<< Previous | Home

Working via remote

My appartement is under the roof and on really hot days I want to flee somewhere cold with access to my main-computer. Network access via dlan (with about 5-15MBit/s)

As we are using Unity3D/Windows in my day-job,...using Remote Desktop (win-host <-> win-client) makes quite a decent job and I used it the last two years from time to time.

But as my OS of choice is linux I needed a good alternative for linux.

X2Go seemed to be a good candiate here but lacks using opengl based applications.

SSH with X11 forwarding kind of worked but ultra slow on gl-based applications. Reminded me a bit on the good old C64-Textadventure with some turtle-graphics that took some time to be painted (like in The Hobbit):

# connect
ssh -X -Y SERVER

I found some hints the virtualgl can help with that. I'm not describing the steps needed. Follow these steps:

In this you install virtualgl on the host (server) and a TurboVNC-server. You tell the TurboVNC what XSession to start (e.g. ubuntu-mate) and also tell that this session should be started via vglrun.

That was actually all pretty straight forward. But at the beginning there was no performance gain at all. In my special case the NVidia-Driver on the host was the problem. I had to add an option to /etc/X11/xorg.conf:

 Option         "HardDPMS" "true"

After this you just need to ssh into your account you want to share via vnc and start the TurboVnc-Server:


This will indicate what display it will be working on. (e.g. :1 you need to remember this) You can now log out. On your client. Connect to TurboVNC:


Type in the host plus the display: e.g. Login and that's it.

Some useful links:

Check what local application is blocking your tcp/ip port

If you have the problem that starting a server (e.g. tomcat/8080) leads to an error because the port is already blocked. You can use this call:

sudo lsof -i -P -n | grep LISTEN

This will result into something like following output:

apache2   3085        www-data    4u  IPv6  42617      0t0  TCP *:80 (LISTEN)
apache2   3086        www-data    4u  IPv6  42617      0t0  TCP *:80 (LISTEN)
docker-pr 3805            root    4u  IPv6  47126      0t0  TCP *:5000 (LISTEN)
docker-pr 3822            root    4u  IPv6  43660      0t0  TCP *:8088 (LISTEN)
docker-pr 3887            root    4u  IPv6  41565      0t0  TCP *:8443 (LISTEN)
docker-pr 3899            root    4u  IPv6  48297      0t0  TCP *:8080 (LISTEN)
dnsmasq   4180 libvirt-dnsmasq    6u  IPv4  48409      0t0  TCP (LISTEN)

And I see, in this case docker some docker process is blocking port 8080.

For the example of docker, you could see what containers are running on what port:

sudo docker ps
CONTAINER ID        IMAGE                         COMMAND                  CREATED             STATUS                    PORTS                                            NAMES
09b4d248ce0e        fawserver:latest              "/entrypoint.sh"         6 days ago          Up 3 hours      >8080/tcp,>8443/tcp   fawserver```

Here we go, my docker-version of the server is still running.

sudo docker stop fawserver

And the port is available again :+1:

cmake: install files/directories

If you want to put additional data to your exectuable when 'make install' is called:

install(FILES ${CMAKE_BINARY_DIR}/bin/CoreData.pak DESTINATION bin)

# also multiple files are alllowed:
install(FILES ${CMAKE_BINARY_DIR}/bin/CoreData.pak ${CMAKE_BINARY_DIR}/bin/Data.pak ${CMAKE_BINARY_DIR}/bin/EditorData.pak  DESTINATION bin)

install(DIRECTORY src/ DESTINATION include/myproj

More read:

yocto-project: building an complete linux distribution (for urho3d)

urnenfeld from the urho3d-forums has created a setup to create a complete linux distro for something like an urho3d-console called urhobox aka the fin,... The one he created is for the rpi0 and I try to create an rpi3 setup.

All of this works with a project called yocto. It is huge. Honestly. urnenfeld did already all of the heavy lifting and also setup a nice step by step-wiki. I only have wrap my head around this yocto-way-of-life.

