-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.json
1 lines (1 loc) · 80.8 KB
/
index.json
1
[{"content":"Download the files Way 1: from sap Way 2: from my web drive gui\nInstall For M1\nGUI780Installation_0-70007412.DMG GUI780Installation_0-70007413.DMG For Intel\nGUI780Installation_1-70007412.DMG GUI780Installation_1-70007413.DMG ","permalink":"https://leijingwei.com/posts/install-the-latest-sap-gui-780-for-mac/","summary":"Download the files Way 1: from sap Way 2: from my web drive gui\nInstall For M1\nGUI780Installation_0-70007412.DMG GUI780Installation_0-70007413.DMG For Intel\nGUI780Installation_1-70007412.DMG GUI780Installation_1-70007413.DMG ","title":"Install the Latest SAP GUI 780 for MAC"},{"content":"Prerequisites You should have a public IP address for your router, or you should use the DDNS to do a port forward to your router.\nInteracting with OpenWrt login in your router\nopkg update opkg install prometheus-node-exporter-lua opkg install prometheus-node-exporter-lua-nat_traffic opkg install prometheus-node-exporter-lua-netstat opkg install prometheus-node-exporter-lua-openwrt opkg install prometheus-node-exporter-lua-wifi opkg install prometheus-node-exporter-lua-wifi_stations test curl localhost:9100/metrics change the port and interface vim /etc/config/prometheus-node-exporter-lua You will see the contents as follow.\nconfig prometheus-node-exporter-lua \u0026#39;main\u0026#39; option listen_ipv6 \u0026#39;0\u0026#39; option listen_port \u0026#39;9100\u0026#39; option listen_interface \u0026#39;lan\u0026#39; change the listen_interface to lan which already changed and showed above.\nRestart the node_exporter service.\n/etc/init.d/prometheus-node-exporter-lua restart Test again curl http://192.168.2.1:9100/metrics # the lan ip of your router or you can open a browser\nThat\u0026rsquo;s all.\n","permalink":"https://leijingwei.com/posts/integrated-node-exporter-on-openwrt-/","summary":"Prerequisites You should have a public IP address for your router, or you should use the DDNS to do a port forward to your router.\nInteracting with OpenWrt login in your router\nopkg update opkg install prometheus-node-exporter-lua opkg install prometheus-node-exporter-lua-nat_traffic opkg install prometheus-node-exporter-lua-netstat opkg install prometheus-node-exporter-lua-openwrt opkg install prometheus-node-exporter-lua-wifi opkg install prometheus-node-exporter-lua-wifi_stations test curl localhost:9100/metrics change the port and interface vim /etc/config/prometheus-node-exporter-lua You will see the contents as follow.\nconfig prometheus-node-exporter-lua \u0026#39;main\u0026#39; option listen_ipv6 \u0026#39;0\u0026#39; option listen_port \u0026#39;9100\u0026#39; option listen_interface \u0026#39;lan\u0026#39; change the listen_interface to lan which already changed and showed above.","title":"Integrated Node Exporter on Openwrt "},{"content":"Download all required packages Go to the download page, find these packages as below,\nhttps://prometheus.io/download/\nPrometheus\nhttps://github.com/prometheus/prometheus/releases/download/v2.37.5/prometheus-2.37.5.linux-amd64.tar.gz\nAlertmanager\nhttps://github.com/prometheus/alertmanager/releases/download/v0.24.0/alertmanager-0.24.0.linux-amd64.tar.gz\nNode_exporter\nhttps://github.com/prometheus/node_exporter/releases/download/v1.5.0/node_exporter-1.5.0.linux-amd64.tar.gz\nAllow 9090 port open ufw allow 9090/tcp ufw reload Configure and start tar xvfz prometheus-2.37.5.linux-amd64.tar.gz cd prometheus-2.37.5.linux-amd64/ mv prometheus-2.37.5.linux-amd64 /usr/local/prometheus useradd -M -s /sbin/nologin prometheus cd /usr/local/prometheus mkdir data chown -R prometheus:prometheus /usr/local/prometheus Add to system service [Unit] Description=Prometheus After=network.target [Service] User=prometheus Group=prometheus WorkingDirectory=/usr/local/prometheus ExecStart=/usr/local/prometheus/prometheus [Install] WantedBy=multi-user.target Save the file to /usr/lib/systemd/system/prometheus.service\nReload system service systemctl daemon-reload Start prometheus systemctl start prometheus systemctl enable prometheus Upload the node exporter to all servers wget https://github.com/prometheus/node_exporter/releases/download/v1.5.0/node_exporter-1.5.0.linux-amd64.tar.gz tar xvf node_exporter-1.5.0.linux-amd64.tar.gz mv node_exporter-1.5.0.linux-amd64.tar.gz /usr/local/node_exporter useradd -M -s /sbin/nologin prometheus chown -R prometheus:prometheus /usr/local/node_exporter ufw allow 9100/tcp Add to service [Unit] Description=node_exporter After=network.target [Service] Type=simple User=prometheus Group=prometheus ExecStart=/usr/local/node_exporter/node_exporter --web.listen-address=:9100 --web.telemetry-path=/metrics --log.level=info --log.format=logfmt Restart=always [Install] WantedBy=multi-user.target Reload system service systemctl daemon-reload Start node_exporter systemctl start node_exporter systemctl enable node_exporter get the local data curl http://localhost:9100/metrics | head But we won\u0026rsquo;t use this method to get the data, we will get the data through the public ip. Let\u0026rsquo;s go back to the Prometheus server.\nvim /usr/local/prometheus/prometheus.yml - job_name: \u0026#34;node\u0026#34; static_configs: - targets: [\u0026#39;remote_ip:9100\u0026#39;] Add a new job name into the scrape_configs.\nsystemctl restart prometheus cd /usr/local/prometheus/ rm -rf data # if somedata is missing systemctl restart prometheus Install Grafana Go to the webpage https://grafana.com/grafana/download\nsudo apt-get install -y adduser libfontconfig1 wget https://dl.grafana.com/enterprise/release/grafana-enterprise_9.3.2_amd64.deb sudo dpkg -i grafana-enterprise_9.3.2_amd64.deb sudo /bin/systemctl daemon-reload sudo /bin/systemctl enable grafana-server ### You can start grafana-server by executing sudo /bin/systemctl start grafana-server ufw allow 3000/tcp Then you can open the grafana server with the port http://ip:3000\nAlertmanager wget https://github.com/prometheus/alertmanager/releases/download/v0.24.0/alertmanager-0.24.0.linux-amd64.tar.gz tar xvf alertmanager-0.24.0.linux-amd64.tar.gz mv alertmanager-0.24.0.linux-amd64 /usr/local/alertmanager chown -R prometheus:prometheus /usr/local/alertmanager add alertmanager to service [Unit] Description=alertmanager After=network.target [Service] User=prometheus Group=prometheus WorkingDirectory=/usr/local/prometheus/alertmanager ExecStart=/usr/local/prometheus/alertmanager/alertmanager --log.level=debug --log.format=json [Install] WantedBy=multi-user.target Save it to /usr/lib/systemd/system/alertmanager.service\nsystemctl daemond-reload systemctl start alertmanager systemctl enable alertmanager Prometheus integrated with alertmanager vim /usr/local/prometheus/prometheus.yml # Alertmanager configuration alerting: alertmanagers: - static_configs: - targets: - 127.0.0.1:9093 # change this to your ip add alert rules # Load rules once and periodically evaluate them according to the global \u0026#39;evaluation_interval\u0026#39;. rule_files: - \u0026#34;rules/*rules.yml\u0026#34; mkdir -p /usr/local/prometheus/rules Add some information into the rule\nvim /usr/local/prometheus/rules/node_rules.yml groups: - name: node-alert rules: - alert: disk-full expr: (1-(node_filesystem_avail_bytes{mountpoint=\u0026#34;/\u0026#34;,fstype=~\u0026#34;ext4|xfs\u0026#34;} / node_filesystem_size_bytes {mountpoint=\u0026#34;/\u0026#34;,fstype=~\u0026#34;ext4|xfs\u0026#34;})) * 100 \u0026gt;10 for: 1m labels: serverity: page annotations: summary: \u0026#34;{{ $labels.instance }} disk full\u0026#34; description: \u0026#34;{{ $labels.instance }} disk \u0026gt; {{ $value }} \u0026#34; Restart the prometheus\nsystemctl restart prometheus There should be some alert notification information on your website.\npush alert notification to social media or email Add Basic Auth for prometheus and node_exporter # generate a password htpasswd -nBC 12 \u0026#39;\u0026#39; | tr -d \u0026#39;:\\n\u0026#39; This command is from httpd-tools, if you don\u0026rsquo;t know whether the tool was been installed, you can query with this command as follow,\nrpm -qa|grep httpd-tools Create a file on node_exporter folder.\n# config.yml basic_auth_users: admin: $2y$12$DySdA6rOwmXt6d3R4r8UQeJ8Trvu1LtLPjkHaWeQEbND4ydwKX66x Add this config file to your node exporter when it starts\n# /usr/lib/systemd/system/node_exporter.service --web.config=/usr/local/node_exporter/config.yml Reload and restart the node_exporter service\nsystemctl daemon-reload systemctl restart node_exporter did the same process on prometheus.\nAnd don\u0026rsquo;t forget to update your grafana server.\n","permalink":"https://leijingwei.com/posts/how-to-deploy-prometheus-on-your-server/","summary":"Download all required packages Go to the download page, find these packages as below,\nhttps://prometheus.io/download/\nPrometheus\nhttps://github.com/prometheus/prometheus/releases/download/v2.37.5/prometheus-2.37.5.linux-amd64.tar.gz\nAlertmanager\nhttps://github.com/prometheus/alertmanager/releases/download/v0.24.0/alertmanager-0.24.0.linux-amd64.tar.gz\nNode_exporter\nhttps://github.com/prometheus/node_exporter/releases/download/v1.5.0/node_exporter-1.5.0.linux-amd64.tar.gz\nAllow 9090 port open ufw allow 9090/tcp ufw reload Configure and start tar xvfz prometheus-2.37.5.linux-amd64.tar.gz cd prometheus-2.37.5.linux-amd64/ mv prometheus-2.37.5.linux-amd64 /usr/local/prometheus useradd -M -s /sbin/nologin prometheus cd /usr/local/prometheus mkdir data chown -R prometheus:prometheus /usr/local/prometheus Add to system service [Unit] Description=Prometheus After=network.target [Service] User=prometheus Group=prometheus WorkingDirectory=/usr/local/prometheus ExecStart=/usr/local/prometheus/prometheus [Install] WantedBy=multi-user.target Save the file to /usr/lib/systemd/system/prometheus.","title":"How to Deploy Prometheus on Your Server"},{"content":"For some reason, I worked as an SAP basis consultant. The FICO consultant asked me to allow her open posting periods on SAP production client as the PRD client is not modifiable. I will tell you how to achieve this.\nfind the relevant table of this T-code The T-code they want to run on production client is OB52.