A great way to configure a Raspberry Pi from scratch is PiBakery. After struggling a while with setting up a VNC server and some other things on a fresh Pi connected only via Ethernet (no display, keyboard, or mouse), finding PiBakery was very helpful.

Here’s my configuration:

The long string in the second Run Command step is:


Using your SSL certificate for your Spark web application

I’ve fallen in love with Spark recently. Being unexperienced with web development, I stumbled upon Spark when I was looking for a small framework for setting up a simple web application based on Java. My learning curve has been steep and my first website (consisting of nothing but a simple form) is running smoothly.

One issue I had to deal with was using my domain’s SSL certificate (proudly sponsored by Let’s Encrypt) for the integrated web server that comes with Spark. As you can read here, a keystore and a password need to be specified in order to achieve this.

Alright, nothing easier than coming up with a password, but how do I set up a Java keystore (.JKS) that uses my certificate? A quick Startpage search directed me to Maximilian Böhm’s tutorial on JKS and Let’s Encrypt certificates.
I could skip step 1 as I had created and installed my certificates already. For step 2, I needed to locate the directory in which my Plesk installation stored the fullchain.pem and privkey.pem files. I found them in:

I copied them to a temp directory to make things easier, and then ran the following command:

After typing in and remembering the password, the resulting pkcs.p12 file could be used to create the JKS file as described in step 3:

Here, SRC_STORE_PASS is the password chosen in step 2. Make sure to remember and distinguish those three passwords! Or use the same phrase for all of them.

The result was saved as keystore.pks. I changed my Spark code accordingly:

and put the file next my JAR. Done.

Referencing a Bean in JasperReports

Thanks to this answer on StackOverflow, I know how easy it is to reference the bean itself instead of one of its properties in a text field expression in JasperReports. The trick is to declare a field whose description is set to the keyword _THIS:

Then it can be referenced in the text field expression as follows:

Installing a Tor Relay from Source on a Raspberry Pi

The other day I learned on Twitter that I should update the Tor relay software on my Raspberry Pi as the Tor project had introduced a new Bridge Authority. So I lazily ran sudo apt-get update  followed by sudo apt-get upgrade only to notice that no new version of the tor package was available via the package manager. Bummer.

Waiting for the package manager to provide a new version seemed futile so I decided to build Tor from scratch. I found a very helpful answer on StackOverflow that listed all the steps required  for my setup.

  1. Make sure to have all dependencies needed for compiling the sources:
  2. Clone Tor from git.torproject.org:
  3. Switch to the latest release branch:
  4. Run  ./autogen.sh
  5. Run  ./configure  or  ./configure --disable-asciidoc  if you don’t want to build the manpages.
  6. Run  make
  7. (Optional): run  make install

This last step installed the new tor binary in /usr/local/bin/ whereas the existing tor binary was still located in /usr/bin/ from where it was picked up by /etc/init.d/tor (I want to run my tor relay as a service whenever the Raspberry reboots). Luckily, this problem had been solved by someone else who shared his findings on a mailing list.

  1. If you’re using service tor {start, stop, reload, etc.}:
  2. The latter will likely point to /usr/bin/tor, which might be outdated.
    If that’s the case, change that line in /etc/init.d/tor to point to the new Tor executable /usr/local/bin/tor – that’s where it should be; if you don’t like that, change BINDIR = /usr/local/bin  in Tor’s Makefile and make install  again.
  3. The Debian Tor packages seem to like to assume torrc will be placed in /etc/tor/torrc . If that’s where your torrc resides, make a symlink to it from /usr/local/etc/tor , which is where the new Tor executable will look for it:
  4. Stop the running tor service:
  5. Reload the tor daemon:
  6. Restart the tor service:

Regex for German Zip Codes

I found the following regular expression (source) working fine for me:

I tried two alternatives that did not work because they were too general:

The first regex matches the zip code “00000” which is invalid in the German system. The second regex matches the zip code “99999” which is invalid, too.

Renewal of Let’s Encrypt Certificates Using Plesk

Note to self: If the Let’s Encrypt extension for Plesk fails to renew a certificate (when triggered manually), disable the automatic forwarding to an SSL connection in the Apache settings. This forced secure connection seems to disturb the renewal script.

The error I got was something like this:

Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: 2016-01-19 13:56:07,885:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality. Failed authorization procedure. removed.domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://removed.domain.com/.well-known/acme-challenge/REMOVED-ID [REMOVED IP]: 401 IMPORTANT NOTES: - The following errors were reported by the server: Domain: removed.domain.com Type: urn:acme:error:unauthorized Detail: Invalid response from http://removed.domain.com /.well-known/acme- challenge/REMOVED-ID [REMOVED IP]: 401

See also this bug report on Github.

Let’s hope the extension is going to renew all certificates automatically every month from now on, as it should.

Testing Delegate Methods

We had an interesting discussion the other day: should we write unit tests for delegate methods, that is, methods that only delegate the call to a delegate object? Here’s an example of such a method:

I said I did not see much value in a unit test for this method as all the test could do is verify whether the do()  method of the mocked delegate object was called. Instead of testing behaviour, we would test the wiring which is close to trivial in this case and should be tested implicitly as part of an integration test involving the delegate object and the main object.

Some of my colleagues disagreed with me. Their argument was that a unit test would detect changes in the delegate call and indicate the intended usage of the delegate object. They were concerned an incorrect wiring could be introduced without a unit test. And this unit test would be cheap to write.

I did not find any of these arguments very convincing – and I’m in good company: the JUnit team’s FAQ webpage has a section on Best Practices which comments on testing delegate methods. You can read it here. Thank you, J. B. Rainsberger!