分类目录归档:Software

在Microsoft Word 2016/2019中保留页面顶部段落的段前间距

首先我们启用文档的兼容性模式:

  1. 按Alt+F11打开VBA编辑器
  2. 选择View菜单->Immediate Window,或者使用快捷键Ctrl+G
  3. 输入ActiveDocument.SetCompatibilityMode 14回车
  4. 关闭VBA编辑器

然后给页面顶端的段落设置一下段前分页即可。


参考:

Sourcegraph Docker安装和配置Azure AD登录

Sourcegraph

暂时用systemd来管理Docker service。因为我们要用Nginx来做反代,所有端口都监听本地即可。

[Unit]
Description=Sourcegraph
Requires=docker.service
Conflicts=systemd-resolved.service,dnsdist.service

[Service]
ExecStart=/usr/bin/docker run --name=sourcegraph --publish 127.0.0.1:7080:7080 --publish 127.0.0.1:2633:2633 --rm --volume /etc/sourcegraph:/etc/sourcegraph --volume /var/lib/sourcegraph/data:/var/opt/sourcegraph sourcegraph/server:3.3.5
ExecStop=/usr/bin/docker stop sourcegraph
ExecReload=/usr/bin/docker restart sourcegraph
TimeoutStartSec=infinity

[Install]
WantedBy=multi-user.target

Nginx SSL卸载

证书签发的问题就不细讲了,以certbot自动签发为例。涉及的文件参见oh-my-nginx

# 主站
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name sourcegraph.example.com;

    ssl_certificate     /etc/letsencrypt/live/sourcegraph.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/sourcegraph.example.com/privkey.pem;

    location / {
        proxy_pass http://127.0.0.1:7080;
        include conf.d/templates/proxy-default.conf;
        include conf.d/templates/transparent-proxy.conf;
    }

    include conf.d/templates/ssl.conf;
    include conf.d/templates/performance.conf;
    include conf.d/templates/security.conf;
}

# 管理控制台
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name sourcegraph-mgmt-console.example.com;

    ssl_certificate     /etc/letsencrypt/live/sourcegraph-mgmt-console.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/sourcegraph-mgmt-console.example.com/privkey.pem;
    
    location / {
        proxy_pass https://127.0.0.1:2633;
        include conf.d/templates/proxy-default.conf;
        include conf.d/templates/transparent-proxy.conf;
    }

    include conf.d/templates/ssl.conf;
    include conf.d/templates/performance.conf;
    include conf.d/templates/security.conf;
}

创建管理员

打开sourcegraph.example.com,创建一个管理员账号。如果你之后想合并这个账号和Azure AD账号,可以使用你的sAMAccountName作为用户名,并且添加一个userPrincipleName作为邮箱地址。

设置Azure AD登录

那这里我们还是用OpenID Connect登录流程。首先去Azure AD创建新应用程序,callback URL填写:

  • https://sourcegraph.example.com/.auth/callback

拿到:

  • tenant ID
  • client ID
  • client secret

然后打开Sourcegraph的管理控制台(用户名随便填,密码在第一次启动的时候log会打出来),填入:

{
  "externalURL": "https://sourcegraph.example.com",
  "auth.providers": [
    {
      "type": "builtin",
      "allowSignup": false
    },
    {
      "type": "openidconnect",
      "displayName": "Azure AD",
      "issuer": "https://login.microsoftonline.com/{tenant_id}/v2.0",
      "clientID": "{client_id}",
      "clientSecret": "{client_secret}"
    }
  ],
}

这里需要注意的是externalURL要准确填写。完成以后重启一下Sourcegraph以使externalURL生效。

添加Azure DevOps的Git repo

在External Services里面添加一个Single Git repositories,填入:

{
  "url": "https://{org_name}:{your_access_token}@dev.azure.com/{org_name}/",
  "repos": [
    "{project_name}/_git/{repo_name}"
  ]
}

注意Sourcegraph目前不支持project name中出现空格,详见sourcegraph/issues/2867

Grafana使用Azure Active Directory的OAuth2登录

首先在Azure Portal创建应用。

Azure AD -> App registrations -> New application registration,Display name 随便填,Reply URL 填http://example.com/login/generic_oauth(域名部分根据你的真实情况填写)。点创建。创建完成后,前往Settings -> Keys,在Password表中随便填一个description,expires选Never expires,点保存,value中会显示一个随机字符串key,记下这个字符串。

然后你需要复制:

  • Azure AD的GUID(点击Portal右上角Directory + subscription后可以看到)
  • 你刚创建的应用的Application ID(在Registered app页面可以看到)
  • Secret,即你刚创建的Key

接着编辑Grafana配置文件/etc/grafana/grafana.ini

#################################### Generic OAuth ##########################
[auth.generic_oauth]
enabled = true
name = Azure AD
allow_sign_up = true
client_id = <Application GUID>
client_secret = <Secret>
scopes = openid email name
auth_url = https://login.microsoftonline.com/<Directory GUID>/oauth2/authorize
token_url = https://login.microsoftonline.com/<Directory GUID>/oauth2/token
api_url = 
team_ids =
allowed_organizations =
;tls_skip_verify_insecure = false
;tls_client_cert =
;tls_client_key =
;tls_client_ca =

; Set to true to enable sending client_id and client_secret via POST body instead of Basic authentication HTTP header
; This might be required if the OAuth provider is not RFC6749 compliant, only supporting credentials passed via POST payload
;send_client_credentials_via_post = false

重启Grafana,大功告成。

Enlighter语法高亮插件对Crayon Syntax Highlighter的兼容性设置

我用了很多年的Crayon Syntax Highlighter早已不再维护,WordPress 5.0带来新的Gutenberg编辑器后,因为API的变更,这一古老的插件已经事实上完全无法使用了。今天我在插件目录搜索了一下新的语法高亮插件,就看到了更新相当及时的Enlighter。经过对插件设置的研究,我发现它提供的自定义CSS Selector功能可以让之前用Crayon Syntax Highlighter创建的代码块也带上高亮功能。以下是设置方法。

继续阅读