Posted on Leave a comment

Building Simple HTML Server Using JavaFX & Undertow

I recently had a customer who wants to view swagger-ui documentation for his APIs but he didn’t know how to set up a server and he wants to run in on his own laptop, not hosting anywhere else. With developers like us, there is no problem setting up a quick docker project and view the content. However, installing Docker is quite a lot for a non-tech user.

So, I decided to create a small JavaFX application that can run right away (given that the customer has JRE installed or can download and install quickly).

Application source code

You can download the source code from github and try yourself here:

https://github.com/datmt/undertow-simple-http-server

After that, you can simply run the Launcher file to have the server running.

How to use the application

When you launch the application, a small window appears like this:

Simple http server

There isn’t much thing to do, simply select the folder to be the web root and the port you want to run and click on start server.

If I visit the link http://localhost:9988 in my browser, this is what I see:

And you can easily navigate through the files.

One nice thing is you can use this to serve your videos (*.mp4) and watch on your phone (by accessing via your computer’s IP).

Posted on Leave a comment

JavaFX Starter Project – Quickly create and run

JavaFX is a great tool to quickly deploy desktop applications. However, the setup is always a pain for me, especially after JDK8, you need to download JavaFX SDK separately.

I create this JavaFX starter project to help myself and people who want to start working with JavaFX without going through the pain of setting up.

You can download the code here on github:

https://github.com/datmt/JavaFX-11-Starter-Project

Let’s get started.

Step 1: Download JavaFX SDK

Head to this site https://gluonhq.com/products/javafx/ and download JavaFX SDK 11. Save it somewhere on you computer. You will need it later.

Step 2: Clone the starter project

Clone the starter project here if you haven’t

https://github.com/datmt/JavaFX-11-Starter-Project

I assume that you use IntelliJ. Click on File->Project Structure->Libraries and then the (+) button:

Add javafx library to the project

Select Java and navigate the /lib folder inside the JavaFX SDK you have just downloaded.

select the bin folder

Click OK twice and you are ready.

Step 3: Run the application in the IDE

As you can see, we have two classes with the main function in the starter project. The one inside Main is created by the IDE. If you run the main function in this class, you may face some weird problems. The reason is given here.

So, instead of running Main, we run Launcher and your application can start just fine.

Step 4: Package the application as a Jar file

You can package and distribute the application with just a few clicks:

Go to Project Structure->Artifacts, click on the (+) icon:

Package javafx starter project as jar

On Main class selection, make sure you select Launcher, not Main:

To build the artifact, click on Build->Build artifact

Your fat jar file should be inside the out folder.

So, that’s all you need to do to create and run a JavaFX application. Using this starter project, you don’t have to deal with problems that can easily cost you hours to solve (Location is required!, for example).

Posted on Leave a comment

Configure SSO Server With Keycloak, HAProxy & Docker

Keycloak is quite a nice tool to handle user authentication and authorization. Both Keycloak and HAProxy are free so you can easily setup an authenication & authorization server very quickly and free (hosting is not free though :)).

With the help of Docker, it will take a few minutes (less than 10) for you to successfully setup a single sign on server(SSO).

Setting up Keycloak

Keycloak has built in database to store users. However, it also allows you specify an external database if you want to do so. I prefer the second option since it seems easier to backup. Let’s first setup a mariadb server. Here is the docker-compose part of MariaDB:

  keycloak_db:
    container_name: keycloak_db
    image: mariadb:10.3.26
    restart: always
    volumes:
      - keycloak_db_volume:/var/lib/mysql
    environment:
      MYSQL_ROOT_PASSWORD: YOUR_ROOT_PASSWORD

Notice that I’m using MYSQL_ROOT_PASSWORD here for demo purposes. You should create a non root user and also user Docker secrets to manage the password instead.

You can also notice that this service (keycloak_db) uses an external volume keycloak_db_volume. We will create that at the end of the docker-compose.yml file.

Now, let’s write the YAML content for Keycloak itself:

  keycloak:
    container_name: keycloak
    image: quay.io/keycloak/keycloak:12.0.4
    restart: always
    env_file: ./kc.env

As you can see, instead using environment block, we now use an *.env file. Here is the content:

DB_VENDOR=mariadb
DB_ADDR=keycloak_db:3306
DB_DATABASE=keycloak_1
DB_USER=root
DB_PASSWORD=MYSQL_PASSWORD
KEYCLOAK_USER=kc_user
KEYCLOAK_PASSWORDD=keycloak_password
PROXY_ADDRESS_FORWARDING=true

That’s all we need to do with Keycloak. Let’s create and configure HAproxy.

Setting up HAproxy

If you want to have SSL enabled, make sure to install certbot to generate a free Let’s Encrypt certificate. Certbot is awesome since you can set up it to automatically renew the certificate for you.

There is a awesome tutorial here to help you generate standalone certificate for your domain:

https://www.digitalocean.com/community/tutorials/how-to-use-certbot-standalone-mode-to-retrieve-let-s-encrypt-ssl-certificates-on-ubuntu-16-04

After generating the certificate, combine the fullchain.pem and privkey.pem to generate a single .pem file. HAproxy will use this single file.

DOMAIN='your_domain_name' sudo -E bash -c 'cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/haproxy/certs/$DOMAIN.pem'

Now, let’s create a service for HAproxy in our docker-compose.yml file:

  haproxy:
    container_name: haproxy
    image: haproxy:2.4.0
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/haproxy/certs/your_domain_name.pem:/usr/local/etc/haproxy/certs/your_domain_name.pem
      - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg

As you can see, we’ve mounted the SSL certificate to /usr/local/etc/haproxy/certs/. We also create and mount a haproxy.cfg file. Let’s see its content:

global
        stats timeout 30s


defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
  timeout connect 5000
  timeout client  50000
  timeout server  50000
        option forwardfor
        option http-server-close


frontend sso
        bind :80
        bind :443 ssl crt /usr/local/etc/haproxy/certs/your_domain_name.pem
  http-request redirect scheme https unless { ssl_fc }
        default_backend keycloak_backend
  http-request set-header X-Forwarded-Proto https if { ssl_fc }
  http-request set-header X-Forwarded-Proto http if !{ ssl_fc }


backend keycloak_backend
  http-request redirect scheme https unless { ssl_fc }
        server www-1 keycloak:8080 check

By default, Keycloak starts on port 8080. This is HAproxy settings, we forward traffic on port 80, 443 to Keycloak backend.

Here is the whole docker-compose file:

version: '3'

services:
  haproxy:
    container_name: haproxy
    image: haproxy:2.4.0
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/haproxy/certs/sso.openexl.com.pem:/usr/local/etc/haproxy/certs/sso.openexl.com.pem
      - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg

  keycloak:
    container_name: keycloak
    image: quay.io/keycloak/keycloak:12.0.4
    restart: always
    env_file: ./kc.env
    
  keycloak_db:
    container_name: keycloak_db
    image: mariadb:10.3.26
    restart: always
    volumes:
      - keycloak_db_volume:/var/lib/mysql
    environment:
      MYSQL_ROOT_PASSWORD: mysql_root_password



volumes:
  keycloak_db_volume:

If you have the certificate correctly setup, simply run docker-compose up -d, you can access your site after a few minutes.

Some caveats:

I’ve tried this setup on a DigitalOcean droplet with just 1GB of RAM and single CPU ($5/month) and Keycloak crashed every single time. The reason is at start up, Keycloak uses a lot of resources. Afte upgrading to the next tier, I could start without any problem.