\nRun this T-code and find the technical information of one record.\nThe table name is V_T001B_COFI, and if you know FICO well, you will know there is another table V_T001B_COFIB also related to this T-Code.\nTable maintain dialog Run the T-code SE54\nChange the Recording routing to no.\nIf you can\u0026rsquo;t change the option above, please use SCC4 to shortly allow you make changes on QAS.\nif not working, use SOBJ For some other reason, this didn\u0026rsquo;t work well, you should use the T-code SOBJ to selected the current settings option.\n","permalink":"https://leijingwei.com/posts/how-to-allow-specific-tcodes-make-changes-on-sap-prd/","summary":"For some reason, I worked as an SAP basis consultant. The FICO consultant asked me to allow her open posting periods on SAP production client as the PRD client is not modifiable. I will tell you how to achieve this.\nfind the relevant table of this T-code The T-code they want to run on production client is OB52.\nRun this T-code and find the technical information of one record.\nThe table name is V_T001B_COFI, and if you know FICO well, you will know there is another table V_T001B_COFIB also related to this T-Code.","title":"how to allow specific tcodes make changes on SAP PRD"},{"content":"Overview With SAP_BASIS 7.54 (SAP S/4HANA 1909), SAP delivers new client management tools based on new common architecture. They are a complete redesign of the previous client copy (transactions SCCL, SCC9, SCC5, …). The new tools replace the old client copy and also offer new functions. They are optimized for increased performance, process automation and stability. The log of the client copy has also been completely revised and is now much more meaningful and easier to read, so that troubleshooting is much easier.\nThere are also new tools to compare clients and to determine the size of clients. With SAP_BASIS 7.55, the client export and client import have been expanded to include the option of exporting / importing so-called “snapshots”.\nIn this blog I’ll will introduce you to the following tools:\nNew Local Client Copy New Remote Client Copy New Client Export and Import using Transports or Snapshots New Client Size Estimation Tool New Client Comparison Why a new Client Copy Tool? The client copy tool was originally developed in the 1990s. Since then, it has been further developed and maintained, but more and more fundamental problems came to light, especially with regard to new cloud processes, which required a new solution.\nTherefore, at the end of 2017, the development of a new client copy tool began. With SAP_BASIS 7.54 (S/4HANA 1909), the new tool was delivered to customers for the first time in 2019. With SAP_BASIS 7.55 (S/4HANA 2020) the client export and the client import were also converted to the new architecture. With SAP_BASIS 7.55 Service Pack 1, transaction SCC1 is finally moved to the new architecture.\nCompared to the old Client Copy Tool, the number of code statements went from over 25,000 to less than half with a significantly expanded range of functions such as the comparison tool. The new Client Copy Tool today has a unit test code coverage of over 94% over the entire coding.\nImprovements The new tool solves conceptual problems of the old client copy and is characterized by increased stability compared to its predecessor.\nExecution from a third Client. It is no longer necessary to start the client copy in the target client. Instead, this can now be started in a neutral third client (usually client 000). This increases efficiency and ensures that no users romp around in the target client during the client copy. The use of the user SAP * and restart of the application server to enable the user is no longer necessary.\nExecution from Third Client\nHANA Optimization. The new tool is optimized for use with HANA. Our tests showed that the new Local Client Copy is about 10x faster than the old tool. The new Remote Copy was up to 5 times faster than the old tool in our tests. Instead of first loading the data onto the application server for a local copy, the data remains on the database during a local client copy by using an INSERT FROM SELECT statement.\nINSERT (Target Client) FROM SELECT (Source Client)\nClient Copy Optimizer. The new Client Copy Tool has implemented an optimizer for empty and unchanged tables. At the beginning of each client copy, the tool reads the HANA database statistics. It then checks whether a table in the database is completely empty in all clients. If this is the case, this table can be skipped in the delete and copy phase. The optimizer also checks whether a table has been changed since the last client copy on the database. If a table has not changed since the last client copy and the last client copy had the same source and target clients, this table can also be excluded from the delete and copy phase. This optimization is particularly useful for regular copies of test clients or in the event of an aborted client copy.\nHandling of very large tables. In order to be able to deal with very large database tables, the Client Copy was enhanced to include a splitter algorithm. This splits very large database tables by generating WHERE conditions, which can then be copied by different processes in parallel. This ensures that the allocation limit in HANA and ABAP is not exceeded during the copy process. Furthermore, this algorithm increases the performance, since very large tables can be copied by several processes at the same time.\nTable Splitting Algorithm generates WHERE-Conditions for Parallel Processing\nClass-based Exit Framework. Exits are now based on class interfaces and now run in an isolated environment. By using interfaces, there is now a clear interface between the Client Copy Tool and the exits. Running in an isolated environment ensures that a broken exit cannot crash the entire Client Copy Tool. With SAP_BASIS 756 exits are executed in parallel processes.\nOld exits are still supported and executed via a wrapper exit. If you have an old exit, please contact SAP to receive support in implementing the new exit framework. You can find more information about exits in the client copy section.\nRenovated Log. Finally, the client copy log (transaction SCC3) was completely revised and replaced by a clearer solution. The logs are shown in tabs. In addition to the well-known “Client View”, there is now a “Timeline View” and a view for each copy mode (local copy, remote copy, etc.). Different columns show the exit status, the table copy status and a general message status. This makes it possible to assess the success of a client copy at a glance. With SAP_BASIS 756, SCC3 supports the display of the client size based on the data collected by the Client Size Estimation Tool and the Client Copy Tool.\nNew Client Copy Log Transaction (SCC3)\nTasklist Support. All of the new copy processes presented here now offer execution via task lists. The task lists can either be started from the corresponding transaction or directly using transaction STC01.\nClient Tools SAP delivers various client tools:\nLocal Client Copy for a copy within the same system Remote Client Copy for a copy from another system to the local system Client Deletion for the deletion of a client Client Export and Client Import for the export and import of clients in transport requests or client snapshots (new feature) Copy from Transports (SCC1N) for copying Customizing Objects within the same system. Client Copy There are two types of client copies:\nLocal Client Copy The local client copy takes place within a system. The local client copy is started via transaction SCCLN. Remote Client Copy The remote client copy copies data from an external system to another client in the target system using RFC. The process is always started from the target system. The remote client copy is started via transaction SCC9N. Differences between Local and Remote Client Copy The process flow of the local and remote client copy is basically the same. However, there are some special features to consider with the remote copy that do not occur with a local copy:\nOften the DDIC table definitions differ between the source and target systems due to different releases. Before each remote copy, the Client Copy Tool compares the DDIC table definitions and rules out incompatible tables. A table is e.g. incompatible if a field in the target system that is available in the source system is missing or has a shorter data type. While exits run in the analysis phase of a local copy in the target system and target client, the same phase is executed in the source client for a remote copy in the source system. Client Copy Phases The new client copy runs in four phases:\nInitialization Phase In the first phase the tool initializes the list of all relevant tables, the client lock objects, the exit handler and many other smaller objects. Analysis Phase In the second phase, all client copy exits are executed. Exits can exclude certain tables from the copy, request emptying or even explicitly include tables into the list of tables to be copied. After all exits finished, the finalized list of tables to be deleted and copied is saved in the database. If the option to split tables is activated, very large database tables are analyzed for processing in parallel processes and broken down into smaller work packages. Delete and Copy Phase The actual deletion and copying process takes place in this phase. First, all tables in the target client are deleted. The data is then copied from the source client to the target client. After all tables have been finished the source client gets unlocked. Post Processing Phase Finally, the postprocessing exits run. Typically, these convert data or generate objects that are dependent on the data. New Features The New Client Copy has the following new features:\nSplit Large Tables Copy Individual Tables Options to tolerate failed Exits and Tables Simultaneous execution of several client copies in the same system (from SAP_BASIS 756) For more details please check section “Processing Options” in this blog.