Letsencrypt – HTTPS is the better way

Letsencrypt is free SSL Certificate Authority (CA). Provides you renewable free of charge secure connection to your resources from the internet. (https://letsencrypt.org/) Here i am going to explain how to secure web app (in my case its Jenkins run on port 8080) using Letsencrypt and NginX.

First you have to have your app running on a cloud environment like Azure or AWS. Make sure you get a domain name for your VM instance (Ex: blog.southeastasia.cloudapp.azure.com). You need a proper domain name configured with your cloud instance otherwise Letsencrypt reject your certificate request.

Things to per-configure in your cloud before begin

  1. Open both 80 and 443 to public
  2. Make sure you have a domain name for your resource

In my case, I have Jenkins up and running in a docker container with internal port 8080 and external port 8081, I have added my Jenkins to a external network called ‘nginx-network’

version: '3.7'

services:

  jenkins:
    image: jenkins/jenkins:latest
    container_name: jenkins
    user: root
    environment:
     - JENKINS_ARGS="--prefix=/jenkins"
    volumes:
     - ./jenkins_home:/var/jenkins_home
     - /var/run/docker.sock:/var/run/docker.sock
     - /usr/bin/docker:/usr/bin/docker
     - /usr/local/bin/docker-compose:/usr/local/bin/docker-compose
    ports:
     - 8081:8080
     - 50000:50000
    networks:
     - nginx-network

networks:
  nginx-network:
    external: true

Configuring NginX with Letsencrypt + Certbot

Download Letsencrypt automated script from here

https://raw.githubusercontent.com/wmnnd/nginx-certbot/master/init-letsencrypt.sh

Replace the domain name to yours

Put ‘init-letsencrypt.sh’ in the same folder where your ‘docker-compose.yml’ exists. The docker-compose for spin up Nginx and get certificates from Letsencript using Certbot as follows.

version: '3.7'

services:

  nginx:
    image: nginx:1.17.6-alpine
    container_name: nginx
    volumes:
     - ./nginx_data:/etc/nginx/conf.d
     - ./certbot_data/conf:/etc/letsencrypt
     - ./certbot_data/www:/var/www/certbot
    ports:
     - 80:80
     - 443:443
    networks:
     - nginx-network

  certbot:
    image: certbot/certbot
    volumes:
     - ./certbot_data/conf:/etc/letsencrypt
     - ./certbot_data/www:/var/www/certbot
    networks:
     - nginx-network

networks:
  nginx-network:
    external: true

Create all empty directories and put your ‘app.conf’ file inside ‘nginx_data’ directory.

upstream jk {
    server jenkins:8080;
    keepalive 256;
}

server {

        listen 80 default_server;
        listen [::]:80 default_server;

        server_name xxx.southeastasia.cloudapp.azure.com;

        location /.well-known/acme-challenge/{
                root /var/www/certbot;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}

server {
        listen 443 ssl;
        server_name xxx.southeastasia.cloudapp.azure.com;

        ssl_certificate /etc/letsencrypt/live/xxx.xx.cloudapp.azure.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/xxx.xx.cloudapp.azure.com/privkey.pem;
        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

        location / {

                proxy_set_header        Host $host:$server_port;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto $scheme;
                proxy_redirect http:// https://;
                proxy_pass http://jk;

                proxy_http_version 1.1;
                proxy_request_buffering off;
                proxy_buffering off;
        }
}

Now the configurations are done. Lets get the certificates now.

Execute ‘init-letsencrypt.sh’ file and see the magic !

Then visit to your web app in the cloud. You can see now your free SSL certificate is issued from Letsencrypt is in action.

Website SSL
Certificate Details

Lets Encrypt , Coz Self Signed is for Kids 🙂 …..

Android Life Cycle Components

With the recent releases of Android, Google has introduced new way to build your App life cycle by using their architectural components. Here I am going to introduce you few of them. But first, you need to add few new gradle dependencies to your app in order to make use of the new life cycle components.

implementation "android.arch.lifecycle:extensions:1.1.1"
annotationProcessor "android.arch.lifecycle:compiler:1.1.1"

Either you can include whole extension or you can include individual components as well.

Below are the commonly used Life Cycle methods.

