  9.2G   29G  25% /
tmpfs           956M     0  956M   0% /dev/shm
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           956M     0  956M   0% /sys/fs/cgroup
tmpfs           192M     0  192M   0% /run/user/1000
➜  ~ watch "!!" # 注意要用 双引号括起来
➜  ~ watch "df -h"

基本思路就是, 先输入单个命令, 再用 watch "!!" 去自动运行…

非 常 好 用 ;D

shebang line definition offered a cute-trick…

1
2
3
4
5
6
7
8
9
10
11
12
13

#!/bin/rm
# Self-deleting script.

# Nothing much seems to happen when you run this... except that the file disappears.

WHATEVER=85

echo "This line will never print (betcha!)."

exit $WHATEVER  # Doesn't matter. The script will not exit here.
                # Try an echo $? after script termination.
                # You'll get a 0, not a 85.

sublime-text-power-userpdf.pdf

command palette

cmd + p

cmd + p -> : (go to line xxx)

cmd + p -> @ (or cmd + r) (go to Code & Text Blocks)

cmd + p -> # (fuzzy search 在某个文件里做模糊搜索)

Chaining Commands

多个命令可以连起来使用

e.g.

cmd + p -> README.md:80
cmd + p -> README.md#keyword
cmd + p -> README.md@title_xx

Excluding Files & Folders From Search

Preferences —>Settings - User and defining the binary_file_patterns property:

ignore files

1

"binary_file_patterns": [".DS_Store", "H.gitignore", "*.psd"]

ignore folders

1

"binary_file_patterns": ["node_modules/", "vendor/", "tmp/"]

sidebar

cmd + k, cmd + b

distraction free mode

view -> “enter distraction free mode”

ctrl + cmd + shift + f

status bar

view -> hide/show status bar

minimap

view -> hide/show minimap

multiple panel

view -> layout -> xxx

Moving Between Tab

cmd + option + arrows(-> or <-)

Multiple Carets/cursor 多光标

ctrl + shift + up/down arrows

cmd + click

Quick Find Next / Quick Skip Next

cmd + d, and cmd + k + d to skip

Creating Snippets

Tools —► New snippet

tool -> developer

new plugin
new snippet
new syntax

Search and replace

cmd + f
cmd + shift + f

cmd + g
cmd + shift + g

Search Options

regex search
case sensitive
whole word
show context

move line up/down

ctrl + cmd + up/down arrows

line duplicating

cmd + shift + d

delete line

cmd + backspace (backword delete)
ctrl + k (forward delete)

ctrl + shift + k (delete the whole line)

ctrl + backspace (backword delete word)
ctrl + fn + backspace (forward delete word)

insert line

cmd + shift + enter (insert before)
cmd + enter (insert after)

jump by word

option + left/right arrows

到105页了

Projects(page107)

Projects in Sublime Text are a nice way to manage different websites or applications that you may be working on. The main benefit to using projects in Sublime Text are the ability to have specific editor settings that apply only to that specific projects. This is especially helpful when working with teams who may not have their editor setup properly for contributing.

There are two files that make up a Sublime Text project: the .sublime-project file and the .sublime-workspace file.

The first being a file to hold your projects settings and the second being a place where the editor can dump user specific data.

If you were to open the .sublime-workspace file, you would see all kinds of things from previously opened files to editor settings. You will never need to edit this file, so it’s best just to ignore it.

When working with version control, the .sublime-project file should be checked in and shared while the .sublime-workspace file should not. I find it helpful to get myself into the habit of adding .sublime-workspace to all my .gitignore files.

recording a macro

tools -> record macro

tools -> save macro -> “untitled.sublime-macro”

sublime building system

仔细研究一下

Build tasks are housed in a .sublime-build file which is aJSON file that holds a number of options for running

Your own build files can live anywhere in your user folder. I recommend creating a build folder inside of the your user folder that will hold all of your build tasks.

bookmarks

Mastering Emmet

Emmet is a package for Sublime Text that helps with writing of CSS and HTML. To say that it speeds you up is an understatement, you would be silly to code HTML or CSS without this package installed.

workflow and code quality

page 162

vim mode

https://github.com/guillermooo/Vintageous

must have add-on packages

• Emmet

• AutoFilename

• Html-Css-Json Prettifyer

• Sidebar Enhancements

• Open With…

• Alignment

• Bracket Highlighter

• MarkdownTOC

• BufferScroll (Maintaining State on a file)

• TODO

2021-09-24 14:16:09 读完了.