\nClient Deletion The new client deletion is started via transaction SCC5N. It has the same phases as the client copy. The client can be deleted directly from the client list (accessible via transaction SCC4) using the “Delete from System Table T000” setting. In contrast to the old client deletion, the transaction must be started from another client and no longer from the client to be deleted.\nClient Export and Import The client export and client import process have also been completely revised. The basic idea of this process is to freeze a client on an “external” data carrier so that it can then be imported into another or several target systems. Exports enable a client to be frozen at a specific point in time.\nThe old Client Copy Tool previously only allowed exports using transport requests. With SAP_BASIS 755 there is now a further option for exporting to “Client Table Snapshots”. These are saved in the database of the exporting system and can be imported into the import system via an RFC connection. Compared to transport requests, the snapshots offer increased performance and greater flexibility in usability. The list of all snapshots can be viewed in transaction SCC3.\nPlease note: Exports that were carried out with the old tool are not compatible with the new tool and vice versa.\nCopy Data from Transports The transaction SCC1 was revised as the last client tool. The new transaction is released for customers from 2020 SP01.\nPlease note that the transaction was already delivered with SP00 but is not yet functional.\nWith the help of SCC1N it is possible to copy customizing objects recorded in transport requests to several target clients. This can be a local transport request or an imported transport request from another system.\nIn contrast to transaction SCC1, SCC1N can be executed in any client. The log has been completely revised analogous to the client copy log. Based on the feedback from internal customers, additional selection parameters were added.\nTransaction SCC1N is a further development of the old transaction SCC1 and the old report RSCC_SCC1_BATCH. As a result, compared to the old SCC1, a large number of new parameters are available. If you want to copy transport requests that have not been released with SCC1N as in SCC1, proceed as follows:\nIn the “Export / Import Time of the Transport Request” group, select the “Local Import / Update Date” radio button. If it is a mandatory field, enter a date that is far in the past in the “Export / Import Date” field. You can find further information about SCC1N in my SCC1N blog post.\nComparison Tool A new product is delivered with the comparison tool. It allows the comparison of clients, client table snapshots or client templates in any combination. The Comparison Tool can be used to compare customizing or entire clients. The comparison tool is started using transaction SCC_COMPARE.\nComparison Modes The Comparison Tool offers three comparison modes:\nChecksum Comparison. In this mode, the comparison tool selects the data of both comparison objects, creates a checksum and finally compares the checksums. In the case of different checksums, differences were found between the two objects. The checksum comparison is the fastest method for comparing two objects, but it does not offer any possibility to compare the data.\nDetailed Comparison.\nIn this mode the comparison tool selects the data of both comparison objects and compares them line by line. The data records are divided into the following categories:\nData that only exist in comparison object 1, Data that only exist in comparison object 2, Data with an identical key but different non-key field values and Data records that are completely identical. Store as Template Container. Like the Detailed Comparison. However, the comparison result is saved in a template container.\nNote: Please note that the Comparison Tool is not designed to compare very large database tables and drill down into these tables. We only recommend a checksum comparison for these tables.\nData sources The Comparison Tool offers the selection of several data sources for selecting the tables to be compared:\nProfile. Please note that SAP does not deliver a comparison tool. Individual table list. You can compare any tables with one another. With a remote comparison, even client-independent tables can be compared with one another. Run Id. Tables from a previously executed client copy. Comparison Results After a successful comparison run, you can view the result on the next screen or on tab “Comparison” of transaction SCC3. You can see the result of the comparison on the “Compared Tables” tab. By double-clicking on the table name, you can drill down to the compared data and check the differences in detail.\nComparison Run Result\nClient Size Estimation The Client Size Estimation Tool allows you to estimate the size of individual tables or an entire client. The tool calculates the client’s disk size using the following formula:\nTable Size = Table Disk Size on the database / Total Number of table rows * Number of rows in the examined client The actual data in the client is not considered here. HANA internal compression is not considered here as well. In the case of tables with fields of dynamic length, the algorithm can therefore only offer an orientation value.\nThe Client Size Estimation Tool is started using transaction SCC_CLIENT_SIZE.\nClient Size Estimation Tool\nAs of SAP_BASIS 756, the Client Size Estimation Tool runs automatically with every client copy. The size of all clients can then be checked in transaction SCC3.\nClient Copy Log The protocol transaction SCC3 was completely renovated. The transaction is now completely tab-based. Logs are now stored in the database instead of the file system.\nOverview Screen While a client copy is running you will always find a summary of the current status of the client copy on the first tab. This shows you information about the current running process, the source and target clients and the progress of deletion and copying.\nFirst Tab showing Active Process while Client Copy is running\nOtherwise you will find an overview of all clients in the system on the first tab. With a double click you can select a client in order to have a closer look at all processes carried out in this client. With this click you will automatically be directed to the second tab.\nSCC3 Overview Screen\nThe so-called “Timeline View” is new. On this tab you can see all the processes carried out by the tool in descending chronological order.\nThis is followed by several tabs with detailed views for the local client copy, the remote client copy, client deletions, client export, client import, transport request copies, client comparison and finally the client table snapshots and client template containers.\nDetailed Log A double click takes you from the overview list to the detailed view of a log. On the first tab “Log Header” you can see a general overview of the current mode, the selected profile, the clients concerned, the exit status and the process status.\nProcessed Tables of a Client Copy\nHere is an overview of the most important tabs:\nLog Header. Overview of the current mode, the selected profile, the clients concerned, the exit status and the process status. Options. List of the settings made on the selection screen. Table statistics. Overview of the number of emptied and copied tables and the number of deleted and copied data records. In addition, you can see the number of skipped tables on the tab because they were either empty on the database or were already copied from a previous client copy. General Messages. General messages returned by the Client Copy Tool. Exit Messages. Messages issued by exits. Processed tables. Overview of all tables processed by the Client Copy Tool. The current progress of the copying process during a client copy can also be tracked on this tab. Included/Excluded Tables. List of all tables integrated or excluded by the Client Copy Tool or by exits. If a table was copied or not copied, you can find out the reason here. In the case of remote copies, you will also see all tables on this tab that cannot be copied due to incompatible DDIC structures. Disk Space. Estimation of the deleted and copied data volume (see also under Client Size Estimation Tool). Runtime. Exact listing of the runtime of the individual client copy phases. This tab is particularly useful for performance analysis. Exit Execution. List of all executed exit methods. Each exit returns a status of its successful execution. The runtime of each exit is logged on this tab. Exit Definition. List of exit definitions as they were valid at the time the process was executed. Log Administration The transaction SCC3_ADMIN was published with SAP_BASIS 755 SP01. In contrast to SCC3, SCC3_ADMIN offers further functions for deleting logs, snapshots and containers.\nDeletion of old Logs Especially in systems with many recurring client copies, I recommend regular cleaning up of the log tables, as the log tables can become very large.\nSince several data records are written to the database for each table copied by the Client Copy Tool, we recommend deleting old logs that are no longer required at regular intervals. With SAP_BASIS 755, transaction SCC3 has been expanded to include a delete function for client copy logs. For this purpose, a delete button has been integrated into the table on the “Timeline View” tab.\nWith release SAP_BASIS 755 Service Pack 1, this function is moved to transaction SCC3_ADMIN. This ensures that transaction SCC3 remains a read-only transaction.\nUsing the Log Cleanup Tool is more convenient than deleting individual logs. This can be called up in SCC3_ADMIN via the menu item “Goto” -\u0026gt; “Log Cleanup”. The tool enables the deletion of logs older than days, whereby a minimum number of the last logs can be kept per client. The Log Cleanup Tool can also be started from the SAP_CLIENT_LOG_CLEANUP task list.\nDeletion of Snapshots/Container Snaphots and containers can be deleted on the “Client Table Snapshot” or “Client Template Container” tab using the corresponding toolbar button. There is also the SAP_CLIENT_CONTAINER_DELETE task list for the regular deletion of old objects. This can be started using transaction STC01.