Here some command for me to remember:

Clear one 'target' (To remove temp and sstate cache):

bitbake -c cleansstate gstreamer

To increase the image-size. Add to conf/local.conf something like this:


More here: https://stackoverflow.com/questions/36452798/yocto-rebuild-part-of-project

...what you need for this project is time. much time :D

Well, I spent countless hours building, downloading, Gigabyte after Gigabyte...I can tell you one. This do have some learning curve...and it really drains lots of power out of you :D

I also tried another project that does a similar job buildroot. I'm now back an yocto and still working on it...kind of. This will be definitely one of those projects that you put countless hours and days into it, just to say:"Yeah it worked!" but without doing something with it afterwards. Still,...I have a lot of SingleBoardComputers and it still find it an apealing idea to have disc-images for all of those to start your game, your 'console'.... still I'm waiting for my RPI0 for which the whole setup seems to work already....

Memo to me: "Plz, give this project low-priority. Work on it max 1-2h before ending the day..."

EDIT2: Still fiddling :D I can't help it

Tomcat Logging

I guess this is something pretty obvious for java users (except me). I have to admit that in development I did tend to use a System.out.println(..) logging. And everytime at a late time when it comes to deployment you realize (again) that syso-logging is not optimal. Switching to that late time to log4j and such is tedious work.

Whatever, now that I make the wood-games-server fit for deployment again, I am at this point again. Actually 9 years ago I seemed to have used an ugly hack, discarding the System.out- and System.err-Stream like this:


System.setOut(new PrintStream(new OutputStream() {
	public void write(int arg0) throws IOException {

System.setErr(new PrintStream(new OutputStream() {
	public void write(int arg0) throws IOException {
		// TODO Auto-generated method stub

Ok,...now I will do things right. And when using the servlet-based-server rest-server in tomcat (and I guess i any other 'application'-server as well) you can just grab the current active logger. (I'm actually not sure if that is the right way since I still think this goes into catalina.out-log which is shared by every servlet-application!? (Really not sure,...) Nonetheless for my special case I'm going to create a docker image with just one application, so this should be fine for me...(If you want the logs to (also) go into a separate file, you would have to need to add an additional logger-setup in your logging.properties-file)


Get the current logger:

  import java.util.logging.Logger;
  public class MyClass{
   private Logger logger = Logger.getLogger(DatabaseLayer.class.toString());

Some video about tomcat-logging(speechless but good)

Tags : ,

Hibernate: override data from persistence.xml

If you want to override data you defined in your java-application's jpa/hibernate persistence.xml file you can pass a Map<String,Object> to the persistence-api when creating the entityManagerFactory (in this case using an environment-variable to set the connection url)

Map<String, Object> configOverrides = new HashMap<String, Object>();
configOverrides.put("hibernate.hbm2ddl.auto", "create-drop");

// override: <property name="hibernate.connection.url" value="jdbc:mysql://localhost:3306/mydb?autoReconnect=true"/>
String overrideDbHost = System.getenv("FAW_DB_HOST_STRING");
if (overrideDbHost!=null) {
  System.out.println("Override DB_HOST to "+overrideDbHost);
  configOverrides.put("hibernate.connection.url", "jdbc:mysql://"+overrideDbHost+"/mydb?autoReconnect=true");
emf = Persistence.createEntityManagerFactory("mydbconf", configOverrides);

Read more:

Android SSL-Connection <-> Tomcat Server with self-signed certificate

Intro: Still working on 'bringing back Wood Games 3D' which have a rest-server in the background that handles leaderboards and some competition (the daily world championship). On android I was relying (in 2010/11) on scoreloop-service that handled this for me (but got taken down sometime). I later had an java-applet version for which I had to create a server on my own (since scoreloop was only for mobile). And this is the server I want now to handle android as well...

Problem Android 10(sdk 29) and also earlier(?) don't allow http-calls anymore. There are ways to 'opt-in' it back, but it makes absolutely sense to have a secured connection.

