about:config
layers.async-pan-zoom.enabled=true
WildFly as Debian 8 Service
All you have to do is create a service file at /etc/systemd/system since Debian is using systemd for service management.
Forget about copying file to /etc/init.d and /etc/defaults, they are useless for systemd.
Here is my content of /etc/systemd/system/wildfly.service
[Unit] Description=WildFly application server After=network.target [Service] Type=simple Environment="CONFIG_FILE=standalone-full.xml" User=wildfly Group=wildfly ExecStart=/opt/wildfly/bin/standalone.sh -c $CONFIG_FILE # ExecStop=ps -ax | grep java | grep wildfly | awk {'print $1'} | xargs kill -9 [Install] WantedBy=multi-user.target
Please note that I am using standalone-full.xml instead of standalone.xml and I was using a ExecStop script but it turns out the systemd can manage it.
I have leave it for personal note.
Aerogear
系統登入點
https://yoursite/ag-push/
後台管理登入點
https://yoursite/auth/admin/aerogear/console/index.html
Android 註冊
RegistrarManager.config("register", AeroGearGCMPushConfiguration.class) .setPushServerURI(URI.create(UNIFIED_PUSH_URL)) .setSenderIds(GCM_SENDER_ID) .setVariantID(VARIANT_ID) .setAlias(ALIAS) .setSecret(SECRET) .asRegistrar();
iOS 註冊(Swift)
let device = AGDeviceRegistration(config: "pushconfig") // perform registration of this device device.registerWithClientInfo({ (clientInfo: AGClientDeviceInformation!) in // set the deviceToken clientInfo.deviceToken = deviceToken // --optional config-- // set some 'useful' hardware information params let currentDevice = UIDevice() clientInfo.operatingSystem = currentDevice.systemName clientInfo.osVersion = currentDevice.systemVersion clientInfo.deviceType = currentDevice.model clientInfo.Alias = currentDevice.alias
iOS 註冊(Objective-C)
AGDeviceRegistration *registration = [[AGDeviceRegistration alloc] initWithServerURL: [NSURL URLWithString:@"http://YOUR_SERVER/ag-push/"]]; [registration registerWithClientInfo:^(id<AGClientDeviceInformation> clientInfo) { [clientInfo setDeviceToken:deviceToken]; [clientInfo setVariantID:@"YOUR IOS VARIANT ID"]; [clientInfo setVariantSecret:@"YOUR IOS VARIANT SECRET"]; // --optional config-- UIDevice *currentDevice = [UIDevice currentDevice]; [clientInfo setOperatingSystem:[currentDevice systemName]]; [clientInfo setOsVersion:[currentDevice systemVersion]]; [clientInfo setDeviceType: [currentDevice model]]; [clientInfo setAlias:@"User Alias"]; } success:^() { NSLog(@"UnifiedPush Server registration worked"); } failure:^(NSError *error) { NSLog(@"UnifiedPush Server registration Error: %@", error); }];
Cordova 註冊
var pushConfig = { pushServerURL: "<pushServerURL e.g http(s)//host:port/context >", alias: "<alias e.g. a username or an email address optional>", android: { senderID: "<senderID e.g Google Project ID>", variantID: "<variantID e.g. 1234456-234320>", variantSecret: "<variantSecret e.g. 1234456-234320>" alias: "User Alias" }, ios: { variantID: "<variantID e.g. 1234456-234320>", variantSecret: "<variantSecret e.g. 1234456-234320>" alias: "User Alias" } }; push.register(onNotification, successHandler, errorHandler, pushConfig);
WildFly 9 使用 Let’s Encrypt的憑證
先寫結論,明明WildFly 8的文件有寫可以直接用pem檔,但是所有能動的組合,都是使用Java Key Store,所以,以下是如何轉檔跟在WildFly 9的設定檔啟用的相關記錄。
- 把Let’s Encrypt的PEM檔轉換為PKCS12格式,在這他會要你輸入export key的密碼,輸入後請記住。
openssl pkcs12 -export -out cert.p12 -in /etc/letsencrypt/live/yoursite/cert.pem -inkey /etc/letsencrypt/live/yoursite/privkey.pem
- 匯入PEM,在這他會要你輸入keystore的密碼以及剛剛的export key,keystore的密後也請記住,等等設定檔要用。
keytool -v -importkeystore -srckeystore cert.p12 -srcstoretype PKCS12 -destkeystore server.keystore -deststoretype JKS
注意:匯入後雖然 keytool -list 看的到一筆 alias: mykey ,實際上它名字是1,若你的keystore只有一筆資料,可以在WildFly的設定檔裡不指定alias,指定了alias=”mykey”反而會找不到,不然就用以下指令變更一下alias。
keytool -changealias -keystore server.keystore -alias 1 -destalias mykey
以上轉檔完畢,可以拿來用在任何需要SSL/CA的JAVA應用。
在WildFly 9的設定檔裡在每個想用SSL的地方加上SSL參數,也就是這五行,為了整個網站都走HTTPS,我在ManagementRealm跟ApplicationRealm兩個security-realm都用了。
ManagementRealm
<security-realm name="ManagementRealm"> <server-identities> <ssl> <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="keystore password" /> </ssl> </server-identities> ... </security-realm>
ApplicationRealm
<security-realm name="ApplicationRealm"> <server-identities> <ssl> <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="keystore password" /> </ssl> </server-identities> ... </security-realm>
再來把Management Interface也轉成HTTPS,在第三行把Socket-binding改成https
<management-interfaces> <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true"> <socket-binding https="management-https"/> </http-interface> </management-interfaces>
然後把Application也啟用HTTPS,相關設定在undertow的subsystem,我增加了第五行的https-listener
<subsystem xmlns="urn:jboss:domain:undertow:2.0"> <buffer-cache name="default"/> <server name="default-server"> <http-listener name="default" socket-binding="http" redirect-socket="https"/> <https-listener name="default-https" socket-binding="https" security-realm="ApplicationRealm"/> <host name="default-host" alias="localhost"> <location name="/" handler="welcome-content"/> <filter-ref name="server-header"/> <filter-ref name="x-powered-by-header"/> </host> </server> ... </subsystem>
以上就把HTTPS啟用完畢。
WildFly 9服務預設只綁定127.0.0.1,若要啟用對外服務可以參考以下設定
注意:<any-ipv4-address/>跟<any-ipv6-address>在WildFly9已經不支援,剩下<any-address/>
同時WildFly9也支援以下格式,可以一次bind多個interface,當然”0.0.0.0″的效果跟<any-address/>一樣。
逐一指定所有要監聽的網卡
<interface name="public"> <inet-address value="127.0.0.1"/> <inet-address value="192.168.1.1"/> </interface>
直接監聽所有網卡
方法一
<interface name="public"> <inet-address value="0.0.0.0"/> </interface>
方法二
<interface name="public"> <any-address/> </interface>