\nClient Table Snapshots With SAP_BASIS 755, SAP delivers client table snapshots and client template containers for the first time. Client table snapshots are local objects that are stored in tables of delivery class “L” (temporary data).\nWhat are snapshots? Snapshots are based on the Remote Client Copy table copying algorithm and allow any database table to be backed up. A snapshot can have any name and store any number of tables. The data of each individual table is stored as a serialized RAWSTRING in several database tables.\nWith the help of a checksum on the serialized data, the data of each table is stored centrally once across all snapshots. With a regular backup of an entire client, only the delta between two backups would take up additional storage space, since an identical checksum would only save the same data once under the same key (checksum) with two or more snapshots.\nUsage Snapshots are especially relevant for client export and client import. You can export an entire client or individual database tables to a snapshot using the Client Export Tool (SCC8N). Until now, the Client Export Tool could only export into Transport Requests.\nIn contrast to the transport request, snapshots have several advantages. This makes them easier to use because they are stored in the system’s database and not in the application server’s file system. Containers can be imported into other systems via an RFC connection (similar to Remote Client Copy). Containers are saved with optimized storage space. In addition, creating and importing a snapshot takes less than half the time than using transport requests.\nThis makes containers particularly suitable as an alternative to client export and import with transport requests and for freezing test clients that can be restored over and over again.\nWith the help of the comparison tool it is possible to compare the data of a snapshot with the current data in the client.\nProcessing Options The Client Copy Tools come with multiple processing options:\nTest Mode. The program logic of the client copy is completely performed, without writing or deleting in the database, so the behavior of a client copy is simulated. A complete log is created (display with transaction SCC3).** **\nLock Source Client. Locks the Source Client while performing a Client Copy. In case this option is enabled the client copy tool locks the source client for users. Users still logged on will not be thrown out of the client but logon to the client is no longer possible. To ensure data consistency we strongly recommend to keep this option always enabled.\nTolerate Failed Exits. Ignore failed Client Copy Application Exits while performing a client copy. In case this option is enabled failed exits will not cancel the client copy process.\nTolerate Failed Tables. Ignores Table Deletion-/Copy Errors. In case this option is enabled failed table deletion-/copy-operations will not cancel the client copy process. All other tables will be processed.\nUse Exclusive Locks. Use of exclusive database table locks. In case this option is enabled the client copy tool sets an exclusive lock on each table being copied. This reduces the memory footprint in the database and speeds up the database operation. As long as the table is locked exclusively any other tool cannot update the database table. Therefore, we recommend disabling this option in case the system is still used by other users while performing the client copy.\nSplit Large Tables. Split Large Tables while performing a client copy. In case this option is enabled the client copy splits up large tables into smaller units for performing the copy-operation in parallel processes. This avoids that the database runs out of memory and enables the client copy tool to perform copy-operations in parallel processes. It is recommended to enable this option by default. This option is permanently activated as of SAP_BASIS 756 and is therefore no longer available on the selection screen.\nCopy Incompatible Tables (RFC).\nCopies tables from remote systems, even if their structure is not identical.\nTables having different structures will be copied even in case of data loss. This applies for example for tables in case at least one column is only available in the source system but not in the target system. All incompatible Tables which will be copied anyhow are documented in the client copy protocol.\nIf this option is disabled: Below is the rule list for a table to be marked “INCOMPATIBLE” by the client copy tool. The table must be present in both source and target system. If the table exists in both systems, then the key fields should be the same. The field list in both systems should be the same, however the position of the fields can be different. The data type of all the fields must be the same. The length of the fields must not be shorter in the target system. It can be greater or same length. If this option is enabled:\nThe tables not falling in the below rule list will be marked “INCOMPATIBLE” and will be skipped/excluded from copy.\nThe table must be present in both source and target system. If the table exists in both systems, then the key fields should be the same. The field list can differ. That is, missing fields are ignored, and matching field data will be copied The data type of the matching fields must be the same The length of the fields must not be shorter in the target system. It can be greater or same length. Automated Import Postprocessing. Executes the import post-processing (transaction SCC7N) automatically immediately after an exported client got imported. If activated, you no longer need to manually call transaction SCC7N after importing an exported client. This option is only available for Client Export to a Transport Request.\nRelease Transport Requests on Client Export. Releases the transport requests at the end of the export process. The exported Transport Requests will be released immediately as part of the client export process.This option is only available for Client Export to a Transport Request.\nUse Mode Vector/All Languages. Use Export Option LSM-Mode = Vector and export all languages on transport release.This option is only available for Client Export to a Transport Request.\nOverview of Transaction Codes and Tasklists Process/Tasks Old Transaction New Transaction Tasklist Released with Local Client Copy SCCL SCCLN SAP_CLIENT_COPY_LOCAL SAP_BASIS 754 SP00 Remote Client Copy SCC9 SCC9N SAP_CLIENT_COPY_REMOTE SAP_BASIS 754 SP01 Client Deletion SCC5 SCC5N SAP_CLIENT_DELETION SAP_BASIS 754 SP00 Client Export SCC8 SCC8N SAP_CLIENT_EXPORT SAP_BASIS 754 SP02 Client Import SCC7 SCC7N SAP_CLIENT_IMPORT_POSTPROCESSING SAP_BASIS 754 SP02 Client Copy Log SCC3 SCC3 n/a SAP_BASIS 754 SP01 Client Copy – Special Selection SCC1 SCC1N SAP_CLIENT_COPY_BY_TRANSPORT SAP_BASIS 755 SP01 Comparison Tool N/A SCC_COMPARE SAP_CLIENT_COMPARISON SAP_BASIS 754 SP03 Client Size Determination N/A SCC_CLIENT_SIZE – SAP_BASIS 754 SP00 New Authorization Checks Please note that with the new Client Copy Tool, new authorization objects have also been introduced. See the main note 2962811 for more information.\nRelated Information SCC1N Blog Post\nClient Copy Main Note: 2962811\nSAP Help Portal: Client Copy and Transport\n","permalink":"https://leijingwei.com/posts/client-copy-in-sap/","summary":"Overview With SAP_BASIS 7.54 (SAP S/4HANA 1909), SAP delivers new client management tools based on new common architecture. They are a complete redesign of the previous client copy (transactions SCCL, SCC9, SCC5, …). The new tools replace the old client copy and also offer new functions. They are optimized for increased performance, process automation and stability. The log of the client copy has also been completely revised and is now much more meaningful and easier to read, so that troubleshooting is much easier.","title":"Client Copy in SAP"},{"content":"Step 1: Procedure to setup an RFC connection: Enter Transaction Code SM59\nIn the SM59 screen, you can navigate through already created RFCs connection with the help of option tree, which is a menu-based method to organize all the connections by categories.\nClick the ‘CREATE‘ button. In the next screen , Enter –\nRFC Destination – Name of Destination (could be Target System ID or anything relevant) Connection Type – here we choose one of the types (as explained previously) of RFC connections as per requirements. Description – This is a short informative description, probably to explain the purpose of connection. After you**‘SAVE’**the connection, the system will take you to ‘Technical Settings’ tab, where we provide the following information:\nTarget Host– Here we provide the complete hostname or IP address of the target system. System Number – This is the system number of the target SAP system. Click Save In the ‘Logon and Security’ Tab, Enter Target System information\nLanguage – As per the target system’s language\nClient – In SAP we never logon to a system, there has to be a particular client always, therefore we need to specify client number here for correct execution.\nUser ID and Password – preferably not to be your own login ID, there should be some generic ID so that the connection should not be affected by constantly changing end-user IDs or passwords. Mostly, a user of type ‘System’ or ‘Communication’ is used here. Please note that this is the User ID for the target system and not the source system where we are creating this connection.\nClick Save. RFC connection is ready for use\nNote: By default, a connection is defined as aRFC. To define a connection as tRFC or qRFC go to Menu Bar -\u0026gt; Destination aRFC options / tRFC options ; provide inputs as per requirements. To define qRFC, use the special options tab.\nStep 2: Trusted RFC connection There is an option to make the RFC connection as ‘Trusted’. Once selected, the calling (trusted) system doesn’t require a password to connect with target (trusting) system.\nFollowing are the advantages for using trusted channels:\nCross-system Single-Sign-On facility Password does not need to be sent across the network Timeout mechanism for the logon data prevents misuse. Prevents the mishandling of logon data because of the time-out mechanism. User-specific logon details of the calling/trusted system is checked. *The RFC users must have the required authorizations in the trusting system (authorization object S_RFCACL).