My Cheat Sheets

Add write access to particular directory for tomcat on Ubuntu

Setup:

Ubuntu 20, Tomcat 9, upload dir: /myapp/upload (myapp & upload dir already owner by user tomcat and permission 775).

Problem:

application on tomcat still can't write into upload dir (this setup already works on Centos 7 & 8).

Solution:

source: https://stackoverflow.com/questions/56827735/how-to-allow-tomcat-war-app-to-write-in-folder#56835997

edit file /etc/systemd/system/multi-user.target.wants/tomcat9.service (don't forget to use sudo) and add the following lines under [Service] section:

ReadWritePaths=/path/to/the/directory/

save the file then reload service:

systemctl daemon-reload
systemctl restart tomcat9

Done, now the application on tomcat has write access into upload dir.

Linux Commad Quick Reference

Command	Description
cd ..	Move up one level to upper directory.
cd /root	Move /root directory.
pwd	Show working directory (your current position).
ls -lah	Show all files and directory in working dir with format as list, all (show hidden files) and human readable size (eg. with Mb). I use it as general listing.
ls -ltr	ls with order by date.
ls \| wc -l	Count files on a directory.
ls -lahS	ls with order by file size.
df -h	Check disk space.
du -hd 1 /root	Check disk usage for every directories under /root directory. Useful for tracking disk space eater. Add \| sort -h to sort the result.
wget -c -url-	Use -c option to resume download.
grep -Rnw '/path/to/search' -e 'pattern'	find in files, use --include=\.{c,h} or --exclude=\.o param to include or exclude spesific file extensions. Use --exclude-dir={dir1,dir2,*.dst} param to exclude dirs.

Enabling HTTPS on Tomcat9 (using Self Signed Certificate)

source: https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html#Configuration

Self Signed Certificate means we create ourselves the certificate, and must tell the browser to accept it. It already serve the purpose to secure connection between browser and Tomcat but you can import certificate from a Certificate Authority later on if deemed as necessary.

1. Create a local Certificate Signing Request (CSR) using keytool which is located in Java's bin directory (keytool.exe on Windows). Change \path\to\my\keystore below as needed, in my case i change it to Tomcat's conf directory (/opt/tomcat/latest/conf/.keystore)

keytool -genkey -alias tomcat -keyalg RSA -validity 1095 -keystore \path\to\my\keystore

Before we run keytool, we make sure it is accessible using which command.

then run:

keytool -genkey -alias tomcat -keyalg RSA -validity 1095 -keystore /opt/tomcat/latest/conf/.keystore

Then provide all the information that the keytool asks and don't forget to write down the password (keypass) for later use.

2. Edit conf/server.xml file, add following lines into config right after the first Connector tag (port 8080). Don't forget to change 'changeIt' word with your certificate password.

<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           keystoreFile="conf/.keystore" keystorePass="changeIt"
           clientAuth="false" sslProtocol="TLS"/>

3. Open incoming port 8443 on firewall:

firewall-cmd --permanent --zone=public --add-port=8443/tcp
firewall-cmd --reload

4. Restart Tomcat, then test by accessing with https://localhost:8443/ there will be a security warning from the browser, we should add exception for this.

Below are examples add security exception on Mozilla Firefox:


(1) Click on 'Advanced' button.

(2) Click on 'View Certificate' to verify that it has the right certificate. (3) Click on 'Accept the Risk and Continue' to make exception.

Tomcat + MariaDB on CentOS 8 Stream Setup

Here a list of commands i use to setup standard Java application server using OpenJDK11 + Tomcat9 + MariaDB10.3 on fresh instaled CentOS 8 Stream (Server without GUI Package) :

#preparation
yum update
reboot
# make sure you have space
df -h
# install mariadb
yum install mariadb-server
# enabling mariadb service at startup
systemctl enable --now mariadb
# securing, setup root's password and remove test db and anonimous user
mysql_secure_installation
# test
mysql -u root -p

# install java, check available jdk
yum info java*
yum install java-11-openjdk-devel
# test
java -version

# tomcat9
# prepare user to run tomcat service, never using root
useradd -m -U -d /opt/tomcat -s /bin/false tomcat
# download and install tomcat9, please check version availability on https://www-eu.apache.org/dist/tomcat/tomcat-9/
VERSION=9.0.68
wget https://www-eu.apache.org/dist/tomcat/tomcat-9/v${VERSION}/bin/apache-tomcat-${VERSION}.tar.gz -P /tmp
tar -xf /tmp/apache-tomcat-${VERSION}.tar.gz -C /opt/tomcat/
ln -s /opt/tomcat/apache-tomcat-${VERSION} /opt/tomcat/latest
chown -R tomcat: /opt/tomcat
sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'
# check
ls -lah /opt/tomcat/latest/
ls -lah /opt/tomcat/latest/bin/
# create service for tomcat9 and put script below on it
vim /etc/systemd/system/tomcat.service

