android camera + scheduler = prototyping for op3n4lpRx

I would like to develope a simple app on android that:
– take photo at millisecond interval
– use location
– send to server
create android app using html (webview):
Scheduling of tasks in Android with the AlarmManager and the JobScheduler – Tutorial:
Android Location API – Tutorial:
Android Camera API – Tutorial:
Androird Annotations:



jpeppol: check list before deploy in production

– copy wildfly-10 with apps inside
– copy wildfly init.d scripts
– copy mysql script to connect from shell
– install shell client mysql
– install a minimal mysql db
– install jdk 1.8 oracle using apt
– install jre security ext (to resolve ca cert key)
– install nginx  and create configuration files
– install letsencrypt and generate certificates
– configure nginx to use letsencrypt
– configure timezone on ubuntu
– create working dir on /mnt/jpeppol
– set max number of connections (mysql)
– copy latest jpeppol version
– verify sml registration (using official cacert)
– cd /etc/ssl/certs; sudo openssl dhparam -out dhparam.pem 4096
– add to nginx:
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
# Requires nginx >= 1.1.0
ssl_session_cache shared:SSL:10m;
#ssl_session_tickets off;
# Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
#resolver $DNS-IP-1 $DNS-IP-2 valid=300s;
#resolver_timeout 5s;
add_header Strict-Transport-Security “max-age=63072000; includeSubdomains; preload”;
add_header X-Frame-Options DENY;
– restart nginx
– verify ssl configuration on:
– install le-renew
service nginx stop # or whatever your webserver is
/home/admin/letsencrypt/letsencrypt-auto renew -nvv –standalone > /var/log/le-renew.log 2>&1
service nginx start # or whatever your webserver is
if [ “$LE_STATUS” != 0 ]; then
echo Automated renewal failed:
cat /var/log/le-renew.log
exit 1
– configure crontab: crontab -e
0 2 * * * /usr/bin/find /opt/wildfly/standalone/log/server.log.* -exec /bin/gzip ‘{}’ \;
30 2 * * 1 /etc/init.d/le-renew

strong security on nginx

Usare un certificato valido non basta. Andando a fare delle analisi approfondite del proprio server si scoprono tante cose inaspettate.. ma correggibili!

test your ssl:

E a questo punto, se non avete un grado “A”, rimboccate le maniche…