Using PEAR

pear update-channels

#Instalare pachet PEAR:
pear install PHP_Archive        -> e versiune gen alpha, beta, etc si de-aia nu se instaleaza
pear install PHP_Archive-0.11.4 -> specificata versiunea exacta si instalarea va rula fara probleme
pear search pecl                -> cautare pachet pecl (gasit CodeGen_PECL)
pear install CodeGen_PECL       -> instalare varianta stable, deci fara a specifica versiunea

#ERROR:
	root@nsa310:~# pecl upgrade
	pear.php.net is using a unsupported protocol - This should never happen.
	upgrade failed
#SOLUTION:
	pear update-channels
	pear upgrade-all
	pecl upgrade-all

Compiling Apache 2.2.29

#See https://adrhc.go.ro/wordpress/common-commands-when-building/ for building environment, x.sh script and other things not defined here.
#Before starting you must declare the environment variables specified at the link above.

#building env vars (required when rebuilding too)
APACHE_MPM=worker
NEW_BUILD_NAME=apache
NEW_BUILD_VER=2.2.29-$APACHE_MPM
NEW_BUILD_NAME_AND_VER=$NEW_BUILD_NAME-$NEW_BUILD_VER
ls -l /tmp/$NEW_BUILD_NAME-*
ls -l ~/ffp_0.7_armv5/packages/$NEW_BUILD_NAME-*
NEW_BUILD_NR=10

#extract sources
rm -r ~/compile/httpd-2.2.29-unpacked
cd ~/compile && mkdir httpd-2.2.29-unpacked
tar xvzf httpd-2.2.29.tar.gz -C ./httpd-2.2.29-unpacked
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29

#If any additional problems related to libtool see below.
#Modify "configure.in" and "configure" (search for: "case $libtoolversion in"):
  case $libtoolversion in
	  *1.[45]*)
		  SH_LIBTOOL='$(LIBTOOL)'
		  SHLTCFLAGS="-prefer-pic"
		  LTCFLAGS="-prefer-non-pic -static"
		  ;;
	  *)
		  //pedro: setez cumva SH_LIBTOOL
		  //SH_LIBTOOL='$(SHELL) $(top_builddir)/shlibtool $(LTFLAGS)' -> comenteaza (nu exista shlibtool)
		  SH_LIBTOOL='/ffp/lib/apr-1.4.8/build-1/libtool $(LTFLAGS)' -> to add
		  SHLTCFLAGS=""
		  LTCFLAGS=""
		  ;;
  esac

#Enable NPN
#https://issues.apache.org/bugzilla/show_bug.cgi?id=52210
#http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29
wget https://issues.apache.org/bugzilla/attachment.cgi?id=28588 -O npn.patch
#Modify npn.patch:
	Index: modules/ssl/ssl_engine_kernel.c
	===================================================================
	--- modules/ssl/ssl_engine_kernel.c	(revision 1306012)
	+++ modules/ssl/ssl_engine_kernel.c	(working copy)
	@@ -29,5 +29,6 @@
									   time I was too famous.''
												 -- Unknown                */
	 #include "ssl_private.h"
	+#include "mod_ssl.h"
	 
	 static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
patch -p0 -i npn.patch

#Enable mod_fcgid
rm -r ~/compile/mod_fcgid
cd ~/compile/
svn checkout http://svn.apache.org/repos/asf/httpd/mod_fcgid/trunk mod_fcgid
cp -r ~/compile/mod_fcgid/modules/fcgid ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29/modules/

#Enable WebSocket with mod_proxy_wstunnel
#http://notmyitblog.blogspot.ro/2014/03/websockets-support-for-apache-httpd.html
#https://gist.github.com/vitkin/6661683
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29
wget https://gist.github.com/vitkin/6661683/raw/873dd8b4de4ad1ff69757ffe48fc574374aedc57/apache-2.2-wstunnel.patch -O apache-2.2-wstunnel.patch
patch -p1 -i apache-2.2-wstunnel.patch
#cp -r httpd-2.2.29 httpd-2.2.29-fcgid-npn-wstunnel
#You may encounter some compilation error with version 2.2.22 and later similar to:
#modules/http/.libs/libmod_http.a(byterange_filter.o): In function `ap_set_byterange':
#byterange_filter.c:(.text+0x130d): undefined reference to `apr_array_clear'
#collect2: ld returned 1 exit status
#This is a known bug. A workaround consist in adding --with-included-apr to the configure options.

#configure new added modules (fcgid)
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29
~/x.sh ffpg
./buildconf
~/x.sh ffpg

#start from here when REBUILDING (only if not deleted ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29)
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29
rm -r ../httpd-2.2.29-build
mkdir ../httpd-2.2.29-build

#CONFIGURE
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29-build
../httpd-2.2.29/configure --help > ../configure.help.txt
#../httpd-2.2.29/configure --prefix=/ffp/opt/apache-2.2.29-$APACHE_MPM --enable-mods-shared=all --with-apr=/ffp --with-apr-util=/ffp --with-pcre=/ffp --with-z=/ffp --with-ssl=/ffp --with-mpm=$APACHE_MPM --enable-fcgid
../httpd-2.2.29/configure --prefix=/ffp/opt/apache-2.2.29-$APACHE_MPM --enable-modules="log_config mime alias autoindex headers authz_host userdir env setenvif filter authn_file ssl actions dir negotiation auth_basic authz_default authz_user rewrite proxy proxy_http proxy_ajp dav dav_svn authz_svn expires deflate info dav_fs proxy_wstunnel" --enable-mods-shared="fcgid asis authn_default authz_groupfile cache cgi cgid disk_cache file_cache include mem_cache proxy_balancer proxy_connect proxy_ftp proxy_scgi status version" --with-pcre=/ffp --with-z=/ffp --with-ssl=/ffp --with-mpm=$APACHE_MPM --enable-fcgid