  • ViewModel
  • LiveData
  • Room
  • Paging

First we look at how we can use ViewModel and LiveData in our app. Basically, when we are designing Android apps you may have to define Model classes as a bottom layer of our architecture. Those POJO models are used to define your DB tables, JSON mappings such as server requests and responses or simply it can be used as UI to controller data definitions.

Every time you update your Back-end or every time you update your Front-end, data should flow both directions seamlessly. If you are using traditional AsyncTask operations to UI and low level component communications, it is really a mess because you have to take care of a background task execution and it is harder to implement Observer Subscriber-like patterns that way. Simply, If you are expecting real time behavior from your App, LiveData with ViewModels are the best in the real-time business. There are lots of advantages other than this such as caching but I am not going to explain those concepts here.

I will explain the LiveData implementations with some code samples, then you will get some idea. I have a simple App to get device orientation details from sensor and I use LiveData to real-time update my UI with Azimuth, Roll and Poll angles.

Here is the link to GitHub Code

I have created a model class called Statistics to construct my device orientation data. Then I have created a ViewModel class which is extended the Android ViewModel. The purpose of this is to update our view and hold the data changes while the state of the phone is changed (such as screen rotations) and maintain the app consistency.

public LiveData<Statistics> getStatistics() {
if (statistics == null) {
statistics = new MutableLiveData<Statistics>();
loadData();
}
return statistics;
}
‎

‎LiveData is a lifecycle aware observable data holder that is, it supports observer-subscriber pattern and whatever the data changes occured while calling the loadData method it notifies the UI accordingly.
You can load any kind of data to MutableLiveData component, such as network responces etc. , in my case it is sensor details.

In your loadData method do not foget to call ‘statistics.postValue(statistics);’

Finally you can implement your subscriber or subscribers which means your UI component

In your Activity or Fragment,

StatisticsViewModel statisticsViewModel = ViewModelProviders.
of(getActivity()).
get(StatisticsViewModel.class);

statisticsViewModel.getStatistics().observe(this, new Observer<Statistics>() {
@Override
public void onChanged
(@Nullable Statistics statistics) {
azimuthTxt.setText(String.valueOf(statistics.getAzimuthAngle()));
rollTxt.setText(String.valueOf(statistics.getRollAngle()));
pitchTxt.setText(String.valueOf(statistics.getPitchAngle()));

timeElpsTxt.setText(String.format("%d Min, %d Sec",
TimeUnit.MILLISECONDS.toMinutes(statistics.getTimeElapsed()),
TimeUnit.MILLISECONDS.toSeconds(statistics.getTimeElapsed()) -
TimeUnit.MINUTES.toSeconds(TimeUnit.MILLISECONDS.toMinutes(statistics.getTimeElapsed()))
));
pointsCountTxt.setText(String.valueOf(statistics.getPointsCount()));

}
});

The onChanged method loads relevent data to your UI. Simple as that.

Happy Life Cycle….

The Redis Way

You may heard about NoSQL database systems before, the most popular one in MongoDB, so, what are the alternatives? and how the Mongo is not suited for our work sometimes?

The answer is , you may need to develop some fast serving db systems for your application sometimes, as an example , to implement a blog application you not need to serve your database very frequently, but when you are developing online chat application you may meed to call your database very often. For such kind of situations we can use Redis NoSQL as our alternative. Redis id key value pair store db system which use your RAM to store data structures and serve them in efficient manner.

Lets see how to install and configure redis in your machine and how to get the work done from Redis.

First install Redis on your linux/Mac using source http://redis.io/download

Once you download the tarball extract it in your /tmp directory and go to that directory, the execute

make 

After the make process is completed , using your admin privileges execute

sudo make install

Then start the server

redis-server

Screenshot from 2014-02-21 10:45:24

Then you are ready to use your Redis db system but what about configurations

copy redis.conf to the /etc/redis/

sudo cp redis.conf /etc/redis/

Then start the redis rerver

redis-server /etc/redis/redis.conf

If you find issues, just comment the lines on redis.conf that are given errors.

