How to start a Virtualbox VM as a service using systemd

How to start a Virtualbox VM as a service using systemd

First, you need to start the vm, headless, from the command line. To do this, drop into a terminal and run:

vboxmanage list vms

This should give you a list of VM’s available to your user. In my case, it gave me:

jon@mycomputerninja:~ $ vboxmanage list vms
"your vm name" {1f134d1e-ba34-432c-b6e4-fc01f1ad250f}

Then, you can run:

vboxmanage startvm <your vm name here> --type headless

Then, do:

ps aux | grep <vmname>

To see what command was actually run. This should show some output like:

jon@mycomputerninja:/etc/systemd/system $ ps aux| grep Zone
jon       4560 63.9 17.4 3214804 703504 ?      Sl   01:18   0:58 /usr/lib/virtualbox/VBoxHeadless --comment Zoneminder --startvm 1f134d1e-ba34-432c-b6e4-fc01f1ad250f --vrde config

Now, armed with the command that was actually run, highlighted above, you can build a systemd init file. An example init file is below.

[Unit]
Description=Zoneminder VM startup
WantedBy=multi-user.target

[Service]
Type=simple
ExecStart=/usr/lib/virtualbox/VBoxHeadless --comment Zoneminder --startvm 1f134d1e-ba34-432c-b6e4-fc01f1ad250f --vrde config
User=jon
Restart=always

That file should get dropped into /etc/systemd/system/ and named something like <myservice>.service. In my case, since I was running a zoneminder service, I named it zoneminderVM.service. You also note I run it as my user, as it won’t work as the root user, because the vm context for root is different. I also run it in the multi-user target in wantedby so that the system is mostly up before this service is attempted to run.

Next, you need to run the relevant systemd commands to run this new service. so do the following:

sudo systemctl daemon-reload
sudo systemctl start <your service file name>.service 
sudo systemctl status <your service file name>.service 

If all goes well, your VM should start up as a service under your username, and restart any time the machine restarts.

Foscam FI9821P config in zoneminder 1.32.3

Foscam FI9821P config in zoneminder 1.32.3

To configure a Foscam FI9821P in the most recent zoneminder v1.32.3, use the following parameters in the source config:

source: rtsp://<user>:<pass>@<ip>:<port>/videoMain
method:tcp
color: 32
width 1280
height 720

These params allowed zoneminder to hook up to the camera and monitor video. There was a preset for this camera, but it did not seem to work, and the ONVIF auto-config errored out for some reason.

Configuring SSL Ciphers in Spring Java WebClient

Configuring SSL Ciphers in Spring Java WebClient

Below is how to configure the set of SSL ciphers being used by Spring’s webclient.

import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpHeaders;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.stereotype.Service;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.netty.http.client.HttpClient;
import javax.net.ssl.SSLException;
import java.util.Arrays;


String[] CIPHERS_ALLOWED = {"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"};

SslContext context = SslContextBuilder
     .forClient()
     .ciphers(Arrays.asList(CIPHERS_ALLOWED))
     .build();

HttpClient netty = HttpClient.create()
        .wiretap(true) //requested by the NSA
        .secure(sslContextSpec -> sslContextSpec.sslContext(context));

this.webclient = WebClient.builder()
        .clientConnector(new ReactorClientHttpConnector(netty))
        .baseUrl("https://google.com")
        .build();

You can see you create the HTTPClient from the netty static instance, then add the ssl context to it. Pass that netty instance to the webclient builder, and voila, you can speak obscure, overly strong SSL.