#prepare for FFP again
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29-build
~/x.sh ffpg1
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29
~/x.sh ffpg

#COMPILE
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29-build
nohup /ffp/bin/make -C ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29-build &
renice -6 `pidof cc1plus` -p `pidof make` -p `pidof as` -p `pidof ld` -p `pidof configure` -p `pidof cc1`
tail -f nohup.out

#INSTALL & PACKAGE
cd ~/compile/httpd-2.2.29-unpacked/httpd-2.2.29-build
rm -r $HOME/temp/$NEW_BUILD_NAME_AND_VER
#Running make -n install permits previewing the build process, as it prints out all 
#the commands that would be triggered by a make, without actually executing them.
make install DESTDIR=$HOME/temp/$NEW_BUILD_NAME_AND_VER
cd $HOME/temp/$NEW_BUILD_NAME_AND_VER
makepkg $NEW_BUILD_NAME $NEW_BUILD_VER $NEW_BUILD_NR
cp -v /tmp/$NEW_BUILD_NAME-$NEW_BUILD_VER-arm-$NEW_BUILD_NR.txz ~/ffp_0.7_armv5/packages/
funpkg -q $NEW_BUILD_NAME
funpkg -i ~/ffp_0.7_armv5/packages/$NEW_BUILD_NAME-$NEW_BUILD_VER-arm-$NEW_BUILD_NR.txz

#copy additional modules
cd $HOME
sed -i s/"User daemon"/"User nobody"/ /ffp/opt/apache-2.2.29-$APACHE_MPM/conf/httpd.conf
sed -i s/"Group daemon"/"Group nobody"/ /ffp/opt/apache-2.2.29-$APACHE_MPM/conf/httpd.conf
mkdir /ffp/opt/apache-2.2.29-$APACHE_MPM/conf-original
cp -r /ffp/opt/apache-2.2.29-$APACHE_MPM/conf/* /ffp/opt/apache-2.2.29-$APACHE_MPM/conf-original
cp -v /ffp/libexec/mod_authz_svn.so /ffp/opt/apache-2.2.29-$APACHE_MPM/modules/
cp -v /ffp/libexec/mod_dav_svn.so /ffp/opt/apache-2.2.29-$APACHE_MPM/modules/
ls -dl ~/NSA310-backups/*apache-modules*
cp -v ~/NSA310-backups/2015-02-01\ apache-modules\ worker/*.so /ffp/opt/apache-2.2.29-$APACHE_MPM/modules/
ls -dl ~/NSA310-backups/*pagespeed*
cp -v ~/NSA310-backups/2015-01-23\ pagespeed\ trunk/*.so /ffp/opt/apache-2.2.29-$APACHE_MPM/modules/

#INFO
#lists configured httpd modules:
#/usr/sbin/httpd -M -f /etc/service_conf/httpd.conf
#/ffp/opt/apache-2.2.29-worker/bin/httpd -M -f /etc/service_conf/xhttpd.conf
#lists built-in httpd modules:
#/usr/sbin/httpd -l
#/ffp/opt/apache-2.2.29-worker/bin/httpd -l

#owncloud, apache, php-zts and fcgid
#If fcgid is not a shared module (--enable-mods-shared) than after logging off 
#from owncloud you won't be able to login again (you'll have to restart apache).
#Does not have this problem when using php-non-zts.

Compiling litmus 0.13

cd ~/compile
rm -r litmus-0.13
tar -xzf litmus-0.13.tar.gz
cd ~/compile/litmus-0.13
export LDFLAGS="-L/ffp/lib -lintl"
export CPPFLAGS="-I/ffp/include -I/ffp/include/readline"
export CXXFLAGS="-I/ffp/include -I/ffp/include/readline"
export CFLAGS="-march=armv5te -mtune=xscale -mfloat-abi=soft -mabi=aapcs-linux -O2 -lintl -Wall"
export LC_ALL=POSIX
./configure --help > configure.help.txt
./configure --prefix=/ffp --disable-debug --enable-threadsafe-ssl=posix --with-ssl=openssl --with-included-neon
nohup make -C ~/compile/litmus-0.13 &
renice -14 `pidof cc1plus` -p `pidof make` -p `pidof as`
tail -f nohup.out
make install DESTDIR=~/temp/litmus-0.13
#makepkg litmusversion buildnumber
cd ~/temp/litmus-0.13
makepkg litmus 0.13 0
cp -v /tmp/litmus-0.13-arm-0.txz ~/ffp_0.7_armv5