Use of Redis Command Line Interface

redis-cli

Set a simple key value pair in redis store.

redis 127.0.0.1:6379> SET simple-item "Hi Redis"
OK

You can find more data structures from http://redis.io/commands

Show all keys which are set in redis

redis 127.0.0.1:6379> KEYS *
 1) "Dum-7-channels"
 2) "simple-item"
 3) "auth:dev-Raj-7"
 4) "Y-7-msgs"

Get values set on a specific key

redis 127.0.0.1:6379> GET simple-item
"Hi Redis

Use of RPUSH/LPUSH (List like data structure)

RPUSH (Reverse push)

redis 127.0.0.1:6379> RPUSH simple-list1 "list data 1"
(integer) 2
redis 127.0.0.1:6379> RPUSH simple-list1 "list data 2"
(integer) 2

LPUSH

redis 127.0.0.1:6379> LPUSH simple-list2 "list data 1"
(integer) 1
redis 127.0.0.1:6379> LPUSH simple-list2 "list data 2"
(integer) 2

Retrieve list data

Get data stored in list1

redis 127.0.0.1:6379> LRANGE simple-list1 0 2
1) "list data 1"
2) "list data 2"

Get data stored in list2

redis 127.0.0.1:6379> LRANGE simple-list2 0 2
1) "list data 2"
2) "list data 1"

Zend, MongoDB, Doctrine a perfect relationship 2 : Making a sample application

Installing and setup Zend framework with Mongo and Docrine in your local Linux machine

Frist of all you have to install all the requirements (prerequisites) for zend. Make sure that you have installed,

  • Latest PHP
  • Apache Http Server
  • MongoDB Server (http://docs.mongodb.org/manual/installation/)
  • php-mongo (http://www.php.net/manual/en/mongo.installation.php)
  • Git
  • These steps are related to configure zend skeleton app under Linux platform

  • change your directory path to a convenient location
  • cd /var/www/zend-test
    
  • clone the latest Zend skeleton application from github
  • $ git clone git@github.com:zendframework/ZendSkeletonApplication.git
    
  • move inside to your applicaion
  • $ cd ZendSkeletonApplication/
    
  • Inside your skelton application you can see following files are available
  • composer.json  composer.phar  config  data  init_autoloader.php  LICENSE.txt  module  public  README.md  vendor
    
  • Update and install zend framework inside your skeleton application
  • $ php composer.phar self-update
    Updating to version 3da....3ff.
        Downloading: 100% 
    	
    $ php composer.phar install
    Loading composer repositories with package information
    Installing dependencies (including require-dev)
      - Installing zendframework/zendframework (2.2.4)
        Downloading: 100% 
    	
    ....
    ....
    Writing lock file
    Generating autoload files
    
  • Mention your project dependencies in your composer.json file
  • $ vim composer.json
    "minimum-stability": "alpha",
    "require": {
    	"doctrine/doctrine-mongo-odm-module": "dev-master",
    	....
    	....
    }
    
  • Update your project with dependencies
  • $ php composer.phar update
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
      - Installing doctrine/lexer (v1.0)
        Downloading: 100%         
    
      - Installing doctrine/annotations (v1.1.2)
        Downloading: 100%         
      
    	........
    	........  
    
      - Installing doctrine/mongodb (1.0.3)
        Downloading: 100%         
    
      - Installing doctrine/mongodb-odm (1.0.0-BETA9)
                Downloading: 100% 
    
      - Installing doctrine/doctrine-module (0.7.2)
        Downloading: 100%         
    
      - Installing doctrine/doctrine-mongo-odm-module (dev-master 6d18d1f)
        Cloning 6d18d1fa915787d7adc39344d6bd987a29ca54e3
    
  • Create a virtual host for your project
  • create a file inside your /etc/sites-available/ folder named with your project(or any suitable name)

    $sudo vim /etc/sites-available/zend-mongo-test1
    <VirtualHost *:80>
        ServerName zend-mongo-test.localhost
        DocumentRoot /var/www/zend-test/ZendSkeletonApplication/public
        SetEnv APPLICATION_ENV "development"
        <Directory /var/www/zend-test/ZendSkeletonApplication/public>
            DirectoryIndex index.php
            AllowOverride All
            Order allow,deny
            Allow from all
        </Directory>
    </VirtualHost>
    
  • create a symbolic link under /etc/sites-enabled/
  • $ sudo ln -s /etc/sites-available/zend-mongo-test1 /etc/sites-enabled/zend-mongo-test1
    $ ls -al /etc/sites-enabled
    total 8
    drwxr-xr-x 2 root root 4096 Oct  7 16:40 .
    drwxr-xr-x 7 root root 4096 Aug 15 10:48 ..
    lrwxrwxrwx 1 root root   26 Mar  1  2013 000-default -> ../sites-available/default
    lrwxrwxrwx 1 root root   45 Oct  7 16:40 zend-mongo-test1 -> /etc/apache2/sites-available/zend-mongo-test1
    
  • Restart your apache server and you can see your sample skeleton application in your browser
  • $server apache restart
    

    Browse http://zend-mongo-test.localhost

    Install Mysql Apache PHP under Linux Environment

    Before continue with installation you may need to install gcc,make and all their dependencies.
    Notice: All three packages are going to install from source packages not from binaries.

