Pages

Thursday, 31 March 2016

利用firebase.com开发app

Build Extraordinary Apps。

A powerful platform for your mobile or web application。

Let us take care of your infrastructure

Focus on your users


Firebase can power your app's backend, including data storage, user authentication, static hosting, and more. Focus on creating extraordinary user experiences. We'll take care of the rest.


BUILD FOR ANY DEVICE

Build cross-platform native mobile and web apps with our Android, iOS, and JavaScript SDKs. You can also connect Firebase to your existing backend using our server-side libraries。

from https://www.firebase.com/ 
https://www.firebase.com/pricing.html(有free plan)

相关帖子:"蒲公英"-发布应用,从未如此简单!

又是皮托管惹祸


又是皮托管惹祸。再者,这个土耳其机长也太差劲。副机长太尊重机长,未做其该做的事-推操纵杆,使机头向下,从而使飞机增速,避免失速的危险。

2009年6月1日,法航447航班坠毁也是皮托管惹的祸。(http://briteming.blogspot.com/2014/03/blog-post_10.html)

用nodejs搭建的html5播放器-APlayer


npm npm devDependency Status npm Travis %e2%9d%a4
Wow, such a beautiful html5 music player

Introduction

UI 参考网易云音乐外链播放器
Screenshot image

Install

$ npm install aplayer

Usage

HTML

<link rel="stylesheet" href="APlayer.min.css">
<!-- ... -->
<div id="player1" class="aplayer"></div>
<!-- ... -->
<script src="APlayer.min.js"></script>

JS

var ap = new APlayer({
    element: document.getElementById('player1'),
    narrow: false,
    autoplay: true,
    showlrc: false,
    theme: '#e6d0b2',
    music: {
        title: 'Preparation',
        author: 'Hans Zimmer/Richard Harvey',
        url: 'http://7xifn9.com1.z0.glb.clouddn.com/Preparation.mp3',
        pic: 'http://7xifn9.com1.z0.glb.clouddn.com/Preparation.jpg'
    }
});
ap.init();

Options

{
    element: document.getElementById('player1'),                       // Optional, player element
    narrow: false,                                                     // Optional, narrow style
    autoplay: true,                                                    // Optional, autoplay song(s), not supported by mobile browsers
    showlrc: false,                                                    // Optional, show lrc
    mutex: true,                                                       // Optional, pause other players when this player playing
    theme: '#e6d0b2',                                                  // Optional, theme color, default: #b7daff
    music: {                                                           // Required, music info
        title: 'Preparation',                                          // Required, music title
        author: 'Hans Zimmer/Richard Harvey',                          // Required, music author
        url: 'http://7xifn9.com1.z0.glb.clouddn.com/Preparation.mp3',  // Required, music url
        pic: 'http://7xifn9.com1.z0.glb.clouddn.com/Preparation.jpg'   // Optional, music picture
    }
}

API

  • ap.init()
  • ap.play()
  • ap.pause()

Work with module bundler

var APlayer = require('APlayer');
var ap = new APlayer({...});

With lrc

LRC format:

Support multiple time tag, support three decimal second
[mm:ss.xx]lyric
[mm:ss.xxx]lyric
[mm:ss.xx][mm:ss.xx][mm:ss.xx]lyric
...

HTML:

<link rel="stylesheet" href="APlayer.min.css">
<!-- ... -->
<div id="player1" class="aplayer">
    <pre class="aplayer-lrc-content">
        [ti:平凡之路]
        [ar:朴树]
        [al:《后会无期》主题歌]
        [by:周敏]

        [00:00.00]平凡之路 - 朴树
        [00:04.01]作词:韩寒 朴树
        [00:08.02]作曲:朴树 编曲:朴树
        [00:12.02]徘徊着的 在路上的
        [00:17.37]你要走吗
        [00:23.20]易碎的 骄傲着
        [00:28.75]那也曾是我的模样
        [00:34.55]沸腾着的 不安着的
        [00:40.26]你要去哪
        [00:46.00]谜一样的 沉默着的
        [00:51.75]故事你真的在听吗
        [00:56.25][03:25.78][04:10.64]我曾经跨过山和大海
        [00:59.55][03:28.14][04:13.54]也穿过人山人海
        [01:02.70][03:30.44]我曾经拥有着一切
        [01:05.00][03:33.69]转眼都飘散如烟
        [01:07.75][03:36.24]我曾经失落失望失掉所有方向
        [01:13.46][03:42.04]直到看见平凡才是唯一的答案
        <!-- ... -->
    </pre>
</div>
<!-- ... -->
<script src="APlayer.min.js"></script>