Compiling php 5.5.x

cd ~/compile
curl -L -k http://de1.php.net/get/php-5.5.19.tar.gz/from/this/mirror -o php-5.5.19.tar.gz
tar -xzf php-5.5.19.tar.gz
cd ~/compile/php-5.5.19
find . -type f \( -exec sed -i s/"\/usr\/bin\/perl"/"\/ffp\/bin\/perl"/ {} \; , -exec sed -i s/"\/usr\/bin\/python"/"\/ffp\/bin\/python"/ {} \; , -exec sed -i s/"\/usr\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \; , -exec sed -i s/"\/usr\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \; , -exec sed -i s/"\/usr\/bin\/env"/"\/ffp\/bin\/env"/ {} \; , -exec sed -i s/"\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \; , -exec sed -i s/"\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \; , -exec sed -i s/"\/bin\/env"/"\/ffp\/bin\/env"/ {} \; , -exec sed -i s/"\/ffp\/ffp\/"/"\/ffp\/"/ {} \; \)
cp -r ~/compile/php-5.5.19 ~/compile/php-5.5.19-ffp
 
#to do only when rebuilding; start also from here:
cd ~/compile
rm -r ~/compile/php-5.5.19
cp -r ~/compile/php-5.5.19-ffp ~/compile/php-5.5.19
cd ~/compile/php-5.5.19
 
export BUILD_FLAGS="-march=armv5te -mtune=xscale -mfloat-abi=soft -mabi=aapcs-linux -pthread -O2 -lintl -Wall -I/ffp/include"
export BUILD_FLAGS="-march=armv5te -mfloat-abi=soft -mabi=aapcs-linux -pthread -O2 -lintl -Wall -I/ffp/include"
export LDFLAGS="-L/ffp/lib -lintl"
export CPPFLAGS="$BUILD_FLAGS"
export CXXFLAGS="$BUILD_FLAGS"
export CFLAGS="$BUILD_FLAGS"
export LC_ALL=POSIX

./configure --help > configure.help.txt
cat configure.help.txt

ERROR0:
	don't know how to define struct flock on this system ... set --enable-opcache=no
SOLUTION0:
	funpkg -r libgd-2.1.0-arm-0

#ATTENTION, don't use --with-pear, will fail at end and won't install pear.

#With threads (with zts)
#See also install pthreads php-module: https://adrhc.go.ro/wordpress/using-pecl/.
#Remarca utilizarea apache-2.2.29-worker ci nu prefork!
./configure --prefix=/ffp --enable-re2c-cgoto --enable-mod-charset=shared --with-apxs2=/ffp/opt/apache-2.2.29-worker/bin/apxs --with-config-file-path=/ffp/etc --with-libxml-dir=/ffp --with-zlib=/ffp --with-zlib-dir=/ffp --with-bz2=/ffp --enable-calendar=shared --with-curl=/ffp --enable-dba=shared --enable-exif=shared --with-pcre-dir=/ffp --enable-ftp=shared --with-openssl=/ffp --with-jpeg-dir=/ffp --with-png-dir=/ffp --with-freetype-dir=/ffp --with-gettext=/ffp --with-gmp=/ffp --with-mhash=/ffp --with-icu-dir=/ffp --enable-mbstring=shared --with-onig=/ffp --with-mcrypt=/ffp --with-mysql=shared,/ffp --with-mysql-sock=/ffp/var/run/mysql/mysql.sock --with-mysqli=shared,/ffp/bin/mysql_config --enable-opcache --enable-pcntl --with-pdo-mysql=/ffp --with-mysql-sock=/ffp/var/run/mysql/mysql.sock --with-readline=/ffp --with-snmp=/ffp --enable-soap=shared --enable-sockets --with-iconv=/ffp --with-xsl=/ffp --enable-zip=shared --enable-mysqlnd=shared --with-tsrm-pth=/ffp/bin/pth-config --with-gd=shared --enable-maintainer-zts

#Without threads (without zts; not required: --disable-maintainer-zts)
#Remarca utilizarea apache-2.2.29-prefork ci nu worker!
./configure --prefix=/ffp --enable-re2c-cgoto=shared --enable-mod-charset=shared --with-apxs2=/ffp/opt/apache-2.2.29-prefork/bin/apxs --with-config-file-path=/ffp/etc/php.ini --with-config-file-scan-dir=/ffp/etc --with-libxml-dir=/ffp --with-zlib=/ffp --with-zlib-dir=/ffp --with-bz2=shared,/ffp --enable-calendar=shared --with-curl=shared,/ffp --enable-dba=shared --enable-exif=shared --with-pcre-dir=/ffp --enable-ftp=shared --with-openssl=/ffp --with-jpeg-dir=/ffp --with-png-dir=/ffp --with-freetype-dir=/ffp --with-gettext=shared,/ffp --with-gmp=shared,/ffp --with-mhash=shared,/ffp --with-icu-dir=/ffp --enable-mbstring --with-onig=/ffp --with-mcrypt=shared,/ffp --with-mysql=/ffp --with-mysql-sock=/ffp/var/run/mysql/mysql.sock --with-mysqli=/ffp/bin/mysql_config --enable-opcache=shared --enable-pcntl=shared --with-pdo-mysql=/ffp --with-readline=shared,/ffp --with-snmp=shared,/ffp --enable-soap=shared --enable-sockets=shared --with-iconv=/ffp --with-xsl=shared,/ffp --enable-zip --enable-mysqlnd --without-pear --without-pdo-sqlite --without-sqlite3

nohup make -C ~/compile/php-5.5.19 &
renice -14 `pidof cc1plus` -p `pidof make` -p `pidof as`
tail -f nohup.out
 