*Trusted connections are mostly used to connect SAP Solution Manager Systems with other SAP systems (satellites)\nStep 3: Testing the RFC Connection After the RFCs are created (or sometimes in the case of already existing RFCs) we need to test, whether the connection is established successfully or not.\nAs shown above we go to SM59 to choose the RFC connection to be tested and then we expand drop down menu – “Utilities-\u0026gt;Test-\u0026gt;…“. We have three options:\nConnection test -\u0026gt; This attempts to make a connection with the remote system and hence validates IP address / Hostname and other connection details. If both systems are not able to connect, it throws an error. On success, it displays the table with response times. This test is just to check if the calling system can reach the remote system.\nAuthorization Test -\u0026gt; It is used to validate the User ID and Password (provided under ‘logon and security’ tab for the target system) and also the authorizations that are provided. If a test is successful, then the same screen will appear as shown above for the connection test.\nUnicode Test -\u0026gt; It is to check if the Target system is a Unicode or not.\n**Remote Logon –\u0026gt;**This is also a kind of connection test, in which a new session of the target system is opened, and we need to specify a login ID and Password (if not already mentioned under ‘Logon and Security’ tab). If the user is of type ‘Dialog’ then a dialog session is created. To justify the successful connection test, output will be the response times for the communication packets, else error message will appear.\nStep 4: What went wrong? If somehow the RFC connection is not established successfully, we can check the logs (to analyze the issue) at OS level in the ‘WORK’ director. There we can find the log files with the naming convention as “dev_rfc” and the error description can be read from such files.\n","permalink":"https://leijingwei.com/posts/how-to-configure-rfc-connection-in-sap/","summary":"Step 1: Procedure to setup an RFC connection: Enter Transaction Code SM59\nIn the SM59 screen, you can navigate through already created RFCs connection with the help of option tree, which is a menu-based method to organize all the connections by categories.\nClick the ‘CREATE‘ button. In the next screen , Enter –\nRFC Destination – Name of Destination (could be Target System ID or anything relevant) Connection Type – here we choose one of the types (as explained previously) of RFC connections as per requirements.","title":"How to Configure \u0026 Test RFC Connection in SAP"},{"content":"Installing the Packages from the Debian Repositories sudo apt update sudo apt install python3-venv python3-dev libpq-dev postgresql postgresql-contrib nginx curl Creating the PostgreSQL Database and User sudo -u postgres psql CREATE DATABASE myproject; CREATE USER myprojectuser WITH PASSWORD \u0026#39;password\u0026#39;; ALTER ROLE myprojectuser SET client_encoding TO \u0026#39;utf8\u0026#39;; ALTER ROLE myprojectuser SET default_transaction_isolation TO \u0026#39;read committed\u0026#39;; ALTER ROLE myprojectuser SET timezone TO \u0026#39;UTC\u0026#39;; GRANT ALL PRIVILEGES ON DATABASE myproject TO myprojectuser; \\q Creating a Python Virtual Environment for your Project mkdir ~/myprojectdir cd ~/myprojectdir python3 -m venv myprojectenv source myprojectenv/bin/activate pip install django gunicorn psycopg2-binary Creating and Configuring a New Django Project django-admin startproject myproject ~/myprojectdir nano ~/myprojectdir/myproject/settings.py . . . ALLOWED_HOSTS = [\u0026#39;your_server_domain_or_IP\u0026#39;, \u0026#39;second_domain_or_IP\u0026#39;, . . ., \u0026#39;localhost\u0026#39;] . . . DATABASES = { \u0026#39;default\u0026#39;: { \u0026#39;ENGINE\u0026#39;: \u0026#39;django.db.backends.postgresql_psycopg2\u0026#39;, \u0026#39;NAME\u0026#39;: \u0026#39;myproject\u0026#39;, \u0026#39;USER\u0026#39;: \u0026#39;myprojectuser\u0026#39;, \u0026#39;PASSWORD\u0026#39;: \u0026#39;password\u0026#39;, \u0026#39;HOST\u0026#39;: \u0026#39;localhost\u0026#39;, \u0026#39;PORT\u0026#39;: \u0026#39;\u0026#39;, } } . . . . . . STATIC_URL = \u0026#39;static/\u0026#39; # Default primary key field type # https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = \u0026#39;django.db.models.BigAutoField\u0026#39; import os STATIC_ROOT = os.path.join(BASE_DIR, \u0026#39;static/\u0026#39;) ~/myprojectdir/manage.py makemigrations ~/myprojectdir/manage.py migrate ~/myprojectdir/manage.py createsuperuser ~/myprojectdir/manage.py collectstatic sudo ufw allow 8000 ~/myprojectdir/manage.py runserver 0.0.0.0:8000 Testing Gunicorn’s Ability to Serve the Project cd ~/myprojectdir gunicorn --bind 0.0.0.0:8000 myproject.wsgi Creating systemd Socket and Service Files for Gunicorn sudo nano /etc/systemd/system/gunicorn.socket ################################################### [Unit] Description=gunicorn socket [Socket] ListenStream=/run/gunicorn.sock [Install] WantedBy=sockets.target sudo nano /etc/systemd/system/gunicorn.service ################################################### [Unit] Description=gunicorn daemon Requires=gunicorn.socket After=network.target [Service] User=sammy Group=www-data WorkingDirectory=/home/sammy/myprojectdir ExecStart=/home/sammy/myprojectdir/myprojectenv/bin/gunicorn \\ --access-logfile - \\ --workers 3 \\ --bind unix:/run/gunicorn.sock \\ myproject.wsgi:application [Install] WantedBy=multi-user.target sudo systemctl start gunicorn.socket sudo systemctl enable gunicorn.socket Checking for the Gunicorn Socket File sudo systemctl status gunicorn.socket file /run/gunicorn.sock ############################output################### /run/gunicorn.sock: socket sudo journalctl -u gunicorn.socket Testing Socket Activation sudo systemctl status gunicorn curl --unix-socket /run/gunicorn.sock localhost sudo systemctl status gunicorn sudo journalctl -u gunicorn sudo systemctl daemon-reload sudo systemctl restart gunicorn Configure Nginx to Proxy Pass to Gunicorn sudo nano /etc/nginx/sites-available/myproject ################################################## server { listen 80; server_name server_domain_or_IP; location = /favicon.ico { access_log off; log_not_found off; } location /static/ { root /home/sammy/myprojectdir; } location / { include proxy_params; proxy_pass http://unix:/run/gunicorn.sock; } } sudo ln -s /etc/nginx/sites-available/myproject /etc/nginx/sites-enabled nginx -t sudo systemctl restart nginx sudo ufw delete allow 8000 sudo ufw allow \u0026#39;Nginx Full\u0026#39; https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-debian-11\n","permalink":"https://leijingwei.com/posts/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-debian-11/","summary":"Installing the Packages from the Debian Repositories sudo apt update sudo apt install python3-venv python3-dev libpq-dev postgresql postgresql-contrib nginx curl Creating the PostgreSQL Database and User sudo -u postgres psql CREATE DATABASE myproject; CREATE USER myprojectuser WITH PASSWORD \u0026#39;password\u0026#39;; ALTER ROLE myprojectuser SET client_encoding TO \u0026#39;utf8\u0026#39;; ALTER ROLE myprojectuser SET default_transaction_isolation TO \u0026#39;read committed\u0026#39;; ALTER ROLE myprojectuser SET timezone TO \u0026#39;UTC\u0026#39;; GRANT ALL PRIVILEGES ON DATABASE myproject TO myprojectuser; \\q Creating a Python Virtual Environment for your Project mkdir ~/myprojectdir cd ~/myprojectdir python3 -m venv myprojectenv source myprojectenv/bin/activate pip install django gunicorn psycopg2-binary Creating and Configuring a New Django Project django-admin startproject myproject ~/myprojectdir nano ~/myprojectdir/myproject/settings.","title":"How To Set Up Django with Postgres, Nginx, and Gunicorn on Debian 11"},{"content":"Before you install your proxy app on Aliyun ECS, you should do something to block the aliyun\u0026rsquo;s built-in services.\nrm -rf /etc/motd \u0026amp;\u0026gt;/dev/null rm -fr /usr/local/{aegis,qcloud,cloudmonitor} \u0026amp;\u0026gt;/dev/null rm -rf /lib/systemd/system/aliyun.service \u0026amp;\u0026gt;/dev/null mkdir /usr/local/{aegis,cloudmonitor,qcloud} killall -9 sgagent \u0026amp;\u0026gt;/dev/null killall -9 barad_agent \u0026amp;\u0026gt;/dev/null killall -9 aliyun_assist_update \u0026amp;\u0026gt;/dev/null killall -9 aliyun_assist_update \u0026amp;\u0026gt;/dev/null killall -9 AliSecureCheckAdvanced \u0026amp;\u0026gt;/dev/null killall -9 CmsGoAgent.linux-amd64 \u0026amp;\u0026gt;/dev/null kill -9 `pidof YDLive` \u0026amp;\u0026gt;/dev/null kill -9 `pidof YDService` \u0026amp;\u0026gt;/dev/null kill -9 `pidof wrapper` \u0026amp;\u0026gt;/dev/null kill -9 `pidof AliYunDun` \u0026amp;\u0026gt;/dev/null kill -9 `pidof AliYunDunUpdate` \u0026amp;\u0026gt;/dev/null Don\u0026rsquo;t forget to enable your firewall to block the untrust access.\nI am using the ufw to controll the firewall rules.\napt install ufw ufw enable vi /etc/default/ufw # make sure IPV6=yes is actived ufw default deny incoming # default deny all incoming connecttion ufw default allow outgoing # default allow all outgoing connection ufw allow 22/tcp # this is very important, don\u0026#39;t forget this. after you do some basic configurations with the ufw, you should block all Aliyun\u0026rsquo;s IPs.\nvi /etc/ufw/before.rules find ** # End required lines** , add the following contents into it.