    Install MySQL From Source.

    Dependencies-

    ncurces(http://ftp.gnu.org/pub/gnu/ncurses),
    bison(http://ftp.gnu.org/gnu/bison/),
    cmake(http://www.cmake.org/files/v2.8/cmake-2.8.9-Linux-i386.sh)

    Download MySQL source package Ex-mysql-5.5.27.tar.gz
    Unzip to /tmp directory

    shell commands

    cd /tmp/mysql-5.5.27
    groupadd mysql
    useradd -r -g mysql mysql
    cmake -G Unix\ Makefiles
    make &amp;&amp; make install
    cd /usr/local/mysql
    chown mysql .
    chgrp mysql .
    scripts/mysql_install_db --user=mysql
    chown -R root .
    chown -R mysql data
    cp support-files/my-medium.cnf /etc/my.cnf
    bin/mysqld_safe --user=mysql &amp;
    cp support-files/mysql.server /etc/init.d/mysql.server
    chown mysql /var/lib/mysql
    chgrp mysql /var/lib/mysql
    nano ld.so.conf
    

    add following lines if there is no such.
    /usr/local/lib
    /usr/local/mysql/lib

    ldconfig
    

    Install Apache

    Dependancies-

    Apr(http://apr.apache.org/download.cgi)
    Apr-util(http://apr.apache.org/download.cgi)
    Iconv(http://apr.apache.org/download.cgi)

    Download httpd-2.4.2.tar.bz2 from apache site

    Unzip into /tmp directory

    shell commands

    cd httpd-2.4.2
    ./configure
    make && make install
    nano ld.so.conf
    

    Add line
    /usr/local/apache2/lib

    ldconfig
    
    ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf
    ln -s /usr/local/apache/bin/apachectl /etc/rc.d/init.d/apache
    ln -s /etc/rc.d/init.d/apache /etc/rc.d/rc3.d/S90apache
    /etc/rc.d/init.d/apache start
    

    PHP installation

    Dependancies-

    OpenSSL
    GD
    libxml
    mcrypt/libmhash
    libpng/libjpeg/libxpm
    zlib
    mbstring
    curl

    Download php-5.4.5.tar.bz2 from php site

    cd httpd-2.4.2
    ./configure /configure --with-apxs2=/usr/local/apache2/bin/apxs --disable-debug --enable-ftp --enable-inline-optimization --enable-mbstring --enable-mm=shared --enable-safe-mode --enable-track-vars --enable-trans-sid --enable-wddx=shared --enable-xml --with-dom --with-gd --with-gettext --with-mysql=/usr/local/mysql --with-regex=system --with-xml --with-zlib-dir=/usr/lib --with-mysqli=/usr/local/mysql/bin/mysql_config --with-mcrypt=/usr/local/lib --with-curl=/usr
    make && make install
    ln -s /usr/local/lib/php.ini /etc/php.ini
    

    Edit /etc/httpd.conf and set DocumentRoot wherever you want

    create a file called phpinfo.php in your document root which includes

    <?php
    php_info();
    ?>
    

    visit http://localhost/phpinfo.php and check whether all working fine !!