JS:

Option: showlrc: true

With playlist

JS:

Option:
music: [
    {
        title: '...',
        author: '...',
        url: '...',
        pic: '...'
    },
    {
        title: '...',
        author: '...',
        url: '...',
        pic: '...'
    },
    ...
]

Run in development

$ npm install
$ npm run dev

Make a release

$ npm install
$ npm run build

Related Projects

英国提高工资刺激通胀的试验能否成功?


愚人节这天英国将启动一项全球瞩目的重大实验。根据英国财政大臣乔治•奥斯本的计划,4月1日起英国将实行新的国家最低工资标准,面向所有25岁以上的劳 动者,标准起点为每小时7.2英镑。目标为到2020年提高至收入中值的60%,约相当于每小时9英镑。财政大臣奥斯本认为,此举将为至少180万人提高 工资,而不致损害过去5年的就业繁荣。教育和技能大臣波尔斯称,英国的最低工资提升将是西方所有国家实施过的法定最低工资中,调升幅度数一数二大的。目前 英国失业率仅为5.1%。英国劳动力市场表现自金融危机以来表现好于欧洲多数其他国家,就业率处于纪录高位。与此同时,英国通胀水平持续低迷,尽管1月通 胀率为0.3%,但仍远低于英国央行2%的通胀目标。全球正密切关注英国的这场实验。一些发达国家政府为处理贫富不均和薪资增长迟缓的问题,正纷纷采取最 低工资政策。德国已在去年首度实施每小时8.5欧元最低工资;日本从首相安倍到多位经济学家不停呼吁加薪,以打破挥之不去的通缩.
-------------
十有八九能成功

透过中小银行年报,看中国金融的“脱实入虚”


在当前的经济形势下,大量金融资源脱实入虚,并不是耸人听闻。有分析人士通过梳理锦州银行、青岛银行、盛京银行、徽商银行、重庆农商行等多家银行的年报发 现,“信贷资产呈进一步萎缩趋势”在中小银行的这一表现更为明显。这几家银行中,2015年贷款在总资产中的占比进一步下降,有的甚至不足30%。由于优 质信贷资产难觅,银行不得不把大量的资金配置到其他相对安全的资产中去,比如信托公司、证券公司、保险公司及资产管理公司发行的信托受益权项目以及银行同 业发行的理财产品和债券市场上评级较高的债券。披露的银行年报显示,锦州银行2015年投资证券及其他金融资产快速扩张。截至去年末,该行投资证券及其它 金融资产净额为2090.32亿元,占总资产57.8%,是该行资产的最大组成部分。青岛银行的证券、信托投资额为844.83亿元,在资产中占比为 45.12%,超过信贷。投资具体包括,以公允价值计量且其变动计入当期损益的金融资产、可供出售金融资产、持有至到期投资和应收款项类投资。盛京银行的 金融投资总额由2014年末的1521.87亿元增加106.1%至截至2015年末的3136.29亿元,主要为资产管理计划和信托收益权投资。此外, 徽商银行的投资中应收账款类金融资产也大幅增加。截至2015年末,该行持有应收款项类投资净额为891.34亿元,比2014年末增加813.37亿 元,主要是投资的资金信托计划及资产管理计划、理财产品大幅增加。结果显示,越来越多来自中小银行的资金,开始进入股票、债券、信托市场,逐渐形成一个金 融闭环,“货币空转”现象越发明显.