\n-A ufw-before-input -s 140.205.201.0/24 -j DROP -A ufw-before-input -s 140.205.201.0/28 -j DROP -A ufw-before-input -s 140.205.201.16/29 -j DROP -A ufw-before-input -s 140.205.201.32/28 -j DROP -A ufw-before-input -s 140.205.225.0/24 -j DROP -A ufw-before-input -s 140.205.225.192/29 -j DROP -A ufw-before-input -s 140.205.225.200/30 -j DROP -A ufw-before-input -s 140.205.225.184/29 -j DROP -A ufw-before-input -s 140.205.225.183/32 -j DROP -A ufw-before-input -s 140.205.225.206/32 -j DROP -A ufw-before-input -s 140.205.225.205/32 -j DROP -A ufw-before-input -s 140.205.225.195/32 -j DROP -A ufw-before-input -s 140.205.225.204/32 -j DROP -A ufw-before-input -s 106.11.224.0/26 -j DROP -A ufw-before-input -s 106.11.224.64/26 -j DROP -A ufw-before-input -s 106.11.224.128/26 -j DROP -A ufw-before-input -s 106.11.224.192/26 -j DROP -A ufw-before-input -s 106.11.222.64/26 -j DROP -A ufw-before-input -s 106.11.222.128/26 -j DROP -A ufw-before-input -s 106.11.222.192/26 -j DROP -A ufw-before-input -s 106.11.223.0/26 -j DROP -A ufw-before-input -s 112.124.127.224 -j DROP -A ufw-before-input -s 112.124.127.44 -j DROP -A ufw-before-input -s 112.124.127.64 -j DROP -A ufw-before-input -s 112.124.127.53 -j DROP -A ufw-before-input -s 120.26.216.168 -j DROP -A ufw-before-input -s 120.26.64.126 -j DROP -A ufw-before-input -s 121.43.107.174 -j DROP -A ufw-before-input -s 121.43.107.176 -j DROP -A ufw-before-input -s 121.41.117.242 -j DROP -A ufw-before-input -s 121.40.130.38 -j DROP -A ufw-before-input -s 121.41.112.148 -j DROP -A ufw-before-input -s 115.29.112.222 -j DROP -A ufw-before-input -s 115.28.203.70 -j DROP -A ufw-before-input -s 42.96.189.63 -j DROP -A ufw-before-input -s 115.29.113.101 -j DROP -A ufw-before-input -s 120.27.40.113 -j DROP -A ufw-before-input -s 115.28.171.22 -j DROP -A ufw-before-input -s 115.28.189.208 -j DROP -A ufw-before-input -s 121.42.196.232 -j DROP -A ufw-before-input -s 115.28.26.13 -j DROP -A ufw-before-input -s 120.27.47.144 -j DROP -A ufw-before-input -s 120.27.47.33 -j DROP -A ufw-before-input -s 112.126.74.55 -j DROP -A ufw-before-input -s 182.92.148.207 -j DROP -A ufw-before-input -s 182.92.1.233 -j DROP -A ufw-before-input -s 112.126.73.56 -j DROP -A ufw-before-input -s 123.56.138.37 -j DROP -A ufw-before-input -s 123.57.10.133 -j DROP -A ufw-before-input -s 112.126.75.174 -j DROP -A ufw-before-input -s 182.92.157.118 -j DROP -A ufw-before-input -s 112.126.75.221 -j DROP -A ufw-before-input -s 182.92.69.212 -j DROP -A ufw-before-input -s 10.153.174.11 -j DROP -A ufw-before-input -s 10.153.175.147 -j DROP -A ufw-before-input -s 10.153.175.146 -j DROP -A ufw-before-input -s 110.75.0.0/16 -j DROP -A ufw-before-input -s 42.120.0.0/16 -j DROP don\u0026rsquo;f forget reload your firewall with ufw.\nufw reload Now you can do anything you want.\n","permalink":"https://leijingwei.com/posts/remove-and-block-aliyun/","summary":"Before you install your proxy app on Aliyun ECS, you should do something to block the aliyun\u0026rsquo;s built-in services.\nrm -rf /etc/motd \u0026amp;\u0026gt;/dev/null rm -fr /usr/local/{aegis,qcloud,cloudmonitor} \u0026amp;\u0026gt;/dev/null rm -rf /lib/systemd/system/aliyun.service \u0026amp;\u0026gt;/dev/null mkdir /usr/local/{aegis,cloudmonitor,qcloud} killall -9 sgagent \u0026amp;\u0026gt;/dev/null killall -9 barad_agent \u0026amp;\u0026gt;/dev/null killall -9 aliyun_assist_update \u0026amp;\u0026gt;/dev/null killall -9 aliyun_assist_update \u0026amp;\u0026gt;/dev/null killall -9 AliSecureCheckAdvanced \u0026amp;\u0026gt;/dev/null killall -9 CmsGoAgent.linux-amd64 \u0026amp;\u0026gt;/dev/null kill -9 `pidof YDLive` \u0026amp;\u0026gt;/dev/null kill -9 `pidof YDService` \u0026amp;\u0026gt;/dev/null kill -9 `pidof wrapper` \u0026amp;\u0026gt;/dev/null kill -9 `pidof AliYunDun` \u0026amp;\u0026gt;/dev/null kill -9 `pidof AliYunDunUpdate` \u0026amp;\u0026gt;/dev/null Don\u0026rsquo;t forget to enable your firewall to block the untrust access.","title":"Remove and Block Aliyun"},{"content":"ffmpeg -version ffmpeg -i input.mp3 -t 30 output.mp3 ffmpeg -i input.mp3 -ss 00:00:04 -t 30 output.mp3 ","permalink":"https://leijingwei.com/posts/how-to-use-ffmpeg/","summary":"ffmpeg -version ffmpeg -i input.mp3 -t 30 output.mp3 ffmpeg -i input.mp3 -ss 00:00:04 -t 30 output.mp3 ","title":"How to Use Ffmpeg"},{"content":"hugo installlation brew install hugo hugo create site hugo new site leijingwei # a folder leijingwei will be created with a config.toml file hugo new site leijingwei -f yml # a folder leijingwei will be created with a config.yml file add a theme to your site Go to the https://themes.gohugo.io/ , find your favourite theme.\nhugo create post You will use this command to create a new post.\nhugo new posts/new-post.md And you will use the following contents to edit your post.\ntitle: \u0026#34;A New Start\u0026#34; draft: true author: \u0026#34;Jingwei Lei\u0026#34; date: 2022-10-07T01:45:59+08:00 description: \u0026#34;This is description\u0026#34; tags: [\u0026#34;markdown\u0026#34;, \u0026#34;css\u0026#34;, \u0026#34;html\u0026#34;, \u0026#34;themes\u0026#34;] categories: [\u0026#34;themes\u0026#34;, \u0026#34;syntax\u0026#34;] series: [\u0026#34;Themes Guide\u0026#34;] aliases: [\u0026#34;migrate-from-jekyl\u0026#34;] ShowToc: true TocOpen: true hugo generate static files hugo -D other hugo commands hugo server -D ","permalink":"https://leijingwei.com/posts/hugo-quick-start/","summary":"hugo installlation brew install hugo hugo create site hugo new site leijingwei # a folder leijingwei will be created with a config.toml file hugo new site leijingwei -f yml # a folder leijingwei will be created with a config.yml file add a theme to your site Go to the https://themes.gohugo.io/ , find your favourite theme.\nhugo create post You will use this command to create a new post.\nhugo new posts/new-post.","title":"Hugo Quick Start"},{"content":"Step 1 Create the RSA Key Pair The first step is to create a key pair on the client machine (usually your computer):\nssh-keygen By default ssh-keygen will create a 3072-bit RSA key pair, which is secure enough for most use cases (you may optionally pass in the -b 4096 flag to create a larger 4096-bit key).\nAfter entering the command, you should see the following output:\nOutputGenerating public/private rsa key pair. Enter file in which to save the key (/your_home/.ssh/id_rsa): Press enter to save the key pair into the .ssh/ subdirectory in your home directory, or specify an alternate path.\nIf you had previously generated an SSH key pair, you may see the following prompt:\nOutput/home/your_home/.ssh/id_rsa already exists. Overwrite (y/n)? Warning: If you choose to overwrite the key on disk, you will not be able to authenticate using the previous key anymore. Be very careful when selecting yes, as this is a destructive process that cannot be reversed.\nYou should then see the following prompt:\nOutputEnter passphrase (empty for no passphrase): Here you optionally may enter a secure passphrase, which is highly recommended. A passphrase adds an additional layer of security to prevent unauthorized users from logging in. To learn more about security, consult our tutorial on How To Configure SSH Key-Based Authentication on a Linux Server.\nYou should then see the following output:\nOutputYour identification has been saved in /your_home/.ssh/id_rsa. Your public key has been saved in /your_home/.ssh/id_rsa.pub. The key fingerprint is: SHA256:5E2BtTN9FHPBNoRXAB/EdjtHNYOHzTBzG5qUv7S3hyM root@debian-suricata The key\u0026#39;s randomart image is: +---[RSA 3072]----+ | oo .O^XB| | . +.BO%B| | . = .+B+o| | o o o . =.| | S . . =| | o.| | .o| | E o..| | . ..| +----[SHA256]-----+ You now have a public and private key that you can use to authenticate. The next step is to place the public key on your server so that you can use SSH-key-based authentication to log in.\nStep 2 - Copy the Public Key to Debian Server The quickest way to copy your public key to the Debian host is to use a utility called ssh-copy-id. Due to its simplicity, this method is highly recommended if available. If you do not have ssh-copy-id available to you on your client machine, you may use one of the two alternate methods provided in this section (copying via password-based SSH, or manually copying the key).\nCopying Public Key Using ssh-copy-id The ssh-copy-id tool is included by default in many operating systems, so you may have it available on your local system. For this method to work, you must already have password-based SSH access to your server.\nTo use the utility, you simply need to specify the remote host that you would like to connect to and the user account that you have password SSH access to. This is the account to which your public SSH key will be copied.\nThe syntax is:\nssh-copy-id username@remote_host You may see the following message:\nOutputThe authenticity of host \u0026#39;203.0.113.1 (203.0.113.1)\u0026#39; can\u0026#39;t be established. ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe. Are you sure you want to continue connecting (yes/no)? yes This means that your local computer does not recognize the remote host. This will happen the first time you connect to a new host. Type “yes” and press ENTER to continue.\nNext, the utility will scan your local account for the id_rsa.pub key that we created earlier. When it finds the key, it will prompt you for the password of the remote user’s account:\nOutput/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys username@203.0.113.1\u0026#39;s password: Type in the password (your typing will not be displayed for security purposes) and press ENTER. The utility will connect to the account on the remote host using the password you provided. It will then copy the contents of your ~/.ssh/id_rsa.pub key into a file in the remote account’s home ~/.ssh directory called authorized_keys.\nYou should see the following output:\nOutputNumber of key(s) added: 1 Now try logging into the machine, with: \u0026#34;ssh \u0026#39;username@203.0.113.1\u0026#39;\u0026#34; and check to make sure that only the key(s) you wanted were added. At this point, your id_rsa.pub key has been uploaded to the remote account. You can continue on to Step 3.\nCopying Public Key Using SSH If you do not have ssh-copy-id available, but you have password-based SSH access to an account on your server, you can upload your keys using a conventional SSH method.\nWe can do this by using the cat command to read the contents of the public SSH key on our local computer and piping that through an SSH connection to the remote server.\nOn the other side, we can make sure that the ~/.ssh directory exists and has the correct permissions under the account we’re using.\nWe can then output the content we piped over into a file called authorized_keys within this directory. We’ll use the \u0026gt;\u0026gt; redirect symbol to append the content instead of overwriting it. This will let us add keys without destroying previously added keys.