So if you stumbled over following you are right here:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Let's start

  • Setup Tomcat for SSL:

    1. Create certificate:

      keytool -genkey -keystore tomcat.keystore -alias tomcat  -keyalg RSA -keysize 4096

      Important: The CN/Name (first entry) must be the name of the server you are connecting to. At my (local) setup with only some IP-Address (e.g. ) I had to choose this IP-Address as name (otherwise android will not be happy) But if you need to connect to a domain, you need to specify the domain-name itself

    2. After the creation keytool warns (at least at my current version):

      The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard 
      format using "keytool -importkeystore -srckeystore tomcat.keystore -destkeystore tomcat.keystore -deststoretype pkcs12".

      So do as you suggested. (Not sure if this is mandatory)

    3. Extract the cert:

      keytool -export -keystore tomcat.keystore -alias tomcat -file tomcat.cer`

      Type in the keystore password and the file tomcat.cer appears in your current folder.

    4. copy this file to your Android-Project in Folder res/raw

      cp tomcat.cer /home/..../project/res/raw
    5. locate your tomcat's server.xml:

      • TOMCAT-root/conf/server.xml
      • if running it from within eclipse: 'Project Explorer'-View->Servers->Tomcat->server.xml

      Usually there is already an SSL-configuration that just needs to be uncommented and setup to use our just created certificate(locate and change so it fits)

      <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"  
                maxThreads="150" SSLEnabled="true" scheme="https" secure="true"  
                clientAuth="false" sslProtocol="TLS" keystoreFile="FOLDER_WITH_KEYSTORE/tomcat.keystore"   
    6. restart tomcat. From now on your server accepts https on port 8443


  • android-project:
    Three (or more) problems that might occur with this topic and all will be gone once you have set up the right network-security-config:

    • Something about "cleartextTrafficPermitted....": You are not allowed to use http://...-calls (you can opt it in)
    • "Trust anchor for certification path not found": The ssl-connection's certificate is neither signed by a trusted CA nor known (yet)
    • "hostname in certificate didn't match: != ": The CN of your certificate does not match the hostname you are calling it with.
    1. In your android-project create a file: res/xml/network_security_config.xml:

      <?xml version="1.0" encoding="utf-8"?>
           <base-config cleartextTrafficPermitted="false" />
              <domain includeSubdomains="true">YOUR_DOMAIN_OR_IP</domain>
                  <!-- Trust a debug certificate in addition to the system certificates -->
                  <certificates src="system" />
                  <certificates src="@raw/tomcat" />

      Here we reference the formerly copied tomcat-certificate-file tomcat.cer in the line:

      <certificates src="@raw/tomcat" />

      You can add multiple domains here. But each domain needs obviously a valid certificate

    2. Now we need to reference this new file in the Android-Manifest. In your application-tag add following attribute:


      resulting in somthing like this:

         <application android:name="org.your.Application"
    3. TargetSDK: Insert something like this that fits your project as well right after the manifest-tag:

      <uses-sdk android:minSdkVersion="24" android:targetSdkVersion="29"/>

      If you choose a minSdkVersion < 24 you get warned:

      Attribute `networkSecurityConfig` is only used in API level 24 and higher (current min is 8)

      I don't know what that means. Does it mean that <24 devices won't work or don't need it, because they just call this host without knowing the CA?? EDIT:: In this case you will need to initialize the SSL-Certificate on your own, I tried to use the same method as I use for the desktop client but get some 'Unknown Class'-Exception. So for android-version < API-Level 24 I fall back to http. I will output some kind of warning about unsecure network-communication....

    4. project.properties: I set this to target android-29. Set for your project accordingly

    5. Make sure to use the right address/port now and use 'https'. But from now on you line in 'safe'

    6. I had to activate legacy apache-http-client. I did try to use one of my own but the app crashed everytime (saying something like mismatched implementation-something).
      After the application tag include this:

      <uses-library android:name="org.apache.http.legacy" android:required="false"/>

      Not sure how long this option is available. It should be the goal to use the http-client of your own...