#BEFORE INSTALL:
#If installed using --with-pear do (but anyway will still fail to install pear):
sed -i s/"phar:\/\/install-pear-nozlib\.phar\/index\.php"/"\/ffp\/home\/root\/compile\/php-5.5.19\/pear\/install-pear-nozlib.phar"/ pear/install-pear-nozlib.phar

#INSTALL
rm -r $HOME/temp/php-5.5.19
mkdir -p $HOME/temp/php-5.5.19/ffp/opt/apache-2.2.29-prefork/conf/
cp -v /ffp/opt/apache-2.2.29-prefork/conf/httpd.conf $HOME/temp/php-5.5.19/ffp/opt/apache-2.2.29-prefork/conf/
INSTALL_ROOT=$HOME/temp/php-5.5.19 make install
libtool --finish /ffp/home/root/compile/php-5.5.19/libs
rm -vr $HOME/temp/php-5.5.19/ffp/opt/apache-2.2.29-prefork/conf/
cd $HOME/temp/php-5.5.19
ls -l /tmp/php-*
ls -l ~/ffp_0.7_armv5/packages/php-*
#makepkg php version buildnumber
#makepkg php-mysql-5.5.28 5.5.19 0
makepkg php-mysql-5.6.21 5.5.19 0
funpkg -i /tmp/php-mysql-5.6.21-5.5.19-arm-0.txz
cp -v /tmp/php-5.5.19-*.txz $HOME/ffp_0.7_armv5/packages/
mv -v /ffp/opt/apache-2.2.29-prefork/modules/libphp5.so /ffp/opt/apache-2.2.29-prefork/modules/libphp5-prefork-mysql-5.6.21.so
cp -v /ffp/opt/apache-2.2.29-prefork/modules/libphp5-*.so ~/NSA310-backups/2014-08-19\ apache-modules

#AFTER INSTALL
#INSTALL PEAR
wget http://pear.php.net/go-pear.phar
php go-pear.phar
#INSTALL PECL
#see https://adrhc.go.ro/wordpress/using-pear/
#INSTALL APCu (compile or use https://adrhc.go.ro/wordpress/using-pecl/)
cd ~/compile
wget http://pecl.php.net/get/apcu-4.0.7.tgz
tar zxfv apcu-4.0.7.tgz
cd ~/compile/apcu-4.0.7
phpize
./configure --with-php-config=/ffp/bin/php-config --enable-apcu
make install
#dezactiveaza autentificarea in ~/compile/apcu-4.0.7/apc.php: defaults('USE_AUTHENTICATION',0)
#Nu copia apc.php in /i-data/60cb70cf/www/pages/wordpress/wp-content/plugins/wp-apc-panel/include/ pt ca deja exista!
cp -v ~/compile/apcu-4.0.7/apc.php $HOME/tools/
#INSTALL gd.so
cd ~/temp
mkdir php-5.5.201306201030-arm-1
cd ~/temp/php-5.5.201306201030-arm-1
wget http://ffp.memiks.fr/pkg/php-5.5.201306201030-arm-1.txz
tar Jxvf php-5.5.201306201030-arm-1.txz
cp -v ffp/lib/php/extensions/no-debug-non-zts-20121212/gd.so /ffp/lib/php/extensions/no-debug-non-zts-20121212/

#show php modules
php -m

#Using php5_module with Apache:
#LoadModule php5_module /usr/local/zy-pkgs/lib/libphp5.so
#Link required: /usr/local/zy-pkgs/php/php.ini -> /ffp/etc/php.ini
#PHPIniDir /usr/local/zy-pkgs/php
#AddHandler php5-script .php
#AddType application/x-httpd-php .php .phtml
#AddType application/x-httpd-php-source .phps

Apache basic authentication password creation

# see http://passwordsgenerator.net/

# -c option means to create the passwords file
/ffp/opt/apache-2.2.9-prefork/bin/htpasswd -c -m passwords_file_path user_name1
# -m option means to add/modify the user user_name2
/ffp/opt/apache-2.2.9-prefork/bin/htpasswd -m passwords_file_path user_name2
# -D option means to delete the user user_name3
htpasswd -D passwords_file_path user_name3

Install linux headers

cd ~/compile
rm -r linux-2.6.31.8
rm -r linux_headers
mkdir linux_headers
wget https://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.31.8.tar.gz
tar xvzf linux-2.6.31.8.tar.gz
cd linux-2.6.31.8
export ARCH=arm 
export ARM_ARCH=armv5te 
export CLFS_FLOAT=soft
unset CFLAGS
unset CPPFLAGS
unset CXXFLAGS
#For Zyxel NSA310 only:
#Replace /ffp/home/root/compile/linux-2.6.31.8/arch/arm/Makefile with
#/ffp/home/root/temp/build_NSA310/trunk/linux-2.6.31.8/arch/arm/Makefile
#from http://gpl.nas-central.org/ZYXEL/NSA310_GPL/FW4.40/build_NSA310.tar.gz
cp -v /ffp/home/root/temp/build_NSA310/trunk/linux-2.6.31.8/arch/arm/Makefile /ffp/home/root/compile/linux-2.6.31.8/arch/arm/Makefile
make mrproper
make ARCH=arm ARM_ARCH=armv5te CLFS_FLOAT=soft headers_check
make ARCH=arm ARM_ARCH=armv5te CLFS_FLOAT=soft INSTALL_HDR_PATH=`pwd`/../linux_headers headers_install
cd ../linux_headers
#That's all!