\nThe full command looks like this:\ncat ~/.ssh/id_rsa.pub | ssh username@remote_host \u0026#34;mkdir -p ~/.ssh \u0026amp;\u0026amp; touch ~/.ssh/authorized_keys \u0026amp;\u0026amp; chmod -R go= ~/.ssh \u0026amp;\u0026amp; cat \u0026gt;\u0026gt; ~/.ssh/authorized_keys\u0026#34; You may see the following message:\nOutputThe authenticity of host \u0026#39;203.0.113.1 (203.0.113.1)\u0026#39; can\u0026#39;t be established. ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe. Are you sure you want to continue connecting (yes/no)? yes This means that your local computer does not recognize the remote host. This will happen the first time you connect to a new host. Type “yes” and press ENTER to continue.\nAfterwards, you should be prompted to enter the remote user account password:\nOutputusername@203.0.113.1\u0026#39;s password: After entering your password, the content of your id_rsa.pub key will be copied to the end of the authorized_keys file of the remote user’s account. Continue on to Step 3 if this was successful.\nCopying Public Key Manually If you do not have password-based SSH access to your server available, you will have to complete the above process manually.\nWe will manually append the content of your id_rsa.pub file to the ~/.ssh/authorized_keys file on your remote machine.\nTo display the content of your id_rsa.pub key, type this into your local computer:\ncat ~/.ssh/id_rsa.pub You will see the key’s content, which should look something like this:\nOutputssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDgkLJ8d2gGEJCN7xdyVaDqk8qgeZqQ0MlfoPK3TzWI5dkG0WiZ16jrkiW/h6lhO9K1w89VDMnmNN9ULOWHrZMNs//Qyv/oN+FLIgK2CkKXRxTmbh/ZGnqOm3Zo2eU+QAmjb8hSsstQ3DiuGu8tbiWmsa3k3jKbWNWpXqY3Q88t+bM1DZrHwYzaIZ1BSA1ghqHCvIZqeP9IUL2l2DUfSCT9LXJEgMQhgjakJnzEGPgd5VHMR32rVrbIbbDzlyyoZ7SpCe5y0vYvbV2JKWI/8SEOmwehEHJ9RBZmciwc+1sdEcAJVMDujb9p5rX4hyvFpG0KGhZesB+/s7PdOa8zlIg4TZhXUHl4t1jpPC83Y9KEwS/Ni4dhaxlnr3T6l5hUX2cD+eWl1vVpogBqKNGBMrVR4dWs3Z4BVUf9exqTRRYOfgo0UckULqW5pmLW07JUuGo1kpFAxpDBPFWoPsg08CGRdEUS7ScRnMK1KdcH54kUZr0O88SZOsv9Zily/A5GyNM= demo@test Access your remote host using whichever method you have available.\nOnce you have access to your account on the remote server, you should make sure the ~/.ssh directory exists. This command will create the directory if necessary, or do nothing if it already exists:\nmkdir -p ~/.ssh Now, you can create or modify the authorized_keys file within this directory. You can add the contents of your id_rsa.pub file to the end of the authorized_keys file, creating it if necessary, using this command:\necho public_key_string \u0026gt;\u0026gt; ~/.ssh/authorized_keys In the above command, substitute the public_key_string with the output from the cat ~/.ssh/id_rsa.pub command that you executed on your local system. It should start with ssh-rsa AAAA....\nFinally, we’ll ensure that the ~/.ssh directory and authorized_keys file have the appropriate permissions set:\nchmod -R go= ~/.ssh This recursively removes all “group” and “other” permissions for the ~/.ssh/ directory.\nIf you’re using the root account to set up keys for a user account, it’s also important that the ~/.ssh directory belongs to the user and not to root:\nchown -R sammy:sammy ~/.ssh In this tutorial our user is named sammy but you should substitute the appropriate username into the above command.\nYou can now attempt passwordless authentication with your Debian server.\nStep 3 — Authenticate to Debian Server Using SSH Keys If you have successfully completed one of the procedures above, you should be able to log into the remote host without the remote account’s password.\nThe general process is the same:\nssh username@remote_host If this is your first time connecting to this host (if you used the last method above), you may see something like this:\nOutputThe authenticity of host \u0026#39;203.0.113.1 (203.0.113.1)\u0026#39; can\u0026#39;t be established. ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe. Are you sure you want to continue connecting (yes/no)? yes This means that your local computer does not recognize the remote host. Type “yes” and then press ENTER to continue.\nIf you did not supply a passphrase for your private key, you will be logged in immediately. If you supplied a passphrase for the private key when you created the key, you will be prompted to enter it now (note that your keystrokes will not display in the terminal session for security). After authenticating, a new shell session should open for you with the configured account on the Debian server.\nIf key-based authentication was successful, continue on to learn how to further secure your system by disabling password authentication.\nStep 4 — Disable Password Authentication on your Server If you were able to log into your account using SSH without a password, you have successfully configured SSH-key-based authentication to your account. However, your password-based authentication mechanism is still active, meaning that your server is still exposed to brute-force attacks.\nBefore completing the steps in this section, make sure that you either have SSH-key-based authentication configured for the root account on this server, or preferably, that you have SSH-key-based authentication configured for a non-root account on this server with sudo privileges. This step will lock down password-based logins, so ensuring that you will still be able to get administrative access is crucial.\nOnce you’ve confirmed that your remote account has administrative privileges, log into your remote server with SSH keys, either as root or with an account with sudo privileges. Then, open up the SSH daemon’s configuration file:\nsudo nano /etc/ssh/sshd_config Inside the file, search for a directive called PasswordAuthentication. This may be commented out. Uncomment the line and set the value to “no”. This will disable your ability to log in via SSH using account passwords:\n/etc/ssh/sshd_config\n... PasswordAuthentication no ... Save and close the file when you are finished by pressing CTRL + X, then Y to confirm saving the file, and finally ENTER to exit nano. To actually implement these changes, we need to restart the sshd service:\nsudo systemctl restart ssh As a precaution, open up a new terminal window and test that the SSH service is functioning correctly before closing this session:\nssh username@remote_host Once you have verified your SSH service, you can safely close all current server sessions.\nThe SSH daemon on your Debian server now only responds to SSH keys. Password-based authentication has successfully been disabled.\nConclusion You should now have SSH-key-based authentication configured on your server, allowing you to sign in without providing an account password.\n","permalink":"https://leijingwei.com/posts/how-to-set-up-ssh-keys-on-debian-11/","summary":"Step 1 Create the RSA Key Pair The first step is to create a key pair on the client machine (usually your computer):\nssh-keygen By default ssh-keygen will create a 3072-bit RSA key pair, which is secure enough for most use cases (you may optionally pass in the -b 4096 flag to create a larger 4096-bit key).\nAfter entering the command, you should see the following output:\nOutputGenerating public/private rsa key pair.","title":"How to set up ssh keys on debian 11"},{"content":"Basic Usage gunicorn [OPTIONS] [WSGI_APP] The general format of WSGI_APP here is the module name plus the variable name. After version 20.1.0, this place became a config file. For example: the file name is test.py\ndef app(environ, start_response): \u0026#34;\u0026#34;\u0026#34;Simplest possible application object\u0026#34;\u0026#34;\u0026#34; data = b\u0026#39;Hello, World!\\n\u0026#39; status = \u0026#39;200 OK\u0026#39; response_headers = [ (\u0026#39;Content-type\u0026#39;, \u0026#39;text/plain\u0026#39;), (\u0026#39;Content-Length\u0026#39;, str(len(data))) ] start_response(status, response_headers) return iter([data]) At this point you want to start the program with the following command:\ngunicorn --workers=2 test:app The variable name here can also be a function call. For example, the above example can be changed to this:\ndef create_app(): app = FrameworkApp() ... return app Calling it like this has the same effect:\ngunicorn --workers=2 \u0026#39;test:create_app()\u0026#39; Common configuration parameters -c CONFIG, \u0026ndash;config=CONFIG [Define the path to the configuration file] -b BIND, \u0026ndash;bind=BIND [Define the server communication address and port] -w WORKERS, \u0026ndash;workers=WORKERS [Define the number of worker processes, which is about 2-4 per CPU configuration] -k WORKERCLASS \u0026ndash;worker-class=WORKERCLASS [What type of worker process to run. Can be set to one of (sync, eventlet, gevent, tornado, gthread.sync).] -n APP_NAME, \u0026ndash;name=APP_NAME [If enabled, you can set the process name.] For other parameters, please refer to the official documentation. Intergration Django If not defined, gunicorn will automatically call a WSGI application, such as a typical Django program. The format of gunicorn is as follows:\ngunicorn myproject.wsgi It\u0026rsquo;s pretty easy to deploy. It should be noted above that your project should be in the python PATH. The easiest way is to put it in the same directory as manage.py in the Django directory.\nThere is also a configuration, which can directly configure the content in Django settings:\ngunicorn --env DJANGO_SETTINGS_MODULE=myproject.settings myproject.wsgi Paste and deployment gunicorn --paste development.ini -b :8080 --chdir /path/to/project gunicorn --paste development.ini#admin -b :8080 --chdir /path/to/project ","permalink":"https://leijingwei.com/posts/gunicorn-running/","summary":"Basic Usage gunicorn [OPTIONS] [WSGI_APP] The general format of WSGI_APP here is the module name plus the variable name. After version 20.1.0, this place became a config file. For example: the file name is test.py\ndef app(environ, start_response): \u0026#34;\u0026#34;\u0026#34;Simplest possible application object\u0026#34;\u0026#34;\u0026#34; data = b\u0026#39;Hello, World!