i want to build my own secure messagging service (TextSecure Server+PushServer+Android App+another necessary project)
How can i run TextSecure Server on my Server?
first i built WebSocket-Resources with maven.
second i built TextSecure Server.(mvn clean install -DskipTests)
after i run java -jar target/textsecure-server.jar server config/server.yml
and
i changed
buildConfigField "String", "TEXTSECURE_URL",
"\"https://my_server_ip:8080\""
line in build.gradle file (Android App)
but i got error
first error (client,) -> Connectivity Error.... was unable to connect to the push service
second error(textsecure-server)--->
WARN [2015-12-01 13:45:43,789] org.eclipse.jetty.http.HttpParser:
Illegal character 0x16 in state=START for buffer
HeapByteBuffer#4c112d16[p=1,l=208,c=8192,r=207]={\x16<<<\x03\x01\x00\xCb\x01\x00\x00\xC7\x03\x01V]\xA4\xC1\x08e\xC6...\x01\x00\x02\x00\x03\x00\x0f\x00\x10\x00\x11\x00#\x00\x00>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}
WARN [2015-12-01 13:45:43,789] org.eclipse.jetty.http.HttpParser:
badMessage: 400 Illegal character 0x16 for
HttpChannelOverHttp#3669e012{r=0,c=false,a=IDLE,uri=-} WARN
[2015-12-01 13:45:43,795] org.eclipse.jetty.http.HttpParser: Illegal
character 0x16 in state=START for buffer
HeapByteBuffer#86064c8[p=1,l=118,c=8192,r=117]={\x16<<<\x03\x00\x00q\x01\x00\x00m\x03\x00V]\xA4\xC1\xAe\x9a\xEf...\x15\x00\x12\x00\x03\x00\x08\x00\x14\x00\x11\x00\xFf\x01\x00>>>e\r\n\r\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}
WARN [2015-12-01 13:45:43,796] org.eclipse.jetty.http.HttpParser:
badMessage: 400 Illegal character 0x16 for
HttpChannelOverHttp#6fdc750b{r=0,c=false,a=IDLE,uri=-}
what can i do?
Installing TextSecure server took me a few bumps before I could get it up and running.
The Main blocks were the websocket resources part ( which you somewhat figured out).
From the error, it looks like your push server is not accessible and configured properly. Have a look at my writeup and see if this helps.
The configuration part of both push server and textsecure serve is very important and may leave you with a messed up package.
Building and Compiling
Clone TextSecure (Signal) Server
git clone https://github.com/lucaconte/Signal-Server.git
Clone Push Server
git clone https://github.com/lucaconte/PushServer.git
Clone WebSocket Resources
git clone https://github.com/lucaconte/WebSocket-Resources.git
In Push Server pom.xml, change capsule.maven.plugin.version version to 1.0.1
Build Push Server (from inside this folder)
mvn clean install
Download & install gpg4win gpg tool for signing)
https://www.gpg4win.org/download.html : https://files.gpg4win.org/gpg4win-vanilla-2.3.3.exe
Make sure Environment Variables are set for gpg
GNUPGHOME : c:\Users\<username>\AppData\Roaming\gnupg //or whatever path it is
Create default secring and pubring by opening gpg2.exe file from installed location
Exit the opened terminal which says "type message"
Build Push Websocket-Resource (from inside thsi folder)
mvn clean install
The build will fail at javadoc signing but its okay as we have got the main binary in target folder (websocket-resources-0.4.1)
Link this file in maven repo ( make sure the versions are same in the file and in teh command)
mvn install:install-file -Dfile=./library/target/websocket-resources-0.4.1.jar -DgroupId=org.whispersystems -DartifactId=websocket-resources -Dversion=0.4.1 -Dpackaging=jar
Now build the Signal Server (from inside the Signal Server folder)
mvn clean install -DskipTests
Creating Config files
pushserver.yml
redis:
url: redis://localhost:6379/2
authentication:
servers:
-
name: 123
password: 123
gcm:
xmpp: false
apiKey: <INPUT HERE>
senderId: <INPUT HERE>
redphoneApiKey: AIddSyAsviyMy8jKe8chCEfr8NbeqGghy7oOCi4 #fake
apn:
feedback: false
pushKey: /path/to/your/apnpushcertificates/apns-dev-key-noenc.pem #fake
voipKey: /path/to/your/apnpushcertificates/apns-dev-key-noenc.pem #fake
voipCertificate: /path/to/your/apnpushcertificates/apns-dev-cert.pem #fake
pushCertificate: /path/to/your/apnpushcertificates/apns-dev-cert.pem #fake
server:
applicationConnectors:
- type: http
port: 9090
adminConnectors:
- type: http
port: 9091
gzip:
enabled: true
logging:
level: INFO
appenders:
- type: file
currentLogFilename: /tmp/pushserver.log
archivedLogFilenamePattern: /tmp/pushserver-%d.log.gz
archivedFileCount: 5
- type: console
textsecure.yml
# This is the sample config/textsecure.yml file for the TextSecure Server
# Pay attention! To start TextSecur server you will need to install and start PushServer
twilio:
accountId: <INPUT HERE>
accountToken: <INPUT HERE>
numbers:
-
+33756796138 #fake
localDomain: foo.org
push:
host: localhost
port: 9090
username: 123
password: 123
s3:
accessKey: ABCDEFGCUFYDHVM2LXXX #fake
accessSecret: W0UfGDddfAbqYyCTIIbSQlDtreTGokOs0OTpL0SE #fake