    How to install NS(Network Simulator) and how do the simulation in Debian linux

    Extract ns-allinone-2.34.tar to /usr/local/ns or /home/../ns then execute the command ./install
    (if it goes fail fulfill all required dependencies–you may have to install xorg-x11-base separately…)

    NS installation running on Debian terminal
    Installation Process

    After completing the installation

    After completing the installation process
    bin folder

    
    #Duminda Rajitha Wanninayake
    #This file is recreated using ns-simple.tcl example
    
    #Create a simulator object
    set ns [new Simulator]
    
    #Define different colors for data flows (for NAM)
    $ns color 1 Blue
    $ns color 2 Red
    
    #Open the NAM trace file
    set nf [open out.nam w]
    $ns namtrace-all $nf
    
    #Define a 'finish' procedure
    proc finish {} {
    
    global ns nf
    
    $ns flush-trace
    
    #Close the NAM trace file
    
    close $nf
    
    #Execute NAM on the trace file
    
    exec nam out.nam &amp;
    
    exit 0
    }
    
    #Create 8 nodes
    
    set n0 [$ns node]
    set n1 [$ns node]
    set n2 [$ns node]
    set n3 [$ns node]
    set n4 [$ns node]
    set n5 [$ns node]
    set n6 [$ns node]
    set n7 [$ns node]
    
    #Create links between the nodes
    $ns duplex-link $n2 $n1 5Mb 20ms DropTail
    $ns duplex-link $n2 $n0 12Mb 5ms DropTail
    $ns duplex-link $n1 $n0 3Mb 10ms DropTail
    $ns duplex-link $n0 $n3 10Mb 10ms DropTail
    $ns duplex-link $n3 $n4 1Mb 200ms DropTail
    $ns duplex-link $n4 $n5 5Mb 30ms DropTail
    $ns duplex-link $n5 $n6 7Mb 30ms DropTail
    $ns duplex-link $n6 $n7 5Mb 20ms DropTail
    $ns duplex-link $n6 $n4 4Mb 30ms DropTail
    $ns duplex-link $n7 $n3 6Mb 15ms DropTail
    $ns duplex-link $n7 $n0 4Mb 30ms DropTail
    
    #Define Routing Distance Vector for Network
    $ns rtproto DV
    
    #Monitor the queue for link (n2-n3). (for NAM)
    $ns duplex-link-op $n1 $n2 queuePos 0.5
    
    #Setup a TCP connection between 3 and 6
    set tcp [new Agent/TCP]
    $tcp set class_ 2
    $ns attach-agent $n2 $tcp
    set sink [new Agent/TCPSink]
    $ns attach-agent $n5 $sink
    $ns connect $tcp $sink
    $tcp set fid_ 1
    
    #Setup a FTP over TCP connection
    set ftp [new Application/FTP]
    $ftp attach-agent $tcp
    $ftp set type_ FTP
    
    #Setup a UDP connection between 1 and 5
    set udp [new Agent/UDP]
    $ns attach-agent $n0 $udp
    set null [new Agent/Null]
    $ns attach-agent $n4 $null
    $ns connect $udp $null
    $udp set fid_ 2
    
    #Setup a CBR over UDP connection
    set cbr [new Application/Traffic/CBR]
    $cbr attach-agent $udp
    $cbr set type_ CBR
    $cbr set packet_size_ 1500
    $cbr set rate_ 1mb
    $cbr set random_ false
    
    #Set Queue Buffer Size of link (1-8) to 5
    $ns queue-limit $n0 $n7 5
    
    #Set Queue Buffer Size of link (1-4) to 10
    $ns queue-limit $n0 $n3 10
    
    #Schedule events for the CBR and FTP agents
    $ns at 0.1 "$cbr start"
    $ns at 0.2 "$ftp start"
    
    $ns at 3.0 "$cbr stop"
    $ns at 3.2 "$ftp stop"
    
    #Call the finish procedure after 3.3 seconds of simulation time
    $ns at 3.3 "finish"
    
    #Run the simulation
    $ns run
    

    save this code as exNS.tcl and run it by executing the command ./ns exNS.tcl

    Ex-

     
    root@debian:/usr/local/ns-allinone-2.34/bin# ns /home/duminda/Desktop/NS/exNS.tcl
    

    After run the tcl file using ns command

    Do the simulation using NAM (The Network Animator)

    Animation process
    Run the simulation

    Welcome to Linux Help

    Hey all ! Its all about Linux . Something about linux installation and maintain linux  in a easy way.

    The TUX says you to use linux as your operating system because it is

    • Reliable
    • Free
    • Ease of use
    • Rich of lot of stuffs including
      • Office Applications
      • Programming Stuffs
      • Entertainment
    • Have high security

    So what you think ? Spend lot of money for a OS or use linux.

    TUX is waiting to be your pet ! Its Cute and Lovely isn’t it?