\\n\u0026#39; status = \u0026#39;200 OK\u0026#39; response_headers = [ (\u0026#39;Content-type\u0026#39;, \u0026#39;text/plain\u0026#39;), (\u0026#39;Content-Length\u0026#39;, str(len(data))) ] start_response(status, response_headers) return iter([data]) At this point you want to start the program with the following command:","title":"03 Gunicorn running"},{"content":"Installation Requirement :Python 3.x \u0026gt;= 3.5 Install the latest gunicorn with the command as below:\npip install gunicorn Installation from source code pip install git+https://github.com/benoitc/gunicorn.git Installation DEV version from source code\npip install -U git+https://github.com/benoitc/gunicorn.git Async Workers If your application code may need to pause for a long time during request processing, you may also need to install Eventlet or Gevent. Check out the design documentation for details on when one of the other assist types needs to be considered.\n$ pip install greenlet # Required for both $ pip install eventlet # For eventlet workers $ pip install gunicorn[eventlet] # Or, using extra $ pip install gevent # For gevent workers $ pip install gunicorn[gevent] # Or, using extra Both will automatically install greenlet. If the installation fails, check if python-dev or libevent is installed.\nExtra package Some gunicorn options require additional package files, which you can install with [extra] when installing gunicorn.\ngunicorn[eventlet] - Eventlet-based greenlets workers gunicorn[gevent] - Gevent-based greenlets workers gunicorn[gthread] - Threaded workers gunicorn[tornado] - Tornado-based workers, not recommended(不推荐) If you run more than one instance of gunicorn, proc_name can help you to distinguish between ps or top commands.\ngunicorn[setproctitle] - set the name of the process You can use several expansion packs together, as follows: pip install gunicorn[gevent,setproctitle] ","permalink":"https://leijingwei.com/posts/gunicorn-installation/","summary":"Installation Requirement :Python 3.x \u0026gt;= 3.5 Install the latest gunicorn with the command as below:\npip install gunicorn Installation from source code pip install git+https://github.com/benoitc/gunicorn.git Installation DEV version from source code\npip install -U git+https://github.com/benoitc/gunicorn.git Async Workers If your application code may need to pause for a long time during request processing, you may also need to install Eventlet or Gevent. Check out the design documentation for details on when one of the other assist types needs to be considered.","title":"02 Gunicorn installation"},{"content":"About Gunicorn is the abbreviation of Green Unicorn, a WSGI Http server for Python under Unix systems. Its advantage is that it is relatively simple and easy to use on other web frameworks, such as flask, Django, etc.\nInstall \u0026amp; Start pip install gunicorn Install gunicorn using the above command, then write a simple python script to start the service\n# myapp.py def app(environ, start_response): data = b\u0026#34;Hello, World!\\n\u0026#34; start_response(\u0026#34;200 OK\u0026#34;,[(\u0026#34;Content-Type\u0026#34;,\u0026#34;text/plain\u0026#34;),(\u0026#34;Content-Length\u0026#34;,str(len(data)))]) return iter([data]) # Start: gunicorn -w 4 myapp:app Console output:\n[2021-04-11 20:59:22 +0800] [32842] [INFO] Starting gunicorn 20.1.0 [2021-04-11 20:59:22 +0800] [32842] [INFO] Listening at: http://127.0.0.1:8000 (32842) [2021-04-11 20:59:22 +0800] [32842] [INFO] Using worker: sync [2021-04-11 20:59:22 +0800] [32844] [INFO] Booting worker with pid: 32844 [2021-04-11 20:59:22 +0800] [32845] [INFO] Booting worker with pid: 32845 [2021-04-11 20:59:22 +0800] [32846] [INFO] Booting worker with pid: 32846 [2021-04-11 20:59:22 +0800] [32847] [INFO] Booting worker with pid: 32847 Deploy Gunicorn is a WSGI HTTP server. When using Gunicorn, it is best to put it behind an HTTP proxy server. The official recommendation is to use Nginx. A simple Nginx configuration is as follows:\nserver { listen 80; server_name example.org; access_log /var/log/nginx/example.log; location / { proxy_pass http://127.0.0.1:8000; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } Here, Nginx is set up as a reverse proxy server for the Gunicorn server running on localhost port 8000.\n","permalink":"https://leijingwei.com/posts/the-usage-of-gunicorn/","summary":"About Gunicorn is the abbreviation of Green Unicorn, a WSGI Http server for Python under Unix systems. Its advantage is that it is relatively simple and easy to use on other web frameworks, such as flask, Django, etc.\nInstall \u0026amp; Start pip install gunicorn Install gunicorn using the above command, then write a simple python script to start the service\n# myapp.py def app(environ, start_response): data = b\u0026#34;Hello, World!\\n\u0026#34; start_response(\u0026#34;200 OK\u0026#34;,[(\u0026#34;Content-Type\u0026#34;,\u0026#34;text/plain\u0026#34;),(\u0026#34;Content-Length\u0026#34;,str(len(data)))]) return iter([data]) # Start: gunicorn -w 4 myapp:app Console output:","title":"01 Gunicorn quick start"},{"content":"I can not write this in Chinese , but I really want to write it down .\nfirst please get an ECS or VPS which can visit the world outside of the wall.\nCentOS 7.x + Debian Ubuntu 18.x + i choose Cent OS 8.3, so the following content is based on Cent OS 8.\nsecond download the installation script by this command.\ncurl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh then you will get a file which named \u0026lsquo;install-release.sh\u0026rsquo;\nrun this script.\nbash install-release.sh third after the installation , we should do some configuration for v2ray.\nadd the v2ray service to startup list systemctl enable v2ray start the v2ray service systemctl start v2ray fourth at last , we should config our server and client.\nunluckly , most people don\u0026rsquo;t know how to set the configration file. Actually , there is no need to know too much about it , you just need to know how to copy and modify my code.\nfor server the config.json file is located in /usr/local/etc/v2ray/ here.\n{ \u0026#34;log\u0026#34;:{ \u0026#34;loglevel\u0026#34;:\u0026#34;warnning\u0026#34;, \u0026#34;access\u0026#34;:\u0026#34;/var/log/v2ray/access.log\u0026#34;, \u0026#34;error\u0026#34;:\u0026#34;/var/log/v2ray/error.log\u0026#34; }, \u0026#34;inbounds\u0026#34;: [ { \u0026#34;port\u0026#34;: 1027, \u0026#34;protocol\u0026#34;: \u0026#34;vmess\u0026#34;, \u0026#34;settings\u0026#34;: { \u0026#34;clients\u0026#34;: [ { \u0026#34;id\u0026#34;: \u0026#34;39f91024-f331-46d8-90e5-4046a05bea77\u0026#34;, \u0026#34;alterId\u0026#34;: 64 } ] } } ], \u0026#34;outbounds\u0026#34;: [ { \u0026#34;protocol\u0026#34;: \u0026#34;freedom\u0026#34;, \u0026#34;settings\u0026#34;: {} } ] } for client { \u0026#34;log\u0026#34;: { \u0026#34;error\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;loglevel\u0026#34;: \u0026#34;info\u0026#34;, \u0026#34;access\u0026#34;: \u0026#34;\u0026#34; }, \u0026#34;inbounds\u0026#34;: [ { \u0026#34;listen\u0026#34;: \u0026#34;127.0.0.1\u0026#34;, \u0026#34;protocol\u0026#34;: \u0026#34;socks\u0026#34;, \u0026#34;settings\u0026#34;: { \u0026#34;udp\u0026#34;: false, \u0026#34;auth\u0026#34;: \u0026#34;noauth\u0026#34; }, \u0026#34;port\u0026#34;: \u0026#34;1080\u0026#34; }, { \u0026#34;listen\u0026#34;: \u0026#34;127.0.0.1\u0026#34;, \u0026#34;protocol\u0026#34;: \u0026#34;http\u0026#34;, \u0026#34;settings\u0026#34;: { \u0026#34;timeout\u0026#34;: 360 }, \u0026#34;port\u0026#34;: \u0026#34;1087\u0026#34; } ], \u0026#34;outbounds\u0026#34;: [ { \u0026#34;mux\u0026#34;: { \u0026#34;enabled\u0026#34;: false, \u0026#34;concurrency\u0026#34;: 8 }, \u0026#34;protocol\u0026#34;: \u0026#34;vmess\u0026#34;, \u0026#34;streamSettings\u0026#34;: { \u0026#34;tcpSettings\u0026#34;: { \u0026#34;header\u0026#34;: { \u0026#34;type\u0026#34;: \u0026#34;none\u0026#34; } }, \u0026#34;tlsSettings\u0026#34;: { \u0026#34;allowInsecure\u0026#34;: true }, \u0026#34;security\u0026#34;: \u0026#34;none\u0026#34;, \u0026#34;network\u0026#34;: \u0026#34;tcp\u0026#34; }, \u0026#34;tag\u0026#34;: \u0026#34;proxy\u0026#34;, \u0026#34;settings\u0026#34;: { \u0026#34;vnext\u0026#34;: [ { \u0026#34;address\u0026#34;: \u0026#34;8.210.228.39\u0026#34;, \u0026#34;users\u0026#34;: [ { \u0026#34;id\u0026#34;: \u0026#34;39f91024-f331-46d8-90e5-4046a05bea77\u0026#34;, \u0026#34;alterId\u0026#34;: 64, \u0026#34;level\u0026#34;: 0, \u0026#34;security\u0026#34;: \u0026#34;auto\u0026#34; } ], \u0026#34;port\u0026#34;: 1027 } ] } } ], \u0026#34;dns\u0026#34;: {}, \u0026#34;routing\u0026#34;: { \u0026#34;settings\u0026#34;: { \u0026#34;domainStrategy\u0026#34;: \u0026#34;AsIs\u0026#34;, \u0026#34;rules\u0026#34;: [] } }, \u0026#34;transport\u0026#34;: {} } you just need to change the id ,port and IP address to your owns, but make sure that client are the same with server.\nto get the uuid ,you can use this command on Cent OS.\ncat /proc/sys/kernel/random/uuid or you can visit the website to get one uuid.\nuuid generator\nfifth done.\n","permalink":"https://leijingwei.com/posts/install-v2ray/","summary":"I can not write this in Chinese , but I really want to write it down .\nfirst please get an ECS or VPS which can visit the world outside of the wall.\nCentOS 7.x + Debian Ubuntu 18.x + i choose Cent OS 8.3, so the following content is based on Cent OS 8.\nsecond download the installation script by this command.\ncurl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh then you will get a file which named \u0026lsquo;install-release.","title":"Install V2ray"},{"content":"Add the repo of University of Science and Technology of China vim /etc/yum.repos.d/nginx.repo Add the contents to the file:\n[nginx-mainline] name=nginx mainline repo baseurl=http://mirrors.ustc.edu.cn/nginx/mainline/centos/$releasever/$basearch/ gpgcheck=0 enabled=1 module_hotfixes=true Update the nginx yum update nginx Check the version of the nginx nginx -v ","permalink":"https://leijingwei.com/posts/nginx-update-centos8/","summary":"Add the repo of University of Science and Technology of China vim /etc/yum.repos.d/nginx.repo Add the contents to the file:\n[nginx-mainline] name=nginx mainline repo baseurl=http://mirrors.ustc.edu.cn/nginx/mainline/centos/$releasever/$basearch/ gpgcheck=0 enabled=1 module_hotfixes=true Update the nginx yum update nginx Check the version of the nginx nginx -v ","title":"CentOS 8.3 upgrade default nginx"}]