以色列公司成功解锁iPhone,引发市场担忧


FBI与苹果公司,因需要解锁一部嫌疑犯的加密iPhone一事,不惜闹至法院,并广泛引发社会大众关注。近日,美国司法部发表声明称,撤回要求苹果公司 协助解锁的诉讼,原因是FBI已经取得第三方协助,在不损坏手机信息的情况下,成功将iPhone手机解锁。虽然声明未交代第三方身份,以及采用了哪种技 术破解。不过根据以色列媒体报道,协助FBI破解iPhone手机的是一家以色列公司Cellebrite。该公司为一家提供手机鉴证软件的私人公司。以 色列当地媒体说,Cellebrite是日本Sun Corp的子公司,主要向执法部门,军队和情报机关提供鉴证系统软件以及移动零售商技术服务,专门从手机转移或抽取数据。一些专家谈到,在提供智能手机鉴 证服务和软件工具给美国执政机构的几家公司中,Cellebrite是领先者。这些系统能够从较旧版本操作系统的iPhone抽取数据,但IOS9系统还 暂时不能攻克。而IOS9系统正好是圣杯纳迪诺枪击案枪手法鲁克的iPhone5C上运行的版本。对此,有美国安全方面的专家说,Cellebrite尚 未宣布有办法破解IOS9系统,但有可能已经在研发这样的产品了。另一方面,此次事件苹果虽然避免了向美国当局屈服,没有替政府解锁。但有数码安全方面的 专家称,消费者可能同样质疑他们的手机是否真正的安全。若某公司能够解锁iPhone,那意味着用同一个方法可以解锁其他iPhone。苹果公司方面向法 院要求FBI提供如何解锁的资料,不过美国当局是否会回应其要求,还不得而知。在信息安全越来越受到人们重视的今天,苹果公司面对这样一个事件,确实是进 退维谷。如果配合当局,人们会批评苹果公司不保护用户数据。如果不配合当局,被第三方成功解锁,那么用户就会质疑苹果公司产品的安全性
 -------------------------------------------------------------------------------

翻墙问答:iPhone被破解的机会


问:美国联邦调查局一度入禀法院,要求法院下令苹果替执法部门破解恐怖分子手上的iPhone 5c的密码,但联邦调查局现表示由于他们有方法破解手机,因此押后入禀。除了iPhone的系统漏洞外,美国执法部门还有什么手段,可以绕过iOS的十次 密码输入限制,最终取得手机的内容而不用苹果方面任何协助?
李建军:对于执法部门,除了他们可以聘用保安公司或黑客,试图破解手机密码外,由于他们有充沛的资源,所以亦可以聘请专门的公司,由硬件方面著手,去绕过苹果的限制。
智能手机与U盘一样,都是用快闪记忆体储存所有资料,而快闪记忆晶片只要驳上特定的设备上面,就可以对当中的内容作出完全一模一样的复制。而不少技 术专家相信,美国联邦调查局可能利用记忆晶片复制技术,将恐怖分子的iPhone 5c的记忆晶片内容作出大规模复制,然后逐个副本,逐个密码尝试。由于iOS的密码长度有限,实际上联邦调查局只要复制千多粒晶片,就可以得到手机的内 容,而不用苹果公司方面任何的协助。
问:如果透过复制手机快闪记忆晶片,就可以绕过苹果iPhone的输入十次密码限制,一旦自己的手机落入公安机关之手,又是否代表有机会被破解?
李建军:由于执法部门有大量资源和技术去从事复制晶片内容的工作,因此,理论上,如果你的iPhone落入执法机关手上,就有可能被破解。因此,一 旦你的手机落人公安手上,而你或你本人透过Find your iPhone的功能,发现你的iPhone仍然能够连接互联网的话,就要在发现你的iPhone后,立即透过网络发出指令,让iPhone自行毁灭资料, 减低执法部门透过复制快闪记忆晶片,而得到你手机资料的可能性。
问:倘若复制快闪记忆晶片成为了执法部门得到你手机或U盘机密资料的标准技术,那又有什么方法,确保你手机或U盘上的资料会百分百毁灭,而不会落入任何手上?
李建军:用硬物破坏手机,或让手机入水,最多能手机或U盘不能开启,但如果对方有设备可以复制你的快闪记忆晶片,那破坏手机荧幕,或让手机或 U盘入水,都不能够确保你的资料不会外泄。
如果你的资料储在U盘或SD卡之上,除了用软件清除U盘或SD卡上资料外,最有效,亦是最保障资料永远不能落入第三者手上的方法,就是将U盘和SD 卡破坏至晶片完全碎裂为止,当晶片碎裂后,晶片内的资料就不可能用任何方法拯救,那就最安全。有些人或许用高电压令U盘或SD卡上晶片永久损坏,这个方法 虽然很有效破坏晶片上的资料,只不过操作时亦可能对你带来危险,除非你本身是专业人士,有专门设备和知识,否则用一个铁锤去破坏U盘或SD卡,相对安全但 效果相若。
在手机的情况,最有效的方法是将手机拆散后,取出手机的电路板,然后针对手机电路板每一粒晶片进行物理破坏,因此只有电路板上的晶片被彻底物理破 坏,例如晶片严重碎制等,才可能令资料永远被删除而无法挽救。纯粹破坏手机荧幕,或让手机入水,手机快闪记忆晶片仍然相当可靠储存信息,换言之,只要有关 当局将手机记忆晶片拆出,再接入特定设备,仍然有可能读取,那亦意味著你的破坏工作只要稍为执法部门带来麻烦,但并做不到你原有保护资料安全的目标。
原文:http://www.rfa.org/cantonese/firewall_features/nandmirroring-03252016075940.html?encoding=simplified