attachmentsBucket: thenameofyouts3buket #fake
directory:
url: "redis://localhost:6379/0"
cache:
url: "redis://localhost:6379/1"
server:
applicationConnectors:
- type: http
port: 8080
#keyStorePath: config/example.keystore
#keyStorePassword: example
#validateCerts: true
adminConnectors:
- type: http
port: 8081
#keyStorePath: config/example.keystore
#keyStorePassword: example
#validateCerts: true
websocket:
enabled: true
messageStore: # Postgres database configuration for message store
driverClass: org.postgresql.Driver
user: "postgres"
password: "postgres"
url: "jdbc:postgresql://localhost:5432/messagedb"
database:
driverClass: org.postgresql.Driver
user: "postgres"
password: "postgres"
url: "jdbc:postgresql://localhost:5432/accountsdb"
properties:
charSet: UTF-8
#federation: # is disabled
logging:
level: INFO
appenders:
- type: file
currentLogFilename: /tmp/textsecureshserver.log
archivedLogFilenamePattern: /temp/textsecureserver-%d.log.gz
archivedFileCount: 5
- type: console
redphone:
authKey: 1234567890 #fake
Place pushserver.yml in Push Server Folder.
Place textsecure.yml in Text Sexure /config folder.
For messaging service only, you need to install PushServer and successfully start it. To start it successfully you need to create Google developer account, Apple developer account and get push credentials to send push notifications.
In the TextSecure server you need to configure Push server like this:
TextServer push part
push:
host: 192.168.10.10
port: 8080
username: 123
password: 123
PushServer credentials
authentication:
servers:
-
name: 123
password: 123
Related
i'm a newbie to Kubernetes. This is my situation:
I found a open-source project on Github, it is a online bookstore: https://github.com/devdcores/BookStoreApp-Distributed-Application (anyway, thankss to author of this repo). This project is written in microservice-architecture, it had a docker-compose to build and run container instantly. I've try and it worked.
But when i try to build and run this project in Kubernetes and Helm, problem raise:
Some service cannot connect to mysqldb: Access denied for user 'bookstoreDBA'#'172.17.0.1' (using password: YES). So i look into source code and found this:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://bookstore-mysql-db:3306/bookstore_db?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC
username: bookstoreDBA
password: PaSSworD
My question is: Is the url set up properly? Is it the reason cause problem? If it is (not), then how to fix this problem?
P/S: These are environment variables and service.yaml for mysql container:
env:
MYSQL_DATABASE: bookstore_db
MYSQL_PASSWORD: PaSSworD
MYSQL_ROOT_PASSWORD: r00tPaSSworD
MYSQL_USER: bookstoreDBA
# service.yaml
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert
kompose.version: 1.22.0 (955b78124)
creationTimestamp: null
labels:
io.kompose.service: bookstore-mysql-db
name: bookstore-mysql-db
spec:
ports:
- name: "3306"
port: 3306
targetPort: 3306
selector:
io.kompose.service: bookstore-mysql-db
status:
loadBalancer: {}
I use mysql client to create bookstoreDBA user and grant needed privileges. Then restart the cluster. Now every things work properly.
I tried to enable logs collecting with datadog ansible role,
but I can't figure out why the logs are not sent to the Datadog ui
I found an example of a playbook in the role GitHub repo,
- hosts: servers
roles:
- { role: datadog.datadog, become: yes }
vars:
datadog_api_key: "<YOUR_DD_API_KEY>"
datadog_agent_version: "7.16.0"
datadog_config:
tags:
- "<KEY>:<VALUE>"
- "<KEY>:<VALUE>"
log_level: INFO
apm_config:
enabled: true
logs_enabled: true # available with Agent v6 and v7
datadog_checks:
process:
init_config:
instances:
- name: ssh
search_string: ['ssh', 'sshd' ]
- name: syslog
search_string: ['rsyslog' ]
cpu_check_interval: 0.2
exact_match: true
ignore_denied_access: true
ssh_check:
init_config:
instances:
- host: localhost
port: 22
username: root
password: <YOUR_PASSWORD>
sftp_check: True
private_key_file:
add_missing_keys: True
nginx:
init_config:
instances:
- nginx_status_url: http://example.com/nginx_status/
tags:
- "source:nginx"
- "instance:foo"
- nginx_status_url: http://example2.com:1234/nginx_status/
tags:
- "source:nginx"
- "<KEY>:<VALUE>"
#Log collection is available on Agent 6 and 7
logs:
- type: file
path: /var/log/access.log
service: myapp
source: nginx
sourcecategory: http_web_access
- type: file
path: /var/log/error.log
service: nginx
source: nginx
sourcecategory: http_web_access
# datadog_integration is available on Agent 6.8+
datadog_integration:
datadog-elastic:
action: install
version: 1.11.0
datadog-postgres:
action: remove
network_config:
enabled: true
i have just a tomcat server logging to a file and I want datadog to take those logs file and send them to my datadog account!
