Firefox OSX note

about:config
layers.async-pan-zoom.enabled=true

WildFly as Debian 8 Service

All you have to do is create a service file at /etc/systemd/system since Debian is using systemd for service management.

Forget about copying file to /etc/init.d and /etc/defaults, they are useless for systemd.

Here is my content of /etc/systemd/system/wildfly.service

[Unit]
Description=WildFly application server
After=network.target

[Service]
Type=simple
Environment="CONFIG_FILE=standalone-full.xml"
User=wildfly
Group=wildfly
ExecStart=/opt/wildfly/bin/standalone.sh -c $CONFIG_FILE
# ExecStop=ps -ax | grep java | grep wildfly | awk {'print $1'} | xargs kill -9
[Install]
WantedBy=multi-user.target

Please note that I am using standalone-full.xml instead of standalone.xml and I was using a ExecStop script but it turns out the systemd can manage it.
I have leave it for personal note.

Aerogear

系統登入點

https://yoursite/ag-push/

後台管理登入點

https://yoursite/auth/admin/aerogear/console/index.html

Android 註冊

RegistrarManager.config("register", AeroGearGCMPushConfiguration.class)
    .setPushServerURI(URI.create(UNIFIED_PUSH_URL))
    .setSenderIds(GCM_SENDER_ID)
    .setVariantID(VARIANT_ID)
    .setAlias(ALIAS)
    .setSecret(SECRET)
    .asRegistrar();

iOS 註冊(Swift)

let device = AGDeviceRegistration(config: "pushconfig") 
// perform registration of this device
device.registerWithClientInfo({ (clientInfo: AGClientDeviceInformation!) in 
// set the deviceToken
clientInfo.deviceToken = deviceToken

// --optional config--
// set some 'useful' hardware information params
let currentDevice = UIDevice()

clientInfo.operatingSystem = currentDevice.systemName 
clientInfo.osVersion = currentDevice.systemVersion 
clientInfo.deviceType = currentDevice.model
clientInfo.Alias = currentDevice.alias

iOS 註冊(Objective-C)

AGDeviceRegistration *registration = 
[[AGDeviceRegistration alloc] initWithServerURL:
[NSURL URLWithString:@"http://YOUR_SERVER/ag-push/"]];

[registration registerWithClientInfo:^(id clientInfo) {

[clientInfo setDeviceToken:deviceToken];
[clientInfo setVariantID:@"YOUR IOS VARIANT ID"];
[clientInfo setVariantSecret:@"YOUR IOS VARIANT SECRET"];

// --optional config--
UIDevice *currentDevice = [UIDevice currentDevice];
[clientInfo setOperatingSystem:[currentDevice systemName]];
[clientInfo setOsVersion:[currentDevice systemVersion]];
[clientInfo setDeviceType: [currentDevice model]];
[clientInfo setAlias:@"User Alias"];
} success:^() {
NSLog(@"UnifiedPush Server registration worked");
} failure:^(NSError *error) {
NSLog(@"UnifiedPush Server registration Error: %@", error);
}];

Cordova 註冊

var pushConfig = {
    pushServerURL: "",
    alias: "",
    android: {
        senderID: "",
        variantID: "",
        variantSecret: ""
        alias: "User Alias"
    },
    ios: {
        variantID: "",
        variantSecret: ""
        alias: "User Alias"
    }
};

push.register(onNotification, successHandler, errorHandler, pushConfig);

WildFly 9 使用 Let’s Encrypt的憑證

先寫結論,明明WildFly 8的文件有寫可以直接用pem檔,但是所有能動的組合,都是使用Java Key Store,所以,以下是如何轉檔跟在WildFly 9的設定檔啟用的相關記錄。

  1. 把Let’s Encrypt的PEM檔轉換為PKCS12格式,在這他會要你輸入export key的密碼,輸入後請記住。
openssl pkcs12 -export -out cert.p12 -in /etc/letsencrypt/live/yoursite/cert.pem -inkey /etc/letsencrypt/live/yoursite/privkey.pem
  1. 匯入PEM,在這他會要你輸入keystore的密碼以及剛剛的export key,keystore的密也請記住,等等設定檔要用。
keytool -v -importkeystore -srckeystore cert.p12 -srcstoretype PKCS12 -destkeystore server.keystore -deststoretype JKS

注意:匯入後雖然 keytool -list 看的到一筆 alias: mykey ,實際上它名字是1,若你的keystore只有一筆資料,可以在WildFly的設定檔裡不指定alias,指定了alias=”mykey”反而會找不到,不然就用以下指令變更一下alias。

keytool -changealias -keystore server.keystore -alias 1 -destalias mykey

以上轉檔完畢,可以拿來用在任何需要SSL/CA的JAVA應用。

 

在WildFly 9的設定檔裡在每個想用SSL的地方加上SSL參數,也就是這五行,為了整個網站都走HTTPS,我在ManagementRealm跟ApplicationRealm兩個security-realm都用了。
ManagementRealm


    
        
            
        
    
...

ApplicationRealm


    
        
            
        
    
...

再來把Management Interface也轉成HTTPS,在第三行把Socket-binding改成https


    
        
    

然後把Application也啟用HTTPS,相關設定在undertow的subsystem,我增加了第五行的https-listener


    
    
        
        
        
            
            
            
        
    
...

以上就把HTTPS啟用完畢。

 

WildFly 9服務預設只綁定127.0.0.1,若要啟用對外服務可以參考以下設定
注意:在WildFly9已經不支援,剩下
同時WildFly9也支援以下格式,可以一次bind多個interface,當然”0.0.0.0″的效果跟一樣。

逐一指定所有要監聽的網卡


    
    

直接監聽所有網卡
方法一


    

方法二