特朗普不论成败都会深刻影响美国社会


在美国总统参选人中,共和党的特朗普无疑是最吸引眼球的一位。他的言论偏激出位,虽然引发民众争议,但媒体界对他却青眼有加,尤其是电视频道在共和党首场 电视辩论后,即发现特朗普是高收视率的保证,既“吸睛”也“吸金”,特朗普已经成为美国电视的“金母鸡”。一般而言,美国政治人物多不批判与介入媒体,但新闻媒体对特朗普的关注度很高,自从他宣布进军白宫后,美国媒体长达9个月不间断地对他进行报道,挤压了其他参选者的空间,引发美国总统奥巴马对此大发牢 骚。奥巴马质疑,做好新闻工作不光是把麦克风交给某人,报道需要完整解读、事实查证与分析。他说,报道内容是否为事实难道已经不重要了吗?如今粗糙的 (报道)景象已伤害了美国的全球品牌形象。奥巴马称,媒体的选举报道看来充满嘉年华会气氛,那代表了趣味。但多国领袖都问他:“美国政治到底发生了什么事?”外国领袖关心最强的国家是否还能有效运作,美国政府是否有能力做正确的决定。然而,美国媒体关注特朗普并非没有原因,特朗普所提的问题和他的观 点,反映出当前美国社会不满现有的体制无法解决一些问题。这种不满不仅发生在共和党支持者身上,民主党人也是如此。自由派的桑德斯提出社会革命的理念,也在 国内引发不少支持者赞同。从目前情况看,不论特朗普最终是否赢得大选,他都会比较深刻地影响美国社会。

台积电的12纳米晶圆厂30亿美元投资在南京签约


抢在台湾新政府上台前,全球芯片代工龙头企业台积电28日与南京市政府正式签订投资协议,台积电由资深副总经理暨财务长何丽梅、共同执行长魏哲家代表出 席,大陆方面高度重视这项历年来最大一笔台商投资案,包括江苏省委书记罗志军、工信部副部长怀进鹏等人均出席。12英寸晶圆厂成功登陆,这是台湾首例。根 据双方协议,台积电将在南京市浦口经济开发区投资30亿美元,独资成立台积电(南京)有限公司,下设一座12英寸晶圆厂以及一个设计服务中心。晶圆厂初期 月产能2万片,预计今年6月至7月间动工,2018年下半年开始生产12纳米制程的芯片。该工程是台积电首次进军大陆,而且直接会使用先进的16nm(纳 米)工艺,即便两年后正式量产时已经不是世界最先进水平,但在大陆市场上依然是最顶级的工艺。台积电董事长张忠谋虽然未如预期亲自出席签约仪式,但仍通过 新闻稿强调,近年大陆半导体市场快速成长,台积电在南京设立12英寸厂和设计服务中心,期待未来能与客户更紧密结合,在大陆的市场占有率持续成长。台积电 目前在大陆已有超过一百家客户,晶圆制造的市场占有率也是大陆之冠。江苏方面表示,台积电是全球积体电路制造产业的领军企业,台积电和江苏合作基础扎实、 互补优势明显、双赢潜力很大。受到台湾即将政党轮替影响,江苏对签约仪式态度趋于低调,仅邀请少数当地媒体出席。下个月动工仪式,南京原有意广邀媒体采访 顺势宣传南京投资环境,但现在也可能生变。据了解,台积电此项投资除了享有土地优惠,还可以享有大陆对IC(集成电路)产业最高级别的“五免五减半”的税 收减免优惠政策。至于外界关注的“N-1”制程技术规定(即对大陆投资的技术要比现有最新技术低一代),台积电2月虽已顺利通过审查,但台湾“经济部”也 立下但书,要求台积电须先提出在台量产10纳米制程的证明资料,经工业局审查后,方能按计划用12亿美元购买台湾工厂的相关旧有机器设备,之后再将资金从 大陆汇回台湾。