thanks in advance
# my code
- name: install the agent on targets
include_role:
name: datadog.datadog
vars:
datadog_api_key: "myApiKey"
datadog_site: "datadoghq.com"
datadog_config:
log_level: INFO
apm_config:
enabled: true
logs_enabled: true
logs:
- type: file
path: /home/ubuntu/web-app/tomcatlogs/logs/*.log
service: myapp
source: tomcat
I figured out how to do it,
at the bottom line is just about specifying a service (tomcat, nginx, java ...) and the Ansible role will create the files needed to complete your configuration,
hope this can help someone
- name: install the agent on targets
include_role:
name: datadog.datadog
vars:
datadog_api_key: "YOUR_API"
datadog_site: "datadoghq.com"
datadog_config:
log_level: INFO
apm_config:
enabled: true
logs_enabled: true
datadog_checks:
tomcat:
logs:
- type: file
path: /home/ubuntu/web-app/tomcatlogs/logs/*.log
service: myapp
source: tomcat
I have a Dockerfile with this content:
FROM openjdk:9
WORKDIR /project
ADD . /project
EXPOSE 5005
My docker-compose.yml looks like this:
version: "3.2"
services:
some-project:
build: .
ports:
- target: 5005
published: 5005
protocol: tcp
mode: host
command: "java '-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=5005' SomeClass"
When I do docker-composer up I see a message "Listening for transport dt_socket at address: 5005". But when I try to connect with jdb or Idea I get "java.io.IOException: handshake failed - connection prematurally closed".
Everything works fine if I change openjdk:9 to openjdk:8. However, I need Java 9 for my project.
From Java 9, the JDWP socket connector accept only local connections by default. See:
http://www.oracle.com/technetwork/java/javase/9-notes-3745703.html#JDK-8041435
So, to enable debug connections from outside, specify *:<port> as address:
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
I am trying to create a pipeline using Concourse CI. The pipeline should:
Get the code from git.
Build and package everything using maven.
Push generated artifact (target/*war) to Cloud Foundry.
Steps 1 and 2 are executed successfully but after hours of trying different configurations, I am not able to access the generated artifact and push it to CF.
I am getting following error in last step: error invalid path: found 0 files instead of 1 at path: /tmp/build/put/mvn-package/target/udm-0.1.war
File pipeline.yml:
resources:
- name: branch-dev
type: git
source:
uri: {{git-url}}
branch: {{git-branch}}
private_key: {{private-repo-key}}
- name: PCF-Dev
type: cf
source:
api: {{pcf-api}}
username: {{pcf-username}}
password: {{pcf-password}}
organization: {{pcf-organization}}
space: {{pcf-space}}
skip_cert_check: false
jobs:
- name: udm
serial: true
plan:
- get: branch-dev
trigger: true
- task: mvn-package
privileged: true
file: branch-dev/ci/package.yml
- put: PCF-Dev
params:
manifest: branch-dev/ci/manifest.yml
path: mvn-package-output/target/udm-0.1.war
File manifest.yml
applications:
- name: udm
File package.yml:
platform: linux
image_resource:
type: docker-image
source:
repository: maven
tag: latest
inputs:
- name: branch-dev
outputs:
- name: mvn-package-output
run:
path: "mvn"
args: ["-f", "branch-dev/udm/pom.xml", "package"]
I guess I am missing something. Could someone take a look and point me in the right direction?
You need to put/get the resource (build artifact) between build/deploy jobs (and have it defined as a resource)
Pivotal projects have very good examples of production Concourse use, like https://github.com/azwickey-pivotal/volume-demo/blob/master/ci/pipeline.yml
I have gotten a problem when I tried to run the example at here. I got the source code, built and run it. That's okay on my local environment (windows 10 OS), but when I created a vagrantfile with Ubuntu image and tried to run it in Ubuntu environment, then I got an issue. Because that example used Spring Security for authentication the user so that I have to run the command below to get an access token
curl http://acme:acmesecret#localhost:9999/uaa/oauth/token \
-d grant_type=password -d client_id=acme \
-d username=user -d password=password -ks | jq .
That's fine if I use ssh and run it inside the vagrant box. But if I run it outside the box (log out ubuntu box, return to Windows OS and use Postman for submitting the request to get the access token at localhost:9999/uaa/oauth/token), I always cannot see the port 9999 inside the vagrant box. I have the config for port_forward in the vagrantfile as below
config.vm.network "forwarded_port", guest: 8765, host: 8888 # API gateway port
config.vm.network "forwarded_port", guest: 8761, host: 8761 # eureka port
config.vm.network "forwarded_port", guest: 7979, host: 7979 # hytrix port
config.vm.network "forwarded_port", guest: 9999, host: 9999 # auth port, I try to portward 999 outside but could not sucess
Could anyone help me on that? I really get stuck at the moment :(