#the below is the packaging specific for my Zyxel NSA310
mkdir ffp
mv include/ ffp/
#makepkg findutils version buildnumber
makepkg linux-headers 2.6.31.8 ?
cp /tmp/linux-headers-2.6.31.8-arm-*.txz ~/ffp_0.7_armv5
funpkg -q linux
funpkg -r linux-headers-2.6.31.8-arm
funpkg -i ~/ffp_0.7_armv5/linux-headers-2.6.31.8-arm-?.txz
Table 4.1. ARM Hard Floating Point Versions
fpa		fpe2		fpe3		maverick
vfp		vfpv3		vfpv3-fp16	vfpv3-d16
vfpv3-d16-fp16	vfpv3xd		vfpv3xd-fp16	neon
neon-fp16	vfpv4		vfpv4-d16	fpv4-sp-d16
neon-vfpv4	 	 	 

Table 4.3. ARM Archiecture Choices
armv4t	armv5	armv5t	armv5te
armv6	armv6j	armv6t2	armv6z
armv6zk	armv6-m	armv7	armv7-a
armv7-r	armv7-m	 	 

For ARCH, ARM_ARCH, CLFS_FLOAT values click also here.
Inspired from here.

Hibernate 4.3.5 + Spring 4.0.5

	<bean id="sessionFactory" lazy-init="true"
	      class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
		<property name="dataSource" ref="dataSource"/>
		<!--<property name="mappingLocations">-->
			<!--<list>-->
				<!--<value>classpath:/hibernate/**/*.hbm.xml</value>-->
			<!--</list>-->
		<!--</property>-->
		<property name="packagesToScan" value="image.exifweb.persistence"/>
		<property name="hibernateProperties">
			<props>
				<prop key="hibernate.dialect">org.hibernate.dialect.MySQL5InnoDBDialect</prop>
				<prop key="hibernate.jdbc.batch_size">20</prop>
				<prop key="hibernate.show_sql">false</prop>
				<prop key="hibernate.format_sql">true</prop>
				<prop key="hibernate.validator.autoregister_listeners">false</prop>
				<!--<prop key="hibernate.hbm2ddl.auto">update</prop>-->
				<!--
				<prop key="hibernate.id.new_generator_mappings">true</prop>
				<prop key="hibernate.current_session_context_class">jta</prop> -->
				<!--<prop key="javax.persistence.validation.mode"></prop>-->
			</props>
		</property>
	</bean>

	<!-- Transaction manager for a single Hibernate SessionFactory (alternative to JTA) -->
	<bean id="transactionManager" name="transactionManager"
	      class="org.springframework.orm.hibernate4.HibernateTransactionManager">
		<property name="sessionFactory" ref="sessionFactory"/>
	</bean>

	<tx:annotation-driven mode="aspectj"/>

Recursively remove all empty or almost empty directories

find /i-data/md0/video/ -type d -empty -delete

# print files/directories with size less 1M:
cd /********/Videos/couchpotato-complete
du -sh * | grep -P "\d+K" | awk '{for (i=2; i<NF; i++) printf $i " "; print $NF}' | sort
du -sh * | grep -P "\d+K" | awk '{for (i=2; i<NF; i++) printf $i " "; print $NF}' | sort > movies_to_delete.txt
while read -r file; do rm -rv -- "$file"; done < movies_to_delete.txt
rm -v movies_to_delete.txt

ActiveMQ + Spring 3.2.x

	<!-- CachingConnectionFactory Definition, sessionCacheSize property is the number of sessions to cache -->
	<bean id="connectionFactory" class="org.springframework.jms.connection.CachingConnectionFactory">
		<constructor-arg ref="amqConnectionFactory"/>
		<property name="exceptionListener" ref="jmsExceptionListener"/>
		<property name="sessionCacheSize" value="100"/>
		<property name="cacheConsumers" value="true"/>
	</bean>

	<!-- JmsTemplate Definition -->
	<bean id="jmsTemplate" class="org.springframework.jms.core.JmsTemplate">
		<constructor-arg ref="connectionFactory"/>
	</bean>

	<amq:connectionFactory id="amqConnectionFactory" brokerURL="${jms.brokerURL}"
	                       userName="${jms.username}" password="${jms.password}"/>

	<jms:listener-container concurrency="1" destination-type="queue">
		<jms:listener id="QueueListener" destination="${ssm.queque.name}" ref="queueListener"/>
	</jms:listener-container>

	<jms:listener-container concurrency="1" destination-type="topic">
		<jms:listener id="TopicListener" destination="${topic.name}" ref="topicListener"/>
	</jms:listener-container>

JPA (hibernate 4.3.x) + Spring 3.2.x

	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
		<property name="entityManagerFactory" ref="entityManager" />
	</bean>
	
	<bean id="entityManager" depends-on="dataSource"
		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
		<property name="dataSource" ref="dataSource" />
		<property name="packagesToScan"
			value="...packages...persistence.entity" />
		<property name="persistenceUnitName" value="gigi" />
		<property name="persistenceProvider">
			<bean class="org.hibernate.jpa.HibernatePersistenceProvider" />
		</property>
		<property name="jpaPropertyMap" ref="jpaPropertyMap" />
		<property name="jpaVendorAdapter" ref="jpaVendorAdapter" />
		<property name="jpaDialect">
			<bean class="org.springframework.orm.jpa.vendor.HibernateJpaDialect" />
		</property>
	</bean>