HashRing

hashring is a consistent hashing algorithm for Node.js that is compatible with libketama and python's hash_ring package.

The HashRing module provides consistent hashing that is compatible with the original libketama library that was developed at last.fm. In addition to beeing compatible with libketama it's also compatible with the hash_ring module for Python. See the compatiblity section of the API for more details on this.

Build status

BuildStatus

Installation

The advised installation of module is done through the Node package manager (npm).
npm install hashring --save
The --save parameter tells npm that it should automatically add the module to the dependencies field in your package.json.

Usage

var HashRing = require('hashring');
The HashRing constructor is designed to handle different argument types as a consistent hash ring can be use for different use cases. You can supply the constructor with:

String

A single server, possible, but pointless in most cases if you only use one server, then done use the HashRing at all, it only adds overhead.
var ring = new HashRing('127.0.0.1:11211');

Array

Multiple servers for the HashRing.
var ring = new HashRing(['127.0.0.1:11211', '127.0.0.2:11211']);

Object

An Object where the keys of the Object are the servers and the value can be a Number and it will be seen as weight for server. The value can also be an Object. Where the key can be a weight or a vnode.
Weights or vnodes are used to give servers a bigger distribution in the HashRing. For example you have 3 servers where you want to distribute your keys over but not all servers are equal in capacity as 2 of those machines have 200mb of memory and the other has 3.2 gig of memory. The last server is substantially bigger and there for should receive a greater distrubtion in the ring.
For a rule of thumb use the amount of memory as weight:
var HashRing = require('hashring');

var ring = new HashRing({
  '127.0.0.1:11211': 200,
  '127.0.0.2:11211': { weight: 200 }, // same as above
  '127.0.0.3:11211': 3200
});
If you want create a server with multiple vnodes (virtual nodes):
var HashRing = require('hashring');

var ring = new HashRing({
  '127.0.0.1:11211': { vnodes: 50 },
  '127.0.0.2:11211': { vnodes: 200 },
  '127.0.0.3:11211': { vnodes: 100 }
});

Algorithm

With the second argument you can configure the algorithm that is used to hash the keys. It defaults to md5 and can only contain values that are accepted in Node's crypto API. Alternatively you can supply it with a function for a custom hasher. But do note that the hashValue will be calculated on the result.

Options

  • vnode count The amount of virtual nodes per server, defaults to 40 as this generates 160 points per server as used by ketama hashing.
  • compatiblity Allows you to force a compatibility mode of the HashRing. It default to ketama hash rings but if you are coming from a python world you might want compatibility with the hash_ring module. There's a small diff between hash_ring and ketama and that's the amount of replica's of a server. Ketama uses 4 and hash_ring uses 3. Set this to hash_ring if you want to use 3.
  • replicas The amount of replicas per server. Defaults to 4.
  • max cache size We use a simple LRU cache inside the module to speed up frequent key lookups, you can customize the amount of keys that need to be cached. It defaults to 5000.
  • default port The default port number which will removed from the server address to provide ketama compatibility.
'use strict';

// require the module, it returns a HashRing constructor
var HashRing = require('hashring');

