my posts
I keep this blog to write down stuff I ran into along the way.Trying out Domino data services with Chart.js

Domino Data Access Services have been around for a few years now, but I never actually used them myself.
Since I recently started to dabble in Ethereum mining, I was looking for a place to store my data and draw some graphs and the likes. I first tried out LibreOffice Calc, but I couldn’t find an easy way to automatically update it with data from a REST API.
So I turned to good old Domino, being the grandpa of NoSQL databases (before it was cool).
The solution I came up with, retrieves multiple JSON streams from various sources, combines it into a single JSON , that is then uploaded into a Domino database (using Python).
To look at the data, I created a literal “SPA” (single page application) - I use a Page in Domino to run Javascript code , to retrieve the data , again in JSON format, and turn it into a nice graph (using charts.js) .
So I don’t actually use any Domino code to display anything, Domino is simply used to store and manage the data.
This article consists of 2 parts :
-
loading of data into Domino using Python and REST services.
-
displaying data from Domino using the Domino Data Access Services and an open-source javascript library to display charts ( http://www.chartjs.org/ )
Check limits on open files for running processes
OK, setting the correct limits in /etc/sysconfig/limits.conf
, and messing around with ulimit can leave you thinking everything is ok, while it is not.
This little line shows you an overview of all the running java processes, to quickly check the Open File limit is correct.
Check the limits (open files) for all running java processes
(as root).
DKIM deployed on my mail servers

After moving my server to a new physical box (and new IP Address), some of the more difficult large mail systems started rejecting mail from my domains.
Google was OK with my mails, although not ecstatic, but Yahoo and especially Microsoft considered my systems dangerous apparently.
I googled around, found a lot of crap information, but resolved the issue and improved my mail setup in the end. Turned out that I should be using TLS (for secure smtp) and DKIM (DomainKeys Identified Mail - http://dkim.org/ )
Read more ...Server outage (disk failure)
Yesterday morning, I noticed that my server was running slow. I couldn’t see any processes hugging up resources, though.
Read more ...Kubernetes and dns
Kubernetes apparently doesn’t use a host file, but instead relies on DNS. So when setting up Orient Me (for Connections 6) on a test environment, you may run into problems. https://github.com/kubernetes/dns/issues/55
Read more ...Security Reverse Proxy with Connections - forcing all trafic through the interservice url

In a recent project, we are using IBM Datapower as a security reverse proxy to handle authentication and coarse grained authorization for Connections 5.5 .
The approach we follow is similar to what I have described here :
https://www-10.lotus.com/ldd/lcwiki.nsf/dx/IBM_Connections_v4.5_and_WebSeal_integration_col_alternative_approach
CCM installation problems with Connections 5.5 - Connections Admin password changes
During installation of CCM with Connections 5.5 using Oracle RAC cluster by my colleagues, they ran in to a number of problems and got the environment in a completely broken state.
The core problem is that FileNet does not support the modern syntax for jdbc datasources. This technote explains what to do.
http://www-01.ibm.com/support/docview.wss?uid=swg21978233
That is simple enough .
However , my colleagues continued on a detour, where they also changed the ConnectionsAdmin password. That created a bunch of problems on its own.
It turns out that the Connections 5.5 documentation is incomplete on where to change the occurrences of the Connections Admin user and/or password.
The CCM installer mostly uses the correct source for the username / password (the variables you enter in the installation wizard or the silent responsefile).
But the script to configure the GCD datasources uses a DIFFERENT administrator user.
It goes back to look at the connectionsAdminPassword variable that’s stored in the cfg.py
file, in your Connections directory (eg. /data/Connections/cfg.py
)
So when you change the password for the Connections Administrator, don’t forget to update it in the cfg.py
file as well , before running the CCM installation.
Sametime business cards from Connections

After deploying Connections 5.0 CR4, the business cards and photo’s integration in Sametime chat (the webbrowser version) suddenly stopped working.
The problem is more pronounced in Internet Explorer.
The photo doesn’t load, nor does the business card information (the phonenumber, email address).
Connections and file indexing
The Stellent code that handles extracting content from the files in Connections , relies on an old version of libstdc++.so .
It relies on libstdc++.so.5
, while for instance on SLES 12, this is replaced with libstdc++.so.6
.
It may not be immediately apparent that this is the problem.
If you use ExportTest.sh , you get a java error, which can throw you off. So use the “exporter” directly, when in doubt.
Check this older blog post, that is about the same problem (but then in Sametime). Installation of Sametime Meeting Server
It also explains how to verify your search indexing settings.
Read more ...How to determine a websphere server is running in bash ?
When creating a simple bash script (actually, scripts for installing Connections using Puppet https://puppet.com/, but that’s a different story), that would need to check if the Deployment Manager is running, I ran into the following problem.
The serverStatus.sh script always returns “0” as status code, even if the server is stopped.
So it’s a bit useless in bash scripting, where normally I’d rely on the return code by a script to determine if it ran successfully. So $?
equals 0 when the script ran successfully and not equal “0” when something went wrong.
But like I said already , serverStatus.sh ALWAYS returns “0”.
Let's encrypt certificates for Domino Part 2 - renew certificates (UPDATED)

In the mean time since my last post, things are changing in the Let’s Encrypt world - they’re officially out of beta (https://letsencrypt.org/2016/04/12/leaving-beta-new-sponsors.html) and there’s name changes (pending). Tooling has evolved as well (https://www.eff.org/deeplinks/2016/05/announcing-certbot-new-tls-robot).
That is however not the scope of this update to my original post here Let’s encrypt tls certificate in Domino. This post is about how to automatically renew your certificates.
There’s a slightly annoying thing with the certificates delivered by Let’s Encrypt: they are only valid for 3 months.
So you have to renew them every 3 months.
I’ve done that manually so far, but obviously automating this is the better option. Wouldn’t it be nice if this all went automatically :-)
Remove unwanted Basic Authentication prompts in Connections
There is no point in allowing Basic Authentication in environments where users don’t have passwords , for instance when there’s single sign on set up with SPNEGO. Connections (like most IBM products) then relies on LTPA tokens for authentication.
Read more ...