	<jpa:repositories base-package="...some package..."
	                  entity-manager-factory-ref="entityManager"
	                  transaction-manager-ref="transactionManager">
		<repository:include-filter type="annotation"
		                           expression="org.springframework.stereotype.Repository"/>
	</jpa:repositories>

	<bean id="jpaVendorAdapter"
	      class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
		<property name="database" value="POSTGRESQL"/>
		<property name="showSql" value="true"/>
		<property name="databasePlatform"
		          value="org.eclipse.persistence.platform.database.PostgreSQLPlatform"/>
	</bean>
	
	<util:properties id="jpaPropertyMap">
		<prop key="hibernate.transaction.jta.platform">
			org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform
		</prop>
		<prop key="hibernate.connection.autocommit">false</prop>
		<prop key="hibernate.dialect">
			org.hibernate.spatial.dialect.postgis.PostgisDialect
		</prop>
		<prop key="hibernate.show_sql">true</prop>
	</util:properties>

	<bean class="org.springframework.orm.hibernate4.HibernateExceptionTranslator"/>

Tomcat

Pt debug din mediul de dezvoltare trebuie modificat:

a) setenv.bat:
SET "JAVA_HOME=c:\Program Files\Java\jdk1.7.0_60"
CATALINA_OPTS=-Xms512m -Xmx2048m -XX:MaxPermSize=512M -XX:+CMSClassUnloadingEnabled -javaagent:c:\maven.repository.3x\org\springframework\spring-instrument-tomcat\4.0.6.RELEASE\spring-instrument-tomcat-4.0.6.RELEASE.jar
SET "JPDA_OPTS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"

b) startup.bat (la finalul fisierului):
call "%EXECUTABLE%" jpda start %CMD_LINE_ARGS% -> pt a determina utilizarea lui JPDA_OPTS

Install & configure ghost

Installing ghost on linux (official)
Compiling nodejs

cd /ffp/opt/
rm -r ghost
#rm ghost.zip
#curl -L -k https://ghost.org/zip/ghost-latest.zip -o ghost.zip
unzip -uo ghost.zip -d ghost
cd /ffp/opt/ghost
find . -type f -exec sed -i s/"\/usr\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \;
find . -type f -exec sed -i s/"\/usr\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \;
find . -type f -exec sed -i s/"\/usr\/bin\/env"/"\/ffp\/bin\/env"/ {} \;
find . -type f -exec sed -i s/"\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \;
find . -type f -exec sed -i s/"\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \;
find . -type f -exec sed -i s/"\/bin\/env"/"\/ffp\/bin\/env"/ {} \;
find . -type f -exec sed -i s/"\/ffp\/ffp\/"/"\/ffp\/"/ {} \;
#cp -r /ffp/opt/ghost ~/temp/ghost
/ffp/opt/nodejs/bin/npm install --production

#ERROR1:
	sh: /usr/local/zy-pkgs/ffproot/ffp/opt/ghost/node_modules/sqlite3/node_modules/.bin/node-pre-gyp: /usr/bin/env: bad interpreter: No such file or directory
#SOLUTION1:
	#See something like https://registry.npmjs.org/sqlite3/2.2.7 in error message.
	cd ~/temp
	wget http://registry.npmjs.org/sqlite3/-/sqlite3-2.2.7.tgz
	mkdir sqlite3-2.2.7
	cd sqlite3-2.2.7
	cp ../sqlite3-2.2.7.tgz .
	tar xvzf ./sqlite3-2.2.7.tgz
	rm sqlite3-2.2.7.tgz
	find . -type f -exec sed -i s/"\/usr\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \;
	find . -type f -exec sed -i s/"\/usr\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \;
	find . -type f -exec sed -i s/"\/usr\/bin\/env"/"\/ffp\/bin\/env"/ {} \;
	find . -type f -exec sed -i s/"\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \;
	find . -type f -exec sed -i s/"\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \;
	find . -type f -exec sed -i s/"\/bin\/env"/"\/ffp\/bin\/env"/ {} \;
	find . -type f -exec sed -i s/"\/ffp\/ffp\/"/"\/ffp\/"/ {} \;
	tar czf sqlite3-2.2.7.tgz package
	npm install sqlite3-2.2.7.tgz

cd /ffp/opt/ghost
/ffp/opt/nodejs/bin/npm install --production
npm install forever -g
npm install mysql -g
cd /ffp/opt/nodejs/lib/node_modules
find . -type f -exec sed -i s/"\/usr\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \;
find . -type f -exec sed -i s/"\/usr\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \;
find . -type f -exec sed -i s/"\/usr\/bin\/env"/"\/ffp\/bin\/env"/ {} \;
find . -type f -exec sed -i s/"\/bin\/bash"/"\/ffp\/bin\/bash"/ {} \;
find . -type f -exec sed -i s/"\/bin\/sh"/"\/ffp\/bin\/sh"/ {} \;
find . -type f -exec sed -i s/"\/bin\/env"/"\/ffp\/bin\/env"/ {} \;
find . -type f -exec sed -i s/"\/ffp\/ffp\/"/"\/ffp\/"/ {} \;