// Setup hash rings with your servers, in this example I just assume that all
// servers are equal, and we want to bump the cache size to 10.000 items.
var ring = new HashRing([
    '127.0.0.1',
    '127.0.0.2',
    '127.0.0.3',
    '127.0.0.4'
  ], 'md5', {
    'max cache size': 10000
  });

// Now we are going to get some a server for a key
ring.get('foo bar banana'); // returns 127.0.0.x

// Or if you might want to do some replication scheme and store/fetch data from
// multiple servers
ring.range('foo bar banana', 2).forEach(function forEach(server) {
  console.log(server); // do stuff with your server
});

// Add or remove a new a server to the ring, they accept the same arguments as
// the constructor
ring.add('127.0.0.7').remove('127.0.0.1');

API's Table of Contents

HashRing.continuum()

Generates the continuum of server a.k.a as the Hash Ring based on their weights and virtual nodes assigned.

HashRing.get(key)

Find the correct node for which the key is closest to the point after what the given key hashes to.
  • key String, Random key that needs to be searched in the hash ring
returns: The matching server address.

HashRing.range(key, size, unique)

Returns a range of servers. Could be useful for replication.
  • key String, Random key that needs to be searched in the hash ring
  • size Number, Amount items to be returned (maximum). Defaults to the amount of servers that are in the hashring.
  • unique Boolean, Don't return duplicate servers. Defaults to true.
returns: The array of servers that we found.

HashRing.swap(from, *to)

Hotswap identical servers with each other. This doesn't require the cache to be completely nuked and the hash ring distribution to be re-calculated.
Please note that removing the server and adding a new server could potentially create a different distribution.
  • from String, The server that needs to be replaced
  • to String. The server that replaces the server

HashRing.add(server)

Add a new server to ring without having to re-initialize the hashring. It accepts the same arguments as you can use in the constructor.
  • server Server that need to be added to the ring.

HashRing.remove(server)

Remove a server from the hash ring.
  • server Server that need to be removed from the ring.

HashRing.has(server)

Checks if a given server exists in the hash ring.
  • server Server for whose existence we're checking.

HashRing.reset()

Reset the HashRing and clean up it's references.

HashRing.end()

Resets the HashRing and closes the ring.

HashRing.find(hashValue) (private)

Finds the correct position of the given hashValue in the hashring.
  • hashValue Number, The hashValue from the HashRing#hashValue method.
returns: Index of the value in the ring.

HashRing.hash(key) (private)

Generates the hash for the key.
  • key String, Random key that needs to be hashed.
returns: The hashed valued.

HashRing.digest(key) (private)

Digest hash so we can make a numeric representation from the hash. So it can be fed in to our hashValue.
  • key String, Random key that needs to be hashed.
returns: An array of charCodeAt(0) converted chars.

HashRing.hashValue(key) (private)

Get the hashed value of the given key, it does the digesting, hashing yo.
  • key String, Random key that needs to be hashed.
returns: The hash value of the key.

HashRing.points(servers)

Returns the points per server.
  • servers Optional server that you want to filter for
returns: A Object with server -> Array of points mapping

Upgrading from 0.0.x to 1.x.x

The 0.0.x releases had some serious flaws that causes it to be incompatible with the 1.0.0 release. These flaws are the reason that 1.0.0 got released. They are not backwards compatible as they change the way that keys are hashed. The following incompatible changes have been made for the sake of consistency:
  • Only accepts hashers that are build in to node (for now). As it can only guarantee proper hashing of values.
  • The replace function was actually doing swaps of keys, so it's original functionality has been renamed to swap. The replace API is now removing the given server and adds it again. As this causes the servers to be properly re-hashed.
  • The module now requires a C++ compiler to be installed on your server as hashing the value requires support for 64bit bitshifting and JavaScript as a language only supports 32bit bitshifting.
  • It adds 4 replica's instead 3 for the servers. This is how libketama originally did it, if you want to have 3 replica's in the hash ring you can set the compatibility option to hash_ring.
  • The API's have be renamed, deprecation notices are added in to place and they will be removed in the next minor version bump (1.1.0)
  • Added human readable configuration options instead of camelcase. This increases readability of the module.
  • CRC32 was removed as crypto engine because it was too unstable.

from  https://github.com/3rd-Eden/node-hashring

docker-nginx-ghost

Docker image for Nginx + Ghost, Nginx acting as a reverse proxy。
This is a Docker image for running Nginx + Ghost as a service.
Ghost is a blog system, while Nginx acts as a reverse proxy to Ghost. As many services like Gravatar cannot be correctly loaded from China, the Nginx replaces them with an accessible proxy using http_sub module. It also helps processing HTTPS meta links in Ghost.