分享一篇内部CodeReview时的记录, 主讲是技术总监, 听讲的是公司新手村一众小菜鸡

没有仔细整理过, 看起来可能有点杂乱, 见谅了.

• 20210819 13:30 -> 15:30

• “对代码要有敬畏之心”

• “代码整洁”

• 书: 代码大全(“Code Complete”, 读过了, 推荐)

• 书: 重构(“Refactoring”, , 读过了, 推荐)

• 书: 代码整洁之道(“Clean Code”)

• 书: 敏捷软件开发: 原则、模式与实践(“Agile Software Development, Principles, Patterns, and Practices”, 读过了, 推荐)

• 重构

  • “代码写好以后, 需要反复重构” 直到 不需要重构为止
  • 重构是基本的能力, 需要具备这个意识和能力

• 设计模式 很重要

• 从入口开始看代码(action)

  • 从 需求方/调用方 入手

• SOLID

  • 单一职责 SRP
  • 开闭原则 OCP
  • 里氏替换 LSP
  • 接口隔离 ISP
  • 依赖倒置 DIP

• 一行内尽可能只表达一个意思, 逻辑越少越好 -> 单一职责

• 尽可能别写注释; 如果有无效代码, 删掉

• 因为 实现的复杂度, 把业务逻辑复杂化了

  • 应该: 把业务逻辑暴露出来, 把实现封装起来

• 函数的目的是 封装复杂度

• “好的代码, 初级程序员能快速读懂;”

• “代码好坏与否, 一个重要原则是 初级程序员能否快速读懂”

• “代码就是设计文档, 顺便让计算机执行”

  • 代码是写出来让人读的, (顺便让计算机执行)

• 迪米特法则(Law of Demeter)

  • 只关心和你直接相关的东西

• 一个类里的函数越少越好

• 客户端不应使用他不依赖的方法

• 提前返回 / 及早返回

  • 可以减少if-else的嵌套

• 顺序: 先封装为全局函数, 尽量不要引入成员变量(状态)

  • 成员变量 表示 状态
  • 除非 通过传参解决不了
  • 成员变量的维护成本很高
  • 封装一个业务时, 优先使用全局函数
  • 全局变量最好不要有, 有的话 要尽量少

• 什么时候引入module?

  • 当有一组函数, 想给他们分组时

• 类的目的, 是把一组相关方法放在一起

• 什么时候提取成员变量?

  • 不需要一开始就用高层设计
  • 当需要成员变量时, 才开始考虑类

• 什么时候需要成员变量?

  • “当一个类的两个public函数, 都需要使用同一个变量的时候, 可以引入成员变量”

• 三个词

  • overview
  • summary / list (index)
  • detail 详情 (show)

• 思考 基于实现/基于设计原则

  • 业务
  • 封装
  • 接口
  • 顺序很重要, 什么样的顺序?
  • 设计驱动?
  • 实现驱动? *
  • “从调用方看问题, 问题会得到简化”(实现驱动)
  • 重要性: 获取信息 > 封装的思路
  • 一个类的 职责/价值, 是 获取信息 还是 封装?

• 一个有经验的工程师, 要能接受各种各样的方案, 能说清楚每个方案的优缺点

• 依赖管理

• “model层是对数据库的封装, 他不是对网络请求的封装”

• 当我们可以选择低耦合的实现时, (是不是)应该选择低耦合的实现?

• “为什么要引入耦合? 是否有充足的理由?”

• “不要过早设计”, (做应用开发)当需求真实发生时, 再根据需求做重构

• public 函数变少, 耦合就会变低

• 思考: 某个设计, 对此时此刻的需求来说是不是过度了

• 设计思路: 自顶向下/自底向上