More read:

Working with old (Android 4) Eclipse-ADT based Android-Projects

As I'm trying to revive "Wood Games 3D" I obviously need to debug at some point on the device. But how to build it at all? Here the step I took:

  1. Install eclipse photon (newer versions might not work with the ADT-plugin)

  2. Go to help -> Eclipse Marketplace and search for ADT.

  3. Install ADT Android-Plugin

  4. Restart eclipse, install the SDKs you need.

  5. If you get an error telling you something like:

    Unknown error: Unable to build: the file dx.jar was not loaded from the SDK folder

    You can specify build-tools that do fit better your sdk (e.g. 19.1.0 ) in your project.properties-file

    # Project target.
    # Build tools

    If that does not work you can try to download build-tools 25.0.3 and copy DxConsole.class to your current dx.jar. Like here
    More Read

  6. If you try to use "Debug as Android Application" and get an error like:

    Can't bind to local 8600 for debugger

    Go to eclipse->window->preferences->android->DDMS:

    1. Set 'debugger port to 8601'
    2. Check 'Use ADBHOST' (leave the value '')
    3. kill the adb-server:
    adb kill-server
    1. restart eclipse
    2. Try to debug again: "Debug as Android Application" (I'm actually not sure if all steps are needed but those made the job for me,... I guess just restart eclipse is already enough... )
      More Read1 More Read2
    3. If you get some "ClassNotFoundException"s make sure all relevant projects and libraries are exported:
      Check here: "Project -> Properties -> Java Build Path -> Order & Export and ensure everything you want to be part of the apk is checked" More read

old-school patching

I actually can't remember when it was the last time I 'manually' patched a file. But it was quite common in the pre git-days. A patch basically is the same as a git-commit, telling the code where to insert what and where to remove what... As I'm trying to get 'Wood Games 3D' back to life, I first need to get it to compile. Strangely I did not keep my highly altered libgdx-version for some reason only one patch-file. At least I wrote down a date in the file (I guess that meant the day when I created the patch and not the day of its svn-revision). But still a good point to start.

A patch looks like something like this:

Index: src/com/badlogic/gdx/scenes/scene2d/ui/Label.java
--- src/com/badlogic/gdx/scenes/scene2d/ui/Label.java	(revision 2440)
+++ src/com/badlogic/gdx/scenes/scene2d/ui/Label.java	(working copy)
@@ -62,7 +62,7 @@
 public class Label extends Widget {		
-	final LabelStyle style;
+	LabelStyle style;
 	String label;
 	final TextBounds bounds = new TextBounds();
 	final Vector2 textPos = new Vector2();
@@ -139,4 +139,13 @@
 		this.label = text;
+	/**
+	 * Sets the {@link LabelStyle} of this Label  

In order to apply it to a folder. You need to 'cd' into it and write

patch -p0 < patch.txt

And then pray. 🙂 In my case I had a line ending mismatch resulting in lots of those errors:

Hunk #1 FAILED at 1 (different line endings).
Hunk #2 FAILED at 48 (different line endings).

And it makes sense. I developed the game on windows but I'm working now on my beloved linux. So, I applied dos2unix on both, the whole folder as well as on the patch:

find . -type f -print0 | xargs -0 dos2unix

(This command calls dos2unix on all files from the current folder upwards)

After this, calling the patch-command (as above) just worked. I call this a miracle 🙂


Tags :

Docker: mysql5

In order to create a local mysql5 server with adminer web-addon:

  1. Create a file mysql.yaml:
# Use root/example as user/password credentials
version: '3'


    image: mysql:5
    command: --default-authentication-plugin=mysql_native_password
    restart: always
      - ./data:/var/lib/mysql
      - 3306:3306
      MYSQL_ROOT_PASSWORD: example

    image: adminer
    restart: always
      - 8080:8080

Use docker-compose to install:

sudo docker-compose -f mysql.yaml up

Open browser at localhost:8080 using username/passwort root/example


Tags : ,
<< Previous | Home