Usage

After building the image, just run
docker run -v /path/to/your/data:/mnt/volume -e ENV1=value -e ... your-image-id
To save the blog data, a Docker image is needed to be mounted into the container. If it is mounted at /usr/src/ghost/content, then the whole volume will act as the content storage for Ghost. However, in many CaaS providers like DaoCloud, one volume may be shared across several containers. In this case, you can mount the volume to another path like /mnt/volume, and point the environment variable GHOST_SITE_DATA to the full path of the data storage like /mnt/volume/ghost_content.
There are more environment variables to set:
GHOST_SITE_HTTPS - Whether this site should force its urls to begin with https. Set to true to enable it.
GHOST_SITE_URL - Full url to this site without the scheme. e.g. typeblog.net GHOST_MAILGUN_USER & GHOST_MAILGUN_PASS - REQUIRED Mailgun API credentials。

from https://github.com/PeterCxy/docker-nginx-ghost

openssl

DESCRIPTION
 -----------

 The OpenSSL Project is a collaborative effort to develop a robust,
 commercial-grade, fully featured, and Open Source toolkit implementing the
 Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
 protocols as well as a full-strength general purpose cryptography library.
 The project is managed by a worldwide community of volunteers that use the
 Internet to communicate, plan, and develop the OpenSSL toolkit and its
 related documentation.

 OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
 and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
 OpenSSL license plus the SSLeay license) situation, which basically means
 that you are free to get and use it for commercial and non-commercial
 purposes as long as you fulfill the conditions of both licenses.

 OVERVIEW
 --------

 The OpenSSL toolkit includes:

 libssl.a:
     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
     both SSLv2, SSLv3 and TLSv1 in the one server and client.

 libcrypto.a:
     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
     actually logically part of it. It includes routines for the following:

     Ciphers
        libdes - EAY's libdes DES encryption package which was floating
                 around the net for a few years, and was then relicensed by
                 him as part of SSLeay.  It includes 15 'modes/variations'
                 of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb;
                 pcbc and a more general form of cfb and ofb) including desx
                 in cbc mode, a fast crypt(3), and routines to read
                 passwords from the keyboard.
        RC4 encryption,
        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.

     Digests
        MD5 and MD2 message digest algorithms, fast implementations,
        SHA (SHA-0) and SHA-1 message digest algorithms,
        MDC2 message digest. A DES based hash that is popular on smart cards.

     Public Key
        RSA encryption/decryption/generation.
            There is no limit on the number of bits.
        DSA encryption/decryption/generation.
            There is no limit on the number of bits.
        Diffie-Hellman key-exchange/key generation.
            There is no limit on the number of bits.

     X.509v3 certificates
        X509 encoding/decoding into/from binary ASN1 and a PEM
             based ASCII-binary encoding which supports encryption with a
             private key.  Program to generate RSA and DSA certificate
             requests and to generate RSA and DSA certificates.

     Systems
        The normal digital envelope routines and base64 encoding.  Higher
        level access to ciphers and digests by name.  New ciphers can be
        loaded at run time.  The BIO io system which is a simple non-blocking
        IO abstraction.  Current methods supported are file descriptors,
        sockets, socket accept, socket connect, memory buffer, buffering, SSL
        client/server, file pointer, encryption, digest, non-blocking testing
        and null.

     Data structures
        A dynamically growing hashing system
        A simple stack.
        A Configuration loader that uses a format similar to MS .ini files.

 openssl:
     A command line tool that can be used for:
        Creation of RSA, DH and DSA key parameters
        Creation of X.509 certificates, CSRs and CRLs
        Calculation of Message Digests
        Encryption and Decryption with Ciphers
        SSL/TLS Client and Server Tests
        Handling of S/MIME signed or encrypted mail


 PATENTS
 -------

 Various companies hold various patents for various algorithms in various
 locations around the world. _YOU_ are responsible for ensuring that your use
 of any algorithms is legal by checking if there are any patents in your
 country.  The file contains some of the patents that we know about or are
 rumored to exist. This is not a definitive list.