#Create mysql DB for ghost
mysql -p
CREATE DATABASE ghost CHARACTER SET utf8;
GRANT ALL ON ghost.* TO 'ghost'@'%' IDENTIFIED BY 'ghost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit

sed -i s#\"\/shared\/img#\"\/blog\/shared\/img# /ffp/opt/ghost/core/built/scripts/ghost-dev.js	 	 
sed -i s#\"\/shared\/img#\"\/blog\/shared\/img# /ffp/opt/ghost/core/built/scripts/templates-dev.js	 	 
sed -i s#\"\/shared\/img#\"\/blog\/shared\/img# /ffp/opt/ghost/core/built/scripts/ghost.min.js

#/ffp/opt/ghost/config.js
	url: 'http://adrhc.go.ro/blog',
	database: {
		client: 'mysql',
		connection: {
			host: 'localhost',
			user: 'ghost',
			password: 'ghost',
			database: 'ghost',
			charset: 'utf8'
		}
	},

#Apache config:
#	ProxyPass			/blog/			http://127.0.0.1:2368/blog/
#	ProxyPassReverse	/blog/			http://127.0.0.1:2368/blog/

#Running ghost in production mode:
cd /ffp/opt/ghost
NODE_ENV=production npm start
#Running ghost in development mode:
cd /ffp/opt/ghost
npm start
#Running ghost in production mode (first put export NODE_ENV=production in ~/.profile):
cd /ffp/opt/ghost
/bin/nice --8 npm start
#Running ghost in production mode (first put export NODE_ENV=production in ~/.profile):
cd /ffp/opt/ghost && /bin/nice --8 forever -o /ffp/var/log/ghost.log start index.js
#cd /ffp/opt/ghost && forever stop index.js

posts page
login page

How to configure Stunnel

https://www.stunnel.org/howto.html
https://www.stunnel.org/static/stunnel.html
http://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file
https://support.ssl.com/index.php?/Knowledgebase/Article/View/19

stunnel /ffp/etc/stunnel/stunnel.conf
cat /ffp/var/lib/stunnel/stunnel.pid
cat /ffp/var/lib/stunnel/stunnel.log
#Generate cert file necesar a fi specificat in stunnel.conf (varianta cu windows - preferata):
openssl.exe req -newkey rsa:2048 -x509 -days 3660 -out stunnel-pub.pem -keyout stunnel-key.pem
openssl.exe rsa -in stunnel-key.pem -out stunnel-key-no-pwd.pem -> stergere parola
openssl.exe dhparam 2048 >> stunnel-pub.pem (dhparam -> versiunea noua pt. vechiul parametru gendh)
openssl.exe dhparam 2048 >> stunnel-key-no-pwd.pem
# openssl.exe pkcs12 -export -in stunnel-pub.pem -inkey stunnel-key-no-pwd.pem -name "stunnel" -out stunnel-pwd.p12
cat stunnel-key-no-pwd.pem >> stunnel.cer (stunnel.conf:cert = stunnel.cer)
cat stunnel-pub.pem >> stunnel.cer (stunnel.conf:cert = stunnel.cer)
stunnel /ffp/etc/stunnel/stunnel.conf
Nu e necesar importul stunnel-pub.pem in authorized_keys !
Nu e necesara generarea lui stunnel-pwd.p12 !
#Aplica c_hash fisierelor din /certs (stunnel.conf:CApath = /.../certs) -> alternativa la stunnel.conf:CAfile:
cd /ffp/var/lib/stunnel
/ffp/var/lib/stunnelc_rehash /certs

How to create a certificate

# see https://www.openssl.org/docs/manmaster/apps/req.html
# Create a certificate
del adr-*.pem
openssl req -newkey rsa:2048 -x509 -days 3660 -out adr-pub.pem -keyout adr-key.pem
#bug: openssl req -newkey rsa:2048 -x509 -days 3660 -out adr-bitvise-pub.pem -keyout adr-bitvise-key.pem
#bug: openssl req -new -x509 -days 3660 -out adr-bitvise.pem -keyout adr-bitvise.pem
openssl rsa -in adr-key.pem -out adr-key-no-pwd.pem -> stergere parola
#openssl rsa -des3 -in adr-key.pem -out adr-key-new-pwd.pem -> setare parola
openssl dhparam 2048 >> adr-pub.pem (dhparam -> versiunea noua pt. vechiul param gendh)
openssl dhparam 2048 >> adr-key-no-pwd.pem
openssl pkcs12 -export -in adr-pub.pem -inkey adr-key-no-pwd.pem -name "adr" -out adr-pwd.p12
#Pune adr-pub.pem in /home/root/.ssh/ (backup keys folder).
cat adr-pub.pem >> /home/root/.ssh/authorized_keys (ssh server)
#cat adr-pub.pem >> /ffp/var/lib/stunnel/authorized_keys.pem (stunnel)
#cat adr-pub.pem >> /etc/service_conf/authorized_keys.crt (NSA310 web console)

# Certificat pt. invitati:
openssl req -newkey rsa:2048 -x509 -days 3660 -out gigi-pub.pem -keyout gigi-key.pem
openssl rsa -in gigi-key.pem -out gigi-key-no-pwd.pem
openssl dhparam 2048 >> gigi-pub.pem
openssl dhparam 2048 >> gigi-key.pem
openssl dhparam 2048 >> gigi-key-no-pwd.pem
openssl pkcs12 -export -in gigi-pub.pem -inkey gigi-key-no-pwd.pem -name "gigi" -out gigi-pwd.p12
cat gigi-pub.pem >> /home/root/.ssh/authorized_keys