# script
[Unit]
Description=Tomcat 9 servlet container
After=network.target

[Service]
Type=forking

User=tomcat
Group=tomcat

Environment="JAVA_HOME=/usr/lib/jvm/jre"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"

Environment="CATALINA_BASE=/opt/tomcat/latest"
Environment="CATALINA_HOME=/opt/tomcat/latest"
Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"

ExecStart=/opt/tomcat/latest/bin/startup.sh
ExecStop=/opt/tomcat/latest/bin/shutdown.sh

[Install]
WantedBy=multi-user.target
# end of script

# start tomcat
systemctl daemon-reload
# enabling tomcat serice at startup
systemctl enable --now tomcat
# check
systemctl status tomcat
# open port on firewall
firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --reload

# check and remove all unnecessary software 
cd /opt/tomcat/latest/webapps/
ls -lah
rm -rf *
ls
# check log
less +G ../logs/catalina.out
# done

MySQL Replace First Letter With Uppercase


  UPDATE `user` SET `full_name`=CONCAT(UPPER(SUBSTRING(full_name,1,1)),SUBSTRING(full_name,2));

Git SSH using multiple account (GitLab)

The key is in ~/.ssh/config, here you can give aliases for every user on same host. SSH Key on each GitLab account must be already set up.


Host user1.gitlab.com
  Hostname gitlab.com
  PreferredAuthentications publickey
  IdentityFile ~/.ssh/id_rsa_user1

Host user1.gitlab.com
  Hostname gitlab.com
  PreferredAuthentications publickey
  IdentityFile ~/.ssh/id_rsa_user2

Testing:


$ ssh -T git@user1.gitlab.com
Welcome to GitLab, @user1!


$ ssh -T git@user2.gitlab.com
Welcome to GitLab, @user2!

Checking Java Heap size

use this to check default max heap size on a system: java -XX:+PrintFlagsFinal -version | grep -iE 'HeapSize|PermSize|ThreadStackSize'

Steps to use Gmail to fetch mail from other account

Why i need this?
I have email account on several website hosted with small storage space, which i should download them regularly to avoid over space quota. For a couple months i am using Thunderbird on my laptop until i feel i am to tied to my laptop :D, can't view old email without it...
So, when i learning that Gmail can import email from another email account also provide enough space then i start to use it. Now it's been two years since i use that features and it serve me well. I can check email from any pc / laptop, or from my phone without worrying my hosting space quota.

Why i write this?
For couple times i guiding people how to use this facility, whilst i glad doing it, i hope this blog post will save my time in the future.

Steps
1) Open settings

2) Open Add Mail Account Dialog

3) Insert needed information

4) Done. Enjoy..

Quick Acces to puTTY and WinSCP using Windows Search Program and Files

All this time puTTY and WinSCP were the most useful programs to me for administering servers, copying and syncing file between servers and my laptop. For years i never had issue accessing them quickly, using desktop shortcut for them so when i need them, just show desktop ( Win + D ) and double click the shortcut. But when i have too many desktop shortcuts and become uncomfortable to see them (and i'm too lazy to keep them simple) i just hide them, but it decreasing the speed to access them if i should locate their folder first. Using windows search program as quick access is an advantage, but the problem is PuTTY came as portable executable file and i prefer to use portable version of WinSCP because it just works wherever you put them and they kept saved sessions as well so they are not automatically add shortcut in program list. To solve this problem i manually create a shortcuts of them inside 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs' folder (ProgramData is hidden by default) and make them available in Windows Search and Files for quick access. So instead eyeballing them on program list, i just tap Win key and type 'pu' for puTTY or 'wins' for WinSCP and they came up as first search result that already highlighted and run it in one tap on 'Enter' key.

Other Alternatives:

1) Using shortcut key.
We can assign a shortcut key to desktop shortcut, but in my case all Alt + F.. already use up for others purposes and i don't want to overlap other software (and Windows) shortcut keys.

2) Add puTTY and WinSCP folder to be indexed by Windows Search.
We can add folder to be indexed, so it will came up on search result.
- first, i just add 'C:\App' (where puTTY and WinSCP folder reside) and since i had Eclipse IDE and some version of JBoss and Jetty inside that folder, so they got indexed too making larger indexes and a lot of unwanted search result (you'll get it if you ever exploring Eclipse's folders).
- second, i put puTTY folder and WinSCP folder to be indexed, it produces a little unnecessary search result, but still not comfort for me.

Java Regex To Replace 'Line Number Marker' created by JD-GUI

When saving source using JD-GUI into a file, by default JD-GUI will put line number (as comment) on each line. In order to remove these line number marker without re-decompile and re-saving it, simply search using regex \/\*[\s|\d]*\*\/ and replace with empty string.