 RSA Security holds software patents on the RC5 algorithm.  If you
 intend to use this cipher, you must contact RSA Security for
 licensing conditions. Their web page is http://www.rsasecurity.com/.

 RC4 is a trademark of RSA Security, so use of this label should perhaps
 only be used with RSA Security's permission.

 The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
 Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They
 should be contacted if that algorithm is to be used; their web page is
 http://www.ascom.ch/.

 NTT and Mitsubishi have patents and pending patents on the Camellia
 algorithm, but allow use at no charge without requiring an explicit
 licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html

 INSTALLATION
 ------------

 To install this package under a Unix derivative, read the INSTALL file.  For
 a Win32 platform, read the INSTALL.W32 file.  For OpenVMS systems, read
 INSTALL.VMS.

 Read the documentation in the doc/ directory.  It is quite rough, but it
 lists the functions; you will probably have to look at the code to work out
 how to use them. Look at the example programs.

 PROBLEMS
 --------

 For some platforms, there are some known problems that may affect the user
 or application author.  We try to collect those in doc/PROBLEMS, with current
 thoughts on how they should be solved in a future of OpenSSL.

 SUPPORT
 -------

 See the OpenSSL website www.openssl.org for details of how to obtain
 commercial technical support.

 If you have any problems with OpenSSL then please take the following steps
 first:

    - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
      to see if the problem has already been addressed
    - Remove ASM versions of libraries
    - Remove compiler optimisation flags

 If you wish to report a bug then please include the following information in
 any bug report:

    - On Unix systems:
        Self-test report generated by 'make report'
    - On other systems:
        OpenSSL version: output of 'openssl version -a'
        OS Name, Version, Hardware platform
        Compiler Details (name, version)
    - Application Details (name, version)
    - Problem Description (steps that will reproduce the problem, if known)
    - Stack Traceback (if the application dumps core)

 Report the bug to the OpenSSL project via the Request Tracker
 (http://www.openssl.org/support/rt.html) by mail to:

    openssl-bugs@openssl.org

 Note that the request tracker should NOT be used for general assistance
 or support queries. Just because something doesn't work the way you expect
 does not mean it is necessarily a bug in OpenSSL.

 Note that mail to openssl-bugs@openssl.org is recorded in the publicly
 readable request tracker database and is forwarded to a public
 mailing list. Confidential mail may be sent to openssl-security@openssl.org
 (PGP key available from the key servers).

 HOW TO CONTRIBUTE TO OpenSSL
 ----------------------------

 Development is coordinated on the openssl-dev mailing list (see
 http://www.openssl.org for information on subscribing). If you
 would like to submit a patch, send it to openssl-bugs@openssl.org with
 the string "[PATCH]" in the subject. Please be sure to include a
 textual explanation of what your patch does.

 If you are unsure as to whether a feature will be useful for the general
 OpenSSL community please discuss it on the openssl-dev mailing list first.
 Someone may be already working on the same thing or there may be a good
 reason as to why that feature isn't implemented.

 Patches should be as up to date as possible, preferably relative to the
 current Git or the last snapshot. They should follow the coding style of
 OpenSSL and compile without warnings. Some of the core team developer targets
 can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL
 compiles on many varied platforms: try to ensure you only use portable
 features.

 Note: For legal reasons, contributions from the US can be accepted only
 if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov
 (formerly BXA) with a copy to the ENC Encryption Request Coordinator;
 please take some time to look at
    http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic]
 and
    http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e))
 for the details. If "your encryption source code is too large to serve as
 an email attachment", they are glad to receive it by fax instead; hope you
 have a cheap long-distance plan.

 Our preferred format for changes is "diff -u" output. You might
 generate it like this:

 # cd openssl-work
 # [your changes]
 # ./Configure dist; make clean
 # cd ..
 # diff -ur openssl-orig openssl-work > mydiffs.patch
 
from https://github.com/PeterCxy/openssl-musl