# Encrypt a private key using triple DES (from https://www.openssl.org/docs/manmaster/apps/rsa.html):
# Key generation for bitvise:
openssl rsa -des3 -in adr-key.pem -out adr-key.pem.des3.bitvise -> requested by "User keypair manager"

# see http://sysmic.org/dotclear/index.php?post/2010/03/24/Convert-keys-betweens-GnuPG%2C-OpenSsh-and-OpenSSL
# Extract the public key to openssh format:
ssh-keygen -y -f adr-key.pem > adr-pub.openssh
cat adr-pub.openssh >> /home/root/.ssh/authorized_keys

# convert p12 to pem
openssl pkcs12 -in xxx.p12 -nocerts -out xxx_key.pem
openssl pkcs12 -in xxx.p12 -clcerts -nokeys -out xxx_pub.pem

# debug ssl connection
openssl s_client -cert xxx_pub.pem -key xxx_key.pem -connect 192.168.1.10:443 -debug

# request protected https resource
wget --certificate=xxx_pub.pem --private-key=xxx_key.pem https://192.168.1.10/zzz
ERROR
	ERROR: certificate common name ‘svn-ubuntu’ doesn't match requested host name ‘192.168.1.10’.
	To connect to 192.168.1.10 insecurely, use `--no-check-certificate'.
HOW TO DETERMINE IT
	wget --no-hsts --certificate=xxx_pub.pem --private-key=xxx_key.pem https://192.168.1.10/zzz
	--no-hsts
	     Wget supports HSTS (HTTP Strict Transport Security, RFC 6797) by default.  Use --no-hsts to make Wget act as a non-HSTS-compliant UA. As a
	     consequence, Wget would ignore all the "Strict-Transport-Security" headers, and would not enforce any existing HSTS policy.
SOLUTION
	This might not work:
	wget --no-hsts --no-check-certificate --certificate=xxx_pub.pem --private-key=xxx_key.pem https://192.168.1.10/zzz
	This should work:
	Append 192.168.1.10 svn-ubuntu to /etc/hosts.
	wget --no-hsts --no-check-certificate --certificate=xxx_pub.pem --private-key=xxx_key.pem https://svn-ubuntu/zzz

# DER format
# https://www.openssl.org/docs/manmaster/man1/x509.html
View the complete certificate information (private + public key also):
openssl x509 -inform der -in temp/jetty-certificate.der -text -noout
openssl x509 -in CA.cer -noout -text
openssl x509 -in adr-pub.pem -noout -text | grep -P "Issuer|Subject"
Saves the public key only:
openssl x509 -inform der -in temp/jetty-certificate.der -pubkey -noout > temp/jetty-certificate.pub.pem
Converts the certificate to pem:
openssl x509 -inform der -outform PEM -in temp/jetty-certificate.der -out temp/jetty-certificate.pem
Displays the certificate in PEM format and also it's alias:
openssl x509 -inform der -outform PEM -in temp/jetty-certificate.der -alias
Output the complete certificate information (valid only PEM with -----BEGIN CERTIFICATE----- content):
openssl x509 -inform PEM -in temp/jetty-certificate.pem -text -noout

# JAVA
# see jre\lib\security\java.security for keystore.type (default jks)
# jre\lib\security\cacerts -> JDK trusted certificates from a variety of Certificate Authorities (CA's)
# jre\lib\security\cacerts -> default password is changeit
# listing a keystore
keytool -v -list -storetype JKS -keystore jetty_keystore.jks
keytool -v -list -storetype JKS -keystore jetty_keystore.jks | grep "Alias name:"
keytool -v -list -storetype PKCS12 -keystore jetty.p12

ERROR
	java.io.IOException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded
SOLUTION
	It might be the case of a p12 file with the "Export Password" empty while you try to import it in a jks keystore.
	Import the p12 using -srcstorepass "" option:
	keytool -importkeystore -srckeystore $PKCS12_FILE -destkeystore "$KEYSTORE_FILE_NAME" -srcstoretype PKCS12 -deststoretype JKS -srcstorepass ""

# show a certificate from url
openssl s_client -connect adrhc.go.ro:443 -showcerts </dev/null 2>/dev/null
openssl s_client -connect adrhc.go.ro:443 -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM

# see also https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
# key pair generation with multiple formats
openssl req -newkey rsa:2048 -x509 -days 3660 -out adr1-pub.pem -keyout adr1-key.pem
openssl rsa -des3 -in adr1-key.pem -out adr1-key.pem.des3.bitvise
ssh-keygen -y -f adr1-key.pem > adr1-pub.openssh
openssl rsa -in adr1-key.pem -out adr1-key-no-pwd.rsa.pem
openssl pkcs12 -info -nokeys -export -in adr1-pub.pem -name "adr1-pub" -out adr1-pub.p12
openssl pkcs12 -info -export -in adr1-pub.pem -inkey adr1-key.pem -name "adr1 private key and public key" -out adr1.p12
cat adr1-pub.openssh > /********/.ssh/authorized_keys
# putty-tools ubuntu package (command-line tools for SSH, SCP, and SFTP)
# To convert a key from another format (puttygen will automatically detect the input key type):
puttygen adr1-key.pem.des3.bitvise -C 'adr1-key.pem.des3.bitvise' -o adr1-key.putty.ppk